urlscan.io logo urlscan.io
SecurityTrails logo

www.sanook.com Open in urlscan Pro
61.91.93.188  Public Scan

Go To Rescan Add Verdict Report
URL: https://www.sanook.com/news/8435186/
Submission: On August 31 via api from SG
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 100 IPs in 14 countries across 85 domains to perform 470 HTTP transactions. The main IP is 61.91.93.188, located in Thailand and belongs to TRUEINTERNET-AS-AP TRUE INTERNET Co.,Ltd., TH. The main domain is www.sanook.com.
TLS certificate: Issued by DigiCert TLS RSA SHA256 2020 CA1 on May 27th 2021. Valid for: a year.
This is the only time www.sanook.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
3 61.91.93.188 7470 (TRUEINTER...)
104 150.109.191.115 132203 (TENCENT-N...)
3 2a02:2638:1::3 44788 (ASN-CRITE...)
7 150.109.90.96 132203 (TENCENT-N...)
2 2a00:1450:400... 15169 (GOOGLE)
2 101.33.11.110 132203 (TENCENT-N...)
3 203.151.133.6 4618 (INET-TH-A...)
4 2a03:2880:f02... 32934 (FACEBOOK)
4 104.108.144.214 16625 (AKAMAI-AS)
4 2a00:1450:400... 15169 (GOOGLE)
2 142.250.185.162 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 7 2a00:1450:400... 15169 (GOOGLE)
2 7 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
3 2a03:2880:f12... 32934 (FACEBOOK)
3 104.103.92.43 16625 (AKAMAI-AS)
1 3 13.224.93.86 16509 (AMAZON-02)
1 2 2a02:2638::1c 44788 (ASN-CRITE...)
4 178.250.0.157 44788 (ASN-CRITE...)
8 2a00:1450:400... 15169 (GOOGLE)
22 142.250.185.226 15169 (GOOGLE)
4 119.81.192.134 36351 (SOFTLAYER)
3 10 185.33.221.91 29990 (ASN-APPNEX)
1 203.151.128.145 4618 (INET-TH-A...)
2 2a03:2880:f02... 32934 (FACEBOOK)
1 203.151.133.5 4618 (INET-TH-A...)
7 185.64.189.112 62713 (AS-PUBMATIC)
8 178.250.2.131 44788 (ASN-CRITE...)
2 2606:4700:10:... 13335 (CLOUDFLAR...)
5 213.19.162.61 3356 (LEVEL3)
5 23.209.68.8 16625 (AKAMAI-AS)
5 92.122.26.214 16625 (AKAMAI-AS)
5 77.245.57.78 36057 (WEBAIR-IN...)
25 35.244.159.8 15169 (GOOGLE)
1 54.36.109.186 16276 (OVH)
1 3 34.253.111.115 16509 (AMAZON-02)
2 12 13.248.242.197 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
5 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
4 149.129.240.178 45102 (CNNIC-ALI...)
1 151.101.193.108 54113 (FASTLY)
2 88.221.7.65 16625 (AKAMAI-AS)
2 185.64.189.115 62713 (AS-PUBMATIC)
8 34 104.108.145.8 16625 (AKAMAI-AS)
1 209.58.177.16 59253 (LEASEWEB-...)
4 7 69.173.144.139 26667 (RUBICONPR...)
18 24 172.217.16.130 15169 (GOOGLE)
1 2a00:1288:80:... 203220 (YAHOO-DEB)
1 35.244.174.68 15169 (GOOGLE)
7 7 185.29.134.248 30419 (MEDIAMATH...)
1 2 2a00:1288:110... 34010 (YAHOO-IRD)
6 6 2620:116:800d... 16509 (AMAZON-02)
11 12 37.157.4.28 198622 (ADFORM)
1 87.240.190.67 47541 (VKONTAKTE...)
1 217.20.152.207 47764 (MAILRU-AS...)
2 2 213.155.156.169 1299 (TELIANET ...)
22 185.64.190.80 62713 (AS-PUBMATIC)
1 178.250.2.151 44788 (ASN-CRITE...)
1 1 85.114.159.118 24961 (MYLOC-AS ...)
2 3 52.49.238.187 16509 (AMAZON-02)
2 185.64.190.81 62713 (AS-PUBMATIC)
2 3 146.59.148.16 16276 (OVH)
2 2 54.78.254.47 16509 (AMAZON-02)
1 2 159.253.128.183 36351 (SOFTLAYER)
2 4 3.126.56.137 16509 (AMAZON-02)
3 4 3.121.111.29 16509 (AMAZON-02)
1 1 35.156.165.31 16509 (AMAZON-02)
1 1 2001:678:cb4:... 56396 (TURN)
2 2 151.101.14.49 54113 (FASTLY)
1 2a02:fa8:8806... 41041 (VCLK-EU-SE)
2 2 66.155.71.150 13768 (COGECO-PEER1)
1 1 159.65.196.12 14061 (DIGITALOC...)
3 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
15 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 195.161.16.132 8342 (RTCOMM-AS)
5 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
4 8 52.46.133.124 16509 (AMAZON-02)
2 2 135.125.160.77 16276 (OVH)
2 3 92.123.21.100 16625 (AKAMAI-AS)
2 2 52.44.213.11 14618 (AMAZON-AES)
2 72.251.241.206 29791 (VOXEL-DOT...)
2 52.201.149.59 14618 (AMAZON-AES)
1 1 54.236.185.42 14618 (AMAZON-AES)
1 35.241.40.233 15169 (GOOGLE)
2 2606:4700:303... 13335 (CLOUDFLAR...)
1 2001:4de0:ac1... 20446 (HIGHWINDS3)
1 81.222.128.214 20597 (ELTEL-AS)
7 185.64.189.226 62713 (AS-PUBMATIC)
1 54.77.78.130 16509 (AMAZON-02)
8 23.106.253.186 59253 (LEASEWEB-...)
5 2a00:1450:400... 15169 (GOOGLE)
1 34.107.231.31 15169 (GOOGLE)
2 185.64.189.114 62713 (AS-PUBMATIC)
1 162.55.6.210 24940 (HETZNER-AS)
3 3 213.19.147.44 26120 (RHYTHMONE)
1 1 188.165.137.78 16276 (OVH)
1 2 2606:4700::68... 13335 (CLOUDFLAR...)
1 1 2a04:4e42:3::300 54113 (FASTLY)
1 151.101.13.44 54113 (FASTLY)
1 38.91.45.7 398989 (DEEPINTENT)
2 2 3.123.143.157 16509 (AMAZON-02)
1 38.27.122.126 174 (COGENT-174)
1 1 34.204.22.100 14618 (AMAZON-AES)
2 2 35.201.96.126 15169 (GOOGLE)
1 185.64.189.249 62713 (AS-PUBMATIC)
1 2 77.243.60.138 42697 (NETIC-AS)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
1 2 18.198.69.109 16509 (AMAZON-02)
1 1 34.98.107.212 15169 (GOOGLE)
2 2 185.33.221.90 29990 (ASN-APPNEX)
1 1 34.251.173.19 16509 (AMAZON-02)
1 1 34.232.92.67 14618 (AMAZON-AES)
1 151.101.13.27 54113 (FASTLY)
1 162.247.242.18 23467 (NEWRELIC-...)
1 203.151.133.55 4618 (INET-TH-A...)
470 100
3    61.91.93.188 (Thailand)

ASN7470 (TRUEINTERNET-AS-AP TRUE INTERNET Co.,Ltd., TH)
PTR: 61-91-93-188.static.asianet.co.th
www.sanook.com
graph.sanook.com
104    150.109.191.115 (Bangkok, Thailand)

ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN)
s.isanook.com
3    2a02:2638:1::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
static.criteo.net
7    150.109.90.96 (Singapore, Singapore)

ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN)
p3.isanook.com
p4.isanook.com
2    2a00:1450:4001:80e::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
2    101.33.11.110 (Frankfurt am Main, Germany)

ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN)
lvs2.truehits.in.th
3    203.151.133.6 (Bangkok, Thailand)

ASN4618 (INET-TH-AS Internet Thailand Company Limited, TH)
PTR: 6.134.151.203.sta.inet.co.th
sal.isanook.com
4    2a03:2880:f02d:12:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
4    104.108.144.214 (Berlin, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-108-144-214.deploy.static.akamaitechnologies.com
ads.pubmatic.com
4    2a00:1450:4001:827::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
2    142.250.185.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f2.1e100.net
www.googleadservices.com
1    2a00:1450:400c:c0a::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
7    2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
adservice.google.de
7    2a00:1450:4001:812::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
3    2a00:1450:4001:808::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
3    2a03:2880:f12d:83:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
3    104.103.92.43 (Vienna, Austria)

ASN16625 (AKAMAI-AS, US)
PTR: a104-103-92-43.deploy.static.akamaitechnologies.com
avd.innity.net
3    13.224.93.86 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-93-86.zrh50.r.cloudfront.net
sb.scorecardresearch.com
2    2a02:2638::1c (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
gum.criteo.com
4    178.250.0.157 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
mug.criteo.com
gum.criteo.com
8    2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
22    142.250.185.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f2.1e100.net
securepubads.g.doubleclick.net
4    119.81.192.134 (Singapore, Singapore)

ASN36351 (SOFTLAYER, US)
PTR: 86.c0.5177.ip4.static.sl-reverse.com
avd.innity.com
10    185.33.221.91 (Amsterdam, Netherlands)

ASN29990 (ASN-APPNEX, US)
PTR: 721.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
ib.adnxs.com
1    203.151.128.145 (Bangkok, Thailand)

ASN4618 (INET-TH-AS Internet Thailand Company Limited, TH)
PTR: 145.128.151.203.sta.inet.co.th
appx.sanook.com
2    2a03:2880:f02d:e:face:b00c:0:2 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
graph.facebook.com
1    203.151.133.5 (Bangkok, Thailand)

ASN4618 (INET-TH-AS Internet Thailand Company Limited, TH)
PTR: 5.134.151.203.sta.inet.co.th
api.u1sf.com
7    185.64.189.112 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
hbopenbid.pubmatic.com
8    178.250.2.131 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
PTR: bidder.am5.vip.prod.criteo.com
bidder.criteo.com
2    2606:4700:10::6816:4e7b (United States)

ASN13335 (CLOUDFLARENET, US)
code.th.giraff.io
5    213.19.162.61 (United Kingdom)

ASN3356 (LEVEL3, US)
fastlane.rubiconproject.com
5    23.209.68.8 (Munich, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-209-68-8.deploy.static.akamaitechnologies.com
a.teads.tv
5    92.122.26.214 (Munich, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a92-122-26-214.deploy.static.akamaitechnologies.com
htlb.casalemedia.com
5    77.245.57.78 (United States)

ASN36057 (WEBAIR-INTERNET-MTL, US)
rtb-eu.andbeyond.media
25    35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com
tencentth-d.openx.net
eu-u.openx.net
us-u.openx.net
1    54.36.109.186 (Sheridan, United States)

ASN16276 (OVH, FR)
PTR: p06.id5-sync.com
id5-sync.com
3    34.253.111.115 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-253-111-115.eu-west-1.compute.amazonaws.com
id.crwdcntrl.net
sync.crwdcntrl.net
bcp.crwdcntrl.net
12    13.248.242.197 (United States)

ASN16509 (AMAZON-02, US)
PTR: a97adde81b00f2ca4.awsglobalaccelerator.com
match.adsrvr.org
1    2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.de
5    2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
3    2a00:1450:4001:810::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
6d00ba5207e9bad60d35193393cb2b25.safeframe.googlesyndication.com
e708a1b2eb7ee529558f921728aa12d4.safeframe.googlesyndication.com
4    149.129.240.178 (Jakarta, Indonesia)

ASN45102 (CNNIC-ALIBABA-US-NET-AP Alibaba US Technology Co., Ltd., CN)
as.innity.com
1    151.101.193.108 (United States)

ASN54113 (FASTLY, US)
acdn.adnxs.com
2    88.221.7.65 (Munich, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a88-221-7-65.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
2    185.64.189.115 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
34    104.108.145.8 (Berlin, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-108-145-8.deploy.static.akamaitechnologies.com
js-sec.indexww.com
ssum-sec.casalemedia.com
dsum-sec.casalemedia.com
1    209.58.177.16 (Singapore)

ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG)
data.th.giraff.io
7    69.173.144.139 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
token.rubiconproject.com
pixel.rubiconproject.com
24    172.217.16.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra15s46-in-f2.1e100.net
cm.g.doubleclick.net
1    2a00:1288:80:800::7001 (Frankfurt am Main, Germany)

ASN203220 (YAHOO-DEB, GB)
ads.yahoo.com
1    35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com
id.rlcdn.com
7    185.29.134.248 (United Kingdom)

ASN30419 (MEDIAMATH-INC, US)
sync.mathtag.com
2    2a00:1288:110:c305::8000 (Dublin, Ireland)

ASN34010 (YAHOO-IRD, GB)
pr-bh.ybp.yahoo.com
6    2620:116:800d:21:5a23:9c4e:e774:96c1 (United States)

ASN16509 (AMAZON-02, US)
pixel.quantserve.com
12    37.157.4.28 (Denmark)

ASN198622 (ADFORM, DK)
c1.adform.net
1    87.240.190.67 (Russian Federation)

ASN47541 (VKONTAKTE-SPB-AS vk.com, RU)
PTR: srv67-190-240-87.vk.com
vk.com
1    217.20.152.207 (Russian Federation)

ASN47764 (MAILRU-AS Mail.Ru, RU)
PTR: ip207.152.odnoklassniki.ru
connect.ok.ru
2    213.155.156.169 (Uppsala, Sweden)

ASN1299 (TELIANET Telia Carrier, SE)
PTR: 213-155-156-169.teliacarrier-cust.com
d5p.de17a.com
22    185.64.190.80 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image2.pubmatic.com
simage2.pubmatic.com
1    178.250.2.151 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
dis.criteo.com
1    85.114.159.118 (Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com
dsp.adfarm1.adition.com
3    52.49.238.187 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-49-238-187.eu-west-1.compute.amazonaws.com
match.prod.bidr.io
2    185.64.190.81 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image4.pubmatic.com
3    146.59.148.16 (France)

ASN16276 (OVH, FR)
PTR: pikafka-2.cloudy.ovh
pixel.onaudience.com
2    54.78.254.47 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-78-254-47.eu-west-1.compute.amazonaws.com
loada.exelator.com
2    159.253.128.183 (Amsterdam, Netherlands)

ASN36351 (SOFTLAYER, US)
PTR: b7.80.fd9f.ip4.static.sl-reverse.com
um.simpli.fi
4    3.126.56.137 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-126-56-137.eu-central-1.compute.amazonaws.com
ups.analytics.yahoo.com
4    3.121.111.29 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-121-111-29.eu-central-1.compute.amazonaws.com
x.bidswitch.net
1    35.156.165.31 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-156-165-31.eu-central-1.compute.amazonaws.com
sonata-notifications.taptapnetworks.com
1    2001:678:cb4:bbbb::11 (United Kingdom)

ASN56396 (TURN, GB)
ad.turn.com
2    151.101.14.49 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
1    2a02:fa8:8806:12::1370 (Singapore)

ASN41041 (VCLK-EU-SE, US)
pubmatic-match.dotomi.com
2    66.155.71.150 (Portsmouth, United Kingdom)

ASN13768 (COGECO-PEER1, CA)
pixel-sync.sitescout.com
1    159.65.196.12 (Amsterdam, Netherlands)

ASN14061 (DIGITALOCEAN-ASN, US)
match.adsby.bidtheatre.com
3    2a00:1450:4001:82f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
fonts.gstatic.com
1    2a00:1450:4001:813::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
15    2a00:1450:4001:82f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
1    2a00:1450:4001:829::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
1    195.161.16.132 (Russian Federation)

ASN8342 (RTCOMM-AS, RU)
a.giraff.io
5    2a00:1450:4001:811::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
cdn.ampproject.org
4    2a00:1450:4001:830::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
encrypted-tbn0.gstatic.com
encrypted-tbn1.gstatic.com
2    2a00:1450:4001:810::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
encrypted-tbn3.gstatic.com
1    2a00:1450:4001:809::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
encrypted-tbn2.gstatic.com
8    52.46.133.124 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
s.amazon-adsystem.com
2    135.125.160.77 (France)

ASN16276 (OVH, FR)
PTR: ns3195934.ip-135-125-160.eu
gu.dyntrk.com
3    92.123.21.100 (Vienna, Austria)

ASN16625 (AKAMAI-AS, US)
PTR: a92-123-21-100.deploy.static.akamaitechnologies.com
px.owneriq.net
2    52.44.213.11 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-44-213-11.compute-1.amazonaws.com
nep.advangelists.com
2    72.251.241.206 (Amsterdam, Netherlands)

ASN29791 (VOXEL-DOT-NET, US)
cm.adgrx.com
2    52.201.149.59 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-201-149-59.compute-1.amazonaws.com
rtb.adentifi.com
1    54.236.185.42 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-236-185-42.compute-1.amazonaws.com
sync.extend.tv
1    35.241.40.233 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 233.40.241.35.bc.googleusercontent.com
dmp.brand-display.com
2    2606:4700:3039::6815:c06d (United States)

ASN13335 (CLOUDFLARENET, US)
ad4m.at
1    2001:4de0:ac18::1:a:2b (Netherlands)

ASN20446 (HIGHWINDS3, US)
code.jquery.com
1    81.222.128.214 (Russian Federation)

ASN20597 (ELTEL-AS, RU)
PTR: ad14.adriver.ru
ssp.adriver.ru
7    185.64.189.226 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
t.pubmatic.com
1    54.77.78.130 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-77-78-130.eu-west-1.compute.amazonaws.com
global.cloud.netacuity.com
8    23.106.253.186 (Singapore, Singapore)

ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG)
a.th.giraff.io
5    2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
1    34.107.231.31 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 31.231.107.34.bc.googleusercontent.com
p.adlooxtracking.com
2    185.64.189.114 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
simage4.pubmatic.com
1    162.55.6.210 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.210.6.55.162.clients.your-server.de
csync.loopme.me
3    213.19.147.44 (United Kingdom)

ASN26120 (RHYTHMONE, US)
sync.1rx.io
sync.targeting.unrulymedia.com
1    188.165.137.78 (France)

ASN16276 (OVH, FR)
PTR: ip78.ip-188-165-137.eu
green.erne.co
2    2606:4700::6812:d05 (United States)

ASN13335 (CLOUDFLARENET, US)
a.tribalfusion.com
s.tribalfusion.com
1    2a04:4e42:3::300 (United States)

ASN54113 (FASTLY, US)
trc.taboola.com
1    151.101.13.44 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
match.taboola.com
1    38.91.45.7 (United States)

ASN398989 (DEEPINTENT, US)
match.deepintent.com
2    3.123.143.157 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-123-143-157.eu-central-1.compute.amazonaws.com
pm.w55c.net
1    38.27.122.126 (Chestertown, United States)

ASN174 (COGENT-174, US)
match.bnmla.com
1    34.204.22.100 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-204-22-100.compute-1.amazonaws.com
sync.srv.stackadapt.com
2    35.201.96.126 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 126.96.201.35.bc.googleusercontent.com
visitor.fiftyt.com
1    185.64.189.249 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
aud.pubmatic.com
2    77.243.60.138 (Aalborg, Denmark)

ASN42697 (NETIC-AS, DK)
uipglob.semasio.net
1    2606:4700:10::ac43:db6 (United States)

ASN13335 (CLOUDFLARENET, US)
mwzeom.zeotap.com
2    18.198.69.109 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-198-69-109.eu-central-1.compute.amazonaws.com
loadm.exelator.com
1    34.98.107.212 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 212.107.98.34.bc.googleusercontent.com
ads.playground.xyz
2    185.33.221.90 (Amsterdam, Netherlands)

ASN29990 (ASN-APPNEX, US)
PTR: 727.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
secure.adnxs.com
1    34.251.173.19 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-251-173-19.eu-west-1.compute.amazonaws.com
rtb.gumgum.com
1    34.232.92.67 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-232-92-67.compute-1.amazonaws.com
sync.ipredictive.com
1    151.101.13.27 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
js-agent.newrelic.com
1    162.247.242.18 (United States)

ASN23467 (NEWRELIC-AS-1, US)
PTR: bam-6.nr-data.net
bam.nr-data.net
1    203.151.133.55 (Bangkok, Thailand)

ASN4618 (INET-TH-AS Internet Thailand Company Limited, TH)
PTR: 55.134.151.203.sta.inet.co.th
notification.sanook.com
Apex Domain
Subdomains		 Transfer
114 isanook.com
s.isanook.com
p3.isanook.com
sal.isanook.com
p4.isanook.com
2 MB
50 doubleclick.net
stats.g.doubleclick.net
googleads.g.doubleclick.net
securepubads.g.doubleclick.net
cm.g.doubleclick.net
378 KB
47 pubmatic.com
ads.pubmatic.com
hbopenbid.pubmatic.com
image6.pubmatic.com
image2.pubmatic.com
simage2.pubmatic.com
image4.pubmatic.com
t.pubmatic.com
simage4.pubmatic.com
aud.pubmatic.com
274 KB
31 casalemedia.com
htlb.casalemedia.com
ssum-sec.casalemedia.com
dsum-sec.casalemedia.com
31 KB
25 openx.net
tencentth-d.openx.net
eu-u.openx.net
us-u.openx.net
6 KB
23 googlesyndication.com
6d00ba5207e9bad60d35193393cb2b25.safeframe.googlesyndication.com
tpc.googlesyndication.com
e708a1b2eb7ee529558f921728aa12d4.safeframe.googlesyndication.com
pagead2.googlesyndication.com Failed
310 KB
15 criteo.com
gum.criteo.com
mug.criteo.com
bidder.criteo.com
dis.criteo.com
9 KB
14 rubiconproject.com
fastlane.rubiconproject.com
eus.rubiconproject.com
token.rubiconproject.com
pixel.rubiconproject.com
20 KB
13 adnxs.com
ib.adnxs.com
acdn.adnxs.com
secure.adnxs.com
28 KB
12 adform.net
c1.adform.net
6 KB
12 adsrvr.org
match.adsrvr.org
4 KB
12 giraff.io
code.th.giraff.io
data.th.giraff.io
a.giraff.io
a.th.giraff.io
48 KB
12 google.com
www.google.com
adservice.google.com
2 KB
10 gstatic.com
www.gstatic.com
encrypted-tbn0.gstatic.com
encrypted-tbn1.gstatic.com
encrypted-tbn3.gstatic.com
encrypted-tbn2.gstatic.com
fonts.gstatic.com
257 KB
8 amazon-adsystem.com
s.amazon-adsystem.com
5 KB
8 indexww.com
js-sec.indexww.com
8 KB
8 innity.com
avd.innity.com
as.innity.com
9 KB
8 googletagservices.com
www.googletagservices.com
264 KB
8 google.de
www.google.de
adservice.google.de
1 KB
7 mathtag.com
sync.mathtag.com
4 KB
7 yahoo.com
ads.yahoo.com
pr-bh.ybp.yahoo.com
ups.analytics.yahoo.com
4 KB
6 quantserve.com
pixel.quantserve.com
3 KB
5 ampproject.org
cdn.ampproject.org
102 KB
5 andbeyond.media
rtb-eu.andbeyond.media
1 KB
5 teads.tv
a.teads.tv
1 KB
5 facebook.com
www.facebook.com
graph.facebook.com
700 B
5 sanook.com
www.sanook.com
appx.sanook.com
graph.sanook.com
notification.sanook.com
45 KB
4 bidswitch.net
x.bidswitch.net
1 KB
4 exelator.com
loada.exelator.com
loadm.exelator.com
3 KB
4 google-analytics.com
www.google-analytics.com
59 KB
4 facebook.net
connect.facebook.net
181 KB
3 owneriq.net
px.owneriq.net
1 KB
3 onaudience.com
pixel.onaudience.com
1 KB
3 bidr.io
match.prod.bidr.io
2 KB
3 crwdcntrl.net
id.crwdcntrl.net
sync.crwdcntrl.net
bcp.crwdcntrl.net
1 KB
3 scorecardresearch.com
sb.scorecardresearch.com
2 KB
3 innity.net
avd.innity.net
13 KB
3 criteo.net
static.criteo.net
39 KB
2 semasio.net
uipglob.semasio.net
1 KB
2 fiftyt.com
visitor.fiftyt.com
1 KB
2 w55c.net
pm.w55c.net
2 KB
2 taboola.com
trc.taboola.com
match.taboola.com
651 B
2 tribalfusion.com
a.tribalfusion.com
s.tribalfusion.com
1 KB
2 1rx.io
sync.1rx.io
1 KB
2 ad4m.at
ad4m.at
960 B
2 adentifi.com
rtb.adentifi.com
176 B
2 adgrx.com
cm.adgrx.com
816 B
2 advangelists.com
nep.advangelists.com
463 B
2 dyntrk.com
gu.dyntrk.com
850 B
2 googleapis.com
fonts.googleapis.com
ajax.googleapis.com
30 KB
2 sitescout.com
pixel-sync.sitescout.com
636 B
2 everesttech.net
sync-tm.everesttech.net
740 B
2 simpli.fi
um.simpli.fi
1 KB
2 de17a.com
d5p.de17a.com
637 B
2 googleadservices.com
www.googleadservices.com
15 KB
2 truehits.in.th
lvs2.truehits.in.th
4 KB
2 googletagmanager.com
www.googletagmanager.com
97 KB
1 nr-data.net
bam.nr-data.net
278 B
1 newrelic.com
js-agent.newrelic.com
9 KB
1 ipredictive.com
sync.ipredictive.com
522 B
1 gumgum.com
rtb.gumgum.com
337 B
1 playground.xyz
ads.playground.xyz
633 B
1 zeotap.com
mwzeom.zeotap.com
455 B
1 stackadapt.com
sync.srv.stackadapt.com
649 B
1 bnmla.com
match.bnmla.com
112 B
1 deepintent.com
match.deepintent.com
44 B
1 erne.co
green.erne.co
326 B
1 unrulymedia.com
sync.targeting.unrulymedia.com
535 B
1 loopme.me
csync.loopme.me
152 B
1 adlooxtracking.com
p.adlooxtracking.com
4 KB
1 netacuity.com
global.cloud.netacuity.com
435 B
1 adriver.ru
ssp.adriver.ru
201 B
1 jquery.com
code.jquery.com
30 KB
1 brand-display.com
dmp.brand-display.com
253 B
1 extend.tv
sync.extend.tv
546 B
1 bidtheatre.com
match.adsby.bidtheatre.com
550 B
1 dotomi.com
pubmatic-match.dotomi.com
104 B
1 turn.com
ad.turn.com
518 B
1 taptapnetworks.com
sonata-notifications.taptapnetworks.com
314 B
1 adition.com
dsp.adfarm1.adition.com
501 B
1 ok.ru
connect.ok.ru
2 KB
1 vk.com
vk.com
437 B
1 rlcdn.com
id.rlcdn.com
1 id5-sync.com
id5-sync.com
532 B
1 u1sf.com
api.u1sf.com
423 B
470 85
Domain Requested by
104 s.isanook.com www.sanook.com
s.isanook.com
24 cm.g.doubleclick.net 18 redirects www.sanook.com
eu-u.openx.net
22 securepubads.g.doubleclick.net www.googletagservices.com
www.sanook.com
securepubads.g.doubleclick.net
6d00ba5207e9bad60d35193393cb2b25.safeframe.googlesyndication.com
15 tpc.googlesyndication.com 6d00ba5207e9bad60d35193393cb2b25.safeframe.googlesyndication.com
securepubads.g.doubleclick.net
www.sanook.com
tpc.googlesyndication.com
15 simage2.pubmatic.com ads.pubmatic.com
www.sanook.com
14 dsum-sec.casalemedia.com 4 redirects ssum-sec.casalemedia.com
12 ssum-sec.casalemedia.com 4 redirects js-sec.indexww.com
ssum-sec.casalemedia.com
12 c1.adform.net 11 redirects ads.pubmatic.com
12 eu-u.openx.net ads.pubmatic.com
eu-u.openx.net
12 match.adsrvr.org 2 redirects www.sanook.com
eu-u.openx.net
ssum-sec.casalemedia.com
10 ib.adnxs.com 3 redirects www.sanook.com
acdn.adnxs.com
8 a.th.giraff.io code.th.giraff.io
8 s.amazon-adsystem.com 4 redirects ssum-sec.casalemedia.com
8 us-u.openx.net eu-u.openx.net
8 js-sec.indexww.com ads.pubmatic.com
ssum-sec.casalemedia.com
8 bidder.criteo.com www.sanook.com
static.criteo.net
8 www.googletagservices.com s.isanook.com
securepubads.g.doubleclick.net
6d00ba5207e9bad60d35193393cb2b25.safeframe.googlesyndication.com
7 t.pubmatic.com www.sanook.com
7 image2.pubmatic.com ads.pubmatic.com
7 sync.mathtag.com 7 redirects
7 hbopenbid.pubmatic.com www.sanook.com
7 www.google.com 2 redirects www.sanook.com
tpc.googlesyndication.com
6 pixel.quantserve.com 6 redirects
6 p3.isanook.com www.sanook.com
s.isanook.com
p3.isanook.com
5 pagead2.googlesyndication.com securepubads.g.doubleclick.net
www.googletagservices.com
www.sanook.com
tpc.googlesyndication.com
5 cdn.ampproject.org securepubads.g.doubleclick.net
5 adservice.google.com securepubads.g.doubleclick.net
5 adservice.google.de securepubads.g.doubleclick.net
5 tencentth-d.openx.net www.sanook.com
5 rtb-eu.andbeyond.media www.sanook.com
5 htlb.casalemedia.com www.sanook.com
5 a.teads.tv www.sanook.com
5 fastlane.rubiconproject.com www.sanook.com
4 x.bidswitch.net 3 redirects ssum-sec.casalemedia.com
4 ups.analytics.yahoo.com 2 redirects ssum-sec.casalemedia.com
4 token.rubiconproject.com 4 redirects
4 as.innity.com www.sanook.com
4 avd.innity.com avd.innity.net
www.sanook.com
4 gum.criteo.com 1 redirects static.criteo.net
gum.criteo.com
4 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
www.sanook.com
4 ads.pubmatic.com s.isanook.com
ads.pubmatic.com
4 connect.facebook.net www.sanook.com
connect.facebook.net
s.isanook.com
3 px.owneriq.net 2 redirects ssum-sec.casalemedia.com
3 encrypted-tbn0.gstatic.com 6d00ba5207e9bad60d35193393cb2b25.safeframe.googlesyndication.com
3 pixel.onaudience.com 2 redirects ads.pubmatic.com
3 match.prod.bidr.io 2 redirects ads.pubmatic.com
3 pixel.rubiconproject.com www.sanook.com
3 sb.scorecardresearch.com 1 redirects p3.isanook.com
www.sanook.com
3 avd.innity.net p3.isanook.com
avd.innity.net
www.sanook.com
3 www.facebook.com www.sanook.com
connect.facebook.net
3 www.google.de www.sanook.com
3 googleads.g.doubleclick.net 1 redirects www.googleadservices.com
www.sanook.com
3 sal.isanook.com www.sanook.com
3 static.criteo.net www.sanook.com
2 secure.adnxs.com 2 redirects
2 loadm.exelator.com 1 redirects www.sanook.com
2 uipglob.semasio.net 1 redirects www.sanook.com
2 visitor.fiftyt.com 2 redirects
2 pm.w55c.net 2 redirects
2 sync.1rx.io 2 redirects
2 simage4.pubmatic.com ads.pubmatic.com
2 graph.sanook.com s.isanook.com
2 ad4m.at ssum-sec.casalemedia.com
ads.pubmatic.com
2 rtb.adentifi.com ssum-sec.casalemedia.com
2 cm.adgrx.com ssum-sec.casalemedia.com
ads.pubmatic.com
2 nep.advangelists.com 2 redirects
2 gu.dyntrk.com 2 redirects
2 encrypted-tbn3.gstatic.com 6d00ba5207e9bad60d35193393cb2b25.safeframe.googlesyndication.com
2 www.gstatic.com 6d00ba5207e9bad60d35193393cb2b25.safeframe.googlesyndication.com
2 pixel-sync.sitescout.com 2 redirects
2 sync-tm.everesttech.net 2 redirects
2 um.simpli.fi 1 redirects ads.pubmatic.com
2 loada.exelator.com 2 redirects
2 image4.pubmatic.com ads.pubmatic.com
2 d5p.de17a.com 2 redirects
2 pr-bh.ybp.yahoo.com 1 redirects ads.pubmatic.com
2 image6.pubmatic.com ads.pubmatic.com
2 eus.rubiconproject.com ads.pubmatic.com
eus.rubiconproject.com
2 6d00ba5207e9bad60d35193393cb2b25.safeframe.googlesyndication.com securepubads.g.doubleclick.net
2 code.th.giraff.io s.isanook.com
www.sanook.com
2 graph.facebook.com s.isanook.com
code.th.giraff.io
2 mug.criteo.com www.sanook.com
2 www.googleadservices.com www.googletagmanager.com
www.googleadservices.com
2 lvs2.truehits.in.th www.sanook.com
2 www.googletagmanager.com www.sanook.com
www.googletagmanager.com
1 notification.sanook.com www.sanook.com
1 bam.nr-data.net js-agent.newrelic.com
1 js-agent.newrelic.com www.sanook.com
1 p4.isanook.com www.sanook.com
1 sync.ipredictive.com 1 redirects
1 rtb.gumgum.com 1 redirects
1 ads.playground.xyz 1 redirects
1 mwzeom.zeotap.com www.sanook.com
1 aud.pubmatic.com www.sanook.com
1 sync.srv.stackadapt.com 1 redirects
1 match.bnmla.com ads.pubmatic.com
1 match.deepintent.com ads.pubmatic.com
1 match.taboola.com ads.pubmatic.com
1 trc.taboola.com 1 redirects
1 s.tribalfusion.com ads.pubmatic.com
1 a.tribalfusion.com 1 redirects
1 green.erne.co 1 redirects
1 sync.targeting.unrulymedia.com 1 redirects
1 csync.loopme.me ads.pubmatic.com
1 p.adlooxtracking.com www.sanook.com
1 global.cloud.netacuity.com www.sanook.com
1 ssp.adriver.ru www.sanook.com
1 code.jquery.com www.sanook.com
1 bcp.crwdcntrl.net ssum-sec.casalemedia.com
1 dmp.brand-display.com ssum-sec.casalemedia.com
1 sync.extend.tv 1 redirects
1 fonts.gstatic.com fonts.googleapis.com
1 encrypted-tbn2.gstatic.com 6d00ba5207e9bad60d35193393cb2b25.safeframe.googlesyndication.com
1 encrypted-tbn1.gstatic.com 6d00ba5207e9bad60d35193393cb2b25.safeframe.googlesyndication.com
1 a.giraff.io www.sanook.com
1 ajax.googleapis.com securepubads.g.doubleclick.net
1 e708a1b2eb7ee529558f921728aa12d4.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 fonts.googleapis.com 6d00ba5207e9bad60d35193393cb2b25.safeframe.googlesyndication.com
1 match.adsby.bidtheatre.com 1 redirects
1 pubmatic-match.dotomi.com ads.pubmatic.com
1 ad.turn.com 1 redirects
1 sonata-notifications.taptapnetworks.com 1 redirects
1 sync.crwdcntrl.net 1 redirects
1 dsp.adfarm1.adition.com 1 redirects
1 dis.criteo.com ads.pubmatic.com
1 connect.ok.ru code.th.giraff.io
1 vk.com code.th.giraff.io
1 id.rlcdn.com www.sanook.com
1 ads.yahoo.com www.sanook.com
1 data.th.giraff.io code.th.giraff.io
1 acdn.adnxs.com ads.pubmatic.com
1 id.crwdcntrl.net www.sanook.com
1 id5-sync.com www.sanook.com
1 api.u1sf.com s.isanook.com
1 appx.sanook.com s.isanook.com
1 stats.g.doubleclick.net www.sanook.com
1 www.sanook.com
470 137
Subject Issuer Validity Valid
*.sanook.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-05-27 -
2022-06-27		 a year crt.sh
*.isanook.com
DigiCert SHA2 Secure Server CA		 2020-09-14 -
2021-10-15		 a year crt.sh
*.criteo.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2021-06-27 -
2021-09-24		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2021-08-16 -
2021-11-08		 3 months crt.sh
lvs2.truehits.in.th
Sectigo RSA Domain Validation Secure Server CA		 2021-02-12 -
2022-02-27		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2021-07-20 -
2021-10-18		 3 months crt.sh
*.pubmatic.com
DigiCert SHA2 Secure Server CA		 2021-03-30 -
2022-04-04		 a year crt.sh
www.googleadservices.com
GTS CA 1C3		 2021-08-16 -
2021-11-08		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2021-08-16 -
2021-11-08		 3 months crt.sh
*.googleadservices.com
GTS CA 1C3		 2021-08-16 -
2021-11-08		 3 months crt.sh
www.google.com
GTS CA 1C3		 2021-08-16 -
2021-11-08		 3 months crt.sh
www.google.de
GTS CA 1C3		 2021-08-16 -
2021-11-08		 3 months crt.sh
*.google.de
GTS CA 1C3		 2021-08-16 -
2021-11-08		 3 months crt.sh
*.innity.net
DigiCert SHA2 Secure Server CA		 2021-05-12 -
2022-05-17		 a year crt.sh
*.scorecardresearch.com
Amazon		 2021-02-28 -
2022-03-29		 a year crt.sh
*.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2021-06-27 -
2021-09-24		 3 months crt.sh
*.innity.com
Sectigo RSA Domain Validation Secure Server CA		 2020-11-11 -
2021-12-12		 a year crt.sh
*.u1sf.com
DigiCert SHA2 Secure Server CA		 2020-01-21 -
2022-03-16		 2 years crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-04-14 -
2022-04-13		 a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-03-30 -
2022-04-04		 a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2021-03-05 -
2022-02-19		 a year crt.sh
teads.tv
R3		 2021-08-23 -
2021-11-21		 3 months crt.sh
san.casalemedia.com
GeoTrust RSA CA 2018		 2021-02-05 -
2022-02-09		 a year crt.sh
*.andbeyond.media
Starfield Secure Certificate Authority - G2		 2021-02-22 -
2022-03-26		 a year crt.sh
*.openx.net
GeoTrust RSA CA 2018		 2021-07-08 -
2022-08-08		 a year crt.sh
*.id5-sync.com
R3		 2021-07-13 -
2021-10-11		 3 months crt.sh
*.crwdcntrl.net
Go Daddy Secure Certificate Authority - G2		 2021-04-29 -
2022-05-31		 a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2021-03-18 -
2022-04-19		 a year crt.sh
*.google.com
GTS CA 1C3		 2021-08-16 -
2021-11-08		 3 months crt.sh
cdn.adnxs.com
GlobalSign Organization Validated CA - SHA256 - G4		 2021-05-10 -
2022-06-11		 a year crt.sh
th.giraff.io
R3		 2021-07-26 -
2021-10-24		 3 months crt.sh
*.ads.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2021-08-16 -
2021-10-06		 2 months crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA		 2021-02-25 -
2022-03-28		 a year crt.sh
*.vk.com
GlobalSign Organization Validation CA - SHA256 - G2		 2020-06-09 -
2022-06-10		 2 years crt.sh
*.ok.ru
GeoTrust RSA CA 2018		 2021-02-18 -
2022-03-21		 a year crt.sh
track.adform.net
DigiCert SHA2 Secure Server CA		 2019-09-16 -
2021-09-20		 2 years crt.sh
*.match.prod.bidr.io
Amazon		 2021-02-26 -
2022-03-27		 a year crt.sh
*.onaudience.com
Certyfikat SSL		 2021-05-28 -
2022-05-28		 a year crt.sh
*.simpli.fi
DigiCert SHA2 Secure Server CA		 2019-09-18 -
2021-12-12		 2 years crt.sh
*.pbp.bf2.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2021-08-18 -
2021-11-17		 3 months crt.sh
*.dotomi.com
GlobalSign RSA OV SSL CA 2018		 2021-08-10 -
2022-09-11		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2021-08-16 -
2021-11-08		 3 months crt.sh
upload.video.google.com
GTS CA 1O1		 2021-08-16 -
2021-11-08		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2021-08-16 -
2021-11-08		 3 months crt.sh
giraff.io
R3		 2021-08-19 -
2021-11-17		 3 months crt.sh
misc-sni.google.com
GTS CA 1C3		 2021-08-16 -
2021-11-08		 3 months crt.sh
s.amazon-adsystem.com
Amazon		 2021-07-14 -
2022-06-27		 a year crt.sh
*.owneriq.net
GeoTrust RSA CA 2018		 2021-01-29 -
2022-02-02		 a year crt.sh
public1.adgear.com
Sectigo RSA Domain Validation Secure Server CA		 2021-02-24 -
2022-03-26		 a year crt.sh
adentifi.com
Amazon		 2020-10-02 -
2021-11-02		 a year crt.sh
*.bidswitch.net
Sectigo RSA Domain Validation Secure Server CA		 2020-04-23 -
2022-05-04		 2 years crt.sh
*.brand-display.com
GeoTrust RSA CA 2018		 2020-06-24 -
2022-06-24		 2 years crt.sh
ups.analytics.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2021-08-17 -
2022-02-09		 6 months crt.sh
*.jquery.com
Sectigo RSA Domain Validation Secure Server CA		 2021-07-14 -
2022-08-14		 a year crt.sh
*.adriver.ru
RapidSSL RSA CA 2018		 2020-04-03 -
2022-04-24		 2 years crt.sh
*.cloud.netacuity.com
Amazon		 2021-04-11 -
2022-05-10		 a year crt.sh
p.adlooxtracking.com
GTS CA 1D4		 2021-08-25 -
2021-11-23		 3 months crt.sh
loopme.me
R3		 2021-08-30 -
2021-11-28		 3 months crt.sh
*.taboola.com
DigiCert TLS RSA SHA256 2020 CA1		 2020-11-25 -
2021-12-26		 a year crt.sh
*.deepintent.com
Go Daddy Secure Certificate Authority - G2		 2020-04-09 -
2022-06-08		 2 years crt.sh
*.bnmla.com
Go Daddy Secure Certificate Authority - G2		 2021-01-06 -
2022-02-07		 a year crt.sh
*.semasio.net
GlobalSign GCC R3 DV TLS CA 2020		 2021-03-09 -
2022-04-10		 a year crt.sh
*.exelator.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-06-02 -
2022-06-07		 a year crt.sh
*.newrelic.com
GlobalSign Atlas R3 DV TLS CA 2020		 2021-05-05 -
2022-06-06		 a year crt.sh
*.nr-data.net
DigiCert SHA2 Secure Server CA		 2020-02-05 -
2022-02-08		 2 years crt.sh

This page contains 47 frames:

Primary Page: https://www.sanook.com/news/8435186/
Frame ID: 351B2F90A1931526D052EF6D5ECAA03A
Requests: 260 HTTP requests in this frame

Frame: https://p3.isanook.com/jo/0/mu/evt/_cross_storage/ex/hub.html
Frame ID: 56B58306B16B0A3574EF9800CB0ED21D
Requests: 2 HTTP requests in this frame

Frame: https://6d00ba5207e9bad60d35193393cb2b25.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 432DB829BD7EC69D866DA0E6A918CEB7
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 1A9DC666E7C1A4BCA5BA7784492B0180
Requests: 3 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: D2BD9A2F0D788C856B6C5808FA93B293
Requests: 22 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: 2734D34DADF2D2BC43BA41103ED0CC55
Requests: 10 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: DB07260D50C29DCCFDD2C0E4CB7658EB
Requests: 10 HTTP requests in this frame

Frame: https://www.facebook.com/v2.9/plugins/like.php?action=like&app_id=1675028022749749&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Dfe898f367c09dc%26domain%3Dwww.sanook.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.sanook.com%252Ff443e6937e526%26relation%3Dparent.parent&color_scheme=light&container_width=270&href=https%3A%2F%2Fwww.facebook.com%2Fsanooknews%2F&layout=standard&locale=en_US&sdk=joey&share=false&show_faces=true&size=small&width=270
Frame ID: C2F1E20155D4DAD86A6B7A8E240F4CD7
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssUROPKtDBoynIw_E6Y_BJy_qdvwQhSiHZnF1_mi91NjL1dmu_K_bviwYSUiykVMLjbubcfuloxuhA5XHIE3I0Ktm8As11lBbeRp3x15HzBZn1oN_m0GbLU9089PxnasHGR0GqDwrftDjo_Z2AwpwvXVTxdZIf7hkNehemAwpytEzESnp20i7Lmb4xDhl6DZX3m3G_R5wtX2swQbBbY2souZqfXoQOhQEyD8Kjj46yFJH-TYhKwz4-EMr0lHqFS9dnBNfm0zl9jDq9UygUEeyd6Pzx9_PnnOQ2wf7eJXMY7QtuCAEOjgxWSjlkq6EUDR-dEXWNipF7eIh1c4hDhMf5v-8WJF1G4e8M&sai=AMfl-YRNAoHK7Dp_KomyAInRJupi2YV65BeHmsWI9Rhm9xJeYDj5abjtX4p4NBHjEzTE65e2RVDgE-eCu6gJ_qC-E3R9nWwyxLlvdHQSr0LFl8r3RUJc5cg33tvB3UBMeCo&sig=Cg0ArKJSzDG2mUB7Jgq1EAE&urlfix=1&adurl=
Frame ID: FDB40F2715B249656A8BE0B41259DEDD
Requests: 11 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 438E5A26BDA248A107A1DF16D8B2E426
Requests: 1 HTTP requests in this frame

Frame: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=37e95722-5599-4708-ac2b-c16016d6597d&gdpr=1
Frame ID: 9F801C4D97C3DD964A094B538D91369B
Requests: 7 HTTP requests in this frame

Frame: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=37e95722-5599-4708-ac2b-c16016d6597d&gdpr=1
Frame ID: B5CC9DF07093DDD9EE28E052AC626EE4
Requests: 7 HTTP requests in this frame

Frame: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=37e95722-5599-4708-ac2b-c16016d6597d&gdpr=1
Frame ID: AA430092F7C8C0F9F1B27FD5C274EB46
Requests: 7 HTTP requests in this frame

Frame: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=37e95722-5599-4708-ac2b-c16016d6597d&gdpr=1
Frame ID: 8C22F5364FDC713DE503B62BFDD36C08
Requests: 7 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: BD96FA1B7146E08CD24A5166E9EF9D9C
Requests: 1 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 6B24F643FCCC17298748DD834B726530
Requests: 1 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: BB72A5232E52DDF8A3B790E588879F45
Requests: 1 HTTP requests in this frame

Frame: https://6d00ba5207e9bad60d35193393cb2b25.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: D37C310691FF647A58353A946F4D893A
Requests: 19 HTTP requests in this frame

Frame: https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=8B4EC3BE-AA14-4328-BCCF-1F66E820ACD8
Frame ID: E7AA1D88EA0D8C268312A4787476CB72
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=5751815231257979321
Frame ID: 2D330C46B54398CEF907D0185BA58EBC
Requests: 1 HTTP requests in this frame

Frame: https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Frame ID: 9DADB23D8E1DC5A0EA476BBB7ED9FFDF
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=7002423295386515603
Frame ID: 478D22DB05617CFB6E071E17D6117A71
Requests: 1 HTTP requests in this frame

Frame: https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
Frame ID: 6770B4E88C3356CD7477B5B0EBDB22B3
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https://www.sanook.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Frame ID: 4533A242F94E5561223043AA7B12A2EF
Requests: 10 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https://www.sanook.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Frame ID: C876405D7944150EA3F089D2CCE69D29
Requests: 10 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https://www.sanook.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Frame ID: AA45B0D9F0052D98CD1C5E21A02F85B0
Requests: 10 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https://www.sanook.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Frame ID: B41DE40BC32B663B11B77BE698783300
Requests: 10 HTTP requests in this frame

Frame: https://e708a1b2eb7ee529558f921728aa12d4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Frame ID: BEA28601F35EB1C2C24513972AD70690
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsthsG2vuqmtvXw1-eD2H-95yxEqqP4qs6gA31WvW9_HGhnLtXTCe_fTnxKNvs_wiGfJ-2HAOxaMNraBw1JwEX93rG1qTB6Y7PMpUahiKdp1h0aK0S9Xh5NohKtWRA9oAO9Mp854YamDqJwyMUnIuJKLjSsVCfsLQIXMzryeL0Qa4n420dvxYG4M44WjbzfLlSZ1kQGq4cvBa9PZtwZPuftldj1yrkE73oUwYoHM_PfPh7bhtWJeGSjFLCKgswXaN98ShL40G5tesZH-5AXpGLWUSC3uNRsAy7cdi7yK0r3KSZv-HK7Q0PELdcuw7_74SZs&sig=Cg0ArKJSzJTmuuv7Ahp0EAE&urlfix=1&adurl=
Frame ID: 6B8802CD05812B958A4A94C4F571B95C
Requests: 5 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsulwVNNV-VWWA9_Ji1lwRBLTWEv2HXqY13D7FqG-Wejvc5jDp3UXDwALOvMCisZ0ixQRwU2DChOfRGWhiIQgKMNsKCnUteMwJxJrh3pI2CeQceEmeVNa0edQFMUmwjgOzfOmhlPlGmJRfFDppTtmhZcJfNywuSBC2-SOw4Ks_Wn4w-2vMlX4Dd_-jEeUADESmyYhD7s8zH2iXv7xbJMvE3pby3QEYXuGoZj4hZcQf04viVp83tTs7d_rVbJ58RlEQ0527MBoXAwL8-e2Xf9fOGYRvWkO88RJeG1VM91Td3oOjA9qtqElCHqRdwvxIMed0a_1vNfxfBHbiOunzO4OsdPbbw&sig=Cg0ArKJSzKrQj3m3QKQhEAE&adurl=
Frame ID: 7400989EC6299343DA95EA912B24E700
Requests: 8 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012108170213000/amp4ads-v0.mjs
Frame ID: C6678BAA03824C1C4B670EE67FAC0284
Requests: 12 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsszb1xdV9SSc6HaO9Y7jJJHk-OeAv_MOlWqw5454-u5ZzEu4HocfACcnVq0VIaXDBmTzmFgNACbSQQgZ3gyOiJ9IBDFjCuBe_bdfsLFe-MEml9VCNh5a6c5udOJi5GLgq978qXIls9_puHOQT_J4f22bAf2k0EYFhHR94c_z8TMIp-iPPXeOIcYajJZEYyyzH0gKv3FdJScrW-o58ge9CCVNbVxJSXzW3E8TRuFWWOFJULGkj92WVUndmCyBC8YjilfMPGCb45Mub9ZRfpAB631P5V2RKVngsMFLgbjFnxdxwnmdInPRT8hauqoRUWI5mkbQyDcXEEsoiTYmQdamXbqMULSAsSDDg&sig=Cg0ArKJSzAkHOafj8hX-EAE&adurl=
Frame ID: 43713DEDDC2694E2DC3B42AA8CE51C48
Requests: 8 HTTP requests in this frame

Frame: https://csync.loopme.me/?redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={device_id}&gdpr=0&gdpr_consent=
Frame ID: D16F4833412C92D37A23B13C11B6F4D5
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-257e8cff-5c83-4bc5-a3b7-165a49ce6539-003
Frame ID: E2DDFE673227F2E5067AB0D840D3BC20
Requests: 1 HTTP requests in this frame

Frame: https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Frame ID: AB4D35E17479E5BB1E90B707A68531C1
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=5oh7vQsH3i2FTP3k5vZxXZsy
Frame ID: C886A85A21181FCB8042063EF06C9BFF
Requests: 1 HTTP requests in this frame

Frame: https://ad4m.at/ad/dpe?b=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjkmdGw9MTI5NjAw&piggybackCookie=$UID
Frame ID: 8D2AC59C377DEF4070FEF4B136604DCA
Requests: 1 HTTP requests in this frame

Frame: https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Frame ID: 08ADEEE044C6133B954EEC56976FAB96
Requests: 1 HTTP requests in this frame

Frame: https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=3d8b292c-a87c-48a6-b7a4-ada7f370658c-tuct8272062&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
Frame ID: 36E90665CBF03FA606BCC5E2EDD0D10C
Requests: 1 HTTP requests in this frame

Frame: https://match.deepintent.com/usersync/141?gdpr=0&gdpr_consent=
Frame ID: 4C2B13B887F2DB8D9C38309FF6C74AFC
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:Qwl8qbR21MkTZ35&gdpr=0&gdpr_consent=
Frame ID: 1C12C61F7BC2C8C27DCAFB1A97C3EF96
Requests: 1 HTTP requests in this frame

Frame: https://match.bnmla.com/usersync?sspid=10738&redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3NzUmdGw9MTI5NjAw%26piggybackCookie%3D%5BUUID%5D
Frame ID: 967B1E925BCD91ECFB0A8B32189A794C
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:AB587ED07B8340E0B98FA9D2E6B5A9BF
Frame ID: FF0F3869D26BA077EA16EACD9790C54A
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=-LFovMIARGtSpAsjqU6T5Fn5QKs
Frame ID: 88EAA662DF0C7DFCD5C4C1C7852208A8
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.sanook.com
Frame ID: 2D81250D111F612B905CCE08F1450F41
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: F6BA703A0CB156410C06343CBB41B45E
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: B0BC244245132AC745C5B224EE6EE5D2
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

รวมข่าวหวย เลขเด็ดงวดนี้ ก่อนออกสลากกินแบ่งรัฐบาลงวด 1/9/64

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /nginx(?:\/([\d.]+))?/i
Overall confidence: 100%
Detected patterns
  • html /<[^>]+data-react/i
Overall confidence: 100%
Detected patterns
  • script /googletagservices\.com\/tag\/js\/gpt(?:_mobile)?\.js/i
Overall confidence: 100%
Detected patterns
  • script /\/\/connect\.facebook\.net\/[^/]*\/[a-z]*\.js/i
Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i
Overall confidence: 100%
Detected patterns
  • html /<iframe[^>]* (?:id="comscore"|scr=[^>]+comscore)|\.scorecardresearch\.com\/beacon\.js|COMSCORE\.beacon/i
  • script /\.scorecardresearch\.com\/beacon\.js|COMSCORE\.beacon/i
Overall confidence: 100%
Detected patterns
  • script /jquery[.-]([\d.]*\d)[^/]*\.js/i
  • script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

470
Requests

98 %
HTTPS

29 %
IPv6

85
Domains

137
Subdomains

100
IPs

14
Countries

4819 kB
Transfer

13449 kB
Size

4
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 81
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1007499765/?random=1029245931&cv=9&fst=1630378716581&num=1&value=0&label=JxFSCKqXqfMBEPXztOAD&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg8p0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.sanook.com%2Fnews%2F8435186%2F&tiba=%E0%B8%A3%E0%B8%A7%E0%B8%A1%E0%B8%82%E0%B9%88%E0%B8%B2%E0%B8%A7%E0%B8%AB%E0%B8%A7%E0%B8%A2%20%E0%B9%80%E0%B8%A5%E0%B8%82%E0%B9%80%E0%B8%94%E0%B9%87%E0%B8%94%E0%B8%87%E0%B8%A7%E0%B8%94%E0%B8%99%E0%B8%B5%E0%B9%89%20%E0%B8%81%E0%B9%88%E0%B8%AD%E0%B8%99&auid=916944617.1630378716&capi=1&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=3JotYeOYK4be7gO1sISABg&sscte=1&crd=&eitems=ChEI8IOyiQYQiJqDxIm85_7aARIdAGVqYgcEkEpohHAOQBP2jp4uwH8B9o3aDkbAy0A HTTP 302
  • https://www.google.com/pagead/1p-conversion/1007499765/?random=1029245931&cv=9&fst=1630378716581&num=1&value=0&label=JxFSCKqXqfMBEPXztOAD&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg8p0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.sanook.com%2Fnews%2F8435186%2F&tiba=%E0%B8%A3%E0%B8%A7%E0%B8%A1%E0%B8%82%E0%B9%88%E0%B8%B2%E0%B8%A7%E0%B8%AB%E0%B8%A7%E0%B8%A2%20%E0%B9%80%E0%B8%A5%E0%B8%82%E0%B9%80%E0%B8%94%E0%B9%87%E0%B8%94%E0%B8%87%E0%B8%A7%E0%B8%94%E0%B8%99%E0%B8%B5%E0%B9%89%20%E0%B8%81%E0%B9%88%E0%B8%AD%E0%B8%99&auid=916944617.1630378716&capi=1&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=3JotYeOYK4be7gO1sISABg&cid=CAQSKQCNIrLM3leUAid4XW_oBcKvgEumFUqWU1Q6sLTepS3UqrEMjcyLUeAI&eitems=ChEI8IOyiQYQiJqDxIm85_7aARIdAGVqYgcMTSIa1FBA3R-8O1LlpJplrFWTJLsOrWE&random=1408118010&resp=GooglemKTybQhCsO HTTP 302
  • https://www.google.de/pagead/1p-conversion/1007499765/?random=1029245931&cv=9&fst=1630378716581&num=1&value=0&label=JxFSCKqXqfMBEPXztOAD&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg8p0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.sanook.com%2Fnews%2F8435186%2F&tiba=%E0%B8%A3%E0%B8%A7%E0%B8%A1%E0%B8%82%E0%B9%88%E0%B8%B2%E0%B8%A7%E0%B8%AB%E0%B8%A7%E0%B8%A2%20%E0%B9%80%E0%B8%A5%E0%B8%82%E0%B9%80%E0%B8%94%E0%B9%87%E0%B8%94%E0%B8%87%E0%B8%A7%E0%B8%94%E0%B8%99%E0%B8%B5%E0%B9%89%20%E0%B8%81%E0%B9%88%E0%B8%AD%E0%B8%99&auid=916944617.1630378716&capi=1&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=3JotYeOYK4be7gO1sISABg&cid=CAQSKQCNIrLM3leUAid4XW_oBcKvgEumFUqWU1Q6sLTepS3UqrEMjcyLUeAI&eitems=ChEI8IOyiQYQiJqDxIm85_7aARIdAGVqYgcMTSIa1FBA3R-8O1LlpJplrFWTJLsOrWE&random=1408118010&resp=GooglemKTybQhCsO&ipr=y
Request Chain 85
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.sanook.com%2F&domain=www.sanook.com&cw=1&pbt=1 HTTP 302
  • https://mug.criteo.com/sid?cpp=V2uv0HxNcXUrb2JleXhZSG5GeFpjSmFMWjdBSjJIaVJ0UEpIN3Ztc2p5K3FEenROVythdUN4c2JLT01PMmM1WFh6M2ZpTUJtUnE3emcrNzV6Y05VZ094clRGNU1qb2NkTkJTcnVyYmFyV1h1UVArUE5qdnQvaHFDbTRmSVUrbXZ6SWk5emdsUFBRRC9POC9WeTFyeFlGNVFpMzFXSUxNUVlqNTI3MjZCVWFENlQ0RzNXbXlCdXZkRHBMSHV0V1FqdG85SUUyS2RWckswM0FBdSszWEZlZ1pqUEtGVlNLQUFzRDVpdTZRaW1jTktBU1FVPXw&cppv=2
Request Chain 89
  • https://sb.scorecardresearch.com/b?c1=2&c2=14617386&ns__t=1630378717310&ns_c=UTF-8&cv=3.5&c8=%E0%B8%A3%E0%B8%A7%E0%B8%A1%E0%B8%82%E0%B9%88%E0%B8%B2%E0%B8%A7%E0%B8%AB%E0%B8%A7%E0%B8%A2%20%E0%B9%80%E0%B8%A5%E0%B8%82%E0%B9%80%E0%B8%94%E0%B9%87%E0%B8%94%E0%B8%87%E0%B8%A7%E0%B8%94%E0%B8%99%E0%B8%B5%E0%B9%89%20%E0%B8%81%E0%B9%88%E0%B8%AD%E0%B8%99%E0%B8%AD%E0%B8%AD%E0%B8%81%E0%B8%AA%E0%B8%A5%E0%B8%B2%E0%B8%81%E0%B8%81%E0%B8%B4%E0%B8%99%E0%B9%81%E0%B8%9A%E0%B9%88%E0%B8%87%E0%B8%A3%E0%B8%B1%E0%B8%90%E0%B8%9A%E0%B8%B2%E0%B8%A5%E0%B8%87%E0%B8%A7%E0%B8%94%201%2F9%2F64&c7=https%3A%2F%2Fwww.sanook.com%2Fnews%2F8435186%2F&c9= HTTP 302
  • https://sb.scorecardresearch.com/b2?c1=2&c2=14617386&ns__t=1630378717310&ns_c=UTF-8&cv=3.5&c8=%E0%B8%A3%E0%B8%A7%E0%B8%A1%E0%B8%82%E0%B9%88%E0%B8%B2%E0%B8%A7%E0%B8%AB%E0%B8%A7%E0%B8%A2%20%E0%B9%80%E0%B8%A5%E0%B8%82%E0%B9%80%E0%B8%94%E0%B9%87%E0%B8%94%E0%B8%87%E0%B8%A7%E0%B8%94%E0%B8%99%E0%B8%B5%E0%B9%89%20%E0%B8%81%E0%B9%88%E0%B8%AD%E0%B8%99%E0%B8%AD%E0%B8%AD%E0%B8%81%E0%B8%AA%E0%B8%A5%E0%B8%B2%E0%B8%81%E0%B8%81%E0%B8%B4%E0%B8%99%E0%B9%81%E0%B8%9A%E0%B9%88%E0%B8%87%E0%B8%A3%E0%B8%B1%E0%B8%90%E0%B8%9A%E0%B8%B2%E0%B8%A5%E0%B8%87%E0%B8%A7%E0%B8%94%201%2F9%2F64&c7=https%3A%2F%2Fwww.sanook.com%2Fnews%2F8435186%2F&c9=
Request Chain 99
  • https://ib.adnxs.com/getuid?https%3A%2F%2Favd.innity.com%2Fsync%2F%3Fpartner%3Dappnexus%26token%3D%24UID%26type%3Dcookie%26itmcb%3D1630378718657 HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Favd.innity.com%252Fsync%252F%253Fpartner%253Dappnexus%2526token%253D%2524UID%2526type%253Dcookie%2526itmcb%253D1630378718657 HTTP 302
  • https://avd.innity.com/sync/?partner=appnexus&token=4047021949935290411&type=cookie&itmcb=1630378718657
Request Chain 223
  • https://token.rubiconproject.com/token?pid=25470 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1NaSEU2V1MtMUotOEY2WQ==
Request Chain 224
  • https://token.rubiconproject.com/token?pid=26594 HTTP 302
  • https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=KSZHE6WS-1J-8F6Y&sigv=1&esig=2~b5a38925fcf3ad9ef3ffd0f6f7927d8a7a6a49cb
Request Chain 226
  • https://token.rubiconproject.com/token?pid=2249&pt=n HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=OWQ5OTE2YzU2OTQ1MjkzNWIyMWI5ZDc0M2VkZjllZDNmZDA2ZGJkYg
Request Chain 227
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEL-Y6j6-UkpTT61bv3U8z2A&google_cver=1
Request Chain 228
  • https://sync.mathtag.com/sync/img?mt_exid=9&redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D4222%26nid%3D1512%26put%3D%5BMM_UUID%5D HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=4410612d-9ae0-4600-9c5d-0f8dc820f6e9
Request Chain 229
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1 HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/yzES107FIWFYHTmKjziuUMn5EUdSAgOZEtemQ7w0kco?csrc= HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=942359355507572558
Request Chain 230
  • https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D HTTP 302
  • https://eu-u.openx.net/w/1.0/sd?id=536872786&val=cd31612d-9ae0-4c00-9cf8-72d5c749ab6d
Request Chain 231
  • https://pixel.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=1 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=1&val=TQlFuUJZE7tWW068HQ9a6BpZE-hWAU_uTAqPwmeD
Request Chain 232
  • https://c1.adform.net/serving/cookie/match?party=22 HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=22 HTTP 302
  • https://eu-u.openx.net/w/1.0/sd?id=537113484&val=5258054189700874205
Request Chain 235
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEECZTOKe5I6HC3vbT9SQTxI&google_cver=1
Request Chain 236
  • https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D HTTP 302
  • https://eu-u.openx.net/w/1.0/sd?id=536872786&val=e495612d-9ae0-4800-85ec-80169f7f415c
Request Chain 237
  • https://pixel.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=1 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=1&val=NPn0IzupoiEvq_8lNPjrJjP5p3MvqfRxYatSNs5F
Request Chain 238
  • https://c1.adform.net/serving/cookie/match?party=22 HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=22 HTTP 302
  • https://eu-u.openx.net/w/1.0/sd?id=537113484&val=804836052823924442
Request Chain 241
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEECZTOKe5I6HC3vbT9SQTxI&google_cver=1
Request Chain 244
  • https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D HTTP 302
  • https://eu-u.openx.net/w/1.0/sd?id=536872786&val=257d612d-9ae0-4700-a4e2-ba6820c15c9b
Request Chain 245
  • https://pixel.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=1 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=1&val=uFPVfrcDg3yjBoV-vFrKL74G03ujWt4vvFdCdIB9
Request Chain 246
  • https://c1.adform.net/serving/cookie/match?party=22 HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=22 HTTP 302
  • https://eu-u.openx.net/w/1.0/sd?id=537113484&val=2692558038677669322
Request Chain 249
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEM226PfTF8dX7AY-fio2XTw&google_cver=1
Request Chain 250
  • https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D HTTP 302
  • https://eu-u.openx.net/w/1.0/sd?id=536872786&val=8fea612d-9ae0-4b00-93ad-0678176f162a
Request Chain 251
  • https://pixel.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=1 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=1&val=v-i7ArC47QCkvepRvbqkX7ro7FKk67AHu7gtJugM
Request Chain 252
  • https://c1.adform.net/serving/cookie/match?party=22 HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=22 HTTP 302
  • https://eu-u.openx.net/w/1.0/sd?id=537113484&val=8841135489502703226
Request Chain 255
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEM226PfTF8dX7AY-fio2XTw&google_cver=1
Request Chain 264
  • https://c1.adform.net/serving/cookie/match?party=14&cid=8B4EC3BE-AA14-4328-BCCF-1F66E820ACD8 HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=8B4EC3BE-AA14-4328-BCCF-1F66E820ACD8
Request Chain 265
  • https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
  • https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=5751815231257979321
Request Chain 267
  • https://dsp.adfarm1.adition.com/cookie/?ssp=9 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=7002423295386515603
Request Chain 268
  • https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent= HTTP 303
  • https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=?_bee_ppp=1 HTTP 303
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFEa1BFN0NXellBQUItcFpIZURvZw&bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFEa1BFN0NXellBQUItcFpIZURvZw&bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1&google_tc= HTTP 302
  • https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
Request Chain 269
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=i07DvqoUQyi8zx9m6CCs2A%3D%3D HTTP 302
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Request Chain 270
  • https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=78df612d-9ae0-4400-8c2c-296e874eca03
Request Chain 271
  • https://pixel.onaudience.com/?partner=214&mapped=8B4EC3BE-AA14-4328-BCCF-1F66E820ACD8 HTTP 302
  • https://sync.crwdcntrl.net/map/c=8587/tp=CLOD?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D HTTP 302
  • https://pixel.onaudience.com/?partner=104&icm&cver&mapped=ba00f31b003ea65e71064d0c938facf6 HTTP 302
  • https://loada.exelator.com/load/?p=1164&g=1&j=r&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25 HTTP 302
  • https://loada.exelator.com/load/?p=1164&g=1&j=r&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25&xl8blockcheck=1 HTTP 302
  • https://pixel.onaudience.com/?partner=161&icm&cver&mapped=8939ab54e0939e9750cbd6042aa19185
Request Chain 272
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=OEI0RUMzQkUtQUExNC00MzI4LUJDQ0YtMUY2NkU4MjBBQ0Q4&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Request Chain 273
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEJEgpjpGFZuID1taZ7ICrqU&google_cver=1
Request Chain 275
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=9118664458665646425
Request Chain 276
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:2c55612d-9ae0-4800-bb4f-a75df13cf803&gdpr=0&gdpr_consent=
Request Chain 277
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=103b18c4-d82b-45d3-b324-37cc26225d2a
Request Chain 278
  • https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=4047021949935290411&gdpr=0&gdpr_consent=
Request Chain 279
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=8B4EC3BE-AA14-4328-BCCF-1F66E820ACD8&redir=true&gdpr=0&gdpr_consent= HTTP 302
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=8B4EC3BE-AA14-4328-BCCF-1F66E820ACD8&redir=true&gdpr=0&gdpr_consent=&verify=true HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-LRtRC39E2uWV9p4Bu5uxNTlWPFy0PqM-~A&gdpr=0&gdpr_consent=
Request Chain 281
  • https://pixel.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=nj5wJZFuJieFayF2nGxveJs-J3WFPXsgmm5T_VAu
Request Chain 282
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://sonata-notifications.taptapnetworks.com/web/cookie/bidswitch/sync?bidswitch_ssp_id=pubmatic&bsw_custom_parameter=ddec21da-356c-47d3-904f-2da74b94bc48&gdpr=0&gdpr_consent=&gdpr_pd= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=413&ssp=pubmatic&user_id=csonata_2171e6a1-29fc-4d32-85b2-cccb1570d8a6&bsw_param=ddec21da-356c-47d3-904f-2da74b94bc48&expires=10 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=ddec21da-356c-47d3-904f-2da74b94bc48&gdpr=&gdpr_consent=&gdpr_pd=
Request Chain 283
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=7764677129612852222&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 284
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D&_test=YS2a4AAET_rhiQA4 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YS2a4AAET_rhiQA4&gdpr=0&gdpr_consent=&_test=YS2a4AAET_rhiQA4
Request Chain 286
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=no-consent&gdpr=1&gdpr_consent=
Request Chain 287
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:6be90338-039e-4862-8676-ad5fe5022c61&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Request Chain 288
  • https://ssum-sec.casalemedia.com/usermatch?d=https://www.sanook.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F HTTP 302
  • https://ssum-sec.casalemedia.com/usermatch?d=https://www.sanook.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Request Chain 289
  • https://ssum-sec.casalemedia.com/usermatch?d=https://www.sanook.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F HTTP 302
  • https://ssum-sec.casalemedia.com/usermatch?d=https://www.sanook.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Request Chain 290
  • https://ssum-sec.casalemedia.com/usermatch?d=https://www.sanook.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F HTTP 302
  • https://ssum-sec.casalemedia.com/usermatch?d=https://www.sanook.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Request Chain 291
  • https://ssum-sec.casalemedia.com/usermatch?d=https://www.sanook.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F HTTP 302
  • https://ssum-sec.casalemedia.com/usermatch?d=https://www.sanook.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Request Chain 345
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si
Request Chain 354
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YS2a4J1d43G73Utg5s8myAAA HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEJdqd_skSCzsPo0NQdy9c9M&google_cver=1&gdpr=1
Request Chain 356
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YS2a4J1d43G73Utg5s8mwgAABLoAAAIB&gdpr_consent=&us_privacy=&gdpr=1 HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESELt0TolWym1PCz9L9dwykiM&google_cver=1
Request Chain 357
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YS2a4J1d43G73Utg5s8mwgAABLoAAAIB HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YS2a4J1d43G73Utg5s8mwgAABLoAAAIB&dcc=t
Request Chain 358
  • https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1&gdpr=1 HTTP 302
  • https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1&gdpr=1&prevuid=&knw=0 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=
Request Chain 359
  • https://px.owneriq.net/eucm/p/cc?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D31%26external_user_id%3D(OIQ_UUID) HTTP 302
  • https://px.owneriq.net/ecc?redir=https%3a%2f%2fdsum-sec.casalemedia.com%2fcrum%3fcm_dsp_id%3d31%26external_user_id%3dQ6836651241273060049&uid=Q6836651241273060049&ref=%2Feucm%2Fp%2Fcc HTTP 302
  • https://px.owneriq.net/noop?ct=image%2Fgif
Request Chain 360
  • https://nep.advangelists.com/xp/user-sync?acctid=405&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D195%26external_user_id%3D%7BPARTNER_VISITOR_ID%7D%0A HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=195&external_user_id=av-feac9805-77c2-46bc-beb4-cf0ae171ee97
Request Chain 363
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YS2a4J1d43G73Utg5s8myAAA HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEJdqd_skSCzsPo0NQdy9c9M&google_cver=1&gdpr=1
Request Chain 365
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YS2a4J1d43G73Utg5s8mxQAABHIAAAIB&gdpr_consent=&us_privacy=&gdpr=1 HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESELt0TolWym1PCz9L9dwykiM&google_cver=1
Request Chain 366
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YS2a4J1d43G73Utg5s8mxQAABHIAAAIB HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YS2a4J1d43G73Utg5s8mxQAABHIAAAIB&dcc=t
Request Chain 368
  • https://pixel.quantserve.com/pixel/p-Z8PuJEk6U7Hyq.gif?idmatch=0&gdpr=1 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=1&external_user_id=YnuYqm0rzqh5Lsn5YCmH92d7z_p5eJOvZit0UuMl
Request Chain 369
  • https://sync.extend.tv/r.gif?exchange=index HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=152&external_user_id=f5ee25f4-0dbd-459a-8efa-0c3ca0d0f801
Request Chain 370
  • https://nep.advangelists.com/xp/user-sync?acctid=405&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D195%26external_user_id%3D%7BPARTNER_VISITOR_ID%7D%0A HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=195&external_user_id=av-5aa81f8a-05cd-43d2-a5ec-8beabd762704
Request Chain 372
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YS2a4J1d43G73Utg5s8myAAABHIAAAAB HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YS2a4J1d43G73Utg5s8myAAABHIAAAAB&dcc=t
Request Chain 373
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YS2a4J1d43G73Utg5s8myAAABHIAAAAB&gdpr_consent=&us_privacy=&gdpr=1 HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESELt0TolWym1PCz9L9dwykiM&google_cver=1
Request Chain 375
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YS2a4J1d43G73Utg5s8myAAA HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEJdqd_skSCzsPo0NQdy9c9M&google_cver=1&gdpr=1
Request Chain 383
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YS2a4KsE6IcxpgEr846JKQAABFoAAAAB&gdpr_consent=&us_privacy=&gdpr=1 HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESELt0TolWym1PCz9L9dwykiM&google_cver=1
Request Chain 384
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YS2a4KsE6IcxpgEr846JKQAABFoAAAAB HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YS2a4KsE6IcxpgEr846JKQAABFoAAAAB&dcc=t
Request Chain 386
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YS2a4KsE6IcxpgEr846JKQAA HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEJdqd_skSCzsPo0NQdy9c9M&google_cver=1&gdpr=1
Request Chain 390
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=48&gdpr=1 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=64&external_user_id=no-consent&expiration=1632970721
Request Chain 417
  • https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=6107650196 HTTP 302
  • https://sync.1rx.io/usersync/tradedesk/103b18c4-d82b-45d3-b324-37cc26225d2a HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-257e8cff-5c83-4bc5-a3b7-165a49ce6539-003?redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA%3D%26piggybackCookie%3DRX-257e8cff-5c83-4bc5-a3b7-165a49ce6539-003 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-257e8cff-5c83-4bc5-a3b7-165a49ce6539-003
Request Chain 419
  • https://green.erne.co/pubmatic/cm HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=5oh7vQsH3i2FTP3k5vZxXZsy
Request Chain 421
  • https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID} HTTP 302
  • https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Request Chain 422
  • https://trc.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw&piggybackCookie=uid:$UID HTTP 302
  • https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=3d8b292c-a87c-48a6-b7a4-ada7f370658c-tuct8272062&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
Request Chain 424
  • https://pm.w55c.net/ping_match.gif?ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent= HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:Qwl8qbR21MkTZ35&gdpr=0&gdpr_consent=
Request Chain 426
  • https://um.simpli.fi/pm_match?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:$UID HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:AB587ED07B8340E0B98FA9D2E6B5A9BF
Request Chain 427
  • https://sync.srv.stackadapt.com/sync?nid=11 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=-LFovMIARGtSpAsjqU6T5Fn5QKs
Request Chain 428
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=8B4EC3BE-AA14-4328-BCCF-1F66E820ACD8&gdpr= HTTP 302
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=8B4EC3BE-AA14-4328-BCCF-1F66E820ACD8&gdpr=&fbounce=1 HTTP 302
  • https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=8B4EC3BE-AA14-4328-BCCF-1F66E820ACD8&addseg=19,36,42
Request Chain 429
  • https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=8B4EC3BE-AA14-4328-BCCF-1F66E820ACD8&sInitiator=external&gdpr=0&gdpr_consent= HTTP 302
  • https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=8B4EC3BE-AA14-4328-BCCF-1F66E820ACD8&sInitiator=external&gdpr=0&gdpr_consent=
Request Chain 431
  • https://loadm.exelator.com/load/?p=204&g=71&buid=8B4EC3BE-AA14-4328-BCCF-1F66E820ACD8&gdpr=0&gdpr_consent=&j=0 HTTP 302
  • https://loadm.exelator.com/load/?p=204&g=71&buid=8B4EC3BE-AA14-4328-BCCF-1F66E820ACD8&gdpr=0&gdpr_consent=&j=0&xl8blockcheck=1
Request Chain 432
  • https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
  • https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 307
  • https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA%3D%26piggybackCookie%3D%24UID HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=5964268076335762879
Request Chain 433
  • https://rtb.gumgum.com/getuid/d1ba4609?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw%26piggybackCookie%3D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw&piggybackCookie=e_fec5e4e4-bfb9-4657-9c5b-ce9ffe4dffcc
Request Chain 434
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=${ADELPHIC_CUID}&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=5bc74f0b-0a07-11ec-ba3c-09af8c3825be&gdpr=0&gdpr_consent=

470 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.sanook.com/news/8435186/ 		256 KB
44 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.sanook.com/news/8435186/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
61.91.93.188 , Thailand, ASN7470 (TRUEINTERNET-AS-AP TRUE INTERNET Co.,Ltd., TH),
Reverse DNS
61-91-93-188.static.asianet.co.th
Software
nginx /
Resource Hash
ff69603153e83257f05d58f640c9aaf13ba0079250a00f29994b6e4e3af2f490
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains;

Request headers

Host
www.sanook.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
none
Sec-Fetch-Mode
navigate
Sec-Fetch-User
?1
Sec-Fetch-Dest
document
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Server
nginx
Date
Tue, 31 Aug 2021 02:58:35 GMT
Content-Type
text/html; charset=utf-8
Transfer-Encoding
chunked
Connection
keep-alive
Vary
Accept-Encoding
SN-Cache-Status
MISS
X-Ua-Device
desktop
X-Ua-Type
human
X-Ua-Key
cover_display
X-Ua-Exp
notset
X-Ua-isExpReadpage
exp_readpage_desktop_notset
X-Ua-shouldPass
0
Content-Encoding
gzip
Strict-Transport-Security
max-age=15724800; includeSubDomains;
styles.4af493dc.chunk.css
s.isanook.com/sr/0/_next/static/css/ 		35 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sr/0/_next/static/css/styles.4af493dc.chunk.css
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/news/8435186/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
150.109.191.115 Bangkok, Thailand, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
Lego Server /
Resource Hash
31bd8f1d5a0f3fce868b971c7f52603de284a7efe3693a5fdc2f019ab20d965a

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 26 Aug 2021 10:28:53 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit, Hit From Inner Cluster
x-original-content-length
35704
server
Lego Server
age
267812
etag
W/"61234e44-8b78"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
x-nws-log-uuid
1551239988427046802
accept-ranges
bytes
content-length
7314
expires
Wed, 22 Sep 2021 07:44:54 GMT
pubmatic_desktop.1.0.0.js
s.isanook.com/sh/0/js/ 		1 KB
832 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sh/0/js/pubmatic_desktop.1.0.0.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/news/8435186/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
150.109.191.115 Bangkok, Thailand, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
Lego Server /
Resource Hash
f5c2cea9fb4541a86979fdf18bb69f11555678d14a9d0b9be1758b65d180553b

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 22 Aug 2021 09:57:39 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit
x-original-content-length
1087
server
Lego Server
age
0
etag
W/"5afbec11-43f"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-nws-log-uuid
14750499522534021880
accept-ranges
bytes
content-length
550
expires
Tue, 21 Sep 2021 09:57:39 GMT
publishertag.js
static.criteo.net/js/ld/ 		118 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/news/8435186/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
3982c942590876cf5a57ea212976927e47b081f65ead1a24e8d0c563e97e89b7

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 31 Aug 2021 02:58:36 GMT
content-encoding
gzip
last-modified
Thu, 12 Aug 2021 15:58:03 GMT
server
nginx
etag
W/"6115450b-1d808"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Wed, 01 Sep 2021 02:58:36 GMT
beacon.v1.js
p3.isanook.com/sh/0/js/ 		319 B
375 B 		Script
General
Check archive.org
Download Go to
Full URL
https://p3.isanook.com/sh/0/js/beacon.v1.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/news/8435186/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
150.109.90.96 Singapore, Singapore, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
Lego Server /
Resource Hash
7884ea512c3977a6c9bfa2835b3fd5200d2760b691d0ed3adf02adf271808359

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 31 Aug 2021 02:58:36 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit
server
Lego Server
etag
W/"PSA-aj-wjZq0flWx2"
content-type
application/javascript
access-control-allow-origin
*
x-nws-log-uuid
478171248761818351
accept-ranges
bytes
content-length
239
spacer.gif
p3.isanook.com/sh/0/di/ac/vl/ 		43 B
161 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p3.isanook.com/sh/0/di/ac/vl/spacer.gif
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/news/8435186/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
150.109.90.96 Singapore, Singapore, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
Lego Server /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 31 Aug 2021 02:58:36 GMT
x-cache-lookup
Cache Hit
server
Lego Server
etag
"4d5107cb-2b"
content-type
image/gif
x-nws-log-uuid
4231553894220512804
accept-ranges
bytes
content-length
43
FloatingIcon.png
s.isanook.com/sr/0/images/sport/events/paralympics2020/ 		41 KB
41 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.isanook.com/sr/0/images/sport/events/paralympics2020/FloatingIcon.png
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/news/8435186/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
150.109.191.115 Bangkok, Thailand, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
Lego Server /
Resource Hash
933da63d7005d410df6de52f3eb4b87fa7c74f6472b1f5c200d2a33d0a4440dd

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sat, 28 Aug 2021 08:08:38 GMT
x-cache-lookup
Cache Hit
server
Lego Server
age
0
etag
W/"PSA-aj-b7k9hHiqvR"
vary
User-Agent
content-type
image/png
access-control-allow-origin
https://www.sanook.com
x-nws-log-uuid
13132336842784584934
accept-ranges
bytes
content-length
41824
expires
Mon, 27 Sep 2021 08:08:20 GMT
aHR0cHM6Ly9zLmlzYW5vb2suY29tL25zLzAvdWQvMTY4Ny84NDM1MTg2L2FsbC1sb3R0by1uZXdzLmpwZw==.jpg
s.isanook.com/ns/0/rp/r/w728/ya0xa0m1w0/ 		65 KB
65 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.isanook.com/ns/0/rp/r/w728/ya0xa0m1w0/aHR0cHM6Ly9zLmlzYW5vb2suY29tL25zLzAvdWQvMTY4Ny84NDM1MTg2L2FsbC1sb3R0by1uZXdzLmpwZw==.jpg
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/news/8435186/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
150.109.191.115 Bangkok, Thailand, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
Lego Server /
Resource Hash
2e6251295f2212910f888d9ac4b8676259664db5051d0883f322d622fe3244c3

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 30 Aug 2021 02:22:17 GMT
x-cache-lookup
Cache Hit, Hit From Inner Cluster
server
Lego Server
age
0
vary
Accept-Encoding
access-control-allow-origin
*
cache-control
max-age=2592000, s-maxage=10
x-nws-log-uuid
6785689974043819237
accept-ranges
bytes
content-length
66707
expires
Wed, 29 Sep 2021 02:22:17 GMT
sanook_reporter_70x200.jpg
s.isanook.com/ns/0/uc/1/6438/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.isanook.com/ns/0/uc/1/6438/sanook_reporter_70x200.jpg
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/news/8435186/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
150.109.191.115 Bangkok, Thailand, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
Lego Server /
Resource Hash
7da6ca17349939c16f0a36047dda74941cc18fb314584cf8ffb4bb7f2453c843

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 25 Aug 2021 13:37:44 GMT
x-cache-lookup
Cache Hit
server
Lego Server
age
0
etag
W/"PSA-aj-1rGNQFQvzM"
vary
User-Agent,Save-Data
content-type
image/jpeg
access-control-allow-origin
https://www.sanook.com
x-nws-log-uuid
677380000229521901
accept-ranges
bytes
content-length
2679
expires
Fri, 24 Sep 2021 13:37:35 GMT
aHR0cHM6Ly9zLmlzYW5vb2suY29tL25zLzAvdWQvMTY4Ny84NDM1MTg2LzAxLTEuanBn.jpg
s.isanook.com/ns/0/rp/r/w728/ya0xa0m1w0/ 		63 KB
63 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.isanook.com/ns/0/rp/r/w728/ya0xa0m1w0/aHR0cHM6Ly9zLmlzYW5vb2suY29tL25zLzAvdWQvMTY4Ny84NDM1MTg2LzAxLTEuanBn.jpg
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/news/8435186/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
150.109.191.115 Bangkok, Thailand, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
Lego Server /
Resource Hash
c9d1c829c2d3bf22b5fb4c886f6583ebaa8b1a2459c7f5b1a80f352d5381f571

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 30 Aug 2021 02:22:17 GMT
x-cache-lookup
Cache Hit, Hit From Inner Cluster
server
Lego Server
age
0
vary
Accept-Encoding
access-control-allow-origin
*
cache-control
max-age=2592000, s-maxage=10
x-nws-log-uuid
9789958736258732969
accept-ranges
bytes
content-length
64162
expires
Wed, 29 Sep 2021 02:22:17 GMT
aHR0cHM6Ly9zLmlzYW5vb2suY29tL25zLzAvdWQvMTY4Ny84NDM1MTg2LzAyLTEuanBn.jpg
s.isanook.com/ns/0/rp/r/w728/ya0xa0m1w0/ 		78 KB
79 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.isanook.com/ns/0/rp/r/w728/ya0xa0m1w0/aHR0cHM6Ly9zLmlzYW5vb2suY29tL25zLzAvdWQvMTY4Ny84NDM1MTg2LzAyLTEuanBn.jpg
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/news/8435186/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
150.109.191.115 Bangkok, Thailand, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
Lego Server /
Resource Hash
bb8500c9f4f27b11b17d0ee7c21ffe58fa2a4cc06524f5a9a9a94743f9578677

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 30 Aug 2021 02:22:17 GMT
x-cache-lookup
Cache Hit, Hit From Inner Cluster
server
Lego Server
age
0
vary
Accept-Encoding
access-control-allow-origin
*
cache-control
max-age=2592000, s-maxage=10
x-nws-log-uuid
86216843084244243
accept-ranges
bytes
content-length
80208
expires
Wed, 29 Sep 2021 02:22:17 GMT
aHR0cHM6Ly9zLmlzYW5vb2suY29tL25zLzAvdWQvMTY4Ny84NDM1MTg2LzAzLTEuanBn.jpg
s.isanook.com/ns/0/rp/r/w728/ya0xa0m1w0/ 		107 KB
107 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.isanook.com/ns/0/rp/r/w728/ya0xa0m1w0/aHR0cHM6Ly9zLmlzYW5vb2suY29tL25zLzAvdWQvMTY4Ny84NDM1MTg2LzAzLTEuanBn.jpg
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/news/8435186/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
150.109.191.115 Bangkok, Thailand, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
Lego Server /
Resource Hash
5d13330dbce2dbafe2bdb832ef63516443d3c6687735d0f10a06b1ae8d1dd27e

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 30 Aug 2021 02:22:17 GMT
x-cache-lookup
Cache Hit, Hit From Inner Cluster
server
Lego Server
age
0
vary
Accept-Encoding
access-control-allow-origin
*
cache-control
max-age=2592000, s-maxage=10
x-nws-log-uuid
10647222061098689128
accept-ranges
bytes
content-length
109111
expires
Wed, 29 Sep 2021 02:22:17 GMT
aHR0cHM6Ly9zLmlzYW5vb2suY29tL25zLzAvdWQvMTY4Ny84NDM1MTg2LzA0LTEuanBn.jpg
s.isanook.com/ns/0/rp/r/w728/ya0xa0m1w0/ 		46 KB
46 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.isanook.com/ns/0/rp/r/w728/ya0xa0m1w0/aHR0cHM6Ly9zLmlzYW5vb2suY29tL25zLzAvdWQvMTY4Ny84NDM1MTg2LzA0LTEuanBn.jpg
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/news/8435186/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
150.109.191.115 Bangkok, Thailand, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
Lego Server /
Resource Hash
2189b2ffa69fda833403071b6d1c9c2a803b560772bc7c38a8652efc10de0cf5

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 30 Aug 2021 02:22:17 GMT
x-cache-lookup
Cache Hit, Hit From Inner Cluster
server
Lego Server
age
0
vary
Accept-Encoding
access-control-allow-origin
*
cache-control
max-age=2592000, s-maxage=10
x-nws-log-uuid
16435509027345775897
accept-ranges
bytes
content-length
47365
expires
Wed, 29 Sep 2021 02:22:17 GMT
aHR0cHM6Ly9zLmlzYW5vb2suY29tL25zLzAvdWQvMTY4Ny84NDM1MTg2LzA1LTEuanBn.jpg
s.isanook.com/ns/0/rp/r/w728/ya0xa0m1w0/ 		74 KB
74 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.isanook.com/ns/0/rp/r/w728/ya0xa0m1w0/aHR0cHM6Ly9zLmlzYW5vb2suY29tL25zLzAvdWQvMTY4Ny84NDM1MTg2LzA1LTEuanBn.jpg
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/news/8435186/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
150.109.191.115 Bangkok, Thailand, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
Lego Server /
Resource Hash
c7824772a80a13b14b655587949e28bbd4334567e3deb600e4bb9324fe73ff8c

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 30 Aug 2021 02:22:17 GMT
x-cache-lookup
Cache Hit, Hit From Inner Cluster
server
Lego Server
age
0
vary
Accept-Encoding
access-control-allow-origin
*
cache-control
max-age=2592000, s-maxage=10
x-nws-log-uuid
11418152325574545948
accept-ranges
bytes
content-length
75925
expires
Wed, 29 Sep 2021 02:22:17 GMT
aHR0cHM6Ly9zLmlzYW5vb2suY29tL25zLzAvdWQvMTY4Ny84NDM1MTg2LzA2LTEuanBn.jpg
s.isanook.com/ns/0/rp/r/w728/ya0xa0m1w0/ 		35 KB
35 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.isanook.com/ns/0/rp/r/w728/ya0xa0m1w0/aHR0cHM6Ly9zLmlzYW5vb2suY29tL25zLzAvdWQvMTY4Ny84NDM1MTg2LzA2LTEuanBn.jpg
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/news/8435186/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
150.109.191.115 Bangkok, Thailand, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
Lego Server /
Resource Hash
c6a956e7c71fd758fcdf3fb9b1c7509fc54d4c278fd0fed826e0d6a9dab8c990

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 30 Aug 2021 02:22:17 GMT
x-cache-lookup
Cache Hit
server
Lego Server
age
0
vary
Accept-Encoding
access-control-allow-origin
*
cache-control
max-age=2592000, s-maxage=10
x-nws-log-uuid
11064912912439470860
accept-ranges
bytes
content-length
35708
expires
Wed, 29 Sep 2021 02:22:17 GMT
aHR0cHM6Ly9zLmlzYW5vb2suY29tL25zLzAvdWQvMTY4Ny84NDM1MTg2LzA3LmpwZw==.jpg
s.isanook.com/ns/0/rp/r/w728/ya0xa0m1w0/ 		36 KB
36 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.isanook.com/ns/0/rp/r/w728/ya0xa0m1w0/aHR0cHM6Ly9zLmlzYW5vb2suY29tL25zLzAvdWQvMTY4Ny84NDM1MTg2LzA3LmpwZw==.jpg
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/news/8435186/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
150.109.191.115 Bangkok, Thailand, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
Lego Server /
Resource Hash
ed63b9c17c1a6c6b43e74af9537b5d0d1c0e72d752dad79cb66c44799eb9fb20

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 31 Aug 2021 00:38:38 GMT
x-cache-lookup
Cache Hit, Hit From Inner Cluster
server
Lego Server
age
0
vary
Accept-Encoding
access-control-allow-origin
*
cache-control
max-age=2592000, s-maxage=10
x-nws-log-uuid
1486479104610568565
accept-ranges
bytes
content-length
36996
expires
Thu, 30 Sep 2021 00:38:38 GMT
aHR0cHM6Ly9zLmlzYW5vb2suY29tL25zLzAvdWQvMTY4Ny84NDM1MTg2LzA4LmpwZw==.jpg
s.isanook.com/ns/0/rp/r/w728/ya0xa0m1w0/ 		86 KB
86 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.isanook.com/ns/0/rp/r/w728/ya0xa0m1w0/aHR0cHM6Ly9zLmlzYW5vb2suY29tL25zLzAvdWQvMTY4Ny84NDM1MTg2LzA4LmpwZw==.jpg
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/news/8435186/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
150.109.191.115 Bangkok, Thailand, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
Lego Server /
Resource Hash
eece3fb4a6b84e42c970703aaad0668edf8d6b32c3a5ee7d0daac1c740f71421

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 31 Aug 2021 00:38:38 GMT
x-cache-lookup
Cache Hit, Hit From Inner Cluster
server
Lego Server
age
0
vary
Accept-Encoding
access-control-allow-origin
*
cache-control
max-age=2592000, s-maxage=10
x-nws-log-uuid
4347176803659124239
accept-ranges
bytes
content-length
87692
expires
Thu, 30 Sep 2021 00:38:38 GMT
aHR0cHM6Ly9zLmlzYW5vb2suY29tL25zLzAvdWQvMTY4Ni84NDM0OTgyL3Nhbm9va190aHVtYm5haWxfMTIwMHg3MjAtMi5qcGc=.jpg
s.isanook.com/ns/0/rp/rc/w350h197/ya0xa0m1w0/ 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.isanook.com/ns/0/rp/rc/w350h197/ya0xa0m1w0/aHR0cHM6Ly9zLmlzYW5vb2suY29tL25zLzAvdWQvMTY4Ni84NDM0OTgyL3Nhbm9va190aHVtYm5haWxfMTIwMHg3MjAtMi5qcGc=.jpg
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/news/8435186/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
150.109.191.115 Bangkok, Thailand, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
Lego Server /
Resource Hash
472f6e49b5f3cb5a2d9267e935f61debda47141148b4a79eeec7bdde83bd8932

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 29 Aug 2021 14:01:45 GMT
x-cache-lookup
Cache Hit
server
Lego Server
age
0
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=2592000, s-maxage=10
x-nws-log-uuid
15760964560978381758
accept-ranges
bytes
content-length
14446
expires
Tue, 28 Sep 2021 14:01:45 GMT
aHR0cHM6Ly9zLmlzYW5vb2suY29tL25zLzAvdWQvMTY4Ni84NDM0OTI2L2FocjBjaG02bHk5emxtbHp5dzV2YjJzdXkyOXRsLmpwZw==.jpg
s.isanook.com/ns/0/rp/rc/w350h197/ya0xa0m1w0/ 		21 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.isanook.com/ns/0/rp/rc/w350h197/ya0xa0m1w0/aHR0cHM6Ly9zLmlzYW5vb2suY29tL25zLzAvdWQvMTY4Ni84NDM0OTI2L2FocjBjaG02bHk5emxtbHp5dzV2YjJzdXkyOXRsLmpwZw==.jpg
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/news/8435186/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
150.109.191.115 Bangkok, Thailand, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
Lego Server /
Resource Hash
912a2a5c965b978ff6eff64babed7425b118952d1a3497c31ba77f06b42fc598

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 29 Aug 2021 16:40:24 GMT
x-cache-lookup
Cache Hit, Hit From Inner Cluster
server
Lego Server
age
0
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=2592000, s-maxage=10
x-nws-log-uuid
10800197274397349886
accept-ranges
bytes
content-length
21999
expires
Tue, 28 Sep 2021 16:40:24 GMT
aHR0cHM6Ly9zLmlzYW5vb2suY29tL25zLzAvdWQvMTY4Ni84NDM0NzI2L3Nhbm9va190aHVtYm5haWxfMTIwMHg3MjAoMikuanBn.jpg
s.isanook.com/ns/0/rp/rc/w350h197/ya0xa0m1w0/ 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.isanook.com/ns/0/rp/rc/w350h197/ya0xa0m1w0/aHR0cHM6Ly9zLmlzYW5vb2suY29tL25zLzAvdWQvMTY4Ni84NDM0NzI2L3Nhbm9va190aHVtYm5haWxfMTIwMHg3MjAoMikuanBn.jpg
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/news/8435186/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
150.109.191.115 Bangkok, Thailand, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
Lego Server /
Resource Hash
16873f3ca4427fdb235955bd52e9419dfdc5994c6341c2eddc1d65cf230169ca

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 29 Aug 2021 23:42:01 GMT
x-cache-lookup
Cache Hit, Hit From Inner Cluster
server
Lego Server
age
0
vary
Accept-Encoding
access-control-allow-origin
*
cache-control
max-age=2592000, s-maxage=10
x-nws-log-uuid
17011197738698296135
accept-ranges
bytes
content-length
16577
expires
Tue, 28 Sep 2021 23:42:01 GMT
aHR0cHM6Ly9zLmlzYW5vb2suY29tL25zLzAvdWQvMTY4Ny84NDM1NTc0L3Nhbm9va190aHVtYm5haWxfMTIwMHg3MjAtMi5qcGc=.jpg
s.isanook.com/ns/0/rp/rc/w350h197/ya0xa0m1w0/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.isanook.com/ns/0/rp/rc/w350h197/ya0xa0m1w0/aHR0cHM6Ly9zLmlzYW5vb2suY29tL25zLzAvdWQvMTY4Ny84NDM1NTc0L3Nhbm9va190aHVtYm5haWxfMTIwMHg3MjAtMi5qcGc=.jpg
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/news/8435186/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
150.109.191.115 Bangkok, Thailand, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
Lego Server /
Resource Hash
e797e6462933f52af1b67079a8cc218539822e9ab97f5c3a9b260821969fc5c1

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 30 Aug 2021 15:37:39 GMT
x-cache-lookup
Cache Hit, Hit From Inner Cluster
server
Lego Server
age
0
vary
Accept-Encoding
access-control-allow-origin
*
cache-control
max-age=2592000, s-maxage=10
x-nws-log-uuid
2717433605310971587
accept-ranges
bytes
content-length
13675
expires
Wed, 29 Sep 2021 15:37:39 GMT
aHR0cHM6Ly9zLmlzYW5vb2suY29tL25zLzAvdWQvMTY4Ny84NDM1MzU4L3Nhbm9va190aHVtYm5haWxfMTIwMHg3MjAoMikuanBn.jpg
s.isanook.com/ns/0/rp/rc/w350h197/ya0xa0m1w0/ 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.isanook.com/ns/0/rp/rc/w350h197/ya0xa0m1w0/aHR0cHM6Ly9zLmlzYW5vb2suY29tL25zLzAvdWQvMTY4Ny84NDM1MzU4L3Nhbm9va190aHVtYm5haWxfMTIwMHg3MjAoMikuanBn.jpg
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/news/8435186/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
150.109.191.115 Bangkok, Thailand, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
Lego Server /
Resource Hash
13542d9019e497c5f334a4865d73f4f28a17455388ba489c3d6a5f7c79ebe9fe

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 30 Aug 2021 15:37:49 GMT
x-cache-lookup
Cache Hit, Hit From Inner Cluster
server
Lego Server
age
0
vary
Accept-Encoding
access-control-allow-origin
*
cache-control
max-age=2592000, s-maxage=10
x-nws-log-uuid
7318087549163711651
accept-ranges
bytes
content-length
16377
expires
Wed, 29 Sep 2021 15:37:49 GMT
entry.js
s.isanook.com/sr/0/_next/static/San4Xsdy9aLUgv4S5czLl/pages/common/ 		58 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sr/0/_next/static/San4Xsdy9aLUgv4S5czLl/pages/common/entry.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/news/8435186/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
150.109.191.115 Bangkok, Thailand, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
Lego Server /
Resource Hash
7f0aa3993bb76cc8bc3666b2b5ebdf5e899c39f3d20ea5e231f938631f77e396

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 29 Aug 2021 08:06:37 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit
x-original-content-length
59071
server
Lego Server
age
0
etag
W/"6127737d-e6bf"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000
x-nws-log-uuid
478163718821605688
accept-ranges
bytes
content-length
12437
expires
Tue, 28 Sep 2021 07:23:04 GMT
_app.js
s.isanook.com/sr/0/_next/static/San4Xsdy9aLUgv4S5czLl/pages/ 		333 KB
67 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sr/0/_next/static/San4Xsdy9aLUgv4S5czLl/pages/_app.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/news/8435186/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
150.109.191.115 Bangkok, Thailand, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
Lego Server /
Resource Hash
add959e269a4562dd13010ed646398d5a6156e11db1886292b5eee313b4fb373

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 26 Aug 2021 11:00:53 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit
x-original-content-length
341208
server
Lego Server
age
0
etag
W/"6127737e-534d8"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-nws-log-uuid
9294246474418460141
accept-ranges
bytes
content-length
68214
expires
Sat, 25 Sep 2021 11:00:53 GMT
e5d67cc7fb9e57ec1a94d9d0e91d8f7dad6820d6.373763efdd431ed68264.js
s.isanook.com/sr/0/_next/static/chunks/ 		34 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sr/0/_next/static/chunks/e5d67cc7fb9e57ec1a94d9d0e91d8f7dad6820d6.373763efdd431ed68264.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/news/8435186/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
150.109.191.115 Bangkok, Thailand, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
Lego Server /
Resource Hash
74122d6bed0fd8d76af426f4643a54866d666807a69255ac875e5303b6742fed

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 26 Aug 2021 11:00:53 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit, Hit From Inner Cluster
last-modified
Thu, 26 Aug 2021 10:57:02 GMT
server
Lego Server
age
0
etag
W/"6127737e-8724"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000, s-maxage=10
x-nws-log-uuid
65052732034828396
accept-ranges
bytes
content-length
8443
expires
Sat, 25 Sep 2021 11:00:53 GMT
62494f545b0f5660c288bc7465bf323452d22e96.99c2898dcbff2a789c9c.js
s.isanook.com/sr/0/_next/static/chunks/ 		29 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sr/0/_next/static/chunks/62494f545b0f5660c288bc7465bf323452d22e96.99c2898dcbff2a789c9c.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/news/8435186/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
150.109.191.115 Bangkok, Thailand, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
Lego Server /
Resource Hash
2c3140b46d7335d89224e60f1e12d6257851eb8b99bf4d9e72adbbd564ffb797

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 29 Aug 2021 13:35:04 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit
x-original-content-length
29385
server
Lego Server
age
0
etag
W/"6127737e-72c9"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-nws-log-uuid
15560508211059381880
accept-ranges
bytes
content-length
5322
expires
Tue, 28 Sep 2021 13:34:54 GMT
c8f7fe3b0e41be846d5687592cf2018ff6e22687.38ab518807e1832795dd.js
s.isanook.com/sr/0/_next/static/chunks/ 		882 KB
234 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sr/0/_next/static/chunks/c8f7fe3b0e41be846d5687592cf2018ff6e22687.38ab518807e1832795dd.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/news/8435186/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
150.109.191.115 Bangkok, Thailand, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
Lego Server /
Resource Hash
94dfd4575f18abc94f25792fc2920463092432a4452fc02efaea02c9a7c1fe97

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 24 Aug 2021 06:22:27 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit
last-modified
Tue, 24 Aug 2021 06:14:41 GMT
server
Lego Server
age
0
etag
W/"61248e51-dc963"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000, s-maxage=10
x-nws-log-uuid
1350092973311509123
accept-ranges
bytes
content-length
238841
expires
Thu, 23 Sep 2021 06:22:27 GMT
2be0d319d819306fce97e874e470fd03e07f4c5e.9000108fae36569ab5d5.js
s.isanook.com/sr/0/_next/static/chunks/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sr/0/_next/static/chunks/2be0d319d819306fce97e874e470fd03e07f4c5e.9000108fae36569ab5d5.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/news/8435186/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
150.109.191.115 Bangkok, Thailand, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
Lego Server /
Resource Hash
e6e790fe5ae0603bb0ab57ac266957351dadc71115473582a47b1f1c0554ca59

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 26 Aug 2021 11:03:58 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit
last-modified
Thu, 26 Aug 2021 10:57:02 GMT
server
Lego Server
age
0
etag
W/"6127737e-31cd"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000, s-maxage=10
x-nws-log-uuid
17301886835687977607
accept-ranges
bytes
content-length
3794
expires
Sat, 25 Sep 2021 11:03:58 GMT
46.5e22e2b46f64834ca61b.js
s.isanook.com/sr/0/_next/static/chunks/ 		288 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sr/0/_next/static/chunks/46.5e22e2b46f64834ca61b.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/news/8435186/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
150.109.191.115 Bangkok, Thailand, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
Lego Server /
Resource Hash
66a0968d5f5a81b1805bea5fc0e4ff75d121aa195ec808ee95829aaf20154cba

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sat, 28 Aug 2021 13:31:19 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit
x-original-content-length
295378
server
Lego Server
age
2
etag
W/"6127737e-481d2"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-nws-log-uuid
2453380293779724585
accept-ranges
bytes
content-length
59890
expires
Mon, 27 Sep 2021 13:31:19 GMT
webpack-bf727a6e86cd493ae7aa.js
s.isanook.com/sr/0/_next/static/runtime/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sr/0/_next/static/runtime/webpack-bf727a6e86cd493ae7aa.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/news/8435186/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
150.109.191.115 Bangkok, Thailand, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
Lego Server /
Resource Hash
d8405abefbd33ff333e343802dcc12751bd42a8f1b6524846420d09176d348ad

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 26 Aug 2021 11:00:53 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit
last-modified
Thu, 26 Aug 2021 10:57:03 GMT
server
Lego Server
age
0
etag
W/"6127737f-1aa1"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000, s-maxage=10
x-nws-log-uuid
17370361584890980050
accept-ranges
bytes
content-length
3051
expires
Sat, 25 Sep 2021 11:00:53 GMT
framework.a8c446334694403b7af5.js
s.isanook.com/sr/0/_next/static/chunks/ 		136 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sr/0/_next/static/chunks/framework.a8c446334694403b7af5.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/news/8435186/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
150.109.191.115 Bangkok, Thailand, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
Lego Server /
Resource Hash
ec661b5d4dc72d264f577068c594b27ce38d5fe584110dbb4ef92c163e755a69

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 25 Aug 2021 13:37:36 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit
x-original-content-length
139444
server
Lego Server
age
2
etag
W/"6125f183-220b4"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-nws-log-uuid
18161548690016959532
accept-ranges
bytes
content-length
44478
expires
Fri, 24 Sep 2021 13:09:49 GMT
5e47f296327e8a1a9906ba09f75097b1698d8d51.6ee61761ec68b3509c52.js
s.isanook.com/sr/0/_next/static/chunks/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sr/0/_next/static/chunks/5e47f296327e8a1a9906ba09f75097b1698d8d51.6ee61761ec68b3509c52.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/news/8435186/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
150.109.191.115 Bangkok, Thailand, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
Lego Server /
Resource Hash
1f3a1c6c709557abdb6d89dab8b86d8f9a5db9961647ec29dbce164c127031db

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 27 Aug 2021 09:45:52 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit
last-modified
Thu, 26 Aug 2021 10:57:02 GMT
server
Lego Server
age
80575
etag
"6127737e-1995"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000, s-maxage=10
x-nws-log-uuid
13697427076270608867
accept-ranges
bytes
content-length
2437
expires
Sun, 26 Sep 2021 09:45:52 GMT
40a6c1b6bb6a3d42f91661f0560a3fe503d632ec.3b72f283b635eb4eacd3.js
s.isanook.com/sr/0/_next/static/chunks/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sr/0/_next/static/chunks/40a6c1b6bb6a3d42f91661f0560a3fe503d632ec.3b72f283b635eb4eacd3.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/news/8435186/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
150.109.191.115 Bangkok, Thailand, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
Lego Server /
Resource Hash
56f36534c63fc42b782437937dd71f47ee3fdcdfaa70f1483533ff44c5fde84a

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sat, 28 Aug 2021 13:31:20 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit
last-modified
Thu, 26 Aug 2021 10:57:02 GMT
server
Lego Server
age
1
etag
W/"6127737e-1def"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000
x-nws-log-uuid
16958678652842513660
accept-ranges
bytes
content-length
2559
expires
Mon, 27 Sep 2021 13:31:20 GMT
5a620b34399a1c67dbc88ce988e37ec431282bc2.f848520e63915f6f252c.js
s.isanook.com/sr/0/_next/static/chunks/ 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sr/0/_next/static/chunks/5a620b34399a1c67dbc88ce988e37ec431282bc2.f848520e63915f6f252c.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/news/8435186/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
150.109.191.115 Bangkok, Thailand, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
Lego Server /
Resource Hash
fc29b5106b5b25458f3d8b90c4613be97c66a641ef62017e02691398d5742d3e

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 29 Aug 2021 08:06:35 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit
last-modified
Thu, 26 Aug 2021 10:57:02 GMT
server
Lego Server
age
0
etag
W/"6127737e-320a"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000, s-maxage=10
x-nws-log-uuid
3553616306688920725
accept-ranges
bytes
content-length
4839
expires
Sun, 29 Aug 2021 08:06:46 GMT
1daddbe518133c024802cb6086a3af5f8dc433d0.b7595c8340c8fcd5e360.js
s.isanook.com/sr/0/_next/static/chunks/ 		47 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sr/0/_next/static/chunks/1daddbe518133c024802cb6086a3af5f8dc433d0.b7595c8340c8fcd5e360.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/news/8435186/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
150.109.191.115 Bangkok, Thailand, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
Lego Server /
Resource Hash
fc11c4b0a709faf866afca7038605816b1ef771453695eba9b964217d2c41609

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 29 Aug 2021 14:49:10 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit, Hit From Inner Cluster
last-modified
Thu, 26 Aug 2021 10:57:02 GMT
server
Lego Server
age
98251
etag
W/"6127737e-bdf4"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000, s-maxage=10
x-nws-log-uuid
1089012376828716305
accept-ranges
bytes
content-length
18431
expires
Tue, 28 Sep 2021 14:49:10 GMT
5a06b70ae33e96b53e8232bd260bc1b13eff74ad.03303b89d1895002b2ec.js
s.isanook.com/sr/0/_next/static/chunks/ 		151 KB
46 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sr/0/_next/static/chunks/5a06b70ae33e96b53e8232bd260bc1b13eff74ad.03303b89d1895002b2ec.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/news/8435186/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
150.109.191.115 Bangkok, Thailand, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
Lego Server /
Resource Hash
f7499ace47711e1d551810c1f8125288e98509a74f22065442f9c901ca8b18d5

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sat, 28 Aug 2021 13:31:20 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit
last-modified
Thu, 26 Aug 2021 10:57:02 GMT
server
Lego Server
age
1
etag
W/"6127737e-25b1e"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000
x-nws-log-uuid
4515370626131173490
accept-ranges
bytes
content-length
47341
expires
Mon, 27 Sep 2021 13:31:20 GMT
f984ce8743817d99155f468bc01d17674342c98a.7a1a2b2083b0c66bf6e7.js
s.isanook.com/sr/0/_next/static/chunks/ 		40 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sr/0/_next/static/chunks/f984ce8743817d99155f468bc01d17674342c98a.7a1a2b2083b0c66bf6e7.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/news/8435186/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
150.109.191.115 Bangkok, Thailand, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
Lego Server /
Resource Hash
140582e47785a6324e4440adcd51bc14005892d083eff72f66265b568db5933b

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 29 Aug 2021 08:06:38 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit
x-original-content-length
40871
server
Lego Server
age
1
etag
W/"6127737e-9fa7"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000, s-maxage=10
x-nws-log-uuid
12096958264900089639
accept-ranges
bytes
content-length
14025
expires
Sun, 29 Aug 2021 08:06:44 GMT
ae84cd41c73f67182b5244d1f0779236d441a25d.80991efe8bb1a9543cba.js
s.isanook.com/sr/0/_next/static/chunks/ 		39 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sr/0/_next/static/chunks/ae84cd41c73f67182b5244d1f0779236d441a25d.80991efe8bb1a9543cba.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/news/8435186/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
150.109.191.115 Bangkok, Thailand, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
Lego Server /
Resource Hash
635664c62c16fe2ab1476757c43e3018ca1a14e8f83dbad2ca843c08a0ec8898

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 29 Aug 2021 13:34:54 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit
x-original-content-length
40348
server
Lego Server
age
0
etag
W/"6127737e-9d9c"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-nws-log-uuid
10611505129247293383
accept-ranges
bytes
content-length
12333
expires
Tue, 28 Sep 2021 13:34:54 GMT
f4870a16efa30f974ce772dc1cfd77d71e6f712b.313df431fe256f08a617.js
s.isanook.com/sr/0/_next/static/chunks/ 		62 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sr/0/_next/static/chunks/f4870a16efa30f974ce772dc1cfd77d71e6f712b.313df431fe256f08a617.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/news/8435186/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
150.109.191.115 Bangkok, Thailand, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
Lego Server /
Resource Hash
fc5d359705d84854b9d91a3e590b31e8202b5930684d90cf46316c996055c947

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 29 Aug 2021 13:34:53 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit
x-original-content-length
63750
server
Lego Server
age
0
etag
"6127737e-f906"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-nws-log-uuid
14188875427045704328
accept-ranges
bytes
content-length
18882
expires
Tue, 28 Sep 2021 10:35:31 GMT
4a63ff3961ef6ae7bf4751d874a3909b599c6c33.f2ede5c6c7d27e1d37cf.js
s.isanook.com/sr/0/_next/static/chunks/ 		18 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sr/0/_next/static/chunks/4a63ff3961ef6ae7bf4751d874a3909b599c6c33.f2ede5c6c7d27e1d37cf.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/news/8435186/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
150.109.191.115 Bangkok, Thailand, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
Lego Server /
Resource Hash
7c97733cfcb2cf9c407d64412fa84f3204bd2f7148b0c9dac79153e00e0d808f

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 27 Aug 2021 13:37:42 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit
x-original-content-length
18913
server
Lego Server
age
8752
etag
"6127737e-49e1"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-nws-log-uuid
1776458663816522447
accept-ranges
bytes
content-length
5932
expires
Sun, 26 Sep 2021 11:03:59 GMT
abfcd4e2fbe88066bb74ae719336e4784bea213f.06b2d8d4bdefedc62910.js
s.isanook.com/sr/0/_next/static/chunks/ 		19 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sr/0/_next/static/chunks/abfcd4e2fbe88066bb74ae719336e4784bea213f.06b2d8d4bdefedc62910.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/news/8435186/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
150.109.191.115 Bangkok, Thailand, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
Lego Server /
Resource Hash
556b54759c6cef79505607ce76cb1b45c1ea663582f337599d7c602b46e70a0c

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 26 Aug 2021 11:00:53 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit, Hit From Inner Cluster
last-modified
Thu, 26 Aug 2021 10:57:02 GMT
server
Lego Server
age
0
etag
W/"6127737e-4cdc"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000
x-nws-log-uuid
14495897958844469238
accept-ranges
bytes
content-length
6858
expires
Sat, 25 Sep 2021 11:00:53 GMT
5f9919215684809646a61de8f847b80ea40bf13f.25b32f2bf3ce9d3af029.js
s.isanook.com/sr/0/_next/static/chunks/ 		12 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sr/0/_next/static/chunks/5f9919215684809646a61de8f847b80ea40bf13f.25b32f2bf3ce9d3af029.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/news/8435186/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
150.109.191.115 Bangkok, Thailand, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
Lego Server /
Resource Hash
ea72489e4dedb4e925a111a877cfbf6ab169d4b29b9d037bec637c670b32df1d

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 27 Aug 2021 08:10:22 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit
x-original-content-length
11793
server
Lego Server
age
54782
etag
"6127737e-2e11"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-nws-log-uuid
7703901394012022551
accept-ranges
bytes
content-length
3364
expires
Sat, 25 Sep 2021 16:51:14 GMT
296c2f46e05a3698b69e11aff904f199bbae8293.917adce89b0ea44db467.js
s.isanook.com/sr/0/_next/static/chunks/ 		281 KB
50 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sr/0/_next/static/chunks/296c2f46e05a3698b69e11aff904f199bbae8293.917adce89b0ea44db467.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/news/8435186/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
150.109.191.115 Bangkok, Thailand, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
Lego Server /
Resource Hash
7039a31cabdf37972bc95cdd885b69560a1a9353d063d1372d7c8407e846452d

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sat, 28 Aug 2021 08:08:42 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit
x-original-content-length
287736
server
Lego Server
age
1
etag
W/"6127737e-463f8"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000, s-maxage=10
x-nws-log-uuid
6640959446937976388
accept-ranges
bytes
content-length
50723
expires
Sat, 28 Aug 2021 08:08:52 GMT
059f517648083c4cc99dfdde6159ac5517e5e50d.80c231de7f2569350341.js
s.isanook.com/sr/0/_next/static/chunks/ 		18 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sr/0/_next/static/chunks/059f517648083c4cc99dfdde6159ac5517e5e50d.80c231de7f2569350341.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/news/8435186/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
150.109.191.115 Bangkok, Thailand, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
Lego Server /
Resource Hash
e9a7f88990e25e0fd3d4cc931050b9e17f4ac792808d3fcb35babb4a41a9275d

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 26 Aug 2021 11:00:53 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit
last-modified
Thu, 26 Aug 2021 10:57:02 GMT
server
Lego Server
age
0
etag
W/"6127737e-4643"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000, s-maxage=10
x-nws-log-uuid
7152893507639171887
accept-ranges
bytes
content-length
5522
expires
Sat, 25 Sep 2021 11:00:53 GMT
styles.e56987f829e6da55bdfa.js
s.isanook.com/sr/0/_next/static/chunks/ 		107 B
295 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sr/0/_next/static/chunks/styles.e56987f829e6da55bdfa.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/news/8435186/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
150.109.191.115 Bangkok, Thailand, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
Lego Server /
Resource Hash
e2c1c46b95e76e5aa6f3568f5632db433ed8ff053dddb6698f46c6483413a586

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sat, 28 Aug 2021 14:45:05 GMT
x-cache-lookup
Cache Hit, Hit From Inner Cluster
last-modified
Thu, 26 Aug 2021 10:57:02 GMT
server
Lego Server
age
0
etag
"6127737e-6b"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000, s-maxage=10
x-nws-log-uuid
12843331498262395722
accept-ranges
bytes
content-length
107
expires
Mon, 27 Sep 2021 14:45:05 GMT
main-c4548a6c5259798ceb68.js
s.isanook.com/sr/0/_next/static/runtime/ 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sr/0/_next/static/runtime/main-c4548a6c5259798ceb68.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/news/8435186/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
150.109.191.115 Bangkok, Thailand, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
Lego Server /
Resource Hash
70c43dce4a0660213c91932e6b1b2c2a4370402bdbf51206a877d0b8d92312e2

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 25 Aug 2021 03:28:53 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit
x-original-content-length
13391
server
Lego Server
age
16273
etag
W/"6124f8f1-344f"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-nws-log-uuid
7494880084349624413
accept-ranges
bytes
content-length
4911
expires
Fri, 24 Sep 2021 03:28:53 GMT
dc9a8663c1eefa251dd550396c9e16229a3b5fba.827f1a69452106b0f878.js
s.isanook.com/sr/0/_next/static/chunks/ 		251 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sr/0/_next/static/chunks/dc9a8663c1eefa251dd550396c9e16229a3b5fba.827f1a69452106b0f878.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/news/8435186/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
150.109.191.115 Bangkok, Thailand, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
Lego Server /
Resource Hash
a4dd6d1a338ee6666d4479f8a436bca06fb273c809c21e94f1da92cc0ca4ce06

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sat, 28 Aug 2021 10:00:52 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit
x-original-content-length
256628
server
Lego Server
age
0
etag
W/"6127737e-3ea74"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000, s-maxage=10
x-nws-log-uuid
3638289507890366966
accept-ranges
bytes
content-length
19861
expires
Mon, 27 Sep 2021 10:00:52 GMT
ab3892aacfceb4ef2a725033e958c965fa67f28e.02e73207f7dab7fbde40.js
s.isanook.com/sr/0/_next/static/chunks/ 		18 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sr/0/_next/static/chunks/ab3892aacfceb4ef2a725033e958c965fa67f28e.02e73207f7dab7fbde40.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/news/8435186/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
150.109.191.115 Bangkok, Thailand, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
Lego Server /
Resource Hash
a531318f14411b60f76e9f1ff557a0624d3d4ae4fabca14fdde110389dcfbcad

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 27 Aug 2021 12:06:43 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit
last-modified
Thu, 26 Aug 2021 10:57:02 GMT
server
Lego Server
age
72123
etag
W/"6127737e-47b2"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000, s-maxage=10
x-nws-log-uuid
16779451825567477820
accept-ranges
bytes
content-length
5447
expires
Sun, 26 Sep 2021 12:06:43 GMT
fb98b1ff8c843897229594d0871fe7639edf6d86.fe5608beb7219774760b.js
s.isanook.com/sr/0/_next/static/chunks/ 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sr/0/_next/static/chunks/fb98b1ff8c843897229594d0871fe7639edf6d86.fe5608beb7219774760b.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/news/8435186/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
150.109.191.115 Bangkok, Thailand, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
Lego Server /
Resource Hash
180425af28d98940d88774e896fe688dcb33b41df94ac547989b4d41d6925f5c

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sat, 28 Aug 2021 13:31:22 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit
x-original-content-length
13459
server
Lego Server
age
3
etag
W/"6127737e-3493"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-nws-log-uuid
16913148022565392408
accept-ranges
bytes
content-length
4584
expires
Mon, 27 Sep 2021 13:31:20 GMT
36f18939174bdec1174e6e4232aca37f2ac87597.8c7201dca81875cd9bba.js
s.isanook.com/sr/0/_next/static/chunks/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sr/0/_next/static/chunks/36f18939174bdec1174e6e4232aca37f2ac87597.8c7201dca81875cd9bba.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/news/8435186/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
150.109.191.115 Bangkok, Thailand, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
Lego Server /
Resource Hash
202c62154b85f60edb1b14a28a22e83e5a87f97f2c5f8567590cedea75a0cd78

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sat, 28 Aug 2021 08:08:42 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit
last-modified
Thu, 26 Aug 2021 10:57:02 GMT
server
Lego Server
age
1
etag
W/"6127737e-2e2b"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000, s-maxage=10
x-nws-log-uuid
17324511724115000982
accept-ranges
bytes
content-length
3936
expires
Sat, 28 Aug 2021 08:08:52 GMT
8ab386d58aa3a665f05cabdf9944d29ddc817c3f.0dad4ce0315027f9003e.js
s.isanook.com/sr/0/_next/static/chunks/ 		205 KB
46 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sr/0/_next/static/chunks/8ab386d58aa3a665f05cabdf9944d29ddc817c3f.0dad4ce0315027f9003e.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/news/8435186/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
150.109.191.115 Bangkok, Thailand, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
Lego Server /
Resource Hash
c09778e8a6f52094885727d8c19f5ebad50b297fe9bc09431f2b04505b6c47b3

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 29 Aug 2021 08:06:35 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit
last-modified
Thu, 26 Aug 2021 10:57:02 GMT
server
Lego Server
age
0
etag
W/"6127737e-335cc"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000, s-maxage=10
x-nws-log-uuid
1128438046054442289
accept-ranges
bytes
content-length
47225
expires
Sun, 29 Aug 2021 08:06:46 GMT
0015fcc910c18fad36b943eeeb66e44dbf6e9ef9.e873317aa70e511fdce3.js
s.isanook.com/sr/0/_next/static/chunks/ 		16 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sr/0/_next/static/chunks/0015fcc910c18fad36b943eeeb66e44dbf6e9ef9.e873317aa70e511fdce3.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/news/8435186/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
150.109.191.115 Bangkok, Thailand, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
Lego Server /
Resource Hash
ab7a9e1dd7e6c7d5e3fa41ef5ff9c1fd12e0067c2b2875e6eb79a7bc6433658b

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 27 Aug 2021 13:37:49 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit
x-original-content-length
16660
server
Lego Server
age
1
etag
W/"6127737e-4114"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000, s-maxage=10
x-nws-log-uuid
17411293162733552800
accept-ranges
bytes
content-length
4024
expires
Fri, 27 Aug 2021 13:37:49 GMT
ed625dc825875053e87b8bdde60bbaaa766bbef4.1c26ec41cba2d9195163.js
s.isanook.com/sr/0/_next/static/chunks/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sr/0/_next/static/chunks/ed625dc825875053e87b8bdde60bbaaa766bbef4.1c26ec41cba2d9195163.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/news/8435186/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
150.109.191.115 Bangkok, Thailand, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
Lego Server /
Resource Hash
d3d234c662434057ebd6fe55270a6c0e7b935a5719344e8e71ebe625afd7222a

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 29 Aug 2021 08:06:37 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit
last-modified
Thu, 26 Aug 2021 10:57:02 GMT
server
Lego Server
age
22243
etag
W/"6127737e-16bf"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000, s-maxage=10
x-nws-log-uuid
6159052538642111046
accept-ranges
bytes
content-length
2691
expires
Sun, 29 Aug 2021 08:06:38 GMT
_buildManifest.js
s.isanook.com/sr/0/_next/static/San4Xsdy9aLUgv4S5czLl/ 		7 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sr/0/_next/static/San4Xsdy9aLUgv4S5czLl/_buildManifest.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/news/8435186/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
150.109.191.115 Bangkok, Thailand, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
Lego Server /
Resource Hash
0464387ee82b37e9d2fe2be926c1e42e5a05acf1bf319cbed950509071f16e8f

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 27 Aug 2021 09:30:57 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit
x-original-content-length
6852
server
Lego Server
age
3
etag
W/"6127737d-1ac4"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-nws-log-uuid
4908798217497437950
accept-ranges
bytes
content-length
1920
expires
Sun, 26 Sep 2021 09:30:57 GMT
oppa.js
p3.isanook.com/sh/0/js/ 		537 B
652 B 		Script
General
Check archive.org
Download Go to
Full URL
https://p3.isanook.com/sh/0/js/oppa.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/news/8435186/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
150.109.90.96 Singapore, Singapore, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
Lego Server /
Resource Hash
8d9ca9a070463bcbe29e90af7f3b2aff78adce09eb1481d5b261af72ef998f28

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 31 Aug 2021 02:58:36 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit, Hit From Inner Cluster
last-modified
Wed, 17 May 2017 08:37:40 GMT
server
Lego Server
etag
"591c0bd4-219"
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000, s-maxage=10
x-nws-log-uuid
4938239553460203601
accept-ranges
bytes
content-length
363
db04b7e80825ebbe7211052ca9638d056f74acc8-1.10.0.js
s.isanook.com/sr/0/js/izooto/ 		172 KB
45 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sr/0/js/izooto/db04b7e80825ebbe7211052ca9638d056f74acc8-1.10.0.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/news/8435186/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
150.109.191.115 Bangkok, Thailand, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
Lego Server /
Resource Hash
ac8eabec563ca7a5dbba47a05fcccbce4a38cf4dbdcf1c82d08312268044ff07

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 25 Aug 2021 06:23:46 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit, Hit From Inner Cluster
x-original-content-length
176694
server
Lego Server
age
166668
etag
W/"PSA-aj-jB1zUdS3bn"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-nws-log-uuid
13507102115579174289
accept-ranges
bytes
content-length
45759
expires
Wed, 22 Sep 2021 08:05:27 GMT
gtm.js
www.googletagmanager.com/ 		138 KB
46 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-PNXLXRS
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/news/8435186/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
560d336f09a1a9e4fd3e7ea57f537d001bf9203a0ee633f41d237ae9d90a77c5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 31 Aug 2021 02:58:36 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47321
x-xss-protection
0
last-modified
Tue, 31 Aug 2021 00:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 31 Aug 2021 02:58:36 GMT
d0004449.js
lvs2.truehits.in.th/dataa/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://lvs2.truehits.in.th/dataa/d0004449.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/news/8435186/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
101.33.11.110 Frankfurt am Main, Germany, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
NWS_Oversea_AP /
Resource Hash
fe4805d0c7438bd9feb48caf4c27f74c139b9a62d05a8470206bf2413c6d59dc

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Tue, 31 Aug 2021 02:58:37 GMT
Content-Encoding
gzip
X-Cache-Lookup
Hit From Disktank3 Gz
Last-Modified
Thu, 26 Aug 2021 07:02:00 GMT
Server
NWS_Oversea_AP
P3P
CP=NOI DSP COR NID ADMa OUR IND NAV; policyref="/w3c/p3p.xml"
Cache-Control
max-age=604800
X-NWS-LOG-UUID
c7f1e7c6-3779-4806-b2cf-13512192a18e
Connection
keep-alive
Content-Type
application/x-javascript
Content-Length
2943
Expires
Tue, 07 Sep 2021 02:58:37 GMT
a102.js
sal.isanook.com/js/ 		23 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sal.isanook.com/js/a102.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/news/8435186/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
203.151.133.6 Bangkok, Thailand, ASN4618 (INET-TH-AS Internet Thailand Company Limited, TH),
Reverse DNS
6.134.151.203.sta.inet.co.th
Software
nginx /
Resource Hash
65a2c51a124c9c70ba2658a101e28c00535c64651897577b2ed90693e9aeabd4

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Tue, 31 Aug 2021 02:58:38 GMT
Last-Modified
Mon, 10 Aug 2020 09:23:14 GMT
Server
nginx
Content-Type
application/javascript
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
24035
Expires
Thu, 30 Sep 2021 02:58:38 GMT
fbevents.js
connect.facebook.net/en_US/ 		99 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/news/8435186/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
e90840ba8e99975dc53b26b16c56c117f267379efe7207981ec3c63fe991efba
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
25996
x-xss-protection
0
pragma
public
x-fb-debug
mWsp+FKCwkOvxB0KEpktYpFxqC0O/VIZRuGrhET5sq/tTAeF2zQdNMDGle38MdkEdMD/tuk6SmwFnep7ShxPqg==
x-fb-trip-id
917726464
x-frame-options
DENY
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
date
Tue, 31 Aug 2021 02:58:36 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
logo-sanook.svg
s.isanook.com/sr/0/images/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.isanook.com/sr/0/images/logo-sanook.svg
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/news/8435186/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
150.109.191.115 Bangkok, Thailand, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
Lego Server /
Resource Hash
b954d75fe18fc4f434d917c09c8074086ccd126e5af3b9103ab2724a0afe9d30

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 27 Aug 2021 13:30:24 GMT
x-cache-lookup
Cache Hit, Hit From Inner Cluster
last-modified
Thu, 26 Aug 2021 10:57:17 GMT
server
Lego Server
age
0
etag
W/"6127738d-1633"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=2592000
x-nws-log-uuid
913789856394335549
accept-ranges
bytes
content-length
5683
expires
Sun, 26 Sep 2021 13:30:24 GMT
wetv-g.svg
s.isanook.com/sr/0/images/homewetv/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.isanook.com/sr/0/images/homewetv/wetv-g.svg
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/news/8435186/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
150.109.191.115 Bangkok, Thailand, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
Lego Server /
Resource Hash
616d170a503f4e7a668bb4b6ccd21cb926059c5c2d0bac657ffbc09f25c0cdb5

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 29 Aug 2021 13:38:07 GMT
x-cache-lookup
Cache Hit, Hit From Inner Cluster
last-modified
Thu, 26 Aug 2021 10:57:08 GMT
server
Lego Server
age
89467
etag
W/"61277384-113a"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=2592000
x-nws-log-uuid
11719291198797704059
accept-ranges
bytes
content-length
4410
expires
Tue, 28 Sep 2021 13:38:07 GMT
base-icon-v1.0.33.woff2
s.isanook.com/sr/0/fonts/icon/ 		34 KB
34 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sr/0/fonts/icon/base-icon-v1.0.33.woff2
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/news/8435186/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
150.109.191.115 Bangkok, Thailand, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
Lego Server /
Resource Hash
fdebd9e66a987b2c6f5edcbf8419624574a0c49d74c5a30e2ce484a76290988e

Request headers

Origin
https://www.sanook.com
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 24 Aug 2021 11:12:55 GMT
x-cache-lookup
Cache Hit, Hit From Inner Cluster
last-modified
Tue, 24 Aug 2021 06:14:44 GMT
server
Lego Server
age
0
etag
"61248e54-886c"
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=2592000
x-nws-log-uuid
15517892534953331390
accept-ranges
bytes
content-length
34924
expires
Thu, 23 Sep 2021 11:12:55 GMT
SukhumvitReg.woff2
s.isanook.com/sr/0/fonts/sukhumvit/ 		31 KB
31 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sr/0/fonts/sukhumvit/SukhumvitReg.woff2
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/news/8435186/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
150.109.191.115 Bangkok, Thailand, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
Lego Server /
Resource Hash
65d92e36ac9a058f660398ed713dda9b407854b01e659fe29508f8548f9eb479

Request headers

Origin
https://www.sanook.com
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 25 Aug 2021 13:37:36 GMT
x-cache-lookup
Cache Hit
last-modified
Wed, 25 Aug 2021 07:30:16 GMT
server
Lego Server
age
0
etag
"6125f188-7a90"
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=2592000
x-nws-log-uuid
3744500037968351744
accept-ranges
bytes
content-length
31376
expires
Fri, 24 Sep 2021 13:37:36 GMT
SukhumvitBold.woff2
s.isanook.com/sr/0/fonts/sukhumvit/ 		31 KB
32 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sr/0/fonts/sukhumvit/SukhumvitBold.woff2
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/news/8435186/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
150.109.191.115 Bangkok, Thailand, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
Lego Server /
Resource Hash
ac0d14d8b4a66299b3a84068fc5447d86121c033e665a51bbd3fb23938e00d3f

Request headers

Origin
https://www.sanook.com
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 29 Aug 2021 11:11:36 GMT
x-cache-lookup
Cache Hit
last-modified
Thu, 26 Aug 2021 10:57:05 GMT
server
Lego Server
age
0
etag
"61277381-7df4"
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=2592000
x-nws-log-uuid
14658939380194273620
accept-ranges
bytes
content-length
32244
expires
Tue, 28 Sep 2021 11:11:36 GMT
pwt.js
ads.pubmatic.com/AdServer/js/pwt/155976/781/ 		2 MB
213 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js
Requested by
Host: s.isanook.com
URL: https://s.isanook.com/sh/0/js/pubmatic_desktop.1.0.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.108.144.214 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-108-144-214.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
86128b9ba700cc30d262ef818d0b1abbf894cac03dc67b1cd5b191363ba9c265

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 31 Aug 2021 02:58:36 GMT
content-encoding
gzip
last-modified
Fri, 27 Aug 2021 04:49:25 GMT
server
Apache/2.2.15 (CentOS)
etag
"16a0a4a-1d8e4b-5ca833535cea3"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
public, max-age=148612
accept-ranges
bytes
content-type
text/javascript
content-length
217378
expires
Wed, 01 Sep 2021 20:15:28 GMT
js
www.googletagmanager.com/gtag/ 		128 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-M0RYDTKBFK&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PNXLXRS
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
7897bc9a4066b2205e3c1ded3a9abebeccdceac176a7caccf3ca3655a3a65a4e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 31 Aug 2021 02:58:36 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
51718
x-xss-protection
0
expires
Tue, 31 Aug 2021 02:58:36 GMT
analytics.js
www.google-analytics.com/ 		48 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PNXLXRS
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 11 Aug 2021 00:32:57 GMT
server
Golfe2
age
396
date
Tue, 31 Aug 2021 02:52:00 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19747
expires
Tue, 31 Aug 2021 04:52:00 GMT
conversion_async.js
www.googleadservices.com/pagead/ 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/conversion_async.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PNXLXRS
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
cafe /
Resource Hash
15906e6d782942494450b5474366c4098c542e8ebfbf2aabb9b824b451971970
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 31 Aug 2021 02:58:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14053
x-xss-protection
0
server
cafe
etag
9441931574288766250
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Tue, 31 Aug 2021 02:58:36 GMT
1489944661112333
connect.facebook.net/signals/config/ 		306 KB
87 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/1489944661112333?v=2.9.45&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
c8c555832866fc44c6671f90cf1b7789d180cece706459e225fd64036124ebe1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
89312
x-xss-protection
0
pragma
public
x-fb-debug
ldKCjdNDdhjqVDI5V4BnIi36qxUjO6KcpQCkH/Tb6Sj32+duK3u2mmvy1K0iif24FmcPvCu9jj+t0Ii9sftrUg==
x-frame-options
DENY
date
Tue, 31 Aug 2021 02:58:36 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
js
www.google-analytics.com/gtm/ 		101 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/gtm/js?id=GTM-NBRLWV4&t=gtm4&cid=1319978328.1630378716
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
5309d5462505e21f1e3517d52a754090e785dd9068e0962b493d95c70e5b90dc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 31 Aug 2021 02:58:36 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
40517
x-xss-protection
0
expires
Tue, 31 Aug 2021 02:58:36 GMT
collect
www.google-analytics.com/j/ 		2 B
22 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j93&a=1589978888&t=pageview&_s=1&dl=https%3A%2F%2Fwww.sanook.com%2Fnews%2F8435186%2F&ul=en-us&de=UTF-8&dt=%E0%B8%A3%E0%B8%A7%E0%B8%A1%E0%B8%82%E0%B9%88%E0%B8%B2%E0%B8%A7%E0%B8%AB%E0%B8%A7%E0%B8%A2%20%E0%B9%80%E0%B8%A5%E0%B8%82%E0%B9%80%E0%B8%94%E0%B9%87%E0%B8%94%E0%B8%87%E0%B8%A7%E0%B8%94%E0%B8%99%E0%B8%B5%E0%B9%89%20%E0%B8%81%E0%B9%88%E0%B8%AD%E0%B8%99%E0%B8%AD%E0%B8%AD%E0%B8%81%E0%B8%AA%E0%B8%A5%E0%B8%B2%E0%B8%81%E0%B8%81%E0%B8%B4%E0%B8%99%E0%B9%81%E0%B8%9A%E0%B9%88%E0%B8%87%E0%B8%A3%E0%B8%B1%E0%B8%90%E0%B8%9A%E0%B8%B2%E0%B8%A5%E0%B8%87%E0%B8%A7%E0%B8%94%201%2F9%2F64&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGDAAEADQAAAAC~&jid=1277947866&gjid=1208021525&cid=1319978328.1630378716&tid=UA-8147095-6&_gid=350280822.1630378716&_r=1&gtm=2wg8p0PNXLXRS&cd1=Mintra%20Tochoowong&cd2=S!%20News%20(Exclusive)&cd3=social&cd4=0&cd12=1630378716496.ef9mz0jb&cd13=%E0%B9%81%E0%B8%A1%E0%B9%88%E0%B8%99%E0%B9%89%E0%B8%B3%E0%B8%AB%E0%B8%99%E0%B8%B6%E0%B9%88%E0%B8%87&cd14=%E0%B9%80%E0%B8%A5%E0%B8%82%E0%B9%81%E0%B8%A1%E0%B9%88%E0%B8%99%E0%B9%89%E0%B8%B3%E0%B8%AB%E0%B8%99%E0%B8%B6%E0%B9%88%E0%B8%87&cd15=8435186&cd16=editorial&cd17=2021-08-31&cd18=07%3A30&cd19=S!%20News%20(Exclusive)&cd21=2588&cd22=news&cd23=readpage&cd33=%E0%B9%81%E0%B8%A1%E0%B9%88%E0%B8%99%E0%B9%89%E0%B8%B3%E0%B8%AB%E0%B8%99%E0%B8%B6%E0%B9%88%E0%B8%87%2C%20%E0%B9%80%E0%B8%A5%E0%B8%82%E0%B9%81%E0%B8%A1%E0%B9%88%E0%B8%99%E0%B9%89%E0%B8%B3%E0%B8%AB%E0%B8%99%E0%B8%B6%E0%B9%88%E0%B8%87%2C%20%E0%B9%80%E0%B8%A5%E0%B8%82%E0%B9%80%E0%B8%94%E0%B9%87%E0%B8%94%E0%B8%A7%E0%B8%B1%E0%B8%84%E0%B8%8B%E0%B8%B5%E0%B8%99%E0%B9%82%E0%B8%84%E0%B8%A7%E0%B8%B4%E0%B8%94%2C%20%E0%B9%80%E0%B8%A5%E0%B8%82%E0%B8%AD%E0%B9%88%E0%B8%B2%E0%B8%87%E0%B8%99%E0%B9%89%E0%B8%B3%E0%B8%A1%E0%B8%99%E0%B8%95%E0%B9%8C%2C%20%E0%B9%80%E0%B8%A5%E0%B8%82%E0%B8%98%E0%B8%B9%E0%B8%9B%2C%20%E0%B8%A5%E0%B8%AD%E0%B8%95%E0%B9%80%E0%B8%95%E0%B8%AD%E0%B8%A3%E0%B8%B5%E0%B9%88%2C%20%E0%B8%AB%E0%B8%A7%E0%B8%A2%2C%20%E0%B9%80%E0%B8%A5%E0%B8%82%E0%B9%80%E0%B8%94%E0%B9%87%E0%B8%94%2C%20%E0%B9%80%E0%B8%A5%E0%B8%82%E0%B9%80%E0%B8%94%E0%B9%87%E0%B8%94%E0%B8%87%E0%B8%A7%E0%B8%94%E0%B8%99%E0%B8%B5%E0%B9%89%2C%20%E0%B8%9C%E0%B8%A5%E0%B8%AA%E0%B8%A5%E0%B8%B2%E0%B8%81%2C%20%E0%B8%95%E0%B8%A3%E0%B8%A7%E0%B8%88%E0%B8%AA%E0%B8%A5%E0%B8%B2%E0%B8%81%2C%20%E0%B8%9C%E0%B8%A5%E0%B8%AA%E0%B8%A5%E0%B8%B2%E0%B8%81%E0%B8%81%E0%B8%B4%E0%B8%99%E0%B9%81%E0%B8%9A%E0%B9%88%E0%B8%87%E0%B8%A3%E0%B8%B1%E0%B8%90%E0%B8%9A%E0%B8%B2%E0%B8%A5%2C%20%E0%B8%82%E0%B9%88%E0%B8%B2%E0%B8%A7%E0%B8%AB%E0%B8%A7%E0%B8%A2%2C%20%E0%B8%95%E0%B8%A3%E0%B8%A7%E0%B8%88%E0%B8%AB%E0%B8%A7%E0%B8%A2%2C%20%E0%B8%AB%E0%B8%A7%E0%B8%A2%E0%B8%87%E0%B8%A7%E0%B8%94%E0%B8%99%E0%B8%B5%E0%B9%89%2C%20lottery%2C%20%E0%B8%AB%E0%B8%A7%E0%B8%A2%201%20%E0%B8%81.%E0%B8%A2.%2064%2C%20%E0%B8%95%E0%B8%A3%E0%B8%A7%E0%B8%88%E0%B8%AB%E0%B8%A7%E0%B8%A2%201%20%E0%B8%81%E0%B8%B1%E0%B8%99%E0%B8%A2%E0%B8%B2%E0%B8%A2%E0%B8%99%202564%2C%20%E0%B8%AA%E0%B8%A5%E0%B8%B2%E0%B8%81%E0%B8%81%E0%B8%B4%E0%B8%99%E0%B9%81%E0%B8%9A%E0%B9%88%E0%B8%87%E0%B8%A3%E0%B8%B1%E0%B8%90%E0%B8%9A%E0%B8%B2%E0%B8%A5%2C%20%E0%B8%95%E0%B8%A3%E0%B8%A7%E0%B8%88%E0%B8%AA%E0%B8%A5%E0%B8%B2%E0%B8%81%E0%B8%81%E0%B8%B4%E0%B8%99%E0%B9%81%E0%B8%9A%E0%B9%88%E0%B8%87%E0%B8%A3%E0%B8%B1%E0%B8%90%E0%B8%9A%E0%B8%B2%E0%B8%A5%2C%20%E0%B8%95%E0%B8%A3%E0%B8%A7%E0%B8%88%E0%B8%A5%E0%B8%AD%E0%B8%95%E0%B9%80%E0%B8%95%E0%B8%AD%E0%B8%A3%E0%B8%B5%E0%B9%88%2C%20%E0%B8%82%E0%B9%88%E0%B8%B2%E0%B8%A7%E0%B8%94%E0%B9%88%E0%B8%A7%E0%B8%99%2C%20%E0%B8%82%E0%B9%88%E0%B8%B2%E0%B8%A7%E0%B8%A7%E0%B8%B1%E0%B8%99%E0%B8%99%E0%B8%B5%E0%B9%89%2C%20%E0%B8%82%E0%B9%88%E0%B8%B2%E0%B8%A7%E0%B8%A5%E0%B9%88%E0%B8%B2%E0%B8%AA%E0%B8%B8%E0%B8%94%2C%20%E0%B8%AA%E0%B8%B1%E0%B8%87%E0%B8%84%E0%B8%A1&cd34=article&cd35=S!%20News%20(Exclusive)&cd36=social&cm5=1&z=4504720
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/news/8435186/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 31 Aug 2021 02:58:36 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.sanook.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		4 B
87 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j93&tid=UA-8147095-6&cid=1319978328.1630378716&jid=1277947866&gjid=1208021525&_gid=350280822.1630378716&_u=aGDAAEACQAAAAC~&z=1121320845
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/news/8435186/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c0a::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Tue, 31 Aug 2021 02:58:36 GMT
content-type
text/plain
access-control-allow-origin
https://www.sanook.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/g/ 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-M0RYDTKBFK&gtm=2oe8p0&_p=1589978888&sr=1600x1200&ul=en-us&cid=1319978328.1630378716&_s=1&dl=https%3A%2F%2Fwww.sanook.com%2Fnews%2F8435186%2F&dt=%E0%B8%A3%E0%B8%A7%E0%B8%A1%E0%B8%82%E0%B9%88%E0%B8%B2%E0%B8%A7%E0%B8%AB%E0%B8%A7%E0%B8%A2%20%E0%B9%80%E0%B8%A5%E0%B8%82%E0%B9%80%E0%B8%94%E0%B9%87%E0%B8%94%E0%B8%87%E0%B8%A7%E0%B8%94%E0%B8%99%E0%B8%B5%E0%B9%89%20%E0%B8%81%E0%B9%88%E0%B8%AD%E0%B8%99%E0%B8%AD%E0%B8%AD%E0%B8%81%E0%B8%AA%E0%B8%A5%E0%B8%B2%E0%B8%81%E0%B8%81%E0%B8%B4%E0%B8%99%E0%B9%81%E0%B8%9A%E0%B9%88%E0%B8%87%E0%B8%A3%E0%B8%B1%E0%B8%90%E0%B8%9A%E0%B8%B2%E0%B8%A5%E0%B8%87%E0%B8%A7%E0%B8%94%201%2F9%2F64&sid=1630378716&sct=1&seg=0&en=page_view&_fv=1&_ss=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-M0RYDTKBFK&l=dataLayer&cx=c
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Tue, 31 Aug 2021 02:58:36 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.sanook.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/408516141/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/408516141/?random=1630378716578&cv=9&fst=1630378716578&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg8p0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.sanook.com%2Fnews%2F8435186%2F&tiba=%E0%B8%A3%E0%B8%A7%E0%B8%A1%E0%B8%82%E0%B9%88%E0%B8%B2%E0%B8%A7%E0%B8%AB%E0%B8%A7%E0%B8%A2%20%E0%B9%80%E0%B8%A5%E0%B8%82%E0%B9%80%E0%B8%94%E0%B9%87%E0%B8%94%E0%B8%87%E0%B8%A7%E0%B8%94%E0%B8%99%E0%B8%B5%E0%B9%89%20%E0%B8%81%E0%B9%88%E0%B8%AD%E0%B8%99&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a7eacc62dc6aac904f6336909b56e5de062954de5bdffea3eb1205381baf9c4b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 31 Aug 2021 02:58:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1065
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.googleadservices.com/pagead/conversion/1007499765/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/conversion/1007499765/?random=1630378716581&cv=9&fst=1630378716581&num=1&value=0&label=JxFSCKqXqfMBEPXztOAD&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg8p0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.sanook.com%2Fnews%2F8435186%2F&tiba=%E0%B8%A3%E0%B8%A7%E0%B8%A1%E0%B8%82%E0%B9%88%E0%B8%B2%E0%B8%A7%E0%B8%AB%E0%B8%A7%E0%B8%A2%20%E0%B9%80%E0%B8%A5%E0%B8%82%E0%B9%80%E0%B8%94%E0%B9%87%E0%B8%94%E0%B8%87%E0%B8%A7%E0%B8%94%E0%B8%99%E0%B8%B5%E0%B9%89%20%E0%B8%81%E0%B9%88%E0%B8%AD%E0%B8%99&auid=916944617.1630378716&capi=1&hn=www.googleadservices.com&bttype=purchase&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
cafe /
Resource Hash
d26acdb9070a67b6023e8ac4ea0eb433c597ca85721c25cb0f89adddb776a5aa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 31 Aug 2021 02:58:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1269
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/privacysandbox/conversion/1007499765/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/privacysandbox/conversion/1007499765/?random=1630378716581&cv=9&fst=1630378716581&num=1&fmt=3&value=0&label=JxFSCKqXqfMBEPXztOAD&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg8p0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.sanook.com%2Fnews%2F8435186%2F&tiba=%E0%B8%A3%E0%B8%A7%E0%B8%A1%E0%B8%82%E0%B9%88%E0%B8%B2%E0%B8%A7%E0%B8%AB%E0%B8%A7%E0%B8%A2%20%E0%B9%80%E0%B8%A5%E0%B8%82%E0%B9%80%E0%B8%94%E0%B9%87%E0%B8%94%E0%B8%87%E0%B8%A7%E0%B8%94%E0%B8%99%E0%B8%B5%E0%B9%89%20%E0%B8%81%E0%B9%88%E0%B8%AD%E0%B8%99&auid=916944617.1630378716&capi=1&hn=www.googleadservices.com&bttype=purchase&async=1
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/news/8435186/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers
ga-audiences
www.google.com/ads/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j93&tid=UA-8147095-6&cid=1319978328.1630378716&jid=1277947866&_u=aGDAAEACQAAAAC~&z=1414567356
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/news/8435186/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 31 Aug 2021 02:58:36 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j93&tid=UA-8147095-6&cid=1319978328.1630378716&jid=1277947866&_u=aGDAAEACQAAAAC~&z=1414567356
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/news/8435186/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 31 Aug 2021 02:58:36 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.facebook.com/tr/ 		44 B
147 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1489944661112333&ev=PageView&dl=https%3A%2F%2Fwww.sanook.com%2Fnews%2F8435186%2F&rl=&if=false&ts=1630378716645&sw=1600&sh=1200&v=2.9.45&r=stable&ec=0&o=30&fbp=fb.1.1630378716644.2018961483&it=1630378716451&coo=false&exp=p0&rqm=GET
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/news/8435186/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 31 Aug 2021 02:58:36 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
44
expires
Tue, 31 Aug 2021 02:58:36 GMT
/
www.google.com/pagead/1p-user-list/408516141/ 		42 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/408516141/?random=1630378716578&cv=9&fst=1630375200000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg8p0&sendb=1&frm=0&url=https%3A%2F%2Fwww.sanook.com%2Fnews%2F8435186%2F&tiba=%E0%B8%A3%E0%B8%A7%E0%B8%A1%E0%B8%82%E0%B9%88%E0%B8%B2%E0%B8%A7%E0%B8%AB%E0%B8%A7%E0%B8%A2%20%E0%B9%80%E0%B8%A5%E0%B8%82%E0%B9%80%E0%B8%94%E0%B9%87%E0%B8%94%E0%B8%87%E0%B8%A7%E0%B8%94%E0%B8%99%E0%B8%B5%E0%B9%89%20%E0%B8%81%E0%B9%88%E0%B8%AD%E0%B8%99&async=1&fmt=3&is_vtc=1&random=3022940941&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/news/8435186/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 31 Aug 2021 02:58:36 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/408516141/ 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-user-list/408516141/?random=1630378716578&cv=9&fst=1630375200000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg8p0&sendb=1&frm=0&url=https%3A%2F%2Fwww.sanook.com%2Fnews%2F8435186%2F&tiba=%E0%B8%A3%E0%B8%A7%E0%B8%A1%E0%B8%82%E0%B9%88%E0%B8%B2%E0%B8%A7%E0%B8%AB%E0%B8%A7%E0%B8%A2%20%E0%B9%80%E0%B8%A5%E0%B8%82%E0%B9%80%E0%B8%94%E0%B9%87%E0%B8%94%E0%B8%87%E0%B8%A7%E0%B8%94%E0%B8%99%E0%B8%B5%E0%B9%89%20%E0%B8%81%E0%B9%88%E0%B8%AD%E0%B8%99&async=1&fmt=3&is_vtc=1&random=3022940941&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/news/8435186/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 31 Aug 2021 02:58:36 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-conversion/1007499765/
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1007499765/?random=1029245931&cv=9&fst=1630378716581&num=1&value=0&label=JxFSCKqXqfMBEPXztOAD&guid=ON&resp=GooglemKTybQhCsO&u_h=1200...
  • https://www.google.com/pagead/1p-conversion/1007499765/?random=1029245931&cv=9&fst=1630378716581&num=1&value=0&label=JxFSCKqXqfMBEPXztOAD&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u...
  • https://www.google.de/pagead/1p-conversion/1007499765/?random=1029245931&cv=9&fst=1630378716581&num=1&value=0&label=JxFSCKqXqfMBEPXztOAD&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_...
42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-conversion/1007499765/?random=1029245931&cv=9&fst=1630378716581&num=1&value=0&label=JxFSCKqXqfMBEPXztOAD&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg8p0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.sanook.com%2Fnews%2F8435186%2F&tiba=%E0%B8%A3%E0%B8%A7%E0%B8%A1%E0%B8%82%E0%B9%88%E0%B8%B2%E0%B8%A7%E0%B8%AB%E0%B8%A7%E0%B8%A2%20%E0%B9%80%E0%B8%A5%E0%B8%82%E0%B9%80%E0%B8%94%E0%B9%87%E0%B8%94%E0%B8%87%E0%B8%A7%E0%B8%94%E0%B8%99%E0%B8%B5%E0%B9%89%20%E0%B8%81%E0%B9%88%E0%B8%AD%E0%B8%99&auid=916944617.1630378716&capi=1&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=3JotYeOYK4be7gO1sISABg&cid=CAQSKQCNIrLM3leUAid4XW_oBcKvgEumFUqWU1Q6sLTepS3UqrEMjcyLUeAI&eitems=ChEI8IOyiQYQiJqDxIm85_7aARIdAGVqYgcMTSIa1FBA3R-8O1LlpJplrFWTJLsOrWE&random=1408118010&resp=GooglemKTybQhCsO&ipr=y
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/news/8435186/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 31 Aug 2021 02:58:37 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 31 Aug 2021 02:58:37 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/gif
location
https://www.google.de/pagead/1p-conversion/1007499765/?random=1029245931&cv=9&fst=1630378716581&num=1&value=0&label=JxFSCKqXqfMBEPXztOAD&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg8p0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.sanook.com%2Fnews%2F8435186%2F&tiba=%E0%B8%A3%E0%B8%A7%E0%B8%A1%E0%B8%82%E0%B9%88%E0%B8%B2%E0%B8%A7%E0%B8%AB%E0%B8%A7%E0%B8%A2%20%E0%B9%80%E0%B8%A5%E0%B8%82%E0%B9%80%E0%B8%94%E0%B9%87%E0%B8%94%E0%B8%87%E0%B8%A7%E0%B8%94%E0%B8%99%E0%B8%B5%E0%B9%89%20%E0%B8%81%E0%B9%88%E0%B8%AD%E0%B8%99&auid=916944617.1630378716&capi=1&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=3JotYeOYK4be7gO1sISABg&cid=CAQSKQCNIrLM3leUAid4XW_oBcKvgEumFUqWU1Q6sLTepS3UqrEMjcyLUeAI&eitems=ChEI8IOyiQYQiJqDxIm85_7aARIdAGVqYgcMTSIa1FBA3R-8O1LlpJplrFWTJLsOrWE&random=1408118010&resp=GooglemKTybQhCsO&ipr=y
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
container_57b51f2f1c51b15b6d1e8553.js
avd.innity.net/225/ 		8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://avd.innity.net/225/container_57b51f2f1c51b15b6d1e8553.js
Requested by
Host: p3.isanook.com
URL: https://p3.isanook.com/sh/0/js/oppa.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
104.103.92.43 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-103-92-43.deploy.static.akamaitechnologies.com
Software
nginx/1.18.0 /
Resource Hash
79e294a7071dc71eebe41f088919fd137441a80f5ba5bd2765b978726ec5ee9d

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Tue, 31 Aug 2021 02:58:37 GMT
Content-Encoding
gzip
Last-Modified
Fri, 28 Aug 2020 08:27:45 GMT
Server
nginx/1.18.0
ETag
"5f48c001-20eb-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
public, max-age=432495
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3217
Expires
Sun, 05 Sep 2021 03:06:52 GMT
beacon.js
sb.scorecardresearch.com/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sb.scorecardresearch.com/beacon.js
Requested by
Host: p3.isanook.com
URL: https://p3.isanook.com/sh/0/js/beacon.v1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.93.86 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-93-86.zrh50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-amz-server-side-encryption
AES256
date
Mon, 30 Aug 2021 13:22:42 GMT
content-encoding
gzip
last-modified
Fri, 26 Feb 2021 14:35:05 GMT
server
AmazonS3
age
48955
etag
W/"1827f116c73f319409b97f10b8a58ade"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 f0f5607a03d2ae4c43b553dc2cef0c9e.cloudfront.net (CloudFront)
x-amz-cf-pop
ZRH50-C1
x-amz-cf-id
0KxSZ_s2oMuyPdchDcTajn4CeMkva8Q4GXfclDSXx8XGwnY1mHgpDQ==
json
gum.criteo.com/sid/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.sanook.com%2F&domain=www.sanook.com&cw=1&pbt=1
Protocol
H2
Server
2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
content-type
Origin
https://www.sanook.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
content-type
application/json; charset=utf-8
expires
0
strict-transport-security
max-age=31536000
access-control-allow-origin
https://www.sanook.com
access-control-allow-headers
content-type
access-control-allow-credentials
true
access-control-allow-methods
GET
server-processing-duration-in-ticks
3399
date
Tue, 31 Aug 2021 02:58:36 GMT
content-encoding
gzip
vary
Accept-Encoding
sid
mug.criteo.com/
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.sanook.com%2F&domain=www.sanook.com&cw=1&pbt=1
  • https://mug.criteo.com/sid?cpp=V2uv0HxNcXUrb2JleXhZSG5GeFpjSmFMWjdBSjJIaVJ0UEpIN3Ztc2p5K3FEenROVythdUN4c2JLT01PMmM1WFh6M2ZpTUJtUnE3emcrNzV6Y05VZ094clRGNU1qb2NkTkJTcnVyYmFyV1h1UVArUE5qdnQvaHFDbTRmSV...
344 B
603 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=V2uv0HxNcXUrb2JleXhZSG5GeFpjSmFMWjdBSjJIaVJ0UEpIN3Ztc2p5K3FEenROVythdUN4c2JLT01PMmM1WFh6M2ZpTUJtUnE3emcrNzV6Y05VZ094clRGNU1qb2NkTkJTcnVyYmFyV1h1UVArUE5qdnQvaHFDbTRmSVUrbXZ6SWk5emdsUFBRRC9POC9WeTFyeFlGNVFpMzFXSUxNUVlqNTI3MjZCVWFENlQ0RzNXbXlCdXZkRHBMSHV0V1FqdG85SUUyS2RWckswM0FBdSszWEZlZ1pqUEtGVlNLQUFzRDVpdTZRaW1jTktBU1FVPXw&cppv=2
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/news/8435186/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
8272b272604f1866594b610450b7fe0ed9e36daed3a3d1d7ccc15f49bc3134ea
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
content-encoding
gzip
date
Tue, 31 Aug 2021 02:58:37 GMT
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
2025
expires
0

Redirect headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Tue, 31 Aug 2021 02:58:36 GMT
location
https://mug.criteo.com/sid?cpp=V2uv0HxNcXUrb2JleXhZSG5GeFpjSmFMWjdBSjJIaVJ0UEpIN3Ztc2p5K3FEenROVythdUN4c2JLT01PMmM1WFh6M2ZpTUJtUnE3emcrNzV6Y05VZ094clRGNU1qb2NkTkJTcnVyYmFyV1h1UVArUE5qdnQvaHFDbTRmSVUrbXZ6SWk5emdsUFBRRC9POC9WeTFyeFlGNVFpMzFXSUxNUVlqNTI3MjZCVWFENlQ0RzNXbXlCdXZkRHBMSHV0V1FqdG85SUUyS2RWckswM0FBdSszWEZlZ1pqUEtGVlNLQUFzRDVpdTZRaW1jTktBU1FVPXw&cppv=2
access-control-allow-methods
GET
content-type
text/html; charset=utf-8
access-control-allow-origin
https://www.sanook.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
3700
content-length
482
expires
0
gpt.js
www.googletagservices.com/tag/js/ 		70 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: s.isanook.com
URL: https://s.isanook.com/sh/0/js/pubmatic_desktop.1.0.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1c173a3c80e6dde8b7325baf95ddcb210c276eb19e809c44225d61c5e81b6d9d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 31 Aug 2021 02:58:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"974 / 375 of 1000 / last-modified: 1630361820"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
24900
x-xss-protection
0
expires
Tue, 31 Aug 2021 02:58:37 GMT
/
www.facebook.com/tr/ 		0
15 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/tr/
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
multipart/form-data; boundary=----WebKitFormBoundaryXqOFWxbgAck5mUT3

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
server
proxygen-bolt
date
Tue, 31 Aug 2021 02:58:37 GMT
content-type
text/plain
access-control-allow-origin
https://www.sanook.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
content-length
0
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority
u=3,i
goggen.php
lvs2.truehits.in.th/ 		91 B
441 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lvs2.truehits.in.th/goggen.php?hc=d0004449&bv=0&rf=bookmark&web=CuWbUzHDeM577wtsGTbgow%3D%3D&bn=Netscape&ss=1600*1200&sc=24&sv=1.3&ck=y&ja=n&vt=4741E7EF.1&fp=d&fv=-&truehitspage=sanook.news.entry&truehitsurl=https%3a//www.sanook.com/news/8435186/&async=1
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/news/8435186/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
101.33.11.110 Frankfurt am Main, Germany, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
44a8550a5891e70e072fe307ff01f77c94c89a120117c7aaa82e5e9ac2860436

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Tue, 31 Aug 2021 02:58:37 GMT
Server
nginx/1.14.0 (Ubuntu)
Transfer-Encoding
chunked
P3P
CP=NOI DSP COR NID ADMa OUR IND NAV; policyref="/w3c/p3p.xml"
Cache-Control
no-cache
X-Daa-Tunnel
hop_count=2
X-NWS-LOG-UUID
2fd23042-73d4-4dd9-9596-e2e9203730bf
Connection
keep-alive
Content-Type
image/jpeg
b2
sb.scorecardresearch.com/
Redirect Chain
  • https://sb.scorecardresearch.com/b?c1=2&c2=14617386&ns__t=1630378717310&ns_c=UTF-8&cv=3.5&c8=%E0%B8%A3%E0%B8%A7%E0%B8%A1%E0%B8%82%E0%B9%88%E0%B8%B2%E0%B8%A7%E0%B8%AB%E0%B8%A7%E0%B8%A2%20%E0%B9%80%E...
  • https://sb.scorecardresearch.com/b2?c1=2&c2=14617386&ns__t=1630378717310&ns_c=UTF-8&cv=3.5&c8=%E0%B8%A3%E0%B8%A7%E0%B8%A1%E0%B8%82%E0%B9%88%E0%B8%B2%E0%B8%A7%E0%B8%AB%E0%B8%A7%E0%B8%A2%20%E0%B9%80%...
64 B
330 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/b2?c1=2&c2=14617386&ns__t=1630378717310&ns_c=UTF-8&cv=3.5&c8=%E0%B8%A3%E0%B8%A7%E0%B8%A1%E0%B8%82%E0%B9%88%E0%B8%B2%E0%B8%A7%E0%B8%AB%E0%B8%A7%E0%B8%A2%20%E0%B9%80%E0%B8%A5%E0%B8%82%E0%B9%80%E0%B8%94%E0%B9%87%E0%B8%94%E0%B8%87%E0%B8%A7%E0%B8%94%E0%B8%99%E0%B8%B5%E0%B9%89%20%E0%B8%81%E0%B9%88%E0%B8%AD%E0%B8%99%E0%B8%AD%E0%B8%AD%E0%B8%81%E0%B8%AA%E0%B8%A5%E0%B8%B2%E0%B8%81%E0%B8%81%E0%B8%B4%E0%B8%99%E0%B9%81%E0%B8%9A%E0%B9%88%E0%B8%87%E0%B8%A3%E0%B8%B1%E0%B8%90%E0%B8%9A%E0%B8%B2%E0%B8%A5%E0%B8%87%E0%B8%A7%E0%B8%94%201%2F9%2F64&c7=https%3A%2F%2Fwww.sanook.com%2Fnews%2F8435186%2F&c9=
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/news/8435186/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.93.86 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-93-86.zrh50.r.cloudfront.net
Software
/
Resource Hash
831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 31 Aug 2021 02:58:37 GMT
via
1.1 f0f5607a03d2ae4c43b553dc2cef0c9e.cloudfront.net (CloudFront)
x-amz-cf-pop
ZRH50-C1
etag
W/"40-jHLN3x5dWpBzaQm4lkBmDWvrjrg"
x-cache
Miss from cloudfront
content-type
image/gif; charset=utf-8
content-length
64
x-amz-cf-id
9S1S1XQgeZnbLLCF_yANy78H7rEj-2ffkoEWUWJex7GRuCpv3XN-OA==

Redirect headers

date
Tue, 31 Aug 2021 02:58:37 GMT
via
1.1 f0f5607a03d2ae4c43b553dc2cef0c9e.cloudfront.net (CloudFront)
x-amz-cf-pop
ZRH50-C1
vary
Accept
x-cache
Miss from cloudfront
content-type
text/plain; charset=utf-8
location
https://sb.scorecardresearch.com/b2?c1=2&c2=14617386&ns__t=1630378717310&ns_c=UTF-8&cv=3.5&c8=%E0%B8%A3%E0%B8%A7%E0%B8%A1%E0%B8%82%E0%B9%88%E0%B8%B2%E0%B8%A7%E0%B8%AB%E0%B8%A7%E0%B8%A2%20%E0%B9%80%E0%B8%A5%E0%B8%82%E0%B9%80%E0%B8%94%E0%B9%87%E0%B8%94%E0%B8%87%E0%B8%A7%E0%B8%94%E0%B8%99%E0%B8%B5%E0%B9%89%20%E0%B8%81%E0%B9%88%E0%B8%AD%E0%B8%99%E0%B8%AD%E0%B8%AD%E0%B8%81%E0%B8%AA%E0%B8%A5%E0%B8%B2%E0%B8%81%E0%B8%81%E0%B8%B4%E0%B8%99%E0%B9%81%E0%B8%9A%E0%B9%88%E0%B8%87%E0%B8%A3%E0%B8%B1%E0%B8%90%E0%B8%9A%E0%B8%B2%E0%B8%A5%E0%B8%87%E0%B8%A7%E0%B8%94%201%2F9%2F64&c7=https%3A%2F%2Fwww.sanook.com%2Fnews%2F8435186%2F&c9=
content-length
641
x-amz-cf-id
h-M8COaBtp7WQAbw2a4Osqk2Ji5ADGAkXXAu6yQFO6QRo1ZE4JcJMg==
sid
mug.criteo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=V2uv0HxNcXUrb2JleXhZSG5GeFpjSmFMWjdBSjJIaVJ0UEpIN3Ztc2p5K3FEenROVythdUN4c2JLT01PMmM1WFh6M2ZpTUJtUnE3emcrNzV6Y05VZ094clRGNU1qb2NkTkJTcnVyYmFyV1h1UVArUE5qdnQvaHFDbTRmSVUrbXZ6SWk5emdsUFBRRC9POC9WeTFyeFlGNVFpMzFXSUxNUVlqNTI3MjZCVWFENlQ0RzNXbXlCdXZkRHBMSHV0V1FqdG85SUUyS2RWckswM0FBdSszWEZlZ1pqUEtGVlNLQUFzRDVpdTZRaW1jTktBU1FVPXw&cppv=2
Protocol
H2
Server
178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
content-type
Origin
null
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
content-type
application/json; charset=utf-8
expires
0
strict-transport-security
max-age=31536000
access-control-allow-origin
null
access-control-allow-headers
content-type
access-control-allow-credentials
true
access-control-allow-methods
GET
server-processing-duration-in-ticks
1013
date
Tue, 31 Aug 2021 02:58:37 GMT
content-encoding
gzip
vary
Accept-Encoding
pubads_impl_2021083001.js
securepubads.g.doubleclick.net/gpt/ 		333 KB
117 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021083001.js?31062435
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
sffe /
Resource Hash
46ac864eaef04f0b4124dd8bda16a352d8287c4a9a8fa66bba86f5def26b3037
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 31 Aug 2021 02:58:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 30 Aug 2021 08:40:06 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, immutable, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
119248
x-xss-protection
0
expires
Tue, 31 Aug 2021 02:58:37 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		561 B
866 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.sanook.com
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/news/8435186/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
4b9e2d9cb3a553b04a4f89fa2b40485c31e04dcc0516589f7c1fb9f87a3435c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 31 Aug 2021 02:58:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
209
x-xss-protection
0
expires
Tue, 31 Aug 2021 02:58:37 GMT
dc.js
avd.innity.net/lib/ 		20 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://avd.innity.net/lib/dc.js
Requested by
Host: avd.innity.net
URL: https://avd.innity.net/225/container_57b51f2f1c51b15b6d1e8553.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
104.103.92.43 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-103-92-43.deploy.static.akamaitechnologies.com
Software
nginx/1.18.0 /
Resource Hash
62d8d67fa30964811cfbe1465848a0b0a0436e43d90ff3c330a3ce998d521cc6

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Tue, 31 Aug 2021 02:58:37 GMT
Content-Encoding
gzip
Last-Modified
Wed, 04 Nov 2020 01:29:24 GMT
Server
nginx/1.18.0
ETag
"5fa203f4-51a4-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
public, max-age=712391
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
6437
Expires
Wed, 08 Sep 2021 08:51:48 GMT
container_5f47736a47e7049801000002.js
avd.innity.net/261/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://avd.innity.net/261/container_5f47736a47e7049801000002.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/news/8435186/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
104.103.92.43 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-103-92-43.deploy.static.akamaitechnologies.com
Software
nginx/1.18.0 /
Resource Hash
2c3282f6361e85f669bc3d248b8693c53dd22f8f06488c99beb57258e6e00f87

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Tue, 31 Aug 2021 02:58:37 GMT
Content-Encoding
gzip
Last-Modified
Wed, 30 Sep 2020 01:58:26 GMT
Server
nginx/1.18.0
ETag
"5f73e642-1eac-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
public, max-age=2244137
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
2875
Expires
Sun, 26 Sep 2021 02:20:54 GMT
/
avd.innity.com/dc/cb/ 		59 B
707 B 		Script
General
Check archive.org
Download Go to
Full URL
https://avd.innity.com/dc/cb/?mt=_iampt._cbUC
Requested by
Host: avd.innity.net
URL: https://avd.innity.net/lib/dc.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
119.81.192.134 Singapore, Singapore, ASN36351 (SOFTLAYER, US),
Reverse DNS
86.c0.5177.ip4.static.sl-reverse.com
Software
Apache /
Resource Hash
25f169a66c777e53abd3573e27ea82e831d19a77de55454d78b76208f720b7e2

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 31 Aug 2021 02:58:38 GMT
Content-Encoding
gzip
Last-Modified
Tue, 31 Aug 2021 02:58:38 GMT
Server
Apache
Vary
Accept-Encoding
P3P
policyref=http://www.innity.com/p3p/p3p.xml,CP="CURa ADMa DEVa OUR BUS UNI COM NAV INT"
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Content-Type
application/javascript
Content-Length
79
Expires
Wed, 04 Aug 1985 12:59:00 GMT
c8f7fe3b0e41be846d5687592cf2018ff6e22687.b1d1731c.chunk.css
s.isanook.com/sr/0/_next/static/css/ 		7 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sr/0/_next/static/css/c8f7fe3b0e41be846d5687592cf2018ff6e22687.b1d1731c.chunk.css
Requested by
Host: s.isanook.com
URL: https://s.isanook.com/sr/0/_next/static/runtime/webpack-bf727a6e86cd493ae7aa.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
150.109.191.115 Bangkok, Thailand, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
Lego Server /
Resource Hash
b6f3544a89ea7b5a6a0d9810c8ae513ef68603141231166a5575ff3aa0927a71

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 27 Aug 2021 19:44:31 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit
x-original-content-length
7115
server
Lego Server
age
0
etag
W/"6127737e-1bcb"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
x-nws-log-uuid
3235238403272718253
accept-ranges
bytes
content-length
1665
expires
Sun, 26 Sep 2021 19:44:31 GMT
d65816b2.a003bd2feb83fe416733.js
s.isanook.com/sr/0/_next/static/chunks/ 		66 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sr/0/_next/static/chunks/d65816b2.a003bd2feb83fe416733.js
Requested by
Host: s.isanook.com
URL: https://s.isanook.com/sr/0/_next/static/runtime/webpack-bf727a6e86cd493ae7aa.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
150.109.191.115 Bangkok, Thailand, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
Lego Server /
Resource Hash
fcc942a675641c96eece079db85a189e972920be57c558bdd7272e5d78d53a4c

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 26 Aug 2021 02:17:35 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit, Hit From Inner Cluster
last-modified
Wed, 25 Aug 2021 07:30:12 GMT
server
Lego Server
age
32916
etag
"6125f184-109d0"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000, s-maxage=10
x-nws-log-uuid
2578756054313525361
accept-ranges
bytes
content-length
21871
expires
Sat, 25 Sep 2021 02:17:35 GMT
/
avd.innity.com/dc/ 		43 B
581 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://avd.innity.com/dc/?cl=225&cuid=cc84b675709c4cfbdf09eb8c5a5090f7&cb=1630378718657&douid=&sess=218339595.225.1630378718656&dur=0&ref=https%3A%2F%2Fwww.sanook.com%2Fnews%2F8435186%2F&srf=&pk=&pt=%E0%B8%A3%E0%B8%A7%E0%B8%A1%E0%B8%82%E0%B9%88%E0%B8%B2%E0%B8%A7%E0%B8%AB%E0%B8%A7%E0%B8%A2%20%E0%B9%80%E0%B8%A5%E0%B8%82%E0%B9%80%E0%B8%94%E0%B9%87%E0%B8%94%E0%B8%87%E0%B8%A7%E0%B8%94%E0%B8%99%E0%B8%B5%E0%B9%89%20%E0%B8%81%E0%B9%88%E0%B8%AD%E0%B8%99%E0%B8%AD%E0%B8%AD%E0%B8%81%E0%B8%AA%E0%B8%A5%E0%B8%B2%E0%B8%81%E0%B8%81%E0%B8%B4%E0%B8%99%E0%B9%81%E0%B8%9A%E0%B9%88%E0%B8%87%E0%B8%A3%E0%B8%B1%E0%B8%90%E0%B8%9A%E0%B8%B2%E0%B8%A5%E0%B8%87%E0%B8%A7%E0%B8%94%201%2F9%2F64&sr=1600x1200&ul=en-US&de=UTF-8&vp=1600x1200
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/news/8435186/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
119.81.192.134 Singapore, Singapore, ASN36351 (SOFTLAYER, US),
Reverse DNS
86.c0.5177.ip4.static.sl-reverse.com
Software
Apache /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 31 Aug 2021 02:58:38 GMT
Last-Modified
Tue, 31 Aug 2021 02:58:38 GMT
Server
Apache
P3P
policyref=http://www.innity.com/p3p/p3p.xml,CP="CURa ADMa DEVa OUR BUS UNI COM NAV INT"
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Content-Type
image/gif
Content-Length
43
Expires
Wed, 04 Aug 1985 12:59:00 GMT
/
avd.innity.com/sync/
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Favd.innity.com%2Fsync%2F%3Fpartner%3Dappnexus%26token%3D%24UID%26type%3Dcookie%26itmcb%3D1630378718657
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Favd.innity.com%252Fsync%252F%253Fpartner%253Dappnexus%2526token%253D%2524UID%2526type%253Dcookie%2526itmcb%253D1630378718657
  • https://avd.innity.com/sync/?partner=appnexus&token=4047021949935290411&type=cookie&itmcb=1630378718657
43 B
452 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://avd.innity.com/sync/?partner=appnexus&token=4047021949935290411&type=cookie&itmcb=1630378718657
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/news/8435186/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
119.81.192.134 Singapore, Singapore, ASN36351 (SOFTLAYER, US),
Reverse DNS
86.c0.5177.ip4.static.sl-reverse.com
Software
Apache /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 31 Aug 2021 02:58:39 GMT
Last-Modified
Tue, 31 Aug 2021 02:58:39 GMT
Server
Apache
P3P
policyref=http://www.innity.com/p3p/p3p.xml,CP="CURa ADMa DEVa OUR BUS UNI COM NAV INT"
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Content-Type
image/gif
Content-Length
43
Expires
Wed, 04 Aug 1985 12:59:00 GMT

Redirect headers

Pragma
no-cache
Date
Tue, 31 Aug 2021 02:58:39 GMT
X-Proxy-Origin
89.249.64.171; 89.249.64.171; 721.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
66b2a8a2-2502-4c32-be0c-be8d891a6759
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://avd.innity.com/sync/?partner=appnexus&token=4047021949935290411&type=cookie&itmcb=1630378718657
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
/
avd.innity.com/sync/ 		43 B
452 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://avd.innity.com/sync/?partner=innity&token=cc84b675709c4cfbdf09eb8c5a5090f7&type=cookie&itmcb=1630378718657
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/news/8435186/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
119.81.192.134 Singapore, Singapore, ASN36351 (SOFTLAYER, US),
Reverse DNS
86.c0.5177.ip4.static.sl-reverse.com
Software
Apache /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 31 Aug 2021 02:58:38 GMT
Last-Modified
Tue, 31 Aug 2021 02:58:38 GMT
Server
Apache
P3P
policyref=http://www.innity.com/p3p/p3p.xml,CP="CURa ADMa DEVa OUR BUS UNI COM NAV INT"
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Content-Type
image/gif
Content-Length
43
Expires
Wed, 04 Aug 1985 12:59:00 GMT
123e19f2.8e7e22347c3c27645b2d.js
s.isanook.com/sr/0/_next/static/chunks/ 		376 KB
106 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sr/0/_next/static/chunks/123e19f2.8e7e22347c3c27645b2d.js
Requested by
Host: s.isanook.com
URL: https://s.isanook.com/sr/0/_next/static/runtime/webpack-bf727a6e86cd493ae7aa.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
150.109.191.115 Bangkok, Thailand, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
Lego Server /
Resource Hash
b73c6549f2066359e6be3ca77d90aa87d00522d6b4f31565b2541fa3a799703b

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 25 Aug 2021 10:04:46 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit, Hit From Inner Cluster
last-modified
Wed, 25 Aug 2021 07:30:12 GMT
server
Lego Server
age
0
etag
W/"6125f184-5e0f3"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000
x-nws-log-uuid
14436424467202366122
accept-ranges
bytes
content-length
108222
expires
Fri, 24 Sep 2021 10:04:46 GMT
a7e7d9dd.55546d0227557c116e7d.js
s.isanook.com/sr/0/_next/static/chunks/ 		276 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sr/0/_next/static/chunks/a7e7d9dd.55546d0227557c116e7d.js
Requested by
Host: s.isanook.com
URL: https://s.isanook.com/sr/0/_next/static/runtime/webpack-bf727a6e86cd493ae7aa.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
150.109.191.115 Bangkok, Thailand, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
Lego Server /
Resource Hash
73852526b4a43c4eaca5dd41bd2fdd0e76592b81d3a0d0d4b1260b3738285f43

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 23 Aug 2021 02:18:56 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit, Hit From Inner Cluster
last-modified
Mon, 23 Aug 2021 00:48:47 GMT
server
Lego Server
age
6281
etag
"6122f06f-451df"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000, s-maxage=10
x-nws-log-uuid
18161262352610540670
accept-ranges
bytes
content-length
65813
expires
Wed, 22 Sep 2021 02:18:56 GMT
JooxPlayer.562c6a7a7301e93ec96a.js
s.isanook.com/sr/0/_next/static/chunks/ 		259 KB
86 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sr/0/_next/static/chunks/JooxPlayer.562c6a7a7301e93ec96a.js
Requested by
Host: s.isanook.com
URL: https://s.isanook.com/sr/0/_next/static/runtime/webpack-bf727a6e86cd493ae7aa.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
150.109.191.115 Bangkok, Thailand, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
Lego Server /
Resource Hash
5a44bb0da76356746f2a4720dbdcb4c385e865b5a009f76fb252960532ccad17

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 24 Aug 2021 10:52:22 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit
x-original-content-length
265155
server
Lego Server
age
0
etag
W/"61248e51-40bc3"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-nws-log-uuid
305028559116590925
accept-ranges
bytes
content-length
87444
expires
Thu, 23 Sep 2021 10:52:22 GMT
30cd56ec8b4292fd1d19f6bfd4b67b1689d06305.5088ec7e9c5bc8960645.js
s.isanook.com/sr/0/_next/static/chunks/ 		411 KB
109 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sr/0/_next/static/chunks/30cd56ec8b4292fd1d19f6bfd4b67b1689d06305.5088ec7e9c5bc8960645.js
Requested by
Host: s.isanook.com
URL: https://s.isanook.com/sr/0/_next/static/runtime/webpack-bf727a6e86cd493ae7aa.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
150.109.191.115 Bangkok, Thailand, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
Lego Server /
Resource Hash
ba6c1060631a2610ac4bc8dbb565dc7fbea08f1a9295908cdf3baa7db0b1140a

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 29 Aug 2021 00:36:09 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit, Hit From Inner Cluster
x-original-content-length
420519
server
Lego Server
age
640113
etag
"6120dc9f-66aa7"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-nws-log-uuid
6567450104041383662
accept-ranges
bytes
content-length
110828
expires
Mon, 20 Sep 2021 14:22:54 GMT
51.0d54ad8a7803dcd5f6a3.js
s.isanook.com/sr/0/_next/static/chunks/ 		1 KB
928 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sr/0/_next/static/chunks/51.0d54ad8a7803dcd5f6a3.js
Requested by
Host: s.isanook.com
URL: https://s.isanook.com/sr/0/_next/static/runtime/webpack-bf727a6e86cd493ae7aa.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
150.109.191.115 Bangkok, Thailand, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
Lego Server /
Resource Hash
5e5e144f8aed55b696b3268a6cca042d5065429e557713c29d6bc73575dc6148

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sat, 28 Aug 2021 08:08:44 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit
x-original-content-length
1446
server
Lego Server
age
0
etag
W/"6127737e-5a6"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000
x-nws-log-uuid
904295127713469882
accept-ranges
bytes
content-length
662
expires
Mon, 27 Sep 2021 08:08:44 GMT
135.2eba835f7ab014c53a78.js
s.isanook.com/sr/0/_next/static/chunks/ 		12 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sr/0/_next/static/chunks/135.2eba835f7ab014c53a78.js
Requested by
Host: s.isanook.com
URL: https://s.isanook.com/sr/0/_next/static/runtime/webpack-bf727a6e86cd493ae7aa.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
150.109.191.115 Bangkok, Thailand, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
Lego Server /
Resource Hash
4a419da4e15c1456d0144e6d56ca896ab3dbff1ae73892fa90f4129afa4fa6a0

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sat, 28 Aug 2021 08:08:48 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit
last-modified
Thu, 26 Aug 2021 10:57:02 GMT
server
Lego Server
age
0
etag
W/"6127737e-3196"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000, s-maxage=10
x-nws-log-uuid
12494829281152652385
accept-ranges
bytes
content-length
2603
expires
Mon, 27 Sep 2021 08:08:48 GMT
set
appx.sanook.com/counter/ 		45 B
245 B 		Script
General
Check archive.org
Download Go to
Full URL
https://appx.sanook.com/counter/set?site_name=news&entry_id=8435186&t=1630378718739&callback=jsonp_1630378718918_20627
Requested by
Host: s.isanook.com
URL: https://s.isanook.com/sr/0/_next/static/chunks/059f517648083c4cc99dfdde6159ac5517e5e50d.80c231de7f2569350341.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
203.151.128.145 Bangkok, Thailand, ASN4618 (INET-TH-AS Internet Thailand Company Limited, TH),
Reverse DNS
145.128.151.203.sta.inet.co.th
Software
nginx /
Resource Hash
83b28f21efb067ab703e279905c471d2fd252b993dde8645cab0ff2a8e7e0d2a

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Tue, 31 Aug 2021 02:58:40 GMT
Cache-Control
s-maxage=10
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
Content-Type
application/javascript
responsive-voice-1.0.3.min.js
s.isanook.com/sr/0/js/voice/ 		90 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sr/0/js/voice/responsive-voice-1.0.3.min.js
Requested by
Host: s.isanook.com
URL: https://s.isanook.com/sr/0/_next/static/chunks/296c2f46e05a3698b69e11aff904f199bbae8293.917adce89b0ea44db467.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
150.109.191.115 Bangkok, Thailand, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
Lego Server /
Resource Hash
695e3e04c7d78887cbe74d3449f5c0a5e2ef92d173e6cbf8f692d3e028f4554d

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sat, 28 Aug 2021 06:44:06 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit, Hit From Inner Cluster
x-original-content-length
92456
server
Lego Server
age
0
etag
W/"6127738d-16928"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-nws-log-uuid
14145827103520812958
accept-ranges
bytes
content-length
22234
expires
Mon, 27 Sep 2021 06:44:06 GMT
/
graph.facebook.com/ 		202 B
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://graph.facebook.com/?id=https%3A%2F%2Fwww.sanook.com%2Fnews%2F8435186%2F
Requested by
Host: s.isanook.com
URL: https://s.isanook.com/sr/0/_next/static/chunks/2be0d319d819306fce97e874e470fd03e07f4c5e.9000108fae36569ab5d5.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:e:face:b00c:0:2 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; preload

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security
max-age=15552000; preload
content-encoding
br
www-authenticate
OAuth "Facebook Platform" "invalid_request" "(#2) Service temporarily unavailable"
x-fb-rev
1004330561
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
150
x-fb-rlafr
0
proxy-status
http_request_error; e_clientaddr="AcLDvunuL47abmgRgAN1WHIEYJpkeyKENrY5of1ikasz__1jiPC9uP9oxdLZa-DhrS1VB5elH2fGF9i92Cf6BKIfRXq45dxBprK_BnqfZw"; e_fb_binaryversion="AcKi62b1y_OByBjs_zkf_nLBJDgzNM3djsSo1kfYboohRfJV3wBiR7B6s9OU65R6x1enwefgSeb8pja8XKBsBRWt5tPmW-tmUOY"; e_upip="AcKw70zR5OhD4omTO25hK4jbUDK_m7Wn9X9VElr6VPfXf4r5tcWSsMklMM3AONH32st9BKyU4ti8DI9d4FpMLcHYlZxziB1e"; e_proxy="AcLBEHWuEG0BjukhHR4I2pburhqBB6jmEX7u9aC3-GDeHKTVugXKM64nPhPcCBx1T1jCX8KULH9dEtKHCd2x"; e_fb_builduser="AcL8wt46vlhw4rlVxKhv9k8_Pcv395psOrw_Nu1Jwl_eqYgkkYw8VnUrDuYdAT-eluE"; e_fb_vipaddr="AcJmoXTP9mH1J2RAiPIKPr5SUNXsPr7dHMWG-T001AuKtoTXCLF5XQOMxG5SifaUhx1NGMBuoKip06QfnQD8HiUR2RIUKzJ-2w", http_request_error; e_clientaddr="AcL9goFf6W6E7lIrYysylG_swrSW46XCiFhkqefxnDbf3Pf7f773xstUQlokW_tew2GnmRTZRzW1wvbj-_ZtEv1WsXNgyQ"; e_fb_binaryversion="AcLKNS1-Tj5z8hYj56JQVKQoUW5WhMJlZ0W1q50c6jnVmNMqZbLc9xUVczPfAb-TZvdrfTKnk0UmHlZ00RE_DSvVK-lDDcc9WJs"; e_upip="AcLzNqdsDKquMA2U-vG6vgSCF90x07hankg-t6WFSPd7H7JHFFYM0YiYRQs1VGZ8AabTiDtwGo4D7qj6MAOqGUnBXMyOvB7Hwg"; e_proxy="AcJJeVVmkWPywY0QqGUgUzEE9m-pIEfjzDTzw8DNEArbjlQmm4GRxWyPFiwCPLqQ6G7ZWzBJBWxannUa"; e_fb_builduser="AcLGrN7QhU7IWzkY77SgSMIpnZCbazOPGOQSP3JEA5ijytSImn8kkGjIpkPvYoXdqhs"; e_fb_vipaddr="AcLY7cbPjwfHHefKYt2xtJOFRHNnUtUHVM82EOnRFU--sp4fiG00DnZYGLnZGMu3CrHewJGD4Y5IUxVWIZrppbpTzuTo3Vzu"
pragma
no-cache
x-fb-debug
XXgemtASHlm+CMZKjdRDfDJ04Mwnf/d1gkEMXnat+KyahWUjMC4QUSKfJXqXGk5ZuTJNYm1m97ySAYlpfQIjqA==
x-fb-trace-id
GeHpJz5jbg1
date
Tue, 31 Aug 2021 02:58:39 GMT
vary
Origin, Accept-Encoding
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
x-fb-request-id
A6IUzeB9VhXjZVgcv0POQ9T
cache-control
no-store
facebook-api-version
v4.0
expires
Sat, 01 Jan 2000 00:00:00 GMT
sdk.js
connect.facebook.net/en_US/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js
Requested by
Host: s.isanook.com
URL: https://s.isanook.com/sr/0/_next/static/chunks/c8f7fe3b0e41be846d5687592cf2018ff6e22687.38ab518807e1832795dd.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
61eaa2b6f8c640a70c883f049470e20855f7c63da9c0cf60aa1fbc12547ad905
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
YJUnrAxSSEdlN/ywI6WLBA==
cross-origin-resource-policy
cross-origin
expires
Tue, 31 Aug 2021 03:17:09 GMT
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
1685
x-fb-rlafr
0
x-fb-debug
DkvvXxEFBL4Y8NVVMSbRXPY2wDVRdaHMXhUuLaJnE081AuR3rh/5J1FHwgnYh0hj7l+wJtJAd4iRuUwac2ckZQ==
x-fb-trip-id
917726464
x-fb-content-md5
e5b9f64d96886a731d3bc40621e70ebc
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
date
Tue, 31 Aug 2021 02:58:38 GMT
x-frame-options
DENY
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public,max-age=1200,stale-while-revalidate=3600
etag
"e9b9df9b37c5fb92707eba9588e64f9a"
timing-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
hub.html
p3.isanook.com/jo/0/mu/evt/_cross_storage/ex/ Frame 56B5 		236 B
384 B 		Document
General
Check archive.org
Download Go to
Full URL
https://p3.isanook.com/jo/0/mu/evt/_cross_storage/ex/hub.html
Requested by
Host: s.isanook.com
URL: https://s.isanook.com/sr/0/_next/static/San4Xsdy9aLUgv4S5czLl/pages/_app.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
150.109.90.96 Singapore, Singapore, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
Lego Server /
Resource Hash
076d24cbdcf9e0597833fef55d3dca79e6b5fd281e45d85957bea5925473bc6c

Request headers

:method
GET
:authority
p3.isanook.com
:scheme
https
:path
/jo/0/mu/evt/_cross_storage/ex/hub.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.sanook.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer
https://www.sanook.com/

Response headers

content-type
text/html
vary
Accept-Encoding
date
Tue, 31 Aug 2021 02:57:59 GMT
x-page-speed
1.13.35.2-0
age
39
accept-ranges
bytes
content-encoding
gzip
cache-control
no-cache, max-age=0
content-length
192
x-nws-log-uuid
12491172937127082318
server
Lego Server
x-cache-lookup
Cache Miss
/
api.u1sf.com/geoip2/code/ 		156 B
423 B 		Script
General
Check archive.org
Download Go to
Full URL
https://api.u1sf.com/geoip2/code/?callback=jsonp_1630378718936_85865
Requested by
Host: s.isanook.com
URL: https://s.isanook.com/sr/0/_next/static/chunks/059f517648083c4cc99dfdde6159ac5517e5e50d.80c231de7f2569350341.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
203.151.133.5 Bangkok, Thailand, ASN4618 (INET-TH-AS Internet Thailand Company Limited, TH),
Reverse DNS
5.134.151.203.sta.inet.co.th
Software
/
Resource Hash
03751176989e20356e4d788db1a9eb6340fece610059ff1a584327b619771e3b

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma
public
Date
Tue, 31 Aug 2021 02:58:40 GMT
Age
0
Transfer-Encoding
chunked
Content-Type
application/json; charset=utf-8
Cache-Control
public, max-age=900, must-revalidate
Connection
keep-alive
Accept-Ranges
bytes
144.14a6f51ec29957552ebc.js
s.isanook.com/sr/0/_next/static/chunks/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sr/0/_next/static/chunks/144.14a6f51ec29957552ebc.js
Requested by
Host: s.isanook.com
URL: https://s.isanook.com/sr/0/_next/static/runtime/webpack-bf727a6e86cd493ae7aa.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
150.109.191.115 Bangkok, Thailand, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
Lego Server /
Resource Hash
463952328dcbdef613d1c70cf251d9dc381db488f60e4bf3ccc19ec73afd127f

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 25 Aug 2021 23:15:56 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit, Hit From Inner Cluster
last-modified
Wed, 25 Aug 2021 07:30:11 GMT
server
Lego Server
age
52360
etag
"6125f183-12a0"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000, s-maxage=10
x-nws-log-uuid
38715586717144574
accept-ranges
bytes
content-length
1753
expires
Fri, 24 Sep 2021 23:15:56 GMT
49.5509d3dd3e0e24d14934.js
s.isanook.com/sr/0/_next/static/chunks/ 		11 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sr/0/_next/static/chunks/49.5509d3dd3e0e24d14934.js
Requested by
Host: s.isanook.com
URL: https://s.isanook.com/sr/0/_next/static/runtime/webpack-bf727a6e86cd493ae7aa.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
150.109.191.115 Bangkok, Thailand, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
Lego Server /
Resource Hash
fe51be74fadc05d383c935ebb5082a288dc185e3da08fc18e0f38214b6b55ef3

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 26 Aug 2021 17:26:15 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit, Hit From Inner Cluster
last-modified
Thu, 26 Aug 2021 10:57:02 GMT
server
Lego Server
age
0
etag
W/"6127737e-2ba8"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000, s-maxage=10
x-nws-log-uuid
1377988806528143812
accept-ranges
bytes
content-length
1824
expires
Sat, 25 Sep 2021 17:26:15 GMT
translator
hbopenbid.pubmatic.com/ 		0
115 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=ow-client
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/news/8435186/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.sanook.com
date
Tue, 31 Aug 2021 02:58:38 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
ads.json
s.isanook.com/sh/0/ad/ 		142 B
364 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sh/0/ad/ads.json?v=13586489
Requested by
Host: s.isanook.com
URL: https://s.isanook.com/sr/0/_next/static/chunks/8ab386d58aa3a665f05cabdf9944d29ddc817c3f.0dad4ce0315027f9003e.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
150.109.191.115 Bangkok, Thailand, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
Lego Server /
Resource Hash
19dd274fc2f8319a727f0c14e7a80d27c5f9eeec3bd06169be4155fa9d6ae377

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 30 Aug 2021 03:14:14 GMT
x-cache-lookup
Cache Hit, Hit From Inner Cluster
last-modified
Mon, 02 Nov 2020 03:55:07 GMT
server
Lego Server
age
0
etag
"5f9f831b-8e"
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=2592000
x-nws-log-uuid
14777635235293316777
accept-ranges
bytes
content-length
142
expires
Wed, 29 Sep 2021 03:14:14 GMT
cdb
bidder.criteo.com/ 		0
187 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?ptv=112&profileId=184&cb=45623084422
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/news/8435186/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
https://www.sanook.com
date
Tue, 31 Aug 2021 02:58:38 GMT
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Finatra
timing-allow-origin
*
vary
Origin
cdb
bidder.criteo.com/ 		0
187 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?ptv=112&profileId=184&cb=91523156803
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/news/8435186/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
https://www.sanook.com
date
Tue, 31 Aug 2021 02:58:38 GMT
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Finatra
timing-allow-origin
*
vary
Origin
cdb
bidder.criteo.com/ 		0
187 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?ptv=112&profileId=184&cb=783557502
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/news/8435186/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
https://www.sanook.com
date
Tue, 31 Aug 2021 02:58:39 GMT
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Finatra
timing-allow-origin
*
vary
Origin
translator
hbopenbid.pubmatic.com/ 		0
59 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=ow-client
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/news/8435186/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.sanook.com
date
Tue, 31 Aug 2021 02:58:39 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cdb
bidder.criteo.com/ 		0
187 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?ptv=112&profileId=184&cb=13530072373
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/news/8435186/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
https://www.sanook.com
date
Tue, 31 Aug 2021 02:58:38 GMT
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Finatra
timing-allow-origin
*
vary
Origin
abbreviationv2.min.json
s.isanook.com/sr/0/textToSpeech/ 		14 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sr/0/textToSpeech/abbreviationv2.min.json?t=31082021
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/news/8435186/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
150.109.191.115 Bangkok, Thailand, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
Lego Server /
Resource Hash
964b656289b3bc187440e3556d72226c8f364bdc257acb0b3a99956ad013b60a

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 26 Aug 2021 04:14:10 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit, Hit From Inner Cluster
last-modified
Wed, 25 Aug 2021 07:30:34 GMT
server
Lego Server
age
0
etag
"6125f19a-38e8"
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=2592000
x-nws-log-uuid
2871017030172309522
accept-ranges
bytes
content-length
2550
expires
Sat, 25 Sep 2021 04:14:10 GMT
widget-sanookcom-news.js
code.th.giraff.io/data/ 		197 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.th.giraff.io/data/widget-sanookcom-news.js
Requested by
Host: s.isanook.com
URL: https://s.isanook.com/sr/0/_next/static/chunks/5a06b70ae33e96b53e8232bd260bc1b13eff74ad.03303b89d1895002b2ec.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:4e7b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bae4cac950d588663fe65c25cdb64f9dc56f7cc91ba97da63b134fb97d2ae7fd

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 31 Aug 2021 02:58:39 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Tue, 24 Aug 2021 10:05:14 GMT
server
cloudflare
age
20
etag
W/"6124c45a-31217"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=60
cf-ray
6872ff9478114ec1-FRA
expires
Tue, 31 Aug 2021 02:59:19 GMT
c
sal.isanook.com/sa/ 		35 B
355 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sal.isanook.com/sa/c?v=1&_v=j41&a=515525900&t=pageview&_s=1&dl=https%3A%2F%2Fwww.sanook.com%2Fnews%2F8435186%2F&dp=%2Fnews%2F8435186%2F&ul=en-us&de=UTF-8&dt=%E0%B8%A3%E0%B8%A7%E0%B8%A1%E0%B8%82%E0%B9%88%E0%B8%B2%E0%B8%A7%E0%B8%AB%E0%B8%A7%E0%B8%A2%20%E0%B9%80%E0%B8%A5%E0%B8%82%E0%B9%80%E0%B8%94%E0%B9%87%E0%B8%94%E0%B8%87%E0%B8%A7%E0%B8%94%E0%B8%99%E0%B8%B5%E0%B9%89%20%E0%B8%81%E0%B9%88%E0%B8%AD%E0%B8%99%E0%B8%AD%E0%B8%AD%E0%B8%81%E0%B8%AA%E0%B8%A5%E0%B8%B2%E0%B8%81%E0%B8%81%E0%B8%B4%E0%B8%99%E0%B9%81%E0%B8%9A%E0%B9%88%E0%B8%87%E0%B8%A3%E0%B8%B1%E0%B8%90%E0%B8%9A%E0%B8%B2%E0%B8%A5%E0%B8%87%E0%B8%A7%E0%B8%94%201%2F9%2F64&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=SAAAAAABC~&cid=97499524.1630378719&tid=SA-8147095-6&cd4=0&cd8=b&z=512051135
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/news/8435186/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
203.151.133.6 Bangkok, Thailand, ASN4618 (INET-TH-AS Internet Thailand Company Limited, TH),
Reverse DNS
6.134.151.203.sta.inet.co.th
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
Date
Tue, 31 Aug 2021 02:58:39 GMT
Server
nginx
Vary
Accept-Encoding
Content-Type
image/gif
Cache-Control
no-cache, no-cache, no-store, must-revalidate
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
35
Expires
Thu, 01 Jan 1970 00:00:01 GMT
category.js
s.isanook.com/sr/0/_next/static/San4Xsdy9aLUgv4S5czLl/pages/common/ 		0
149 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sr/0/_next/static/San4Xsdy9aLUgv4S5czLl/pages/common/category.js
Requested by
Host: s.isanook.com
URL: https://s.isanook.com/sr/0/_next/static/runtime/main-c4548a6c5259798ceb68.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
150.109.191.115 Bangkok, Thailand, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
Lego Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 26 Aug 2021 11:24:09 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit
last-modified
Thu, 26 Aug 2021 10:57:01 GMT
server
Lego Server
age
0
etag
W/"6127737d-aaa96"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000, s-maxage=10
x-nws-log-uuid
10777060931774379002
accept-ranges
bytes
content-length
152217
expires
Sat, 25 Sep 2021 11:24:09 GMT
dc9a8663c1eefa251dd550396c9e16229a3b5fba.827f1a69452106b0f878.js
s.isanook.com/sr/0/_next/static/chunks/ 		0
20 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sr/0/_next/static/chunks/dc9a8663c1eefa251dd550396c9e16229a3b5fba.827f1a69452106b0f878.js
Requested by
Host: s.isanook.com
URL: https://s.isanook.com/sr/0/_next/static/runtime/main-c4548a6c5259798ceb68.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
150.109.191.115 Bangkok, Thailand, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
Lego Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sat, 28 Aug 2021 10:00:52 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit
x-original-content-length
256628
server
Lego Server
age
0
etag
W/"6127737e-3ea74"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000, s-maxage=10
x-nws-log-uuid
9778963962019283085
accept-ranges
bytes
content-length
19861
expires
Mon, 27 Sep 2021 10:00:52 GMT
ab3892aacfceb4ef2a725033e958c965fa67f28e.02e73207f7dab7fbde40.js
s.isanook.com/sr/0/_next/static/chunks/ 		0
6 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sr/0/_next/static/chunks/ab3892aacfceb4ef2a725033e958c965fa67f28e.02e73207f7dab7fbde40.js
Requested by
Host: s.isanook.com
URL: https://s.isanook.com/sr/0/_next/static/runtime/main-c4548a6c5259798ceb68.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
150.109.191.115 Bangkok, Thailand, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
Lego Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 27 Aug 2021 12:06:43 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit
last-modified
Thu, 26 Aug 2021 10:57:02 GMT
server
Lego Server
age
72123
etag
W/"6127737e-47b2"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000, s-maxage=10
x-nws-log-uuid
3951371829951211151
accept-ranges
bytes
content-length
5447
expires
Sun, 26 Sep 2021 12:06:43 GMT
fb98b1ff8c843897229594d0871fe7639edf6d86.fe5608beb7219774760b.js
s.isanook.com/sr/0/_next/static/chunks/ 		0
5 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sr/0/_next/static/chunks/fb98b1ff8c843897229594d0871fe7639edf6d86.fe5608beb7219774760b.js
Requested by
Host: s.isanook.com
URL: https://s.isanook.com/sr/0/_next/static/runtime/main-c4548a6c5259798ceb68.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
150.109.191.115 Bangkok, Thailand, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
Lego Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sat, 28 Aug 2021 13:31:22 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit
x-original-content-length
13459
server
Lego Server
age
3
etag
W/"6127737e-3493"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-nws-log-uuid
7374980287258059934
accept-ranges
bytes
content-length
4584
expires
Mon, 27 Sep 2021 13:31:20 GMT
36f18939174bdec1174e6e4232aca37f2ac87597.8c7201dca81875cd9bba.js
s.isanook.com/sr/0/_next/static/chunks/ 		0
4 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sr/0/_next/static/chunks/36f18939174bdec1174e6e4232aca37f2ac87597.8c7201dca81875cd9bba.js
Requested by
Host: s.isanook.com
URL: https://s.isanook.com/sr/0/_next/static/runtime/main-c4548a6c5259798ceb68.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
150.109.191.115 Bangkok, Thailand, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
Lego Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sat, 28 Aug 2021 08:08:42 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit
last-modified
Thu, 26 Aug 2021 10:57:02 GMT
server
Lego Server
age
1
etag
W/"6127737e-2e2b"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000, s-maxage=10
x-nws-log-uuid
1294736087653567234
accept-ranges
bytes
content-length
3936
expires
Sat, 28 Aug 2021 08:08:52 GMT
8ab386d58aa3a665f05cabdf9944d29ddc817c3f.0dad4ce0315027f9003e.js
s.isanook.com/sr/0/_next/static/chunks/ 		0
46 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sr/0/_next/static/chunks/8ab386d58aa3a665f05cabdf9944d29ddc817c3f.0dad4ce0315027f9003e.js
Requested by
Host: s.isanook.com
URL: https://s.isanook.com/sr/0/_next/static/runtime/main-c4548a6c5259798ceb68.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
150.109.191.115 Bangkok, Thailand, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
Lego Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 29 Aug 2021 08:06:35 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit
last-modified
Thu, 26 Aug 2021 10:57:02 GMT
server
Lego Server
age
0
etag
W/"6127737e-335cc"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000, s-maxage=10
x-nws-log-uuid
15693699541889185727
accept-ranges
bytes
content-length
47225
expires
Sun, 29 Aug 2021 08:06:46 GMT
0015fcc910c18fad36b943eeeb66e44dbf6e9ef9.e873317aa70e511fdce3.js
s.isanook.com/sr/0/_next/static/chunks/ 		0
4 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sr/0/_next/static/chunks/0015fcc910c18fad36b943eeeb66e44dbf6e9ef9.e873317aa70e511fdce3.js
Requested by
Host: s.isanook.com
URL: https://s.isanook.com/sr/0/_next/static/runtime/main-c4548a6c5259798ceb68.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
150.109.191.115 Bangkok, Thailand, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
Lego Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 27 Aug 2021 13:37:49 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit
x-original-content-length
16660
server
Lego Server
age
1
etag
W/"6127737e-4114"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000, s-maxage=10
x-nws-log-uuid
9613637596713858675
accept-ranges
bytes
content-length
4024
expires
Fri, 27 Aug 2021 13:37:49 GMT
e5d67cc7fb9e57ec1a94d9d0e91d8f7dad6820d6.373763efdd431ed68264.js
s.isanook.com/sr/0/_next/static/chunks/ 		0
8 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sr/0/_next/static/chunks/e5d67cc7fb9e57ec1a94d9d0e91d8f7dad6820d6.373763efdd431ed68264.js
Requested by
Host: s.isanook.com
URL: https://s.isanook.com/sr/0/_next/static/runtime/main-c4548a6c5259798ceb68.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
150.109.191.115 Bangkok, Thailand, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
Lego Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 26 Aug 2021 11:00:53 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit, Hit From Inner Cluster
last-modified
Thu, 26 Aug 2021 10:57:02 GMT
server
Lego Server
age
0
etag
W/"6127737e-8724"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000, s-maxage=10
x-nws-log-uuid
8796698112570903955
accept-ranges
bytes
content-length
8443
expires
Sat, 25 Sep 2021 11:00:53 GMT
ed625dc825875053e87b8bdde60bbaaa766bbef4.1c26ec41cba2d9195163.js
s.isanook.com/sr/0/_next/static/chunks/ 		0
3 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sr/0/_next/static/chunks/ed625dc825875053e87b8bdde60bbaaa766bbef4.1c26ec41cba2d9195163.js
Requested by
Host: s.isanook.com
URL: https://s.isanook.com/sr/0/_next/static/runtime/main-c4548a6c5259798ceb68.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
150.109.191.115 Bangkok, Thailand, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
Lego Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 29 Aug 2021 08:06:37 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit
last-modified
Thu, 26 Aug 2021 10:57:02 GMT
server
Lego Server
age
22243
etag
W/"6127737e-16bf"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000, s-maxage=10
x-nws-log-uuid
3628479419518553056
accept-ranges
bytes
content-length
2691
expires
Sun, 29 Aug 2021 08:06:38 GMT
62494f545b0f5660c288bc7465bf323452d22e96.99c2898dcbff2a789c9c.js
s.isanook.com/sr/0/_next/static/chunks/ 		0
5 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sr/0/_next/static/chunks/62494f545b0f5660c288bc7465bf323452d22e96.99c2898dcbff2a789c9c.js
Requested by
Host: s.isanook.com
URL: https://s.isanook.com/sr/0/_next/static/runtime/main-c4548a6c5259798ceb68.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
150.109.191.115 Bangkok, Thailand, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
Lego Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 29 Aug 2021 13:35:04 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit
x-original-content-length
29385
server
Lego Server
age
0
etag
W/"6127737e-72c9"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-nws-log-uuid
7242730615802573757
accept-ranges
bytes
content-length
5322
expires
Tue, 28 Sep 2021 13:34:54 GMT
13a412d4f6bd19a220ad2c4dc17e4a3895606f9f.9198c675175b2807bbec.js
s.isanook.com/sr/0/_next/static/chunks/ 		0
3 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sr/0/_next/static/chunks/13a412d4f6bd19a220ad2c4dc17e4a3895606f9f.9198c675175b2807bbec.js
Requested by
Host: s.isanook.com
URL: https://s.isanook.com/sr/0/_next/static/runtime/main-c4548a6c5259798ceb68.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
150.109.191.115 Bangkok, Thailand, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
Lego Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 27 Aug 2021 08:10:22 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit
x-original-content-length
13172
server
Lego Server
age
24201
etag
W/"6127737e-3374"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-nws-log-uuid
13281148596515139141
accept-ranges
bytes
content-length
3217
expires
Sun, 26 Sep 2021 01:18:52 GMT
category.js.b1d1731c.chunk.css
s.isanook.com/sr/0/_next/static/css/static/San4Xsdy9aLUgv4S5czLl/pages/common/ 		0
2 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sr/0/_next/static/css/static/San4Xsdy9aLUgv4S5czLl/pages/common/category.js.b1d1731c.chunk.css
Requested by
Host: s.isanook.com
URL: https://s.isanook.com/sr/0/_next/static/runtime/main-c4548a6c5259798ceb68.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
150.109.191.115 Bangkok, Thailand, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
Lego Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 26 Aug 2021 11:04:07 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit, Hit From Inner Cluster
last-modified
Thu, 26 Aug 2021 10:57:02 GMT
server
Lego Server
age
0
etag
W/"6127737e-1bcb"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=2592000, s-maxage=10
x-nws-log-uuid
6020788957803077744
accept-ranges
bytes
content-length
1707
expires
Sat, 25 Sep 2021 11:04:07 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		420 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17864&site_id=385176&zone_id=2142876&size_id=15&alt_size_ids=16%2C65%2C67%2C198&rf=https%3A%2F%2Fwww.sanook.com%2Fnews%2F8435186%2F&tg_i.dfp_ad_unit_code=4899711%2Fnews.sanook%2Fdesktop%2Fsocial%2Freadpage%2Finviewarticle&tg_i.pbadslot=4899711%2Fnews.sanook%2Fdesktop%2Fsocial%2Freadpage%2Finviewarticle&tk_flint=pbjs_lite_v4.33.0&x_source.tid=67034615-1d25-42b1-9fcf-6d5dd566711d&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.3099605689941223
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/news/8435186/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
213.19.162.61 , United Kingdom, ASN3356 (LEVEL3, US),
Reverse DNS
Software
nginx/1.16.0 /
Resource Hash
d14ebb53fe6ab2ff75fed70e5c65265b05e1247e763c3519b2c930e44cf7b8f5

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Tue, 31 Aug 2021 02:58:39 GMT
Server
nginx/1.16.0
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://www.sanook.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Keep-Alive
timeout=5
Content-Length
420
Expires
Wed, 17 Sep 1975 21:32:10 GMT
translator
hbopenbid.pubmatic.com/ 		0
59 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=ow-client
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/news/8435186/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.sanook.com
date
Tue, 31 Aug 2021 02:58:38 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
prebid
ib.adnxs.com/ut/v3/ 		139 B
972 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/news/8435186/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.91 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
721.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
8b64b79dda8d774d63b1af9c94082312ba6f94472df616f30345fd0d14197aaa
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Tue, 31 Aug 2021 02:58:39 GMT
X-Proxy-Origin
89.249.64.171; 89.249.64.171; 721.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
2b271fd4-d07c-47c7-b570-f72deef7dc34
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.sanook.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
139
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
bid-request
a.teads.tv/hb/ 		16 B
247 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://a.teads.tv/hb/bid-request
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/news/8435186/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.209.68.8 Munich, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-209-68-8.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 31 Aug 2021 02:58:39 GMT
content-encoding
gzip
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.sanook.com
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
42
expires
Tue, 31 Aug 2021 02:58:39 GMT
cygnus
htlb.casalemedia.com/ 		24 B
371 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=575406&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%2213c750256edb7d%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.sanook.com%2Fnews%2F8435186%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%224.33.0%22%2C%22msd%22%3A0%2C%22msi%22%3A0%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2214ca96f21099f58%22%2C%22ext%22%3A%7B%22siteID%22%3A%22575406%22%2C%22sid%22%3A%22640x480%22%7D%2C%22banner%22%3A%7B%22w%22%3A640%2C%22h%22%3A480%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%22152ba1e04cce63c%22%2C%22ext%22%3A%7B%22siteID%22%3A%22575406%22%2C%22sid%22%3A%22300x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%2216b20c26a67688d%22%2C%22ext%22%3A%7B%22siteID%22%3A%22575406%22%2C%22sid%22%3A%22640x360%22%7D%2C%22banner%22%3A%7B%22w%22%3A640%2C%22h%22%3A360%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%221720743f73b36ac%22%2C%22ext%22%3A%7B%22siteID%22%3A%22575406%22%2C%22sid%22%3A%22336x280%22%7D%2C%22banner%22%3A%7B%22w%22%3A336%2C%22h%22%3A280%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%2218afb25e7b941d3%22%2C%22ext%22%3A%7B%22siteID%22%3A%22575406%22%2C%22sid%22%3A%22320x480%22%7D%2C%22banner%22%3A%7B%22w%22%3A320%2C%22h%22%3A480%2C%22topframe%22%3A1%7D%7D%5D%7D
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/news/8435186/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
92.122.26.214 Munich, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a92-122-26-214.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
c15422fde5b41648d49cbe2275e8fb3189c3dd669f788483204d97dae39c321d

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 31 Aug 2021 02:58:39 GMT
content-encoding
gzip
x-ak-initial-geo
CC:[DE], RC:[HE], CN:[EU], CIP:[89.249.64.171], XFF:[]
server
Apache
vary
Is-Traffic-Invalid,Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.sanook.com
x-cs-client-geo
12
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
44
x-ak-client-geo
12
expires
Tue, 31 Aug 2021 02:58:39 GMT
hb
rtb-eu.andbeyond.media/ 		0
266 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://rtb-eu.andbeyond.media/hb?zone=136922&v=1.5
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/news/8435186/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
77.245.57.78 , United States, ASN36057 (WEBAIR-INTERNET-MTL, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Tue, 31 Aug 2021 02:58:39 GMT
Server
nginx
Age
0
Access-Control-Allow-Origin
https://www.sanook.com
Cache-Control
no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
arj
tencentth-d.openx.net/w/1.0/ 		172 B
357 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tencentth-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.sanook.com%2Fnews%2F8435186%2F&ch=UTF-8&res=1600x1200x24&ifr=false&tz=-120&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=67034615-1d25-42b1-9fcf-6d5dd566711d&nocache=1630378719070&aus=640x480%2C300x250%2C640x360%2C336x280%2C320x480&divIds=rgpt-inviewarticle-8&auid=542511420
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/news/8435186/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.214.0 /
Resource Hash
2e1163d82a6d11895815dbb568079ea1a7bc7750e0e1dd16512508c3417a0061

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 31 Aug 2021 02:58:39 GMT
content-encoding
gzip
server
OXGW/16.214.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.sanook.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
162
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT
sdk.js
connect.facebook.net/en_US/ 		230 KB
67 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js?hash=36e03e012d8bdc7b1733b1ef033d0c67
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
d41b563ada9a172c523d64623347f1014d31637f1889e6863367c6d51eec78f2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Origin
https://www.sanook.com
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
rUA8jnQOPMKC+zS77kmd0Q==
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
68322
x-fb-rlafr
0
x-fb-debug
vh0Cv+B3v1NsOR0BMA7x30TYopXVd+qjCwxK2Ru1nHXtzfiVZlXom8Bga/ACeD3S/aKQCXI8CtVZV410bI4QKg==
x-fb-content-md5
4806ba1f4e615405aab52fb6d5c44e3e
x-frame-options
DENY
date
Tue, 31 Aug 2021 02:58:39 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
etag
"3e33675ca29e9c2b19168e1ce7d701c6"
timing-allow-origin
*
priority
u=3,i
expires
Wed, 31 Aug 2022 01:19:15 GMT
617.json
id5-sync.com/g/v2/ 		213 B
532 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/g/v2/617.json
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/news/8435186/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.36.109.186 Sheridan, United States, ASN16276 (OVH, FR),
Reverse DNS
p06.id5-sync.com
Software
/
Resource Hash
bed535e75d7dba5faa419ee99d7649ad132a2fff008c07c84887e904aae78ddc
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://www.sanook.com
Date
Tue, 31 Aug 2021 02:58:39 GMT
Access-Control-Allow-Credentials
true
Vary
Origin
Transfer-Encoding
chunked
Strict-Transport-Security
max-age=63072000; includeSubDomains; preload
Content-Type
application/json;charset=UTF-8
id
id.crwdcntrl.net/ 		77 B
825 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id.crwdcntrl.net/id
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/news/8435186/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.253.111.115 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-253-111-115.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
c5ae339001ea35b2ac8a76d3463e2340f2cd2514581215421519af2b42ef326b

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 31 Aug 2021 02:58:39 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
https://www.sanook.com
cache-control
no-cache
x-server
10.45.25.107
access-control-allow-credentials
true
content-type
application/json;charset=utf-8
content-length
77
expires
0
rid
match.adsrvr.org/track/ 		109 B
542 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/rid?ttd_pid=pubmatic&fmt=json
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/news/8435186/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.248.242.197 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a97adde81b00f2ca4.awsglobalaccelerator.com
Software
/
Resource Hash
ae78732b0174bbedb17ffb7d1f16e9f7fdcc272760e6eac5663f74c345a3a5e6

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 31 Aug 2021 02:58:39 GMT
x-aspnet-version
4.0.30319
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.sanook.com
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length
109
expires
Thu, 30 Sep 2021 02:58:39 GMT
hub.js
p3.isanook.com/jo/0/mu/evt/_cross_storage/lib/ Frame 56B5 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://p3.isanook.com/jo/0/mu/evt/_cross_storage/lib/hub.js
Requested by
Host: p3.isanook.com
URL: https://p3.isanook.com/jo/0/mu/evt/_cross_storage/ex/hub.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
150.109.90.96 Singapore, Singapore, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
Lego Server /
Resource Hash
852b86933d326a3c493f7f57ea4f3933167223b7bdfd37f3ee82523be4cd731e

Request headers

Referer
https://p3.isanook.com/jo/0/mu/evt/_cross_storage/ex/hub.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 31 Aug 2021 02:58:39 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit, Hit From Inner Cluster
last-modified
Fri, 18 Nov 2016 04:14:33 GMT
server
Lego Server
etag
"582e8029-1e6a"
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000
x-nws-log-uuid
10777286980386983860
accept-ranges
bytes
content-length
2483
integrator.js
adservice.google.de/adsid/ 		107 B
313 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.sanook.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021083001.js?31062435
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 31 Aug 2021 02:58:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
313 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.sanook.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021083001.js?31062435
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 31 Aug 2021 02:58:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		16 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3650423137310197&correlator=4291468372959536&output=ldjh&impl=fif&eid=31062367%2C31062435%2C31062438%2C44748552%2C31062297&vrg=2021083001&ptt=17&sc=1&sfv=1-0-38&ecs=20210831&iu_parts=4899711%2Cnews.sanook%2Cdesktop%2Csocial%2Creadpage%2Cuniversalb&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4%2F5&prev_iu_szs=1x1&prev_scp=category%3Dnews%2C%25E0%25B8%25AA%25E0%25B8%25A5%25E0%25B8%25B2%25E0%25B8%2581%25E0%25B8%2581%25E0%25B8%25B4%25E0%25B8%2599%25E0%25B9%2581%25E0%25B8%259A%25E0%25B9%2588%25E0%25B8%2587%25E0%25B8%25A3%25E0%25B8%25B1%25E0%25B8%2590%25E0%25B8%259A%25E0%25B8%25B2%25E0%25B8%25A5%2Cnews-2015%2Csanook-news-exclusive%2Csocial%26subcategory%3Dhilight-politic%2Chilight-index-social%2Chilight-social%26tags%3D%25E0%25B9%2581%25E0%25B8%25A1%25E0%25B9%2588%25E0%25B8%2599%25E0%25B9%2589%25E0%25B8%25B3%25E0%25B8%25AB%25E0%25B8%2599%25E0%25B8%25B6%25E0%25B9%2588%25E0%25B8%2587%2C%25E0%25B9%2580%25E0%25B8%25A5%25E0%25B8%2582%25E0%25B9%2581%25E0%25B8%25A1%25E0%25B9%2588%25E0%25B8%2599%25E0%25B9%2589%25E0%25B8%25B3%25E0%25B8%25AB%25E0%25B8%2599%25E0%25B8%25B6%25E0%25B9%2588%25E0%25B8%2587%2C%25E0%25B9%2580%25E0%25B8%25A5%25E0%25B8%2582%25E0%25B9%2580%25E0%25B8%2594%25E0%25B9%2587%25E0%25B8%2594%25E0%25B8%25A7%25E0%25B8%25B1%25E0%25B8%2584%25E0%25B8%258B%25E0%25B8%25B5%25E0%25B8%2599%25E0%25B9%2582%25E0%25B8%2584%25E0%25B8%25A7%25E0%25B8%25B4%25E0%25B8%2594%2C%25E0%25B9%2580%25E0%25B8%25A5%25E0%25B8%2582%25E0%25B8%25AD%25E0%25B9%2588%25E0%25B8%25B2%25E0%25B8%2587%25E0%25B8%2599%25E0%25B9%2589%25E0%25B8%25B3%25E0%25B8%25A1%25E0%25B8%2599%25E0%25B8%2595%25E0%25B9%258C%2C%25E0%25B9%2580%25E0%25B8%25A5%25E0%25B8%2582%25E0%25B8%2598%25E0%25B8%25B9%25E0%25B8%259B%2C%25E0%25B8%25A5%25E0%25B8%25AD%25E0%25B8%2595%25E0%25B9%2580%25E0%25B8%2595%25E0%25B8%25AD%25E0%25B8%25A3%25E0%25B8%25B5%25E0%25B9%2588%2C%25E0%25B8%25AB%25E0%25B8%25A7%25E0%25B8%25A2%2C%25E0%25B9%2580%25E0%25B8%25A5%25E0%25B8%2582%25E0%25B9%2580%25E0%25B8%2594%25E0%25B9%2587%25E0%25B8%2594%2C%25E0%25B9%2580%25E0%25B8%25A5%25E0%25B8%2582%25E0%25B9%2580%25E0%25B8%2594%25E0%25B9%2587%25E0%25B8%2594%25E0%25B8%2587%25E0%25B8%25A7%25E0%25B8%2594%25E0%25B8%2599%25E0%25B8%25B5%25E0%25B9%2589%2C%25E0%25B8%259C%25E0%25B8%25A5%25E0%25B8%25AA%25E0%25B8%25A5%25E0%25B8%25B2%25E0%25B8%2581%2C%25E0%25B8%2595%25E0%25B8%25A3%25E0%25B8%25A7%25E0%25B8%2588%25E0%25B8%25AA%25E0%25B8%25A5%25E0%25B8%25B2%25E0%25B8%2581%2C%25E0%25B8%259C%25E0%25B8%25A5%25E0%25B8%25AA%25E0%25B8%25A5%25E0%25B8%25B2%25E0%25B8%2581%25E0%25B8%2581%25E0%25B8%25B4%25E0%25B8%2599%25E0%25B9%2581%25E0%25B8%259A%25E0%25B9%2588%25E0%25B8%2587%25E0%25B8%25A3%25E0%25B8%25B1%25E0%25B8%2590%25E0%25B8%259A%25E0%25B8%25B2%25E0%25B8%25A5%2C%25E0%25B8%2582%25E0%25B9%2588%25E0%25B8%25B2%25E0%25B8%25A7%25E0%25B8%25AB%25E0%25B8%25A7%25E0%25B8%25A2%2C%25E0%25B8%2595%25E0%25B8%25A3%25E0%25B8%25A7%25E0%25B8%2588%25E0%25B8%25AB%25E0%25B8%25A7%25E0%25B8%25A2%2C%25E0%25B8%25AB%25E0%25B8%25A7%25E0%25B8%25A2%25E0%25B8%2587%25E0%25B8%25A7%25E0%25B8%2594%25E0%25B8%2599%25E0%25B8%25B5%25E0%25B9%2589%2Clottery%2C%25E0%25B8%25AB%25E0%25B8%25A7%25E0%25B8%25A2%25201%2520%25E0%25B8%2581.%25E0%25B8%25A2.%252064%2C%25E0%25B8%2595%25E0%25B8%25A3%25E0%25B8%25A7%25E0%25B8%2588%25E0%25B8%25AB%25E0%25B8%25A7%25E0%25B8%25A2%25201%2520%25E0%25B8%2581%25E0%25B8%25B1%25E0%25B8%2599%25E0%25B8%25A2%25E0%25B8%25B2%25E0%25B8%25A2%25E0%25B8%2599%25202564%2C%25E0%25B8%25AA%25E0%25B8%25A5%25E0%25B8%25B2%25E0%25B8%2581%25E0%25B8%2581%25E0%25B8%25B4%25E0%25B8%2599%25E0%25B9%2581%25E0%25B8%259A%25E0%25B9%2588%25E0%25B8%2587%25E0%25B8%25A3%25E0%25B8%25B1%25E0%25B8%2590%25E0%25B8%259A%25E0%25B8%25B2%25E0%25B8%25A5%2C%25E0%25B8%2595%25E0%25B8%25A3%25E0%25B8%25A7%25E0%25B8%2588%25E0%25B8%25AA%25E0%25B8%25A5%25E0%25B8%25B2%25E0%25B8%2581%25E0%25B8%2581%25E0%25B8%25B4%25E0%25B8%2599%25E0%25B9%2581%25E0%25B8%259A%25E0%25B9%2588%25E0%25B8%2587%25E0%25B8%25A3%25E0%25B8%25B1%25E0%25B8%2590%25E0%25B8%259A%25E0%25B8%25B2%25E0%25B8%25A5%2C%25E0%25B8%2595%25E0%25B8%25A3%25E0%25B8%25A7%25E0%25B8%2588%25E0%25B8%25A5%25E0%25B8%25AD%25E0%25B8%2595%25E0%25B9%2580%25E0%25B8%2595%25E0%25B8%25AD%25E0%25B8%25A3%25E0%25B8%25B5%25E0%25B9%2588%2C%25E0%25B8%2582%25E0%25B9%2588%25E0%25B8%25B2%25E0%25B8%25A7%25E0%25B8%2594%25E0%25B9%2588%25E0%25B8%25A7%25E0%25B8%2599%2C%25E0%25B8%2582%25E0%25B9%2588%25E0%25B8%25B2%25E0%25B8%25A7%25E0%25B8%25A7%25E0%25B8%25B1%25E0%25B8%2599%25E0%25B8%2599%25E0%25B8%25B5%25E0%25B9%2589%2C%25E0%25B8%2582%25E0%25B9%2588%25E0%25B8%25B2%25E0%25B8%25A7%25E0%25B8%25A5%25E0%25B9%2588%25E0%25B8%25B2%25E0%25B8%25AA%25E0%25B8%25B8%25E0%25B8%2594%2C%25E0%25B8%25AA%25E0%25B8%25B1%25E0%25B8%2587%25E0%25B8%2584%25E0%25B8%25A1%26partner%3Dsanook-news-exclusive%26entry_id%3D8435186&eri=1&cookie_enabled=1&bc=31&abxe=1&lmt=1630378719&dt=1630378719287&dlt=1630378715334&idt=2645&frm=20&biw=1600&bih=1200&oid=3&adxs=-12245933&adys=-12245933&adks=4264991586&ucis=1&ifi=1&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&u_java=false&flash=0&url=https%3A%2F%2Fwww.sanook.com%2Fnews%2F8435186%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=0x0&msz=0x0&ga_vid=1319978328.1630378716&ga_sid=1630378719&ga_hid=1589978888&ga_fc=false&fws=128&ohw=0&btvi=-1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/news/8435186/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
bf8f1270e4fd19c15a5124f7cbbd1c04768916149fcde2bb6932d2a1a7ba747a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 31 Aug 2021 02:58:39 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7969
x-xss-protection
0
google-lineitem-id
5582840632
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138336206208
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.sanook.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
6d00ba5207e9bad60d35193393cb2b25.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 432D 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://6d00ba5207e9bad60d35193393cb2b25.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021083001.js?31062435
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
6d00ba5207e9bad60d35193393cb2b25.safeframe.googlesyndication.com
:scheme
https
:path
/safeframe/1-0-38/html/container.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.sanook.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer
https://www.sanook.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
3108
date
Tue, 31 Aug 2021 02:58:39 GMT
expires
Wed, 31 Aug 2022 02:58:39 GMT
cache-control
public, immutable, max-age=31536000
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cygnus
htlb.casalemedia.com/ 		25 B
372 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=575408&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%22259e1dd196ec0d5%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.sanook.com%2Fnews%2F8435186%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%224.33.0%22%2C%22msd%22%3A0%2C%22msi%22%3A0%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2226ea6e809395b26%22%2C%22ext%22%3A%7B%22siteID%22%3A%22575408%22%2C%22sid%22%3A%22728x90%22%7D%2C%22banner%22%3A%7B%22w%22%3A728%2C%22h%22%3A90%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%2227fa4f251c789c3%22%2C%22ext%22%3A%7B%22siteID%22%3A%22575408%22%2C%22sid%22%3A%22468x60%22%7D%2C%22banner%22%3A%7B%22w%22%3A468%2C%22h%22%3A60%2C%22topframe%22%3A1%7D%7D%5D%7D
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/news/8435186/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
92.122.26.214 Munich, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a92-122-26-214.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e98ddc5a2fdd909b117ee2484be3b54f1e3eccc18e44e9cf88dbc2a96ffb4410

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 31 Aug 2021 02:58:39 GMT
content-encoding
gzip
x-ak-initial-geo
CC:[DE], RC:[HE], CN:[EU], CIP:[89.249.64.171], XFF:[]
server
Apache
vary
Is-Traffic-Invalid,Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.sanook.com
x-cs-client-geo
12
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
45
x-ak-client-geo
12
expires
Tue, 31 Aug 2021 02:58:39 GMT
/
as.innity.com/synd/ 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://as.innity.com/synd/?cb=1630378719302&ver=2&hb=1&output=js&pub=413&zone=64738&url=https%253A%252F%252Fwww.sanook.com%252Fnews%252F8435186%252F&width=728&height=90&vpw=1600&vph=1200&callback=json&callback_uid=29179c87bfd461a&auction=acccee5b-03ac-4ca2-a790-fa59b9e5a6e8
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/news/8435186/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
149.129.240.178 Jakarta, Indonesia, ASN45102 (CNNIC-ALIBABA-US-NET-AP Alibaba US Technology Co., Ltd., CN),
Reverse DNS
Software
Apache /
Resource Hash
25b05137ee5f13c74e003f5caa99ed84778cec13bdf845c74fa28e62789d1741

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Tue, 31 Aug 2021 02:58:40 GMT
Content-Encoding
gzip
Last-Modified
Tue, 31 Aug 2021 02:58:40 GMT
Server
Apache
Vary
Accept-Encoding
P3P
policyref=http://www.innity.com/p3p/p3p.xml,CP="CURa ADMa DEVa OUR BUS UNI COM NAV INT"
Access-Control-Allow-Origin
https://www.sanook.com
Access-Control-Max-Age
86400
Cache-Control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
Access-Control-Allow-Credentials
true
Content-Type
application/json; charset=utf-8
Content-Length
846
Expires
Sat, 03 Sep 1983 02:00:00 GMT
hb
rtb-eu.andbeyond.media/ 		0
266 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://rtb-eu.andbeyond.media/hb?zone=136924&v=1.5
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/news/8435186/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
77.245.57.78 , United States, ASN36057 (WEBAIR-INTERNET-MTL, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Tue, 31 Aug 2021 02:58:39 GMT
Server
nginx
Age
0
Access-Control-Allow-Origin
https://www.sanook.com
Cache-Control
no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
prebid
ib.adnxs.com/ut/v3/ 		19 B
851 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/news/8435186/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.91 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
721.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Tue, 31 Aug 2021 02:58:39 GMT
X-Proxy-Origin
89.249.64.171; 89.249.64.171; 721.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
42a4652c-52ad-495b-9590-52dbf8ede17c
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.sanook.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
19
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
bid-request
a.teads.tv/hb/ 		16 B
247 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://a.teads.tv/hb/bid-request
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/news/8435186/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.209.68.8 Munich, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-209-68-8.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 31 Aug 2021 02:58:39 GMT
content-encoding
gzip
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.sanook.com
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
42
expires
Tue, 31 Aug 2021 02:58:39 GMT
arj
tencentth-d.openx.net/w/1.0/ 		172 B
361 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tencentth-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.sanook.com%2Fnews%2F8435186%2F&ch=UTF-8&res=1600x1200x24&ifr=false&tz=-120&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=a1c7030a-974c-4e7f-9eec-294473c6f7a9&nocache=1630378719305&ttduuid=103b18c4-d82b-45d3-b324-37cc26225d2a&aus=728x90%2C468x60&divIds=rgpt-leaderboard-3&auid=542511416
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/news/8435186/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.214.0 /
Resource Hash
f7f800828767f52f45419f4282f09bc06af7d6564742409b491236ae30f15c29

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 31 Aug 2021 02:58:39 GMT
content-encoding
gzip
server
OXGW/16.214.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.sanook.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
164
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		395 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17864&site_id=385176&zone_id=2142876&size_id=2&alt_size_ids=1&tpid_tdid=103b18c4-d82b-45d3-b324-37cc26225d2a&eid_adserver.org=103b18c4-d82b-45d3-b324-37cc26225d2a&rf=https%3A%2F%2Fwww.sanook.com%2Fnews%2F8435186%2F&tg_i.dfp_ad_unit_code=4899711%2Fnews.sanook%2Fdesktop%2Fsocial%2Freadpage%2Fleaderboard&tg_i.pbadslot=4899711%2Fnews.sanook%2Fdesktop%2Fsocial%2Freadpage%2Fleaderboard&tk_flint=pbjs_lite_v4.33.0&x_source.tid=a1c7030a-974c-4e7f-9eec-294473c6f7a9&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.6742414672918178
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/news/8435186/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
213.19.162.61 , United Kingdom, ASN3356 (LEVEL3, US),
Reverse DNS
Software
nginx/1.16.0 /
Resource Hash
5091ccddc911eda04d7e5f42dd92550b526d21db1f44fe946ea66598e5e05186

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Tue, 31 Aug 2021 02:58:39 GMT
Server
nginx/1.16.0
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://www.sanook.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Keep-Alive
timeout=5
Content-Length
395
Expires
Wed, 17 Sep 1975 21:32:10 GMT
translator
hbopenbid.pubmatic.com/ 		0
59 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=ow-client
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/news/8435186/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.sanook.com
date
Tue, 31 Aug 2021 02:58:39 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
events
bidder.criteo.com/csm/ 		0
187 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/csm/events
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://www.sanook.com
date
Tue, 31 Aug 2021 02:58:39 GMT
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Finatra
timing-allow-origin
*
vary
Origin
pixel.gif
static.criteo.net/images/ 		43 B
337 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/images/pixel.gif?ch=1
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/news/8435186/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 31 Aug 2021 02:58:39 GMT
last-modified
Tue, 09 Dec 2008 16:52:36 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"493ea254-2b"
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
43
expires
Fri, 26 Aug 2022 02:58:39 GMT
pixel.gif
static.criteo.net/images/ 		43 B
337 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/images/pixel.gif?ch=2
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/news/8435186/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 31 Aug 2021 02:58:39 GMT
last-modified
Tue, 09 Dec 2008 16:52:36 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"493ea254-2b"
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
43
expires
Fri, 26 Aug 2022 02:58:39 GMT
cygnus
htlb.casalemedia.com/ 		25 B
372 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=575406&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%2242b7f99258c1b91%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.sanook.com%2Fnews%2F8435186%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%224.33.0%22%2C%22msd%22%3A0%2C%22msi%22%3A0%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2243093b8aeab8fc3%22%2C%22ext%22%3A%7B%22siteID%22%3A%22575406%22%2C%22sid%22%3A%22300x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%224492e560584e4f1%22%2C%22ext%22%3A%7B%22siteID%22%3A%22575406%22%2C%22sid%22%3A%22320x50%22%7D%2C%22banner%22%3A%7B%22w%22%3A320%2C%22h%22%3A50%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%2245cad18ca21e57b%22%2C%22ext%22%3A%7B%22siteID%22%3A%22575406%22%2C%22sid%22%3A%22257x240%22%7D%2C%22banner%22%3A%7B%22w%22%3A257%2C%22h%22%3A240%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%224682f949b59b12c%22%2C%22ext%22%3A%7B%22siteID%22%3A%22575406%22%2C%22sid%22%3A%22300x125%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A125%2C%22topframe%22%3A1%7D%7D%5D%7D
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/news/8435186/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
92.122.26.214 Munich, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a92-122-26-214.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
22befe8ed8176cb89cbde1a4f93adce4bddb8de0a8e703f2c15366e6da968070

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 31 Aug 2021 02:58:39 GMT
content-encoding
gzip
x-ak-initial-geo
CC:[DE], RC:[HE], CN:[EU], CIP:[89.249.64.171], XFF:[]
server
Apache
vary
Is-Traffic-Invalid,Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.sanook.com
x-cs-client-geo
12
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
45
x-ak-client-geo
12
expires
Tue, 31 Aug 2021 02:58:39 GMT
/
as.innity.com/synd/ 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://as.innity.com/synd/?cb=1630378719316&ver=2&hb=1&output=js&pub=413&zone=64696&url=https%253A%252F%252Fwww.sanook.com%252Fnews%252F8435186%252F&width=300&height=250&vpw=1600&vph=1200&callback=json&callback_uid=48b1f7188d4991e&auction=c1c07d1f-25df-45cf-83b9-f2f9296b45ea
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/news/8435186/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
149.129.240.178 Jakarta, Indonesia, ASN45102 (CNNIC-ALIBABA-US-NET-AP Alibaba US Technology Co., Ltd., CN),
Reverse DNS
Software
Apache /
Resource Hash
e4edca477a3e92e3bf8b32baa35f82f864afd66745cb5a63514f3d1d5a0ca9f3

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Tue, 31 Aug 2021 02:58:40 GMT
Content-Encoding
gzip
Last-Modified
Tue, 31 Aug 2021 02:58:40 GMT
Server
Apache
Vary
Accept-Encoding
P3P
policyref=http://www.innity.com/p3p/p3p.xml,CP="CURa ADMa DEVa OUR BUS UNI COM NAV INT"
Access-Control-Allow-Origin
https://www.sanook.com
Access-Control-Max-Age
86400
Cache-Control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
Access-Control-Allow-Credentials
true
Content-Type
application/json; charset=utf-8
Content-Length
845
Expires
Sat, 03 Sep 1983 02:00:00 GMT
hb
rtb-eu.andbeyond.media/ 		0
266 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://rtb-eu.andbeyond.media/hb?zone=136922&v=1.5
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/news/8435186/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
77.245.57.78 , United States, ASN36057 (WEBAIR-INTERNET-MTL, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Tue, 31 Aug 2021 02:58:39 GMT
Server
nginx
Age
0
Access-Control-Allow-Origin
https://www.sanook.com
Cache-Control
no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
fastlane.json
fastlane.rubiconproject.com/a/api/ 		402 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17864&site_id=385176&zone_id=2142876&size_id=15&alt_size_ids=43&tpid_tdid=103b18c4-d82b-45d3-b324-37cc26225d2a&eid_adserver.org=103b18c4-d82b-45d3-b324-37cc26225d2a&rf=https%3A%2F%2Fwww.sanook.com%2Fnews%2F8435186%2F&tg_i.dfp_ad_unit_code=4899711%2Fnews.sanook%2Fdesktop%2Fsocial%2Freadpage%2Freca&tg_i.pbadslot=4899711%2Fnews.sanook%2Fdesktop%2Fsocial%2Freadpage%2Freca&tk_flint=pbjs_lite_v4.33.0&x_source.tid=5490625d-428e-4905-9173-60ef1ecc67a5&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.10496780000410832
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/news/8435186/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
213.19.162.61 , United Kingdom, ASN3356 (LEVEL3, US),
Reverse DNS
Software
nginx/1.16.0 /
Resource Hash
db33c4f990fbf4b25e7253b949eac346a83095d82af2ebfc72574c861a87a2c5

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Tue, 31 Aug 2021 02:58:39 GMT
Server
nginx/1.16.0
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://www.sanook.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Keep-Alive
timeout=5
Content-Length
402
Expires
Wed, 17 Sep 1975 21:32:10 GMT
arj
tencentth-d.openx.net/w/1.0/ 		172 B
704 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tencentth-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.sanook.com%2Fnews%2F8435186%2F&ch=UTF-8&res=1600x1200x24&ifr=false&tz=-120&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=5490625d-428e-4905-9173-60ef1ecc67a5&nocache=1630378719319&ttduuid=103b18c4-d82b-45d3-b324-37cc26225d2a&aus=300x250%2C320x50%2C257x240%2C300x125&divIds=rgpt-reca-4&auid=542511420
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/news/8435186/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.214.0 /
Resource Hash
71ab8fc9615cfb5a1ac40096ff608cd2a3f59f0b9b568431771184c9859dab07

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 31 Aug 2021 02:58:39 GMT
content-encoding
gzip
server
OXGW/16.214.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.sanook.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
163
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT
translator
hbopenbid.pubmatic.com/ 		0
59 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=ow-client
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/news/8435186/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.sanook.com
date
Tue, 31 Aug 2021 02:58:39 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
prebid
ib.adnxs.com/ut/v3/ 		19 B
851 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/news/8435186/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.91 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
721.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Tue, 31 Aug 2021 02:58:39 GMT
X-Proxy-Origin
89.249.64.171; 89.249.64.171; 721.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
5f50417a-ca01-44ff-a347-e32d9d6875bf
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.sanook.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
19
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
bid-request
a.teads.tv/hb/ 		16 B
247 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://a.teads.tv/hb/bid-request
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/news/8435186/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.209.68.8 Munich, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-209-68-8.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 31 Aug 2021 02:58:39 GMT
content-encoding
gzip
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.sanook.com
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
42
expires
Tue, 31 Aug 2021 02:58:39 GMT
events
bidder.criteo.com/csm/ 		0
187 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/csm/events
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://www.sanook.com
date
Tue, 31 Aug 2021 02:58:38 GMT
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Finatra
timing-allow-origin
*
vary
Origin
prebid
ib.adnxs.com/ut/v3/ 		19 B
851 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/news/8435186/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.91 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
721.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Tue, 31 Aug 2021 02:58:39 GMT
X-Proxy-Origin
89.249.64.171; 89.249.64.171; 721.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
ed4ec8d1-0b03-40ef-b287-b5a84063d338
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.sanook.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
19
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
/
as.innity.com/synd/ 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://as.innity.com/synd/?cb=1630378719329&ver=2&hb=1&output=js&pub=413&zone=64717&url=https%253A%252F%252Fwww.sanook.com%252Fnews%252F8435186%252F&width=300&height=250&vpw=1600&vph=1200&callback=json&callback_uid=641cfc762cbfa0b&auction=db74c877-9280-45df-8f75-1063fb606835
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/news/8435186/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
149.129.240.178 Jakarta, Indonesia, ASN45102 (CNNIC-ALIBABA-US-NET-AP Alibaba US Technology Co., Ltd., CN),
Reverse DNS
Software
Apache /
Resource Hash
54718d25d78e639528a3d10739e66f99e5c86d02bedef6bb62149a3607caff87

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Tue, 31 Aug 2021 02:58:40 GMT
Content-Encoding
gzip
Last-Modified
Tue, 31 Aug 2021 02:58:40 GMT
Server
Apache
Vary
Accept-Encoding
P3P
policyref=http://www.innity.com/p3p/p3p.xml,CP="CURa ADMa DEVa OUR BUS UNI COM NAV INT"
Access-Control-Allow-Origin
https://www.sanook.com
Access-Control-Max-Age
86400
Cache-Control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
Access-Control-Allow-Credentials
true
Content-Type
application/json; charset=utf-8
Content-Length
844
Expires
Sat, 03 Sep 1983 02:00:00 GMT
translator
hbopenbid.pubmatic.com/ 		0
59 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=ow-client
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/news/8435186/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.sanook.com
date
Tue, 31 Aug 2021 02:58:39 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
arj
tencentth-d.openx.net/w/1.0/ 		172 B
355 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tencentth-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.sanook.com%2Fnews%2F8435186%2F&ch=UTF-8&res=1600x1200x24&ifr=false&tz=-120&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=c9cdd9ff-736e-4596-a8ea-a264a52a259c&nocache=1630378719330&ttduuid=103b18c4-d82b-45d3-b324-37cc26225d2a&aus=300x250%2C300x600%2C160x600%2C120x600%2C240x400&divIds=rgpt-tower-5&auid=542511420
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/news/8435186/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.214.0 /
Resource Hash
4029e1cbbdd21124af3f32b42c297fc5420f64c899dce2a11b7fdbba17916688

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 31 Aug 2021 02:58:39 GMT
content-encoding
gzip
server
OXGW/16.214.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.sanook.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
162
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT
cygnus
htlb.casalemedia.com/ 		25 B
372 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=575406&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%22697873deee2ac8a%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.sanook.com%2Fnews%2F8435186%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%224.33.0%22%2C%22msd%22%3A0%2C%22msi%22%3A0%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%22706f55624a1e363%22%2C%22ext%22%3A%7B%22siteID%22%3A%22575406%22%2C%22sid%22%3A%22300x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%227197446f00c5b05%22%2C%22ext%22%3A%7B%22siteID%22%3A%22575406%22%2C%22sid%22%3A%22300x600%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A600%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%2272d626265c6eae7%22%2C%22ext%22%3A%7B%22siteID%22%3A%22575406%22%2C%22sid%22%3A%22160x600%22%7D%2C%22banner%22%3A%7B%22w%22%3A160%2C%22h%22%3A600%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%227341b15401a67bb%22%2C%22ext%22%3A%7B%22siteID%22%3A%22575406%22%2C%22sid%22%3A%22120x600%22%7D%2C%22banner%22%3A%7B%22w%22%3A120%2C%22h%22%3A600%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%2274a2af586a70c3d%22%2C%22ext%22%3A%7B%22siteID%22%3A%22575406%22%2C%22sid%22%3A%22240x400%22%7D%2C%22banner%22%3A%7B%22w%22%3A240%2C%22h%22%3A400%2C%22topframe%22%3A1%7D%7D%5D%7D
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/news/8435186/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
92.122.26.214 Munich, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a92-122-26-214.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
c66d3c1707ef5a6d8aa22fadd8fb728fe74a0fb33c0a8b50506b56d0f1ded0a1

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 31 Aug 2021 02:58:39 GMT
content-encoding
gzip
x-ak-initial-geo
CC:[DE], RC:[HE], CN:[EU], CIP:[89.249.64.171], XFF:[]
server
Apache
vary
Is-Traffic-Invalid,Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.sanook.com
x-cs-client-geo
12
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
45
x-ak-client-geo
12
expires
Tue, 31 Aug 2021 02:58:39 GMT
hb
rtb-eu.andbeyond.media/ 		0
266 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://rtb-eu.andbeyond.media/hb?zone=136922&v=1.5
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/news/8435186/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
77.245.57.78 , United States, ASN36057 (WEBAIR-INTERNET-MTL, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Tue, 31 Aug 2021 02:58:39 GMT
Server
nginx
Age
0
Access-Control-Allow-Origin
https://www.sanook.com
Cache-Control
no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
bid-request
a.teads.tv/hb/ 		16 B
247 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://a.teads.tv/hb/bid-request
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/news/8435186/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.209.68.8 Munich, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-209-68-8.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 31 Aug 2021 02:58:39 GMT
content-encoding
gzip
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.sanook.com
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
42
expires
Tue, 31 Aug 2021 02:58:39 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		404 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17864&site_id=385176&zone_id=2142876&size_id=15&alt_size_ids=9%2C8%2C10%2C17&tpid_tdid=103b18c4-d82b-45d3-b324-37cc26225d2a&eid_adserver.org=103b18c4-d82b-45d3-b324-37cc26225d2a&rf=https%3A%2F%2Fwww.sanook.com%2Fnews%2F8435186%2F&tg_i.dfp_ad_unit_code=4899711%2Fnews.sanook%2Fdesktop%2Fsocial%2Freadpage%2Ftower&tg_i.pbadslot=4899711%2Fnews.sanook%2Fdesktop%2Fsocial%2Freadpage%2Ftower&tk_flint=pbjs_lite_v4.33.0&x_source.tid=c9cdd9ff-736e-4596-a8ea-a264a52a259c&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.1656036531851357
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/news/8435186/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
213.19.162.61 , United Kingdom, ASN3356 (LEVEL3, US),
Reverse DNS
Software
nginx/1.16.0 /
Resource Hash
d151a6f61a6cce18812403026b537f78c196150373c6d2b81ec299bd7b99c30c

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Tue, 31 Aug 2021 02:58:39 GMT
Server
nginx/1.16.0
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://www.sanook.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Keep-Alive
timeout=5
Content-Length
404
Expires
Wed, 17 Sep 1975 21:32:10 GMT
events
bidder.criteo.com/csm/ 		0
187 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/csm/events
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://www.sanook.com
date
Tue, 31 Aug 2021 02:58:38 GMT
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Finatra
timing-allow-origin
*
vary
Origin
events
bidder.criteo.com/csm/ 		0
187 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/csm/events
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://www.sanook.com
date
Tue, 31 Aug 2021 02:58:39 GMT
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Finatra
timing-allow-origin
*
vary
Origin
ads
securepubads.g.doubleclick.net/gampad/ 		483 B
282 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3650423137310197&correlator=3177027451520672&output=ldjh&impl=fif&eid=31062367%2C31062435%2C31062438%2C44748552%2C31062297&vrg=2021083001&ptt=17&sc=1&sfv=1-0-38&ecs=20210831&iu_parts=4899711%2Cnews.sanook%2Cdesktop%2Csocial%2Creadpage%2Cinviewadrequest&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4%2F5&prev_iu_szs=640x480%7C640x360&prev_scp=category%3Dnews%2C%25E0%25B8%25AA%25E0%25B8%25A5%25E0%25B8%25B2%25E0%25B8%2581%25E0%25B8%2581%25E0%25B8%25B4%25E0%25B8%2599%25E0%25B9%2581%25E0%25B8%259A%25E0%25B9%2588%25E0%25B8%2587%25E0%25B8%25A3%25E0%25B8%25B1%25E0%25B8%2590%25E0%25B8%259A%25E0%25B8%25B2%25E0%25B8%25A5%2Cnews-2015%2Csanook-news-exclusive%2Csocial%26subcategory%3Dhilight-politic%2Chilight-index-social%2Chilight-social%26tags%3D%25E0%25B9%2581%25E0%25B8%25A1%25E0%25B9%2588%25E0%25B8%2599%25E0%25B9%2589%25E0%25B8%25B3%25E0%25B8%25AB%25E0%25B8%2599%25E0%25B8%25B6%25E0%25B9%2588%25E0%25B8%2587%2C%25E0%25B9%2580%25E0%25B8%25A5%25E0%25B8%2582%25E0%25B9%2581%25E0%25B8%25A1%25E0%25B9%2588%25E0%25B8%2599%25E0%25B9%2589%25E0%25B8%25B3%25E0%25B8%25AB%25E0%25B8%2599%25E0%25B8%25B6%25E0%25B9%2588%25E0%25B8%2587%2C%25E0%25B9%2580%25E0%25B8%25A5%25E0%25B8%2582%25E0%25B9%2580%25E0%25B8%2594%25E0%25B9%2587%25E0%25B8%2594%25E0%25B8%25A7%25E0%25B8%25B1%25E0%25B8%2584%25E0%25B8%258B%25E0%25B8%25B5%25E0%25B8%2599%25E0%25B9%2582%25E0%25B8%2584%25E0%25B8%25A7%25E0%25B8%25B4%25E0%25B8%2594%2C%25E0%25B9%2580%25E0%25B8%25A5%25E0%25B8%2582%25E0%25B8%25AD%25E0%25B9%2588%25E0%25B8%25B2%25E0%25B8%2587%25E0%25B8%2599%25E0%25B9%2589%25E0%25B8%25B3%25E0%25B8%25A1%25E0%25B8%2599%25E0%25B8%2595%25E0%25B9%258C%2C%25E0%25B9%2580%25E0%25B8%25A5%25E0%25B8%2582%25E0%25B8%2598%25E0%25B8%25B9%25E0%25B8%259B%2C%25E0%25B8%25A5%25E0%25B8%25AD%25E0%25B8%2595%25E0%25B9%2580%25E0%25B8%2595%25E0%25B8%25AD%25E0%25B8%25A3%25E0%25B8%25B5%25E0%25B9%2588%2C%25E0%25B8%25AB%25E0%25B8%25A7%25E0%25B8%25A2%2C%25E0%25B9%2580%25E0%25B8%25A5%25E0%25B8%2582%25E0%25B9%2580%25E0%25B8%2594%25E0%25B9%2587%25E0%25B8%2594%2C%25E0%25B9%2580%25E0%25B8%25A5%25E0%25B8%2582%25E0%25B9%2580%25E0%25B8%2594%25E0%25B9%2587%25E0%25B8%2594%25E0%25B8%2587%25E0%25B8%25A7%25E0%25B8%2594%25E0%25B8%2599%25E0%25B8%25B5%25E0%25B9%2589%2C%25E0%25B8%259C%25E0%25B8%25A5%25E0%25B8%25AA%25E0%25B8%25A5%25E0%25B8%25B2%25E0%25B8%2581%2C%25E0%25B8%2595%25E0%25B8%25A3%25E0%25B8%25A7%25E0%25B8%2588%25E0%25B8%25AA%25E0%25B8%25A5%25E0%25B8%25B2%25E0%25B8%2581%2C%25E0%25B8%259C%25E0%25B8%25A5%25E0%25B8%25AA%25E0%25B8%25A5%25E0%25B8%25B2%25E0%25B8%2581%25E0%25B8%2581%25E0%25B8%25B4%25E0%25B8%2599%25E0%25B9%2581%25E0%25B8%259A%25E0%25B9%2588%25E0%25B8%2587%25E0%25B8%25A3%25E0%25B8%25B1%25E0%25B8%2590%25E0%25B8%259A%25E0%25B8%25B2%25E0%25B8%25A5%2C%25E0%25B8%2582%25E0%25B9%2588%25E0%25B8%25B2%25E0%25B8%25A7%25E0%25B8%25AB%25E0%25B8%25A7%25E0%25B8%25A2%2C%25E0%25B8%2595%25E0%25B8%25A3%25E0%25B8%25A7%25E0%25B8%2588%25E0%25B8%25AB%25E0%25B8%25A7%25E0%25B8%25A2%2C%25E0%25B8%25AB%25E0%25B8%25A7%25E0%25B8%25A2%25E0%25B8%2587%25E0%25B8%25A7%25E0%25B8%2594%25E0%25B8%2599%25E0%25B8%25B5%25E0%25B9%2589%2Clottery%2C%25E0%25B8%25AB%25E0%25B8%25A7%25E0%25B8%25A2%25201%2520%25E0%25B8%2581.%25E0%25B8%25A2.%252064%2C%25E0%25B8%2595%25E0%25B8%25A3%25E0%25B8%25A7%25E0%25B8%2588%25E0%25B8%25AB%25E0%25B8%25A7%25E0%25B8%25A2%25201%2520%25E0%25B8%2581%25E0%25B8%25B1%25E0%25B8%2599%25E0%25B8%25A2%25E0%25B8%25B2%25E0%25B8%25A2%25E0%25B8%2599%25202564%2C%25E0%25B8%25AA%25E0%25B8%25A5%25E0%25B8%25B2%25E0%25B8%2581%25E0%25B8%2581%25E0%25B8%25B4%25E0%25B8%2599%25E0%25B9%2581%25E0%25B8%259A%25E0%25B9%2588%25E0%25B8%2587%25E0%25B8%25A3%25E0%25B8%25B1%25E0%25B8%2590%25E0%25B8%259A%25E0%25B8%25B2%25E0%25B8%25A5%2C%25E0%25B8%2595%25E0%25B8%25A3%25E0%25B8%25A7%25E0%25B8%2588%25E0%25B8%25AA%25E0%25B8%25A5%25E0%25B8%25B2%25E0%25B8%2581%25E0%25B8%2581%25E0%25B8%25B4%25E0%25B8%2599%25E0%25B9%2581%25E0%25B8%259A%25E0%25B9%2588%25E0%25B8%2587%25E0%25B8%25A3%25E0%25B8%25B1%25E0%25B8%2590%25E0%25B8%259A%25E0%25B8%25B2%25E0%25B8%25A5%2C%25E0%25B8%2595%25E0%25B8%25A3%25E0%25B8%25A7%25E0%25B8%2588%25E0%25B8%25A5%25E0%25B8%25AD%25E0%25B8%2595%25E0%25B9%2580%25E0%25B8%2595%25E0%25B8%25AD%25E0%25B8%25A3%25E0%25B8%25B5%25E0%25B9%2588%2C%25E0%25B8%2582%25E0%25B9%2588%25E0%25B8%25B2%25E0%25B8%25A7%25E0%25B8%2594%25E0%25B9%2588%25E0%25B8%25A7%25E0%25B8%2599%2C%25E0%25B8%2582%25E0%25B9%2588%25E0%25B8%25B2%25E0%25B8%25A7%25E0%25B8%25A7%25E0%25B8%25B1%25E0%25B8%2599%25E0%25B8%2599%25E0%25B8%25B5%25E0%25B9%2589%2C%25E0%25B8%2582%25E0%25B9%2588%25E0%25B8%25B2%25E0%25B8%25A7%25E0%25B8%25A5%25E0%25B9%2588%25E0%25B8%25B2%25E0%25B8%25AA%25E0%25B8%25B8%25E0%25B8%2594%2C%25E0%25B8%25AA%25E0%25B8%25B1%25E0%25B8%2587%25E0%25B8%2584%25E0%25B8%25A1%26partner%3Dsanook-news-exclusive%26entry_id%3D8435186&eri=1&cookie_enabled=1&bc=31&abxe=1&lmt=1630378719&dt=1630378719347&dlt=1630378715334&idt=2645&frm=20&biw=1600&bih=1200&oid=3&adxs=1200&adys=1400&adks=2370829461&ucis=2&ifi=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&u_java=false&flash=0&url=https%3A%2F%2Fwww.sanook.com%2Fnews%2F8435186%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=400x-1&msz=400x-1&ga_vid=1319978328.1630378716&ga_sid=1630378719&ga_hid=1589978888&ga_fc=false&fws=512&ohw=0&btvi=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/news/8435186/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
2168533bbcfe77296498d9ffd15e154f6d18f1e0e9a4083ce9c52286c8e96b78
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 31 Aug 2021 02:58:39 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
252
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.sanook.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
async_usersync.html
acdn.adnxs.com/dmp/ Frame 1A9D 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.193.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.13.10 /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Host
acdn.adnxs.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://www.sanook.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
uuid2=4047021949935290411
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer
https://www.sanook.com/

Response headers

Connection
keep-alive
Content-Length
17053
Server
nginx/1.13.10
Content-Type
text/html
Last-Modified
Wed, 02 Dec 2020 20:56:47 GMT
ETag
W/"5fc7ff8f-cf34"
Expires
Fri, 30 Jul 2021 04:43:13 GMT
Cache-Control
max-age=86402
Access-Control-Allow-Origin
*
Content-Encoding
gzip
Via
1.1 varnish, 1.1 varnish
Accept-Ranges
bytes
Date
Tue, 31 Aug 2021 02:58:39 GMT
Age
79987
X-Served-By
cache-lga21926-LGA, cache-cdg20728-CDG
X-Cache
HIT, HIT
X-Cache-Hits
3, 512854
X-Timer
S1630378720.662129,VS0,VE0
Vary
Accept-Encoding
showad.js
ads.pubmatic.com/AdServer/js/ Frame D2BD 		38 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.108.144.214 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-108-144-214.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
9005ef18fcfb3897cd13c7ec73f90d2b0da0cc7d6153be58cdbe90ad5e2741c8

Request headers

:method
GET
:authority
ads.pubmatic.com
:scheme
https
:path
/AdServer/js/showad.js
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.sanook.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer
https://www.sanook.com/

Response headers

last-modified
Tue, 15 Jun 2021 06:07:52 GMT
etag
"13006b6-974e-5c4c7cb53d8cb"
server
Apache/2.2.15 (CentOS)
accept-ranges
bytes
content-encoding
gzip
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
13946
content-type
text/html; charset=UTF-8
cache-control
public, max-age=70652
expires
Tue, 31 Aug 2021 22:36:11 GMT
date
Tue, 31 Aug 2021 02:58:39 GMT
vary
Accept-Encoding
showad.js
ads.pubmatic.com/AdServer/js/ Frame 2734 		38 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.108.144.214 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-108-144-214.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
9005ef18fcfb3897cd13c7ec73f90d2b0da0cc7d6153be58cdbe90ad5e2741c8

Request headers

:method
GET
:authority
ads.pubmatic.com
:scheme
https
:path
/AdServer/js/showad.js
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.sanook.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer
https://www.sanook.com/

Response headers

last-modified
Tue, 15 Jun 2021 06:07:52 GMT
etag
"13006b6-974e-5c4c7cb53d8cb"
server
Apache/2.2.15 (CentOS)
accept-ranges
bytes
content-encoding
gzip
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
13946
content-type
text/html; charset=UTF-8
cache-control
public, max-age=70652
expires
Tue, 31 Aug 2021 22:36:11 GMT
date
Tue, 31 Aug 2021 02:58:39 GMT
vary
Accept-Encoding
usync.html
eus.rubiconproject.com/ Frame DB07 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
88.221.7.65 Munich, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a88-221-7-65.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Host
eus.rubiconproject.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://www.sanook.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
khaos=KSZHE6WS-1J-8F6Y; rsid=1|AIfsdBUO++vuGxiryvY4NyLgsLINffPD0nJRTZPyMmB0r4WWOQTuL9+eZLvlgeCkRh3C4WPGYWrGRQSWDHOtFAT+ngdWyQZYykB4JZyHexlK9j7tYKExPQ==; ses15=; vis15=385176^1; audit=1|naVuGyos1qploq6DvkmhKkXCma7a0HRK3gerHkdQ2/Ai9JXMhp4MPlnZjrHq0R7Zcpj76PKZXj/hk5WIOeCMzHFfTQMKoUsP
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer
https://www.sanook.com/

Response headers

Server
Apache/2.2.15 (CentOS)
Last-Modified
Tue, 23 Feb 2021 20:47:52 GMT
ETag
"402b0-119-5bc0708346e00"
Accept-Ranges
bytes
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Tue, 31 Aug 2021 02:58:39 GMT
Connection
keep-alive
Vary
Accept-Encoding
like.php
www.facebook.com/v2.9/plugins/ Frame C2F1 		0
326 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/v2.9/plugins/like.php?action=like&app_id=1675028022749749&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Dfe898f367c09dc%26domain%3Dwww.sanook.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.sanook.com%252Ff443e6937e526%26relation%3Dparent.parent&color_scheme=light&container_width=270&href=https%3A%2F%2Fwww.facebook.com%2Fsanooknews%2F&layout=standard&locale=en_US&sdk=joey&share=false&show_faces=true&size=small&width=270
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js?hash=36e03e012d8bdc7b1733b1ef033d0c67
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
www.facebook.com
:scheme
https
:path
/v2.9/plugins/like.php?action=like&app_id=1675028022749749&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Dfe898f367c09dc%26domain%3Dwww.sanook.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.sanook.com%252Ff443e6937e526%26relation%3Dparent.parent&color_scheme=light&container_width=270&href=https%3A%2F%2Fwww.facebook.com%2Fsanooknews%2F&layout=standard&locale=en_US&sdk=joey&share=false&show_faces=true&size=small&width=270
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.sanook.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer
https://www.sanook.com/

Response headers

content-type
text/html;charset=utf-8
pragma
no-cache
cache-control
private, no-cache, no-store, must-revalidate
expires
Sat, 01 Jan 2000 00:00:00 GMT
content-security-policy-report-only
default-src 'self' data: blob: https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src connect.facebook.net static.xx.fbcdn.net 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net data:;connect-src wss://gateway.facebook.com wss://edge-chat.facebook.com *.facebook.com *.fbcdn.net wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ *.fbxbs.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info *.atdmt.com blob: android-webview-video-poster:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com *.atdmt.com;worker-src blob:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}],"group":"coep_report"}
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups
x-content-type-options
nosniff
x-xss-protection
0
x-fb-debug
YaPHr93e2jkHWs6uS7fzT9zcC5quEvCUDm54meBJNlg+kzWlyNTxFkEjM14l5rqwb9n1Lq39vdoDsRHec0fjug==
content-length
0
date
Tue, 31 Aug 2021 02:58:39 GMT
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
PugMaster
image6.pubmatic.com/AdServer/ Frame D2BD 		4 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=98196555&p=155976&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.115 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
286165058d81e5000553b0363df366875623cc662ea4e2d285e399b267e78f3b

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 31 Aug 2021 02:58:39 GMT
content-type
text/html; charset=UTF-8
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
usync.js
eus.rubiconproject.com/ Frame DB07 		31 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
88.221.7.65 Munich, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a88-221-7-65.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
131b1d50ab454a7d5dbec1d9e95cfa391a3df469098a5675f41771b68575f30d

Request headers

Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Tue, 31 Aug 2021 02:58:39 GMT
Content-Encoding
gzip
Last-Modified
Tue, 24 Aug 2021 22:28:41 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=54343
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9357
Expires
Tue, 31 Aug 2021 18:04:22 GMT
bid-request
a.teads.tv/hb/ 		16 B
247 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://a.teads.tv/hb/bid-request
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/news/8435186/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.209.68.8 Munich, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-209-68-8.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 31 Aug 2021 02:58:39 GMT
content-encoding
gzip
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.sanook.com
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
42
expires
Tue, 31 Aug 2021 02:58:39 GMT
cygnus
htlb.casalemedia.com/ 		25 B
372 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=575405&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%228343393312ba502%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.sanook.com%2Fnews%2F8435186%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%224.33.0%22%2C%22msd%22%3A0%2C%22msi%22%3A0%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2284d976535eb5f36%22%2C%22ext%22%3A%7B%22siteID%22%3A%22575405%22%2C%22sid%22%3A%221130x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A1130%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%22856956e1e633997%22%2C%22ext%22%3A%7B%22siteID%22%3A%22575405%22%2C%22sid%22%3A%221090x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A1090%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%22862524ef2a080b3%22%2C%22ext%22%3A%7B%22siteID%22%3A%22575405%22%2C%22sid%22%3A%22970x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A970%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%5D%7D
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/news/8435186/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
92.122.26.214 Munich, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a92-122-26-214.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b6b92d79711a9cdc74b7dbc3732697dd3fed08458ed92915d4e59183e64fcab7

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 31 Aug 2021 02:58:39 GMT
content-encoding
gzip
x-ak-initial-geo
CC:[DE], RC:[HE], CN:[EU], CIP:[89.249.64.171], XFF:[]
server
Apache
vary
Is-Traffic-Invalid,Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.sanook.com
x-cs-client-geo
12
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
45
x-ak-client-geo
12
expires
Tue, 31 Aug 2021 02:58:39 GMT
translator
hbopenbid.pubmatic.com/ 		4 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=ow-client
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/news/8435186/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
1e0ee3c9c55e783ff1f0df953b235363c004ff40fc433ba5d085b1fc8aaad235

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.sanook.com
date
Tue, 31 Aug 2021 02:58:39 GMT
content-encoding
gzip
x-openrtb-version
2.3
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-type
application/json
fastlane.json
fastlane.rubiconproject.com/a/api/ 		392 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17864&site_id=385176&zone_id=2142876&size_id=57&tpid_tdid=103b18c4-d82b-45d3-b324-37cc26225d2a&eid_adserver.org=103b18c4-d82b-45d3-b324-37cc26225d2a&rf=https%3A%2F%2Fwww.sanook.com%2Fnews%2F8435186%2F&tg_i.dfp_ad_unit_code=4899711%2Fnews.sanook%2Fdesktop%2Fsocial%2Freadpage%2Fbillboard&tg_i.pbadslot=4899711%2Fnews.sanook%2Fdesktop%2Fsocial%2Freadpage%2Fbillboard&tk_flint=pbjs_lite_v4.33.0&x_source.tid=35c32238-0f85-4b7c-aad7-a7cdbbdd9062&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.039442639278014946
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/news/8435186/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
213.19.162.61 , United Kingdom, ASN3356 (LEVEL3, US),
Reverse DNS
Software
nginx/1.16.0 /
Resource Hash
f37b1db68cffaa70e3a8f2ae9df52d0b2175543fa9603d05556c81fd9564ecbf

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Tue, 31 Aug 2021 02:58:39 GMT
Server
nginx/1.16.0
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://www.sanook.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Keep-Alive
timeout=5
Content-Length
392
Expires
Wed, 17 Sep 1975 21:32:10 GMT
prebid
ib.adnxs.com/ut/v3/ 		19 B
851 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/news/8435186/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.91 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
721.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Tue, 31 Aug 2021 02:58:39 GMT
X-Proxy-Origin
89.249.64.171; 89.249.64.171; 721.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
9fca213e-2fb0-44e2-b480-9401ae81620d
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.sanook.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
19
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
hb
rtb-eu.andbeyond.media/ 		32 B
300 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://rtb-eu.andbeyond.media/hb?zone=136923&v=1.5
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/news/8435186/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
77.245.57.78 , United States, ASN36057 (WEBAIR-INTERNET-MTL, US),
Reverse DNS
Software
nginx /
Resource Hash
64f55f3c746a8be7700cefa5766b912e686840b8d58b8c5f31b01fbbb861ff52

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Tue, 31 Aug 2021 02:58:39 GMT
Server
nginx
Age
0
Access-Control-Allow-Origin
https://www.sanook.com
Cache-Control
no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
32
arj
tencentth-d.openx.net/w/1.0/ 		172 B
186 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tencentth-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.sanook.com%2Fnews%2F8435186%2F&ch=UTF-8&res=1600x1200x24&ifr=false&tz=-120&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=35c32238-0f85-4b7c-aad7-a7cdbbdd9062&nocache=1630378719564&ttduuid=103b18c4-d82b-45d3-b324-37cc26225d2a&aus=1130x250%2C1090x250%2C970x250&divIds=rgpt-billboard-7&auid=542511408
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/news/8435186/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.214.0 /
Resource Hash
181c45ddbce77208ff117d9ba2a408246a4f430fa273d4f0893e722939bbba0a

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 31 Aug 2021 02:58:39 GMT
content-encoding
gzip
server
OXGW/16.214.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.sanook.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
163
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT
/
as.innity.com/synd/ 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://as.innity.com/synd/?cb=1630378719565&ver=2&hb=1&output=js&pub=413&zone=68097&url=https%253A%252F%252Fwww.sanook.com%252Fnews%252F8435186%252F&width=1130&height=250&vpw=1600&vph=1200&callback=json&callback_uid=980e97990f871d3&auction=fe52d986-9964-47c5-96a2-ca4f045fc091
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/news/8435186/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
149.129.240.178 Jakarta, Indonesia, ASN45102 (CNNIC-ALIBABA-US-NET-AP Alibaba US Technology Co., Ltd., CN),
Reverse DNS
Software
Apache /
Resource Hash
4c0d1635c2f06d486e469fdd124f8162c52823ba5836252b7ed669a7c7c09bc6

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Tue, 31 Aug 2021 02:58:40 GMT
Content-Encoding
gzip
Last-Modified
Tue, 31 Aug 2021 02:58:40 GMT
Server
Apache
Vary
Accept-Encoding
P3P
policyref=http://www.innity.com/p3p/p3p.xml,CP="CURa ADMa DEVa OUR BUS UNI COM NAV INT"
Access-Control-Allow-Origin
https://www.sanook.com
Access-Control-Max-Age
86400
Cache-Control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
Access-Control-Allow-Credentials
true
Content-Type
application/json; charset=utf-8
Content-Length
810
Expires
Sat, 03 Sep 1983 02:00:00 GMT
33b33a71-d3f3-4823-bc9e-a8f432e220fd
https://www.sanook.com/ 		31 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://www.sanook.com/33b33a71-d3f3-4823-bc9e-a8f432e220fd
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/news/8435186/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7725538fe2f71147bffeba7452b434c826aef9009666cb4360c605d0b2a91d1d

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Length
31
Content-Type
application/javascript
view
securepubads.g.doubleclick.net/pcs/ Frame FDB4 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssUROPKtDBoynIw_E6Y_BJy_qdvwQhSiHZnF1_mi91NjL1dmu_K_bviwYSUiykVMLjbubcfuloxuhA5XHIE3I0Ktm8As11lBbeRp3x15HzBZn1oN_m0GbLU9089PxnasHGR0GqDwrftDjo_Z2AwpwvXVTxdZIf7hkNehemAwpytEzESnp20i7Lmb4xDhl6DZX3m3G_R5wtX2swQbBbY2souZqfXoQOhQEyD8Kjj46yFJH-TYhKwz4-EMr0lHqFS9dnBNfm0zl9jDq9UygUEeyd6Pzx9_PnnOQ2wf7eJXMY7QtuCAEOjgxWSjlkq6EUDR-dEXWNipF7eIh1c4hDhMf5v-8WJF1G4e8M&sai=AMfl-YRNAoHK7Dp_KomyAInRJupi2YV65BeHmsWI9Rhm9xJeYDj5abjtX4p4NBHjEzTE65e2RVDgE-eCu6gJ_qC-E3R9nWwyxLlvdHQSr0LFl8r3RUJc5cg33tvB3UBMeCo&sig=Cg0ArKJSzDG2mUB7Jgq1EAE&urlfix=1&adurl=
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/news/8435186/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 31 Aug 2021 02:58:39 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Tue, 31 Aug 2021 02:58:39 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ Frame FDB4 		71 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021083001.js?31062435
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
sffe /
Resource Hash
9fcacc14bc2882b3699532796f84cf4d09fd4a10fe28595e45f15b579b1d454c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 31 Aug 2021 02:58:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"974 / 633 of 1000 / last-modified: 1630361685"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
25234
x-xss-protection
0
expires
Tue, 31 Aug 2021 02:58:39 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame FDB4 		122 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021083001.js?31062435
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bc737a01a72ef54ff0decd38e4ada36dad376930b764cabfad012682cdc262ae
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 31 Aug 2021 02:58:39 GMT
content-encoding
gzip
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server
sffe
etag
"1630322985459792"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
x-content-type-options
nosniff
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37796
x-xss-protection
0
expires
Tue, 31 Aug 2021 02:58:39 GMT
osd.js
www.googletagservices.com/activeview/js/current/ 		72 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/osd.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021083001.js?31062435
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9973d4837254463d18af1f1fa3d201f5c46270b8516e1d1fa0886e14e1c39334
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 31 Aug 2021 02:58:39 GMT
content-encoding
gzip
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server
sffe
etag
"1630322975956640"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
x-content-type-options
nosniff
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27566
x-xss-protection
0
expires
Tue, 31 Aug 2021 02:58:39 GMT
integrator.js
adservice.google.de/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.sanook.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021083001.js?31062435
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 31 Aug 2021 02:58:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.sanook.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021083001.js?31062435
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 31 Aug 2021 02:58:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		89 KB
22 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3650423137310197&correlator=673244344334209&output=ldjh&impl=fif&eid=31062367%2C31062435%2C31062438%2C44748552%2C31062297&vrg=2021083001&ptt=17&sc=1&sfv=1-0-38&ecs=20210831&iu_parts=4899711%2Cnews.sanook%2Cdesktop%2Csocial%2Creadpage%2Cinviewarticle&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4%2F5&prev_iu_szs=640x480%7C300x250%7C640x360%7C336x280%7C320x480&prev_scp=category%3Dnews%2C%25E0%25B8%25AA%25E0%25B8%25A5%25E0%25B8%25B2%25E0%25B8%2581%25E0%25B8%2581%25E0%25B8%25B4%25E0%25B8%2599%25E0%25B9%2581%25E0%25B8%259A%25E0%25B9%2588%25E0%25B8%2587%25E0%25B8%25A3%25E0%25B8%25B1%25E0%25B8%2590%25E0%25B8%259A%25E0%25B8%25B2%25E0%25B8%25A5%2Cnews-2015%2Csanook-news-exclusive%2Csocial%26subcategory%3Dhilight-politic%2Chilight-index-social%2Chilight-social%26tags%3D%25E0%25B9%2581%25E0%25B8%25A1%25E0%25B9%2588%25E0%25B8%2599%25E0%25B9%2589%25E0%25B8%25B3%25E0%25B8%25AB%25E0%25B8%2599%25E0%25B8%25B6%25E0%25B9%2588%25E0%25B8%2587%2C%25E0%25B9%2580%25E0%25B8%25A5%25E0%25B8%2582%25E0%25B9%2581%25E0%25B8%25A1%25E0%25B9%2588%25E0%25B8%2599%25E0%25B9%2589%25E0%25B8%25B3%25E0%25B8%25AB%25E0%25B8%2599%25E0%25B8%25B6%25E0%25B9%2588%25E0%25B8%2587%2C%25E0%25B9%2580%25E0%25B8%25A5%25E0%25B8%2582%25E0%25B9%2580%25E0%25B8%2594%25E0%25B9%2587%25E0%25B8%2594%25E0%25B8%25A7%25E0%25B8%25B1%25E0%25B8%2584%25E0%25B8%258B%25E0%25B8%25B5%25E0%25B8%2599%25E0%25B9%2582%25E0%25B8%2584%25E0%25B8%25A7%25E0%25B8%25B4%25E0%25B8%2594%2C%25E0%25B9%2580%25E0%25B8%25A5%25E0%25B8%2582%25E0%25B8%25AD%25E0%25B9%2588%25E0%25B8%25B2%25E0%25B8%2587%25E0%25B8%2599%25E0%25B9%2589%25E0%25B8%25B3%25E0%25B8%25A1%25E0%25B8%2599%25E0%25B8%2595%25E0%25B9%258C%2C%25E0%25B9%2580%25E0%25B8%25A5%25E0%25B8%2582%25E0%25B8%2598%25E0%25B8%25B9%25E0%25B8%259B%2C%25E0%25B8%25A5%25E0%25B8%25AD%25E0%25B8%2595%25E0%25B9%2580%25E0%25B8%2595%25E0%25B8%25AD%25E0%25B8%25A3%25E0%25B8%25B5%25E0%25B9%2588%2C%25E0%25B8%25AB%25E0%25B8%25A7%25E0%25B8%25A2%2C%25E0%25B9%2580%25E0%25B8%25A5%25E0%25B8%2582%25E0%25B9%2580%25E0%25B8%2594%25E0%25B9%2587%25E0%25B8%2594%2C%25E0%25B9%2580%25E0%25B8%25A5%25E0%25B8%2582%25E0%25B9%2580%25E0%25B8%2594%25E0%25B9%2587%25E0%25B8%2594%25E0%25B8%2587%25E0%25B8%25A7%25E0%25B8%2594%25E0%25B8%2599%25E0%25B8%25B5%25E0%25B9%2589%2C%25E0%25B8%259C%25E0%25B8%25A5%25E0%25B8%25AA%25E0%25B8%25A5%25E0%25B8%25B2%25E0%25B8%2581%2C%25E0%25B8%2595%25E0%25B8%25A3%25E0%25B8%25A7%25E0%25B8%2588%25E0%25B8%25AA%25E0%25B8%25A5%25E0%25B8%25B2%25E0%25B8%2581%2C%25E0%25B8%259C%25E0%25B8%25A5%25E0%25B8%25AA%25E0%25B8%25A5%25E0%25B8%25B2%25E0%25B8%2581%25E0%25B8%2581%25E0%25B8%25B4%25E0%25B8%2599%25E0%25B9%2581%25E0%25B8%259A%25E0%25B9%2588%25E0%25B8%2587%25E0%25B8%25A3%25E0%25B8%25B1%25E0%25B8%2590%25E0%25B8%259A%25E0%25B8%25B2%25E0%25B8%25A5%2C%25E0%25B8%2582%25E0%25B9%2588%25E0%25B8%25B2%25E0%25B8%25A7%25E0%25B8%25AB%25E0%25B8%25A7%25E0%25B8%25A2%2C%25E0%25B8%2595%25E0%25B8%25A3%25E0%25B8%25A7%25E0%25B8%2588%25E0%25B8%25AB%25E0%25B8%25A7%25E0%25B8%25A2%2C%25E0%25B8%25AB%25E0%25B8%25A7%25E0%25B8%25A2%25E0%25B8%2587%25E0%25B8%25A7%25E0%25B8%2594%25E0%25B8%2599%25E0%25B8%25B5%25E0%25B9%2589%2Clottery%2C%25E0%25B8%25AB%25E0%25B8%25A7%25E0%25B8%25A2%25201%2520%25E0%25B8%2581.%25E0%25B8%25A2.%252064%2C%25E0%25B8%2595%25E0%25B8%25A3%25E0%25B8%25A7%25E0%25B8%2588%25E0%25B8%25AB%25E0%25B8%25A7%25E0%25B8%25A2%25201%2520%25E0%25B8%2581%25E0%25B8%25B1%25E0%25B8%2599%25E0%25B8%25A2%25E0%25B8%25B2%25E0%25B8%25A2%25E0%25B8%2599%25202564%2C%25E0%25B8%25AA%25E0%25B8%25A5%25E0%25B8%25B2%25E0%25B8%2581%25E0%25B8%2581%25E0%25B8%25B4%25E0%25B8%2599%25E0%25B9%2581%25E0%25B8%259A%25E0%25B9%2588%25E0%25B8%2587%25E0%25B8%25A3%25E0%25B8%25B1%25E0%25B8%2590%25E0%25B8%259A%25E0%25B8%25B2%25E0%25B8%25A5%2C%25E0%25B8%2595%25E0%25B8%25A3%25E0%25B8%25A7%25E0%25B8%2588%25E0%25B8%25AA%25E0%25B8%25A5%25E0%25B8%25B2%25E0%25B8%2581%25E0%25B8%2581%25E0%25B8%25B4%25E0%25B8%2599%25E0%25B9%2581%25E0%25B8%259A%25E0%25B9%2588%25E0%25B8%2587%25E0%25B8%25A3%25E0%25B8%25B1%25E0%25B8%2590%25E0%25B8%259A%25E0%25B8%25B2%25E0%25B8%25A5%2C%25E0%25B8%2595%25E0%25B8%25A3%25E0%25B8%25A7%25E0%25B8%2588%25E0%25B8%25A5%25E0%25B8%25AD%25E0%25B8%2595%25E0%25B9%2580%25E0%25B8%2595%25E0%25B8%25AD%25E0%25B8%25A3%25E0%25B8%25B5%25E0%25B9%2588%2C%25E0%25B8%2582%25E0%25B9%2588%25E0%25B8%25B2%25E0%25B8%25A7%25E0%25B8%2594%25E0%25B9%2588%25E0%25B8%25A7%25E0%25B8%2599%2C%25E0%25B8%2582%25E0%25B9%2588%25E0%25B8%25B2%25E0%25B8%25A7%25E0%25B8%25A7%25E0%25B8%25B1%25E0%25B8%2599%25E0%25B8%2599%25E0%25B8%25B5%25E0%25B9%2589%2C%25E0%25B8%2582%25E0%25B9%2588%25E0%25B8%25B2%25E0%25B8%25A7%25E0%25B8%25A5%25E0%25B9%2588%25E0%25B8%25B2%25E0%25B8%25AA%25E0%25B8%25B8%25E0%25B8%2594%2C%25E0%25B8%25AA%25E0%25B8%25B1%25E0%25B8%2587%25E0%25B8%2584%25E0%25B8%25A1%26partner%3Dsanook-news-exclusive%26entry_id%3D8435186&eri=1&cookie=ID%3D040b4a3ec4fa0e2e-22fc53c2dcc80022%3AT%3D1630378719%3AS%3DALNI_MbXRdEmg5GlrpJmPEVSRpM9Mavj0Q&bc=31&abxe=1&lmt=1630378719&dt=1630378719595&dlt=1630378715334&idt=2645&frm=20&biw=1600&bih=1200&oid=3&adxs=299&adys=3985&adks=3847183792&ucis=3&ifi=3&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&u_java=false&flash=0&url=https%3A%2F%2Fwww.sanook.com%2Fnews%2F8435186%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=728x0&msz=728x0&psts=AGkb-H_9U_7rROyIqrLUTTIjPbsv2-G-IQKKNg7t3k2LY7hEbOrz-O_uV1ZmHih31F5jRPa73YtSsl_u4xREomw_GBegVSgU3jdwdCcdmpOpYpffwCOzo4Gd2b0&ga_vid=1319978328.1630378716&ga_sid=1630378719&ga_hid=1589978888&ga_fc=false&fws=0&ohw=0&btvi=2&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/news/8435186/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
a562490a96851c1f77bd1d7642f8ea9393080cc5a841060f95ed0db6a76f527e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 31 Aug 2021 02:58:39 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
22441
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.sanook.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ixmatch.html
js-sec.indexww.com/um/ Frame 438E 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.108.145.8 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-108-145-8.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
7eca7977c6ade416c20775a7fd7cfa2291c5752cd1225d5c4342b057c37a000c

Request headers

Host
js-sec.indexww.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://www.sanook.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer
https://www.sanook.com/

Response headers

Server
Apache
Last-Modified
Thu, 11 Feb 2021 16:12:45 GMT
ETag
"e20015-90b-5bb11ca420f07"
Accept-Ranges
bytes
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
text/html; charset=UTF-8
Vary
Accept-Encoding
Content-Encoding
gzip
Content-Length
1151
Date
Tue, 31 Aug 2021 02:58:39 GMT
Connection
keep-alive
pd
eu-u.openx.net/w/1.0/ Frame 9F80 		668 B
718 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eu-u.openx.net/w/1.0/pd?plm=6&ph=37e95722-5599-4708-ac2b-c16016d6597d&gdpr=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.214.0 /
Resource Hash
0f79581e76662fc3566b2aa83867812c0bc33a8e619a7b38c79ece3a8e261f9a

Request headers

:method
GET
:authority
eu-u.openx.net
:scheme
https
:path
/w/1.0/pd?plm=6&ph=37e95722-5599-4708-ac2b-c16016d6597d&gdpr=1
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.sanook.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
i=e7816fd2-8aef-0e55-38fd-c47fdce1f36d|1630378719
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer
https://www.sanook.com/

Response headers

vary
Accept, Accept-Encoding
set-cookie
i=e7816fd2-8aef-0e55-38fd-c47fdce1f36d|1630378719; Version=1; Expires=Wed, 31-Aug-2022 02:58:39 GMT; Max-Age=31536000; Secure; Domain=.openx.net; Path=/; SameSite=None pd=v2|1630378719|gekin0vNiygu; Version=1; Expires=Wed, 15-Sep-2021 02:58:39 GMT; Max-Age=1296000; Secure; Domain=.openx.net; Path=/; SameSite=None
server
OXGW/16.214.0
p3p
CP="CUR ADM OUR NOR STA NID"
date
Tue, 31 Aug 2021 02:58:39 GMT
content-type
text/html
content-length
417
content-encoding
gzip
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
pd
eu-u.openx.net/w/1.0/ Frame B5CC 		668 B
730 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eu-u.openx.net/w/1.0/pd?plm=6&ph=37e95722-5599-4708-ac2b-c16016d6597d&gdpr=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.214.0 /
Resource Hash
0f79581e76662fc3566b2aa83867812c0bc33a8e619a7b38c79ece3a8e261f9a

Request headers

:method
GET
:authority
eu-u.openx.net
:scheme
https
:path
/w/1.0/pd?plm=6&ph=37e95722-5599-4708-ac2b-c16016d6597d&gdpr=1
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.sanook.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
i=e7816fd2-8aef-0e55-38fd-c47fdce1f36d|1630378719
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer
https://www.sanook.com/

Response headers

vary
Accept, Accept-Encoding
set-cookie
i=e7816fd2-8aef-0e55-38fd-c47fdce1f36d|1630378719; Version=1; Expires=Wed, 31-Aug-2022 02:58:39 GMT; Max-Age=31536000; Secure; Domain=.openx.net; Path=/; SameSite=None pd=v2|1630378719|gekin0vNiygu; Version=1; Expires=Wed, 15-Sep-2021 02:58:39 GMT; Max-Age=1296000; Secure; Domain=.openx.net; Path=/; SameSite=None
server
OXGW/16.214.0
p3p
CP="CUR ADM OUR NOR STA NID"
date
Tue, 31 Aug 2021 02:58:39 GMT
content-type
text/html
content-length
417
content-encoding
gzip
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
pd
eu-u.openx.net/w/1.0/ Frame AA43 		668 B
718 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eu-u.openx.net/w/1.0/pd?plm=6&ph=37e95722-5599-4708-ac2b-c16016d6597d&gdpr=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.214.0 /
Resource Hash
0f79581e76662fc3566b2aa83867812c0bc33a8e619a7b38c79ece3a8e261f9a

Request headers

:method
GET
:authority
eu-u.openx.net
:scheme
https
:path
/w/1.0/pd?plm=6&ph=37e95722-5599-4708-ac2b-c16016d6597d&gdpr=1
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.sanook.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
i=e7816fd2-8aef-0e55-38fd-c47fdce1f36d|1630378719
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer
https://www.sanook.com/

Response headers

vary
Accept, Accept-Encoding
set-cookie
i=e7816fd2-8aef-0e55-38fd-c47fdce1f36d|1630378719; Version=1; Expires=Wed, 31-Aug-2022 02:58:39 GMT; Max-Age=31536000; Secure; Domain=.openx.net; Path=/; SameSite=None pd=v2|1630378719|gekin0vNiygu; Version=1; Expires=Wed, 15-Sep-2021 02:58:39 GMT; Max-Age=1296000; Secure; Domain=.openx.net; Path=/; SameSite=None
server
OXGW/16.214.0
p3p
CP="CUR ADM OUR NOR STA NID"
date
Tue, 31 Aug 2021 02:58:39 GMT
content-type
text/html
content-length
417
content-encoding
gzip
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
pd
eu-u.openx.net/w/1.0/ Frame 8C22 		668 B
718 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eu-u.openx.net/w/1.0/pd?plm=6&ph=37e95722-5599-4708-ac2b-c16016d6597d&gdpr=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.214.0 /
Resource Hash
0f79581e76662fc3566b2aa83867812c0bc33a8e619a7b38c79ece3a8e261f9a

Request headers

:method
GET
:authority
eu-u.openx.net
:scheme
https
:path
/w/1.0/pd?plm=6&ph=37e95722-5599-4708-ac2b-c16016d6597d&gdpr=1
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.sanook.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
i=e7816fd2-8aef-0e55-38fd-c47fdce1f36d|1630378719
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer
https://www.sanook.com/

Response headers

vary
Accept, Accept-Encoding
set-cookie
i=e7816fd2-8aef-0e55-38fd-c47fdce1f36d|1630378719; Version=1; Expires=Wed, 31-Aug-2022 02:58:39 GMT; Max-Age=31536000; Secure; Domain=.openx.net; Path=/; SameSite=None pd=v2|1630378719|gekin0vNiygu; Version=1; Expires=Wed, 15-Sep-2021 02:58:39 GMT; Max-Age=1296000; Secure; Domain=.openx.net; Path=/; SameSite=None
server
OXGW/16.214.0
p3p
CP="CUR ADM OUR NOR STA NID"
date
Tue, 31 Aug 2021 02:58:39 GMT
content-type
text/html
content-length
417
content-encoding
gzip
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
ixmatch.html
js-sec.indexww.com/um/ Frame BD96 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.108.145.8 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-108-145-8.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
7eca7977c6ade416c20775a7fd7cfa2291c5752cd1225d5c4342b057c37a000c

Request headers

Host
js-sec.indexww.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://www.sanook.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer
https://www.sanook.com/

Response headers

Server
Apache
Last-Modified
Thu, 11 Feb 2021 16:12:45 GMT
ETag
"e20015-90b-5bb11ca420f07"
Accept-Ranges
bytes
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
text/html; charset=UTF-8
Vary
Accept-Encoding
Content-Encoding
gzip
Content-Length
1151
Date
Tue, 31 Aug 2021 02:58:39 GMT
Connection
keep-alive
ixmatch.html
js-sec.indexww.com/um/ Frame 6B24 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.108.145.8 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-108-145-8.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
7eca7977c6ade416c20775a7fd7cfa2291c5752cd1225d5c4342b057c37a000c

Request headers

Host
js-sec.indexww.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://www.sanook.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer
https://www.sanook.com/

Response headers

Server
Apache
Last-Modified
Thu, 11 Feb 2021 16:12:45 GMT
ETag
"e20015-90b-5bb11ca420f07"
Accept-Ranges
bytes
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
text/html; charset=UTF-8
Vary
Accept-Encoding
Content-Encoding
gzip
Content-Length
1151
Date
Tue, 31 Aug 2021 02:58:39 GMT
Connection
keep-alive
ixmatch.html
js-sec.indexww.com/um/ Frame BB72 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.108.145.8 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-108-145-8.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
7eca7977c6ade416c20775a7fd7cfa2291c5752cd1225d5c4342b057c37a000c

Request headers

Host
js-sec.indexww.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://www.sanook.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer
https://www.sanook.com/

Response headers

Server
Apache
Last-Modified
Thu, 11 Feb 2021 16:12:45 GMT
ETag
"e20015-90b-5bb11ca420f07"
Accept-Ranges
bytes
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
text/html; charset=UTF-8
Vary
Accept-Encoding
Content-Encoding
gzip
Content-Length
1151
Date
Tue, 31 Aug 2021 02:58:39 GMT
Connection
keep-alive
advert.gif
code.th.giraff.io/data/ 		34 B
249 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://code.th.giraff.io/data/advert.gif
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/news/8435186/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:4e7b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
86be52bdb7547413cafb3ed175a806a798c65de98b40849e0b974c47d187de65

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 31 Aug 2021 02:58:39 GMT
cf-cache-status
HIT
age
51
cf-polished
origFmt=gif, origSize=43
content-disposition
inline; filename="advert.webp"
content-length
34
last-modified
Wed, 19 May 2021 11:32:00 GMT
server
cloudflare
etag
"60a4f730-2b"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
content-type
image/webp
access-control-allow-origin
*
expires
Tue, 31 Aug 2021 02:58:47 GMT
cache-control
max-age=60
accept-ranges
bytes
cf-ray
6872ff95c96c4ec1-FRA
cf-bgj
imgq:85,h2pri
sanookcom-news.js
data.th.giraff.io/track/ 		78 B
376 B 		Script
General
Check archive.org
Download Go to
Full URL
https://data.th.giraff.io/track/sanookcom-news.js?r=&u=https%3A%2F%2Fwww.sanook.com%2Fnews%2F8435186%2F&rand=0.5969005371389289&v=1_97_0&vis=1&callback=cbGeo333093510&sp=h
Requested by
Host: code.th.giraff.io
URL: https://code.th.giraff.io/data/widget-sanookcom-news.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
209.58.177.16 , Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS
Software
nginx /
Resource Hash
c17b35a232e3339db946b717c561dbd2ff51d690a5cd5337fceff3db1d92d934

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 31 Aug 2021 02:58:40 GMT
content-encoding
gzip
server
nginx
content-type
application/javascript; charset=utf-8, application/javascript
vary
Accept-Encoding
p3p
policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID"
aHR0cHM6Ly9zLmlzYW5vb2suY29tL25zLzAvdWQvMTY4Ny84NDM1NDcwL3Nhbm9va190aHVtYm5haWxfMTIwMHg3MjAoMikuanBn.jpg
s.isanook.com/ns/0/rp/rc/w350h210/ya0xa0m1w0/ 		26 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.isanook.com/ns/0/rp/rc/w350h210/ya0xa0m1w0/aHR0cHM6Ly9zLmlzYW5vb2suY29tL25zLzAvdWQvMTY4Ny84NDM1NDcwL3Nhbm9va190aHVtYm5haWxfMTIwMHg3MjAoMikuanBn.jpg
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/news/8435186/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
150.109.191.115 Bangkok, Thailand, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
Lego Server /
Resource Hash
01d581ca675069c9743845725f5bca0f3fcfe3b55ece5605c53d7196d658d0a1

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 30 Aug 2021 08:47:22 GMT
x-cache-lookup
Cache Hit
server
Lego Server
age
0
vary
Accept-Encoding
access-control-allow-origin
*
cache-control
max-age=2592000, s-maxage=10
x-nws-log-uuid
5115143619495534138
accept-ranges
bytes
content-length
27001
expires
Wed, 29 Sep 2021 08:47:22 GMT
aHR0cHM6Ly9zLmlzYW5vb2suY29tL25zLzAvdWQvMTY4Ny84NDM1NTk4L3Nhbm9va190aHVtYm5haWxfMTIwMHg3MjAtMi5qcGc=.jpg
s.isanook.com/ns/0/rp/rc/w350h210/ya0xa0m1w0/ 		27 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.isanook.com/ns/0/rp/rc/w350h210/ya0xa0m1w0/aHR0cHM6Ly9zLmlzYW5vb2suY29tL25zLzAvdWQvMTY4Ny84NDM1NTk4L3Nhbm9va190aHVtYm5haWxfMTIwMHg3MjAtMi5qcGc=.jpg
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/news/8435186/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
150.109.191.115 Bangkok, Thailand, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
Lego Server /
Resource Hash
a746d91d960f078de71f6b4883764a7c1ed2171108bb8640148b6c7b24b4cd27

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 30 Aug 2021 23:12:53 GMT
x-cache-lookup
Cache Hit
server
Lego Server
age
0
vary
Accept-Encoding
access-control-allow-origin
*
cache-control
max-age=2592000, s-maxage=10
x-nws-log-uuid
12129864262985674164
accept-ranges
bytes
content-length
27617
expires
Wed, 29 Sep 2021 23:12:53 GMT
aHR0cHM6Ly9zLmlzYW5vb2suY29tL25zLzAvdWQvMTY4Ny84NDM1MjA2L2NvY2VyLmpwZw==.jpg
s.isanook.com/ns/0/rp/rc/w258h155/ya0xa0m1w0/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.isanook.com/ns/0/rp/rc/w258h155/ya0xa0m1w0/aHR0cHM6Ly9zLmlzYW5vb2suY29tL25zLzAvdWQvMTY4Ny84NDM1MjA2L2NvY2VyLmpwZw==.jpg
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/news/8435186/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
150.109.191.115 Bangkok, Thailand, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
Lego Server /
Resource Hash
9784403bcb17571aac530afddf7fe9943d599301afc8d4797c9683549c5c9455

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 30 Aug 2021 03:22:22 GMT
x-cache-lookup
Cache Hit, Hit From Inner Cluster
server
Lego Server
age
0
vary
Accept-Encoding
access-control-allow-origin
*
cache-control
max-age=2592000, s-maxage=10
x-nws-log-uuid
4349623780502090132
accept-ranges
bytes
content-length
8943
expires
Wed, 29 Sep 2021 03:22:22 GMT
aHR0cHM6Ly9zLmlzYW5vb2suY29tL25zLzAvdWQvMTY4NS84NDI1OTcwL2FsbC1sb3R0by1uZXdzLmpwZw==.jpg
s.isanook.com/ns/0/rp/rc/w258h155/ya0xa0m1w0/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.isanook.com/ns/0/rp/rc/w258h155/ya0xa0m1w0/aHR0cHM6Ly9zLmlzYW5vb2suY29tL25zLzAvdWQvMTY4NS84NDI1OTcwL2FsbC1sb3R0by1uZXdzLmpwZw==.jpg
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/news/8435186/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
150.109.191.115 Bangkok, Thailand, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
Lego Server /
Resource Hash
1bdfa9c643993d597a387f3d55294f33ea9da79a205c31237b14bf0075d77835

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 25 Aug 2021 08:13:08 GMT
x-cache-lookup
Cache Hit, Hit From Inner Cluster
server
Lego Server
age
0
etag
W/"PSA-P9o43XY682"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=2592000, s-maxage=10
x-nws-log-uuid
9437859910668782167
accept-ranges
bytes
content-length
10908
expires
Fri, 24 Sep 2021 08:13:08 GMT
aHR0cHM6Ly9zLmlzYW5vb2suY29tL25zLzAvdWQvMTY4NS84NDI1ODIyLzEuanBn.jpg
s.isanook.com/ns/0/rp/rc/w258h155/ya0xa0m1w0/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.isanook.com/ns/0/rp/rc/w258h155/ya0xa0m1w0/aHR0cHM6Ly9zLmlzYW5vb2suY29tL25zLzAvdWQvMTY4NS84NDI1ODIyLzEuanBn.jpg
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/news/8435186/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
150.109.191.115 Bangkok, Thailand, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
Lego Server /
Resource Hash
22db0197299c101eff614413ae53f2e9b440634500d2d084e47ad269ae247dbe

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sat, 28 Aug 2021 14:43:15 GMT
x-cache-lookup
Cache Hit
server
Lego Server
age
0
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=2592000, s-maxage=10
x-nws-log-uuid
7040616766354818163
accept-ranges
bytes
content-length
10417
expires
Mon, 27 Sep 2021 14:43:15 GMT
rubicon
match.adsrvr.org/track/cmf/ Frame DB07 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/rubicon
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/news/8435186/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.248.242.197 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a97adde81b00f2ca4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 31 Aug 2021 02:58:39 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pixel
cm.g.doubleclick.net/ Frame DB07
Redirect Chain
  • https://token.rubiconproject.com/token?pid=25470
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1NaSEU2V1MtMUotOEY2WQ==
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1NaSEU2V1MtMUotOEY2WQ==
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/news/8435186/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s46-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 31 Aug 2021 02:58:40 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1NaSEU2V1MtMUotOEY2WQ==
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
de8527bfa1ccfd6c1590da0d3b6cff52
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
v1
ads.yahoo.com/cms/ Frame DB07
Redirect Chain
  • https://token.rubiconproject.com/token?pid=26594
  • https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=KSZHE6WS-1J-8F6Y&sigv=1&esig=2~b5a38925fcf3ad9ef3ffd0f6f7927d8a7a6a49cb
0
446 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=KSZHE6WS-1J-8F6Y&sigv=1&esig=2~b5a38925fcf3ad9ef3ffd0f6f7927d8a7a6a49cb
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/news/8435186/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1288:80:800::7001 Frankfurt am Main, Germany, ASN203220 (YAHOO-DEB, GB),
Reverse DNS
Software
ATS /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 31 Aug 2021 02:58:40 GMT
cache-control
no-store
x-content-type-options
nosniff
server
ATS
strict-transport-security
max-age=15552000
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection
1; mode=block

Redirect headers

Location
https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=KSZHE6WS-1J-8F6Y&sigv=1&esig=2~b5a38925fcf3ad9ef3ffd0f6f7927d8a7a6a49cb
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
de8527bfa1ccfd6c1590da0d3b6cff52
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
709414.gif
id.rlcdn.com/ Frame DB07 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id.rlcdn.com/709414.gif
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/news/8435186/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
68.174.244.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers
pixel
cm.g.doubleclick.net/ Frame DB07
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2249&pt=n
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=OWQ5OTE2YzU2OTQ1MjkzNWIyMWI5ZDc0M2VkZjllZDNmZDA2ZGJkYg
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=OWQ5OTE2YzU2OTQ1MjkzNWIyMWI5ZDc0M2VkZjllZDNmZDA2ZGJkYg
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/news/8435186/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s46-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 31 Aug 2021 02:58:40 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=OWQ5OTE2YzU2OTQ1MjkzNWIyMWI5ZDc0M2VkZjllZDNmZDA2ZGJkYg
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
de8527bfa1ccfd6c1590da0d3b6cff52
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame DB07
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEL-Y6j6-UkpTT61bv3U8z2A&google_cver=1
0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEL-Y6j6-UkpTT61bv3U8z2A&google_cver=1
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/news/8435186/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
de8527bfa1ccfd6c1590da0d3b6cff52
Content-Type
image/gif

Redirect headers

pragma
no-cache
date
Tue, 31 Aug 2021 02:58:39 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEL-Y6j6-UkpTT61bv3U8z2A&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
326
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
tap.php
pixel.rubiconproject.com/ Frame DB07
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=9&redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D4222%26nid%3D1512%26put%3D%5BMM_UUID%5D
  • https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=4410612d-9ae0-4600-9c5d-0f8dc820f6e9
0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=4410612d-9ae0-4600-9c5d-0f8dc820f6e9
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/news/8435186/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
de8527bfa1ccfd6c1590da0d3b6cff52
Content-Type
image/gif

Redirect headers

Date
Tue, 31 Aug 2021 02:58:39 GMT
Server
MT3 3865 cc0e612 master cdg-pixel-x26
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=4410612d-9ae0-4600-9c5d-0f8dc820f6e9
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Tue, 31 Aug 2021 02:58:38 GMT
tap.php
pixel.rubiconproject.com/ Frame DB07
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/yzES107FIWFYHTmKjziuUMn5EUdSAgOZEtemQ7w0kco?csrc=
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=942359355507572558
0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=942359355507572558
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/news/8435186/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
de8527bfa1ccfd6c1590da0d3b6cff52
Content-Type
image/gif

Redirect headers

date
Tue, 31 Aug 2021 02:58:40 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
location
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=942359355507572558
x-xss-protection
1; mode=block
content-length
0
x-content-type-options
nosniff
expires
Thu, 01 Jan 1970 00:00:00 GMT
sd
eu-u.openx.net/w/1.0/ Frame B5CC
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D
  • https://eu-u.openx.net/w/1.0/sd?id=536872786&val=cd31612d-9ae0-4c00-9cf8-72d5c749ab6d
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eu-u.openx.net/w/1.0/sd?id=536872786&val=cd31612d-9ae0-4c00-9cf8-72d5c749ab6d
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=37e95722-5599-4708-ac2b-c16016d6597d&gdpr=1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.214.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 31 Aug 2021 02:58:40 GMT
via
1.1 google
server
OXGW/16.214.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Date
Tue, 31 Aug 2021 02:58:39 GMT
Server
MT3 3865 cc0e612 master cdg-pixel-x24
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://eu-u.openx.net/w/1.0/sd?id=536872786&val=cd31612d-9ae0-4c00-9cf8-72d5c749ab6d
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Tue, 31 Aug 2021 02:58:38 GMT
sd
us-u.openx.net/w/1.0/ Frame B5CC
Redirect Chain
  • https://pixel.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=1
  • https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=1&val=TQlFuUJZE7tWW068HQ9a6BpZE-hWAU_uTAqPwmeD
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=1&val=TQlFuUJZE7tWW068HQ9a6BpZE-hWAU_uTAqPwmeD
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=37e95722-5599-4708-ac2b-c16016d6597d&gdpr=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.214.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 31 Aug 2021 02:58:40 GMT
via
1.1 google
server
OXGW/16.214.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 31 Aug 2021 02:58:39 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=1&val=TQlFuUJZE7tWW068HQ9a6BpZE-hWAU_uTAqPwmeD
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
sd
eu-u.openx.net/w/1.0/ Frame B5CC
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=22
  • https://c1.adform.net/serving/cookie/match?CC=1&party=22
  • https://eu-u.openx.net/w/1.0/sd?id=537113484&val=5258054189700874205
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=5258054189700874205
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=37e95722-5599-4708-ac2b-c16016d6597d&gdpr=1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.214.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 31 Aug 2021 02:58:40 GMT
via
1.1 google
server
OXGW/16.214.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 31 Aug 2021 02:58:40 GMT
server
nginx
location
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=5258054189700874205
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
openx
match.adsrvr.org/track/cmf/ Frame B5CC 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/openx?oxid=342d508b-2368-31a2-622b-0c97b8c6c090&gdpr=1
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=37e95722-5599-4708-ac2b-c16016d6597d&gdpr=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.248.242.197 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a97adde81b00f2ca4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 31 Aug 2021 02:58:39 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pixel
cm.g.doubleclick.net/ Frame B5CC 		170 B
243 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=MTg0MjgzNDEtZWExZi02ZjA2LTc3Y2ItNTYyZTcyMjQwZWYw
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=37e95722-5599-4708-ac2b-c16016d6597d&gdpr=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s46-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 31 Aug 2021 02:58:39 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame B5CC
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEECZTOKe5I6HC3vbT9SQTxI&google_cver=1
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEECZTOKe5I6HC3vbT9SQTxI&google_cver=1
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=37e95722-5599-4708-ac2b-c16016d6597d&gdpr=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.214.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 31 Aug 2021 02:58:40 GMT
via
1.1 google
server
OXGW/16.214.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 31 Aug 2021 02:58:39 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEECZTOKe5I6HC3vbT9SQTxI&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
eu-u.openx.net/w/1.0/ Frame AA43
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D
  • https://eu-u.openx.net/w/1.0/sd?id=536872786&val=e495612d-9ae0-4800-85ec-80169f7f415c
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eu-u.openx.net/w/1.0/sd?id=536872786&val=e495612d-9ae0-4800-85ec-80169f7f415c
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=37e95722-5599-4708-ac2b-c16016d6597d&gdpr=1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.214.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 31 Aug 2021 02:58:40 GMT
via
1.1 google
server
OXGW/16.214.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Date
Tue, 31 Aug 2021 02:58:39 GMT
Server
MT3 3865 cc0e612 master cdg-pixel-x15
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://eu-u.openx.net/w/1.0/sd?id=536872786&val=e495612d-9ae0-4800-85ec-80169f7f415c
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Tue, 31 Aug 2021 02:58:38 GMT
sd
us-u.openx.net/w/1.0/ Frame AA43
Redirect Chain
  • https://pixel.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=1
  • https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=1&val=NPn0IzupoiEvq_8lNPjrJjP5p3MvqfRxYatSNs5F
43 B
122 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=1&val=NPn0IzupoiEvq_8lNPjrJjP5p3MvqfRxYatSNs5F
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=37e95722-5599-4708-ac2b-c16016d6597d&gdpr=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.214.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 31 Aug 2021 02:58:40 GMT
via
1.1 google
server
OXGW/16.214.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 31 Aug 2021 02:58:39 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=1&val=NPn0IzupoiEvq_8lNPjrJjP5p3MvqfRxYatSNs5F
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
sd
eu-u.openx.net/w/1.0/ Frame AA43
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=22
  • https://c1.adform.net/serving/cookie/match?CC=1&party=22
  • https://eu-u.openx.net/w/1.0/sd?id=537113484&val=804836052823924442
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=804836052823924442
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=37e95722-5599-4708-ac2b-c16016d6597d&gdpr=1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.214.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 31 Aug 2021 02:58:40 GMT
via
1.1 google
server
OXGW/16.214.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 31 Aug 2021 02:58:40 GMT
server
nginx
location
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=804836052823924442
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
openx
match.adsrvr.org/track/cmf/ Frame AA43 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/openx?oxid=342d508b-2368-31a2-622b-0c97b8c6c090&gdpr=1
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=37e95722-5599-4708-ac2b-c16016d6597d&gdpr=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.248.242.197 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a97adde81b00f2ca4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 31 Aug 2021 02:58:39 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pixel
cm.g.doubleclick.net/ Frame AA43 		170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=MTg0MjgzNDEtZWExZi02ZjA2LTc3Y2ItNTYyZTcyMjQwZWYw
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=37e95722-5599-4708-ac2b-c16016d6597d&gdpr=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s46-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 31 Aug 2021 02:58:39 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame AA43
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEECZTOKe5I6HC3vbT9SQTxI&google_cver=1
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEECZTOKe5I6HC3vbT9SQTxI&google_cver=1
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=37e95722-5599-4708-ac2b-c16016d6597d&gdpr=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.214.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 31 Aug 2021 02:58:40 GMT
via
1.1 google
server
OXGW/16.214.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 31 Aug 2021 02:58:39 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEECZTOKe5I6HC3vbT9SQTxI&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
speech.gif
s.isanook.com/sr/0/images/icon/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.isanook.com/sr/0/images/icon/speech.gif
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/news/8435186/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
150.109.191.115 Bangkok, Thailand, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
Lego Server /
Resource Hash
458f47c8d4e71d58a27ff10bd155f9f77a2f630cba8d0479f5810cb74bd8596b

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 27 Aug 2021 09:52:48 GMT
x-cache-lookup
Cache Hit, Hit From Inner Cluster
server
Lego Server
age
0
etag
"61277384-60d"
content-type
image/gif
access-control-allow-origin
https://www.sanook.com
x-nws-log-uuid
2591017324450291031
accept-ranges
bytes
content-length
1549
expires
Sun, 26 Sep 2021 09:52:48 GMT
pubads_impl_2021082301.js
securepubads.g.doubleclick.net/gpt/ Frame FDB4 		331 KB
116 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021082301.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
sffe /
Resource Hash
8d37f23647537d48ee4f0c05b8acdf093cb828fe3c5703653aedfdd5f88cde2d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 31 Aug 2021 02:58:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 23 Aug 2021 08:38:25 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, immutable, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
118555
x-xss-protection
0
expires
Tue, 31 Aug 2021 02:58:39 GMT
sd
eu-u.openx.net/w/1.0/ Frame 9F80
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D
  • https://eu-u.openx.net/w/1.0/sd?id=536872786&val=257d612d-9ae0-4700-a4e2-ba6820c15c9b
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eu-u.openx.net/w/1.0/sd?id=536872786&val=257d612d-9ae0-4700-a4e2-ba6820c15c9b
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=37e95722-5599-4708-ac2b-c16016d6597d&gdpr=1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.214.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 31 Aug 2021 02:58:40 GMT
via
1.1 google
server
OXGW/16.214.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Date
Tue, 31 Aug 2021 02:58:39 GMT
Server
MT3 3865 cc0e612 master cdg-pixel-x13
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://eu-u.openx.net/w/1.0/sd?id=536872786&val=257d612d-9ae0-4700-a4e2-ba6820c15c9b
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Tue, 31 Aug 2021 02:58:38 GMT
sd
us-u.openx.net/w/1.0/ Frame 9F80
Redirect Chain
  • https://pixel.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=1
  • https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=1&val=uFPVfrcDg3yjBoV-vFrKL74G03ujWt4vvFdCdIB9
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=1&val=uFPVfrcDg3yjBoV-vFrKL74G03ujWt4vvFdCdIB9
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=37e95722-5599-4708-ac2b-c16016d6597d&gdpr=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.214.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 31 Aug 2021 02:58:40 GMT
via
1.1 google
server
OXGW/16.214.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 31 Aug 2021 02:58:39 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=1&val=uFPVfrcDg3yjBoV-vFrKL74G03ujWt4vvFdCdIB9
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
sd
eu-u.openx.net/w/1.0/ Frame 9F80
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=22
  • https://c1.adform.net/serving/cookie/match?CC=1&party=22
  • https://eu-u.openx.net/w/1.0/sd?id=537113484&val=2692558038677669322
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=2692558038677669322
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=37e95722-5599-4708-ac2b-c16016d6597d&gdpr=1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.214.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 31 Aug 2021 02:58:40 GMT
via
1.1 google
server
OXGW/16.214.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 31 Aug 2021 02:58:40 GMT
server
nginx
location
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=2692558038677669322
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
openx
match.adsrvr.org/track/cmf/ Frame 9F80 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/openx?oxid=342d508b-2368-31a2-622b-0c97b8c6c090&gdpr=1
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=37e95722-5599-4708-ac2b-c16016d6597d&gdpr=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.248.242.197 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a97adde81b00f2ca4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 31 Aug 2021 02:58:39 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pixel
cm.g.doubleclick.net/ Frame 9F80 		170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=MTg0MjgzNDEtZWExZi02ZjA2LTc3Y2ItNTYyZTcyMjQwZWYw
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=37e95722-5599-4708-ac2b-c16016d6597d&gdpr=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s46-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 31 Aug 2021 02:58:39 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 9F80
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEM226PfTF8dX7AY-fio2XTw&google_cver=1
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEM226PfTF8dX7AY-fio2XTw&google_cver=1
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=37e95722-5599-4708-ac2b-c16016d6597d&gdpr=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.214.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 31 Aug 2021 02:58:40 GMT
via
1.1 google
server
OXGW/16.214.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 31 Aug 2021 02:58:39 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEM226PfTF8dX7AY-fio2XTw&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
eu-u.openx.net/w/1.0/ Frame 8C22
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D
  • https://eu-u.openx.net/w/1.0/sd?id=536872786&val=8fea612d-9ae0-4b00-93ad-0678176f162a
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eu-u.openx.net/w/1.0/sd?id=536872786&val=8fea612d-9ae0-4b00-93ad-0678176f162a
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=37e95722-5599-4708-ac2b-c16016d6597d&gdpr=1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.214.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 31 Aug 2021 02:58:40 GMT
via
1.1 google
server
OXGW/16.214.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Date
Tue, 31 Aug 2021 02:58:39 GMT
Server
MT3 3865 cc0e612 master cdg-pixel-x31
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://eu-u.openx.net/w/1.0/sd?id=536872786&val=8fea612d-9ae0-4b00-93ad-0678176f162a
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Tue, 31 Aug 2021 02:58:38 GMT
sd
us-u.openx.net/w/1.0/ Frame 8C22
Redirect Chain
  • https://pixel.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=1
  • https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=1&val=v-i7ArC47QCkvepRvbqkX7ro7FKk67AHu7gtJugM
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=1&val=v-i7ArC47QCkvepRvbqkX7ro7FKk67AHu7gtJugM
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=37e95722-5599-4708-ac2b-c16016d6597d&gdpr=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.214.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 31 Aug 2021 02:58:40 GMT
via
1.1 google
server
OXGW/16.214.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 31 Aug 2021 02:58:39 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=1&val=v-i7ArC47QCkvepRvbqkX7ro7FKk67AHu7gtJugM
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
sd
eu-u.openx.net/w/1.0/ Frame 8C22
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=22
  • https://c1.adform.net/serving/cookie/match?CC=1&party=22
  • https://eu-u.openx.net/w/1.0/sd?id=537113484&val=8841135489502703226
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=8841135489502703226
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=37e95722-5599-4708-ac2b-c16016d6597d&gdpr=1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.214.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 31 Aug 2021 02:58:40 GMT
via
1.1 google
server
OXGW/16.214.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 31 Aug 2021 02:58:40 GMT
server
nginx
location
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=8841135489502703226
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
openx
match.adsrvr.org/track/cmf/ Frame 8C22 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/openx?oxid=342d508b-2368-31a2-622b-0c97b8c6c090&gdpr=1
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=37e95722-5599-4708-ac2b-c16016d6597d&gdpr=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.248.242.197 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a97adde81b00f2ca4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 31 Aug 2021 02:58:39 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pixel
cm.g.doubleclick.net/ Frame 8C22 		170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=MTg0MjgzNDEtZWExZi02ZjA2LTc3Y2ItNTYyZTcyMjQwZWYw
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=37e95722-5599-4708-ac2b-c16016d6597d&gdpr=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s46-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 31 Aug 2021 02:58:39 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 8C22
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEM226PfTF8dX7AY-fio2XTw&google_cver=1
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEM226PfTF8dX7AY-fio2XTw&google_cver=1
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=37e95722-5599-4708-ac2b-c16016d6597d&gdpr=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.214.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 31 Aug 2021 02:58:40 GMT
via
1.1 google
server
OXGW/16.214.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 31 Aug 2021 02:58:39 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEM226PfTF8dX7AY-fio2XTw&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
graph.facebook.com/ 		232 B
212 B 		Script
General
Check archive.org
Download Go to
Full URL
https://graph.facebook.com/?id=https%3A%2F%2Fwww.sanook.com%2Fnews%2F8435186%2F&callback=_grf_34326313547918863
Requested by
Host: code.th.giraff.io
URL: https://code.th.giraff.io/data/widget-sanookcom-news.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f02d:e:face:b00c:0:2 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
c094ef1f98c646cf0413d29db4278f571b05f0a686ecaa74c405833232397742
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; preload

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security
max-age=15552000; preload
content-encoding
br
www-authenticate
OAuth "Facebook Platform" "invalid_request" "(#2) Service temporarily unavailable"
x-fb-rev
1004330561
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
176
x-fb-rlafr
0
pragma
no-cache
x-fb-debug
2hBODVdiuUmZdt3kQ1LwUltDChQwsxbIB/UVKM15xIv5Zja+LsDm7BwQUtuoHLQTUvBekVgwt9JblKol3901DQ==
x-fb-trace-id
DUC4MmGXQGU
date
Tue, 31 Aug 2021 02:58:40 GMT
vary
Origin, Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
x-fb-request-id
Ax5Sld_5BmAh1RMztUSmHZe
cache-control
no-store
facebook-api-version
v4.0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
share.php
vk.com/ 		21 B
437 B 		Script
General
Check archive.org
Download Go to
Full URL
https://vk.com/share.php?act=count&url=https%3A%2F%2Fwww.sanook.com%2Fnews%2F8435186%2F&index=0
Requested by
Host: code.th.giraff.io
URL: https://code.th.giraff.io/data/widget-sanookcom-news.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
87.240.190.67 , Russian Federation, ASN47541 (VKONTAKTE-SPB-AS vk.com, RU),
Reverse DNS
srv67-190-240-87.vk.com
Software
kittenx / KPHP/7.4.108417
Resource Hash
09b8585932e9851125c885d435a53f925d6b4d508b9f49b5cb929690509f1d85
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 31 Aug 2021 02:58:41 GMT
content-encoding
gzip
x-frontend
front224006
server
kittenx
x-powered-by
KPHP/7.4.108417
strict-transport-security
max-age=15768000
content-type
text/html; charset=windows-1251
access-control-expose-headers
X-Frontend
cache-control
no-store
content-length
41
dk
connect.ok.ru/ 		25 B
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.ok.ru/dk?st.cmd=extLike&uid=odklcnt0&ref=https%3A%2F%2Fwww.sanook.com%2Fnews%2F8435186%2F
Requested by
Host: code.th.giraff.io
URL: https://code.th.giraff.io/data/widget-sanookcom-news.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
217.20.152.207 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),
Reverse DNS
ip207.152.odnoklassniki.ru
Software
apache /
Resource Hash
48d1186e375dd91148851d1b190b40e99f821b7258e175c3ac15f7c05673096a
Security Headers
Name Value
Content-Security-Policy default-src data: 'self' 'unsafe-inline' 'unsafe-eval' ok.ru *.ok.ru odnoklassniki.ru *.odnoklassniki.ru mycdn.me http://*.mycdn.me https://*.mycdn.me wss://ad.mail.ru *.mail.ru *.imgsmail.ru *.mradx.net *.serving-sys.com *.googleapis.com *.gstatic.com www.google.com https://api-maps.yandex.ru yastatic.net yandex.st *.doubleverify.com *.adsafeprotected.com https://consentmanager.mgr.consensu.org https://cdn.consentmanager.mgr.consensu.org https://football.sportmail.ru *.google.ru *.google.com *.googlesyndication.com blob:; script-src 'unsafe-inline' 'unsafe-eval' *.mail.ru https://*.mail.ru *.imgsmail.ru *.mradx.net ok.ru *.ok.ru odnoklassniki.ru *.odnoklassniki.ru mycdn.me http://*.mycdn.me https://*.mycdn.me mc.yandex.ru an.yandex.ru yastatic.net yandex.st *.google-analytics.com api-maps.yandex.ru https://api-maps.yandex.ru https://clck.yandex.ru *.googleapis.com *.gstatic.com www.google.com www.youtube.com https://www.youtube.com *.ytimg.com https://*.ytimg.com *.doubleverify.com *.dvtps.com *.doubleclick.net *.googletagservices.com *.googlesyndication.com *.googleadservices.com *.goodgame.ru https://*.goodgame.ru https://*.moatads.com *.adlooxtracking.com *.adsafeprotected.com *.serving-sys.com https://enterprise.api-maps.yandex.ru https://suggest-maps.yandex.ru https://*.hit.gemius.pl https://consentmanager.mgr.consensu.org https://cdn.consentmanager.mgr.consensu.org https://gum.criteo.com https://football.sportmail.ru *.googletagmanager.com connect.facebook.net *.google.ru *.google.com *.googlesyndication.com; worker-src blob: 'self'; connect-src * wss: blob:; font-src * data: blob:; frame-src * blob: 'self'; img-src * data: blob: about:; media-src * data: blob:; object-src *; report-uri /csp/report;
Strict-Transport-Security max-age=63072000;includeSubdomains;preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 31 Aug 2021 02:58:40 GMT
content-encoding
br
vary
Accept-Encoding
rendered-blocks
WidgetExtLike
content-security-policy-report-only
default-src data: blob: about: 'self' 'unsafe-inline' 'unsafe-eval' https: wss:; report-uri /csp/report?always;
x-xss-protection
1; mode=block
pragma
no-cache
server
apache
strict-transport-security
max-age=63072000;includeSubdomains;preload
content-type
application/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
no-cache, no-store
access-control-allow-credentials
true
content-security-policy
default-src data: 'self' 'unsafe-inline' 'unsafe-eval' ok.ru *.ok.ru odnoklassniki.ru *.odnoklassniki.ru mycdn.me http://*.mycdn.me https://*.mycdn.me wss://ad.mail.ru *.mail.ru *.imgsmail.ru *.mradx.net *.serving-sys.com *.googleapis.com *.gstatic.com www.google.com https://api-maps.yandex.ru yastatic.net yandex.st *.doubleverify.com *.adsafeprotected.com https://consentmanager.mgr.consensu.org https://cdn.consentmanager.mgr.consensu.org https://football.sportmail.ru *.google.ru *.google.com *.googlesyndication.com blob:; script-src 'unsafe-inline' 'unsafe-eval' *.mail.ru https://*.mail.ru *.imgsmail.ru *.mradx.net ok.ru *.ok.ru odnoklassniki.ru *.odnoklassniki.ru mycdn.me http://*.mycdn.me https://*.mycdn.me mc.yandex.ru an.yandex.ru yastatic.net yandex.st *.google-analytics.com api-maps.yandex.ru https://api-maps.yandex.ru https://clck.yandex.ru *.googleapis.com *.gstatic.com www.google.com www.youtube.com https://www.youtube.com *.ytimg.com https://*.ytimg.com *.doubleverify.com *.dvtps.com *.doubleclick.net *.googletagservices.com *.googlesyndication.com *.googleadservices.com *.goodgame.ru https://*.goodgame.ru https://*.moatads.com *.adlooxtracking.com *.adsafeprotected.com *.serving-sys.com https://enterprise.api-maps.yandex.ru https://suggest-maps.yandex.ru https://*.hit.gemius.pl https://consentmanager.mgr.consensu.org https://cdn.consentmanager.mgr.consensu.org https://gum.criteo.com https://football.sportmail.ru *.googletagmanager.com connect.facebook.net *.google.ru *.google.com *.googlesyndication.com; worker-src blob: 'self'; connect-src * wss: blob:; font-src * data: blob:; frame-src * blob: 'self'; img-src * data: blob: about:; media-src * data: blob:; object-src *; report-uri /csp/report;
x-content-type-options
nosniff
expires
Mon, 26 Jul 1997 05:00:00 GMT
container.html
6d00ba5207e9bad60d35193393cb2b25.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame D37C 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://6d00ba5207e9bad60d35193393cb2b25.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021083001.js?31062435
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
6d00ba5207e9bad60d35193393cb2b25.safeframe.googlesyndication.com
:scheme
https
:path
/safeframe/1-0-38/html/container.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.sanook.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer
https://www.sanook.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
3108
date
Tue, 31 Aug 2021 02:58:39 GMT
expires
Wed, 31 Aug 2022 02:58:39 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, immutable, max-age=31536000
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
logo-sanook-app02.svg
s.isanook.com/sr/0/images/icon/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.isanook.com/sr/0/images/icon/logo-sanook-app02.svg
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/news/8435186/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
150.109.191.115 Bangkok, Thailand, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
Lego Server /
Resource Hash
4d59a5633f0c0824633eb8631d3219b6893ab33de44b2f7989f7828bc599e9e9

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 27 Aug 2021 09:19:27 GMT
x-cache-lookup
Cache Hit, Hit From Inner Cluster
last-modified
Thu, 26 Aug 2021 10:57:08 GMT
server
Lego Server
age
0
etag
W/"61277384-183b"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=2592000
x-nws-log-uuid
16665127141902064913
accept-ranges
bytes
content-length
6203
expires
Sun, 26 Sep 2021 09:19:27 GMT
ico-ios.svg
s.isanook.com/sr/0/images/icon/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.isanook.com/sr/0/images/icon/ico-ios.svg
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/news/8435186/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
150.109.191.115 Bangkok, Thailand, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
Lego Server /
Resource Hash
734b814220ae9a3d44b59d48528f68672c9e17be6857b1dfacb6f18a37fd172b

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 24 Aug 2021 08:35:53 GMT
x-cache-lookup
Cache Hit, Hit From Inner Cluster
last-modified
Tue, 24 Aug 2021 06:14:48 GMT
server
Lego Server
age
0
etag
W/"61248e58-b27"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=2592000
x-nws-log-uuid
5243373779326628783
accept-ranges
bytes
content-length
2855
expires
Thu, 23 Sep 2021 08:35:53 GMT
ico-android.svg
s.isanook.com/sr/0/images/icon/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.isanook.com/sr/0/images/icon/ico-android.svg
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/news/8435186/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
150.109.191.115 Bangkok, Thailand, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
Lego Server /
Resource Hash
13c6f1aeadd5d8c5f426b3658373db80484f412addc0070139bb11ec99f7435a

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sat, 28 Aug 2021 16:39:27 GMT
x-cache-lookup
Cache Hit
last-modified
Thu, 26 Aug 2021 10:57:08 GMT
server
Lego Server
age
0
etag
W/"61277384-12a2"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=2592000
x-nws-log-uuid
6023606481299493529
accept-ranges
bytes
content-length
4770
expires
Mon, 27 Sep 2021 16:39:27 GMT
async_usersync
ib.adnxs.com/ Frame 1A9D 		0
731 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.91 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
721.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 31 Aug 2021 02:58:40 GMT
X-Proxy-Origin
89.249.64.171; 89.249.64.171; 721.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
d2626755-b39f-401f-b7c1-50f3b8cb4650
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
match
c1.adform.net/serving/cookie/ Frame E7AA
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&cid=8B4EC3BE-AA14-4328-BCCF-1F66E820ACD8
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=8B4EC3BE-AA14-4328-BCCF-1F66E820ACD8
35 B
467 B 		Document
General
Check archive.org
Download Go to
Full URL
https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=8B4EC3BE-AA14-4328-BCCF-1F66E820ACD8
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.4.28 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

:method
GET
:authority
c1.adform.net
:scheme
https
:path
/serving/cookie/match?CC=1&party=14&cid=8B4EC3BE-AA14-4328-BCCF-1F66E820ACD8
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
C=1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Tue, 31 Aug 2021 02:58:40 GMT
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate, no-transform
pragma
no-cache
expires
-1
set-cookie
uid=4156329052819641771; expires=Sat, 30 Oct 2021 02:58:40 GMT; domain=adform.net; path=/; secure; samesite=none
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
strict-transport-security
max-age=31536000; includeSubDomains

Redirect headers

server
nginx
date
Tue, 31 Aug 2021 02:58:40 GMT
content-length
0
location
https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=8B4EC3BE-AA14-4328-BCCF-1F66E820ACD8
cache-control
no-cache, no-store, must-revalidate, no-transform
pragma
no-cache
expires
-1
set-cookie
C=1; expires=Thu, 30 Sep 2021 02:58:40 GMT; domain=adform.net; path=/; secure; samesite=none
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
strict-transport-security
max-age=31536000; includeSubDomains
Pug
image2.pubmatic.com/AdServer/ Frame 2D33
Redirect Chain
  • https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
  • https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=5751815231257979321
42 B
210 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=5751815231257979321
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

:method
GET
:authority
image2.pubmatic.com
:scheme
https
:path
/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=5751815231257979321
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
KADUSERCOOKIE=8B4EC3BE-AA14-4328-BCCF-1F66E820ACD8; chkChromeAb67Sec=1; DPSync3=1630454400%3A174%7C1631577600%3A201_197_219; SyncRTB3=1631577600%3A7_54_71_8_161_3_220_21_166_22_55_13_56_81%7C1631232000%3A63%7C1630972800%3A15_2_223%7C1631664000%3A35%7C1632960000%3A203; PUBMDCID=3; KRTBCOOKIE_153=19420-nj5wJZFuJieFayF2nGxveJs-J3WFPXsgmm5T_VAu&KRTB&22979-nj5wJZFuJieFayF2nGxveJs-J3WFPXsgmm5T_VAu; PugT=1630378720; KRTBCOOKIE_80=22987-CAESEJEgpjpGFZuID1taZ7ICrqU&KRTB&16514-CAESEJEgpjpGFZuID1taZ7ICrqU&KRTB&23025-CAESEJEgpjpGFZuID1taZ7ICrqU; KRTBCOOKIE_57=22776-4047021949935290411; KRTBCOOKIE_377=6810-103b18c4-d82b-45d3-b324-37cc26225d2a&KRTB&22918-103b18c4-d82b-45d3-b324-37cc26225d2a&KRTB&23031-103b18c4-d82b-45d3-b324-37cc26225d2a; KRTBCOOKIE_391=22924-9118664458665646425&KRTB&23263-9118664458665646425
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Tue, 31 Aug 2021 02:58:40 GMT
content-type
image/gif; charset=utf-8
content-length
42
set-cookie
KRTBCOOKIE_336=5844-5751815231257979321; domain=pubmatic.com; SameSite=None; secure; expires=Thu, 30-Sep-2021 02:58:40 GMT; path=/ PugT=1630378720; domain=pubmatic.com; SameSite=None; secure; expires=Thu, 30-Sep-2021 02:58:40 GMT; path=/ PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Mon, 29-Nov-2021 02:58:40 GMT; path=/
x-lat
lhrpug018:0:411
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=5751815231257979321
content-length
0
p3p
CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV
usersync.aspx
dis.criteo.com/dis/ Frame 9DAD 		43 B
360 B 		Document
General
Check archive.org
Download Go to
Full URL
https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.151 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

:method
GET
:authority
dis.criteo.com
:scheme
https
:path
/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

cache-control
no-cache
pragma
no-cache
content-type
image/gif
expires
Tue, 31 Aug 2021 00:00:00 GMT
server
Microsoft-IIS/10.0
x-errorlevel
0
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
1194
x-powered-by
ASP.NET
date
Tue, 31 Aug 2021 02:58:41 GMT
content-length
43
Pug
simage2.pubmatic.com/AdServer/ Frame 478D
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?ssp=9
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=7002423295386515603
42 B
211 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=7002423295386515603
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

:method
GET
:authority
simage2.pubmatic.com
:scheme
https
:path
/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=7002423295386515603
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
KADUSERCOOKIE=8B4EC3BE-AA14-4328-BCCF-1F66E820ACD8; PUBMDCID=3; KRTBCOOKIE_153=19420-nj5wJZFuJieFayF2nGxveJs-J3WFPXsgmm5T_VAu&KRTB&22979-nj5wJZFuJieFayF2nGxveJs-J3WFPXsgmm5T_VAu; KRTBCOOKIE_80=22987-CAESEJEgpjpGFZuID1taZ7ICrqU&KRTB&16514-CAESEJEgpjpGFZuID1taZ7ICrqU&KRTB&23025-CAESEJEgpjpGFZuID1taZ7ICrqU; KRTBCOOKIE_57=22776-4047021949935290411; KRTBCOOKIE_377=6810-103b18c4-d82b-45d3-b324-37cc26225d2a&KRTB&22918-103b18c4-d82b-45d3-b324-37cc26225d2a&KRTB&23031-103b18c4-d82b-45d3-b324-37cc26225d2a; KRTBCOOKIE_391=22924-9118664458665646425&KRTB&23263-9118664458665646425; KRTBCOOKIE_336=5844-5751815231257979321; KRTBCOOKIE_27=16735-uid:2c55612d-9ae0-4800-bb4f-a75df13cf803&KRTB&16736-uid:2c55612d-9ae0-4800-bb4f-a75df13cf803&KRTB&23019-uid:2c55612d-9ae0-4800-bb4f-a75df13cf803&KRTB&23114-uid:2c55612d-9ae0-4800-bb4f-a75df13cf803; KRTBCOOKIE_188=3189-no-consent; KRTBCOOKIE_218=22978-YS2a4AAET_rhiQA4&KRTB&23194-YS2a4AAET_rhiQA4&KRTB&23209-YS2a4AAET_rhiQA4&KRTB&23244-YS2a4AAET_rhiQA4; KRTBCOOKIE_22=14911-7764677129612852222; SPugT=1630378721; chkChromeAb67Sec=2; DPSync3=1630454400%3A174%7C1631577600%3A201_197_219_221_226_227%7C1632960000%3A232; SyncRTB3=1631232000%3A63%7C1631664000%3A35%7C1632960000%3A203%7C1631577600%3A189_176_54_22_81_165_5_8_21_234_99_104_7_13_56_204_161_3_166_88_231_71_55_222_57_220_230_233%7C1630972800%3A2_15_223%7C1635552000%3A69; KRTBCOOKIE_466=16530-ddec21da-356c-47d3-904f-2da74b94bc48; PugT=1630378723
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Tue, 31 Aug 2021 02:58:43 GMT
content-type
image/gif; charset=utf-8
content-length
42
set-cookie
KRTBCOOKIE_1101=23040-7002423295386515603; domain=pubmatic.com; SameSite=None; secure; expires=Thu, 30-Sep-2021 02:58:43 GMT; path=/ PugT=1630378723; domain=pubmatic.com; SameSite=None; secure; expires=Thu, 30-Sep-2021 02:58:43 GMT; path=/ PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Mon, 29-Nov-2021 02:58:43 GMT; path=/
x-lat
lhrpug010:0:471
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

Server
nginx
Date
Tue, 31 Aug 2021 02:58:43 GMT
Transfer-Encoding
chunked
Connection
keep-alive
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
Set-Cookie
UserID1=7002423295386515603; Max-Age=7776000; domain=.adfarm1.adition.com; Path=/; SameSite=None; Secure
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=7002423295386515603
adx
match.prod.bidr.io/cookie-sync/ Frame 6770
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=
  • https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=?_bee_ppp=1
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFEa1BFN0NXellBQUItcFpIZURvZw&bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sy...
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFEa1BFN0NXellBQUItcFpIZURvZw&bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sy...
  • https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
43 B
430 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.49.238.187 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-49-238-187.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

Host
match.prod.bidr.io
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ads.pubmatic.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
bito=AADkPE7CWzYAAB-pZHeDog; bitoIsSecure=ok
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

cache-control
no-cache, must-revalidate
content-type
image/gif
Date
Tue, 31 Aug 2021 02:58:48 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
CP="This is not a P3P policy! See https://beeswax.com/privacy for more info."
pragma
no-cache
Server
nginx
strict-transport-security
max-age=2592000; includeSubDomains
Content-Length
43
Connection
keep-alive

Redirect headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
date
Tue, 31 Aug 2021 02:58:48 GMT
pragma
no-cache
expires
Fri, 01 Jan 1990 00:00:00 GMT
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
server
HTTP server (unknown)
content-length
355
x-xss-protection
0
set-cookie
IDE=AHWqTUkBYxwIOjyUbp2yxU9Fiavd29v2ZVU5TWE7NK9jxo3WfTrqrpLMnTkib_KApHQ; expires=Sun, 25-Sep-2022 02:58:48 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none test_cookie=; expires=Fri, 01-Aug-2008 22:45:55 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame D2BD
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=i07DvqoUQyi8zx9m6CCs2A%3D%3D
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.108.144.214 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-108-144-214.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 31 Aug 2021 02:58:40 GMT
content-encoding
gzip
last-modified
Tue, 15 Jun 2021 06:08:03 GMT
server
Apache/2.2.15 (CentOS)
etag
"1300708-3945-5c4c7cc02bd56"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=78742
accept-ranges
bytes
content-type
text/html; charset=UTF-8
content-length
5054
expires
Wed, 01 Sep 2021 00:51:02 GMT

Redirect headers

pragma
no-cache
date
Tue, 31 Aug 2021 02:58:40 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
272
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
SPug
image4.pubmatic.com/AdServer/ Frame D2BD
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=78df612d-9ae0-4400-8c2c-296e874eca03
0
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=78df612d-9ae0-4400-8c2c-296e874eca03
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.81 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 31 Aug 2021 02:58:41 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date
Tue, 31 Aug 2021 02:58:40 GMT
Server
MT3 3865 cc0e612 master cdg-pixel-x9
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=78df612d-9ae0-4400-8c2c-296e874eca03
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Tue, 31 Aug 2021 02:58:39 GMT
/
pixel.onaudience.com/ Frame D2BD
Redirect Chain
  • https://pixel.onaudience.com/?partner=214&mapped=8B4EC3BE-AA14-4328-BCCF-1F66E820ACD8
  • https://sync.crwdcntrl.net/map/c=8587/tp=CLOD?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D
  • https://pixel.onaudience.com/?partner=104&icm&cver&mapped=ba00f31b003ea65e71064d0c938facf6
  • https://loada.exelator.com/load/?p=1164&g=1&j=r&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25
  • https://loada.exelator.com/load/?p=1164&g=1&j=r&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25&xl8blockcheck=1
  • https://pixel.onaudience.com/?partner=161&icm&cver&mapped=8939ab54e0939e9750cbd6042aa19185
35 B
248 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.onaudience.com/?partner=161&icm&cver&mapped=8939ab54e0939e9750cbd6042aa19185
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
146.59.148.16 , France, ASN16276 (OVH, FR),
Reverse DNS
pikafka-2.cloudy.ovh
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-length
35
content-type
image/gif

Redirect headers

date
Tue, 31 Aug 2021 02:58:44 GMT
server
nginx
x-powered-by
Undertow/1
p3p
policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
location
https://pixel.onaudience.com/?partner=161&icm&cver&mapped=8939ab54e0939e9750cbd6042aa19185
cache-control
no-cache
access-control-allow-credentials
true
content-type
text/html
content-length
0
Pug
image2.pubmatic.com/AdServer/ Frame D2BD
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=OEI0RUMzQkUtQUExNC00MzI4LUJDQ0YtMUY2NkU4MjBBQ0Q4&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
42 B
341 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 31 Aug 2021 02:58:40 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug010:0:418
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Tue, 31 Aug 2021 02:58:40 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame D2BD
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEJEgpjpGFZuID1taZ7ICrqU&google_cver=1
42 B
283 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEJEgpjpGFZuID1taZ7ICrqU&google_cver=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 31 Aug 2021 02:58:40 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug007:0:415
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Tue, 31 Aug 2021 02:58:40 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEJEgpjpGFZuID1taZ7ICrqU&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
379
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubmatic
um.simpli.fi/ Frame D2BD 		43 B
609 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
159.253.128.183 Amsterdam, Netherlands, ASN36351 (SOFTLAYER, US),
Reverse DNS
b7.80.fd9f.ip4.static.sl-reverse.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 31 Aug 2021 02:58:43 GMT
x-content-type-options
nosniff
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
43
expires
Mon, 30 Aug 2021 02:58:43 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame D2BD
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=9118664458665646425
42 B
234 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=9118664458665646425
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 31 Aug 2021 02:58:40 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug001:0:459
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Tue, 31 Aug 2021 02:58:40 GMT
server
nginx
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=9118664458665646425
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
Pug
simage2.pubmatic.com/AdServer/ Frame D2BD
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA%3D%3D%26piggybackCookie%3...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:2c55612d-9ae0-4800-bb4f-a75df13cf803&gdpr=0&gdpr_consent=
42 B
340 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:2c55612d-9ae0-4800-bb4f-a75df13cf803&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 31 Aug 2021 02:58:40 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug008:0:462
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date
Tue, 31 Aug 2021 02:58:40 GMT
Server
MT3 3865 cc0e612 master cdg-pixel-x15
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:2c55612d-9ae0-4800-bb4f-a75df13cf803&gdpr=0&gdpr_consent=
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Tue, 31 Aug 2021 02:58:39 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame D2BD
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=103b18c4-d82b-45d3-b324-37cc26225d2a
42 B
293 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=103b18c4-d82b-45d3-b324-37cc26225d2a
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 31 Aug 2021 02:58:40 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug019:0:425
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Tue, 31 Aug 2021 02:58:40 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=103b18c4-d82b-45d3-b324-37cc26225d2a
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
313
Pug
image2.pubmatic.com/AdServer/ Frame D2BD
Redirect Chain
  • https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=4047021949935290411&gdpr=0&gdpr_consent=
42 B
209 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=4047021949935290411&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 31 Aug 2021 02:58:40 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug008:0:460
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Pragma
no-cache
Date
Tue, 31 Aug 2021 02:58:40 GMT
X-Proxy-Origin
89.249.64.171; 89.249.64.171; 721.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
e34a17de-df02-4520-93f6-4a1583ecd7f0
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=4047021949935290411&gdpr=0&gdpr_consent=
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
SPug
image4.pubmatic.com/AdServer/ Frame D2BD
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=8B4EC3BE-AA14-4328-BCCF-1F66E820ACD8&redir=true&gdpr=0&gdpr_consent=
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=8B4EC3BE-AA14-4328-BCCF-1F66E820ACD8&redir=true&gdpr=0&gdpr_consent=&verify=true
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-LRtRC39E2uWV9p4Bu5uxNTlWPFy0PqM-~A&gdpr=0&gdpr_consent=
0
237 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-LRtRC39E2uWV9p4Bu5uxNTlWPFy0PqM-~A&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.81 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 31 Aug 2021 02:58:47 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date
Tue, 31 Aug 2021 02:58:47 GMT
Server
ATS/7.1.2.138
Age
0
Strict-Transport-Security
max-age=31536000
P3P
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-LRtRC39E2uWV9p4Bu5uxNTlWPFy0PqM-~A&gdpr=0&gdpr_consent=
Connection
keep-alive
Content-Length
0
8B4EC3BE-AA14-4328-BCCF-1F66E820ACD8
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame D2BD 		43 B
564 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/pubmatic/8B4EC3BE-AA14-4328-BCCF-1F66E820ACD8?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1288:110:c305::8000 Dublin, Ireland, ASN34010 (YAHOO-IRD, GB),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 31 Aug 2021 02:58:40 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
content-type
image/gif
x-xss-protection
1; mode=block
content-length
43
x-content-type-options
nosniff
expires
Thu, 01 Jan 1970 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame D2BD
Redirect Chain
  • https://pixel.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=nj5wJZFuJieFayF2nGxveJs-J3WFPXsgmm5T_VAu
42 B
351 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=nj5wJZFuJieFayF2nGxveJs-J3WFPXsgmm5T_VAu
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 31 Aug 2021 02:58:40 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug006:0:436
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Tue, 31 Aug 2021 02:58:40 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=nj5wJZFuJieFayF2nGxveJs-J3WFPXsgmm5T_VAu
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame D2BD
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
  • https://x.bidswitch.net/ul_cb/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
  • https://sonata-notifications.taptapnetworks.com/web/cookie/bidswitch/sync?bidswitch_ssp_id=pubmatic&bsw_custom_parameter=ddec21da-356c-47d3-904f-2da74b94bc48&gdpr=0&gdpr_consent=&gdpr_pd=
  • https://x.bidswitch.net/sync?dsp_id=413&ssp=pubmatic&user_id=csonata_2171e6a1-29fc-4d32-85b2-cccb1570d8a6&bsw_param=ddec21da-356c-47d3-904f-2da74b94bc48&expires=10
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=ddec21da-356c-47d3-904f-2da74b94bc48&gdpr=&gdpr_consent=&gdpr_pd=
1 B
337 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=ddec21da-356c-47d3-904f-2da74b94bc48&gdpr=&gdpr_consent=&gdpr_pd=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 31 Aug 2021 02:58:43 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug010:0:446
server
nginx
content-type
text/html; charset=utf-8
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
//simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=ddec21da-356c-47d3-904f-2da74b94bc48&gdpr=&gdpr_consent=&gdpr_pd=
date
Tue, 31 Aug 2021 02:58:42 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
Pug
simage2.pubmatic.com/AdServer/ Frame D2BD
Redirect Chain
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=7764677129612852222&gdpr=0&gdpr_consent=&us_privacy=
1 B
167 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=7764677129612852222&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 31 Aug 2021 02:58:41 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug007:0:316
server
nginx
content-type
text/html; charset=utf-8
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=7764677129612852222&gdpr=0&gdpr_consent=&us_privacy=
pragma
no-cache
date
Tue, 31 Aug 2021 02:58:40 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
Pug
simage2.pubmatic.com/AdServer/ Frame D2BD
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%...
  • https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YS2a4AAET_rhiQA4&gdpr=0&gdpr_consent=&_test=YS2a4AAET_rhiQA4
1 B
253 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YS2a4AAET_rhiQA4&gdpr=0&gdpr_consent=&_test=YS2a4AAET_rhiQA4
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 31 Aug 2021 02:58:41 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug006:0:350
server
nginx
content-type
text/html; charset=utf-8
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Tue, 31 Aug 2021 02:58:40 GMT
via
1.1 varnish
server
Varnish
x-timer
S1630378721.932654,VS0,VE0
x-served-by
cache-fra19165-FRA
x-cache
HIT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YS2a4AAET_rhiQA4&gdpr=0&gdpr_consent=&_test=YS2a4AAET_rhiQA4
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
current
pubmatic-match.dotomi.com/match/bounce/ Frame D2BD 		0
104 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=8B4EC3BE-AA14-4328-BCCF-1F66E820ACD8&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:fa8:8806:12::1370 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 31 Aug 2021 02:58:40 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
expires
0
Pug
image2.pubmatic.com/AdServer/ Frame D2BD
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=no-consent&gdpr=1&gdpr_consent=
42 B
359 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=no-consent&gdpr=1&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 31 Aug 2021 02:58:41 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug002:0:434
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Tue, 31 Aug 2021 02:58:40 GMT
server
AC1.1
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=no-consent&gdpr=1&gdpr_consent=
cache-control
max-age=0,no-cache,no-store
content-length
0
expires
Tue, 11 Oct 1977 12:34:56 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame D2BD
Redirect Chain
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:6be90338-039e-4862-8676-ad5fe5022c61&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
42 B
111 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:6be90338-039e-4862-8676-ad5fe5022c61&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 31 Aug 2021 02:58:41 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug008:0:384
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Location
https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:6be90338-039e-4862-8676-ad5fe5022c61&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Date
Tue, 31 Aug 2021 02:58:41 GMT
Server
Apache/2.4.41 (Ubuntu)
Connection
Keep-Alive
Keep-Alive
timeout=5, max=3000
Content-Length
0
P3P
policyref="/w3c/p3p.xml", CP="DSP NON LAW OUR CUR DEVo PSAo PSDo IND STA NAV COM INT"
Cookie set usermatch
ssum-sec.casalemedia.com/ Frame 4533
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatch?d=https://www.sanook.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
  • https://ssum-sec.casalemedia.com/usermatch?d=https://www.sanook.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?d=https://www.sanook.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.108.145.8 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-108-145-8.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e2e8559a26e5b8b0e26447669be56fa8ee7e6042ebcbfbcb558a419d8a955177

Request headers

Host
ssum-sec.casalemedia.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://js-sec.indexww.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
CMID=YS2a4J1d43G73Utg5s8mwgAA; CMPS=5182
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer
https://js-sec.indexww.com/

Response headers

Server
Apache
Content-Type
text/html
Dropped-Udsids
45|39|230|241|196|31|195|41
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary
Is-Traffic-Usersync
Content-Length
1730
Expires
Tue, 31 Aug 2021 02:58:40 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Tue, 31 Aug 2021 02:58:40 GMT
Connection
keep-alive
Set-Cookie
CMID=YS2a4J1d43G73Utg5s8mwgAA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Wed, 31 Aug 2022 02:58:40 GMT CMPS=5182;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Mon, 29 Nov 2021 02:58:40 GMT CMPRO=1210;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Mon, 29 Nov 2021 02:58:40 GMT CMST=YS2a4GEtmuAA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Wed, 01 Sep 2021 02:58:40 GMT CMRUM3=29612d9ae005a0&2d612d9ae005a0&f1612d9ae005a0&e6612d9ae02760&c4612d9ae005a0&c3612d9ae005a00&27612d9ae00b40&1f612d9ae005a00;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Wed, 31 Aug 2022 02:58:40 GMT

Redirect headers

Server
Apache
Content-Length
337
Content-Type
text/html; charset=iso-8859-1
Location
https://ssum-sec.casalemedia.com/usermatch?d=https://www.sanook.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Expires
Tue, 31 Aug 2021 02:58:40 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Tue, 31 Aug 2021 02:58:40 GMT
Connection
keep-alive
Set-Cookie
CMID=YS2a4J1d43G73Utg5s8mwgAA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Wed, 31 Aug 2022 02:58:40 GMT CMPS=5182;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Mon, 29 Nov 2021 02:58:40 GMT
Cookie set usermatch
ssum-sec.casalemedia.com/ Frame C876
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatch?d=https://www.sanook.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
  • https://ssum-sec.casalemedia.com/usermatch?d=https://www.sanook.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?d=https://www.sanook.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.108.145.8 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-108-145-8.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
febf4b6ea349ed45cc6573a84639d1b16b042b5160fa4a73fb2b4770ebada448

Request headers

Host
ssum-sec.casalemedia.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://js-sec.indexww.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
CMPS=5182; CMID=YS2a4J1d43G73Utg5s8mxQAA
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer
https://js-sec.indexww.com/

Response headers

Server
Apache
Content-Type
text/html
Dropped-Udsids
45|39|230|241|188|81|152|195
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary
Is-Traffic-Usersync
Content-Length
1628
Expires
Tue, 31 Aug 2021 02:58:40 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Tue, 31 Aug 2021 02:58:40 GMT
Connection
keep-alive
Set-Cookie
CMID=YS2a4J1d43G73Utg5s8mxQAA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Wed, 31 Aug 2022 02:58:40 GMT CMPS=5182;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Mon, 29 Nov 2021 02:58:40 GMT CMPRO=1138;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Mon, 29 Nov 2021 02:58:40 GMT CMRUM3=c3612d9ae005a00&27612d9ae00b40&e6612d9ae02760&bc612d9ae005a00&f1612d9ae005a0&2d612d9ae005a0&98612d9ae005a00&51612d9ae005a0;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Wed, 31 Aug 2022 02:58:40 GMT CMST=YS2a4GEtmuAA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Wed, 01 Sep 2021 02:58:40 GMT

Redirect headers

Server
Apache
Content-Length
337
Content-Type
text/html; charset=iso-8859-1
Location
https://ssum-sec.casalemedia.com/usermatch?d=https://www.sanook.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Expires
Tue, 31 Aug 2021 02:58:40 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Tue, 31 Aug 2021 02:58:40 GMT
Connection
keep-alive
Set-Cookie
CMID=YS2a4J1d43G73Utg5s8mxQAA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Wed, 31 Aug 2022 02:58:40 GMT CMPS=5182;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Mon, 29 Nov 2021 02:58:40 GMT
Cookie set usermatch
ssum-sec.casalemedia.com/ Frame AA45
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatch?d=https://www.sanook.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
  • https://ssum-sec.casalemedia.com/usermatch?d=https://www.sanook.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?d=https://www.sanook.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.108.145.8 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-108-145-8.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
af712efc61813d77d225facc71be0c12bd82969827ecfb391cbdff18a1f7b67c

Request headers

Host
ssum-sec.casalemedia.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://js-sec.indexww.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
CMPS=5182; CMID=YS2a4J1d43G73Utg5s8myAAA
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer
https://js-sec.indexww.com/

Response headers

Server
Apache
Content-Type
text/html
Dropped-Udsids
241|230|39|45|51|191|206|188
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary
Is-Traffic-Usersync
Content-Length
1613
Expires
Tue, 31 Aug 2021 02:58:40 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Tue, 31 Aug 2021 02:58:40 GMT
Connection
keep-alive
Set-Cookie
CMID=YS2a4J1d43G73Utg5s8myAAA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Wed, 31 Aug 2022 02:58:40 GMT CMPS=5182;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Mon, 29 Nov 2021 02:58:40 GMT CMPRO=1138;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Mon, 29 Nov 2021 02:58:40 GMT CMRUM3=e6612d9ae02760&27612d9ae00b40&f1612d9ae005a0&33612d9ae005a0&bc612d9ae005a00&2d612d9ae005a0&bf612d9ae005a0&ce612d9ae005a0;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Wed, 31 Aug 2022 02:58:40 GMT CMST=YS2a4GEtmuAA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Wed, 01 Sep 2021 02:58:40 GMT

Redirect headers

Server
Apache
Content-Length
337
Content-Type
text/html; charset=iso-8859-1
Location
https://ssum-sec.casalemedia.com/usermatch?d=https://www.sanook.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Expires
Tue, 31 Aug 2021 02:58:40 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Tue, 31 Aug 2021 02:58:40 GMT
Connection
keep-alive
Set-Cookie
CMID=YS2a4J1d43G73Utg5s8myAAA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Wed, 31 Aug 2022 02:58:40 GMT CMPS=5182;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Mon, 29 Nov 2021 02:58:40 GMT
Cookie set usermatch
ssum-sec.casalemedia.com/ Frame B41D
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatch?d=https://www.sanook.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
  • https://ssum-sec.casalemedia.com/usermatch?d=https://www.sanook.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?d=https://www.sanook.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.108.145.8 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-108-145-8.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
76cf6ad6c4c47be06615bfb4b4ad77ca5226d605a708cb2fd7926d765de27fa0

Request headers

Host
ssum-sec.casalemedia.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://js-sec.indexww.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
CMPS=5182; CMID=YS2a4KsE6IcxpgEr846JKQAA
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer
https://js-sec.indexww.com/

Response headers

Server
Apache
Content-Type
text/html
Dropped-Udsids
230|241|39|45|206|5|221|64
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary
Is-Traffic-Usersync
Content-Length
1648
Expires
Tue, 31 Aug 2021 02:58:40 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Tue, 31 Aug 2021 02:58:40 GMT
Connection
keep-alive
Set-Cookie
CMID=YS2a4KsE6IcxpgEr846JKQAA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Wed, 31 Aug 2022 02:58:40 GMT CMPS=5182;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Mon, 29 Nov 2021 02:58:40 GMT CMPRO=1114;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Mon, 29 Nov 2021 02:58:40 GMT CMRUM3=f1612d9ae005a0&05612d9ae005a0&27612d9ae00b40&dd612d9ae02760&e6612d9ae02760&40612d9ae005a0&ce612d9ae005a0&2d612d9ae005a0;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Wed, 31 Aug 2022 02:58:40 GMT CMST=YS2a4GEtmuAA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Wed, 01 Sep 2021 02:58:40 GMT

Redirect headers

Server
Apache
Content-Length
337
Content-Type
text/html; charset=iso-8859-1
Location
https://ssum-sec.casalemedia.com/usermatch?d=https://www.sanook.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Expires
Tue, 31 Aug 2021 02:58:40 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Tue, 31 Aug 2021 02:58:40 GMT
Connection
keep-alive
Set-Cookie
CMID=YS2a4KsE6IcxpgEr846JKQAA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Wed, 31 Aug 2022 02:58:40 GMT CMPS=5182;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Mon, 29 Nov 2021 02:58:40 GMT
28960c8a32e8dcc49d8dc53b67dce604.js
www.gstatic.com/mysidia/ Frame D37C 		11 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/28960c8a32e8dcc49d8dc53b67dce604.js?tag=pingback
Requested by
Host: 6d00ba5207e9bad60d35193393cb2b25.safeframe.googlesyndication.com
URL: https://6d00ba5207e9bad60d35193393cb2b25.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
db242ac40ea13e23c0c47b046e1b9d1ee790392070ee6b58bd1b3dfd1279dd45
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://6d00ba5207e9bad60d35193393cb2b25.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 26 Aug 2021 09:50:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
407282
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4667
x-xss-protection
0
last-modified
Tue, 24 Aug 2021 06:33:32 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Wed, 24 Nov 2021 09:50:38 GMT
css
fonts.googleapis.com/ Frame D37C 		2 KB
531 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400
Requested by
Host: 6d00ba5207e9bad60d35193393cb2b25.safeframe.googlesyndication.com
URL: https://6d00ba5207e9bad60d35193393cb2b25.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e89a316ebf1c63ea09e2b7b5889fb55e1ffb326c7b2b172027da0948f5709f6a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://6d00ba5207e9bad60d35193393cb2b25.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Tue, 31 Aug 2021 01:29:55 GMT
server
ESF
date
Tue, 31 Aug 2021 02:58:40 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 31 Aug 2021 02:58:40 GMT
load_preloaded_resource_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210826/r20110914/client/ Frame D37C 		1 KB
857 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210826/r20110914/client/load_preloaded_resource_fy2019.js
Requested by
Host: 6d00ba5207e9bad60d35193393cb2b25.safeframe.googlesyndication.com
URL: https://6d00ba5207e9bad60d35193393cb2b25.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5d1f3a4ee5a02abdbc66a11aad769dd81cbe4d07f0b3799ff0940ad7b7d6cc1a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://6d00ba5207e9bad60d35193393cb2b25.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 31 Aug 2021 02:32:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1595
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
830
x-xss-protection
0
server
cafe
etag
3558876194914413708
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 14 Sep 2021 02:32:05 GMT
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210826/r20110914/ Frame D37C 		18 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210826/r20110914/abg_lite_fy2019.js
Requested by
Host: 6d00ba5207e9bad60d35193393cb2b25.safeframe.googlesyndication.com
URL: https://6d00ba5207e9bad60d35193393cb2b25.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
47b2e4e5ae504cbefc5c71d8bab25c4571c65321f1009411150b689dcc2901f5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://6d00ba5207e9bad60d35193393cb2b25.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 31 Aug 2021 02:51:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
417
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7645
x-xss-protection
0
server
cafe
etag
13200147268341533873
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 14 Sep 2021 02:51:43 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210826/r20110914/client/ Frame D37C 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210826/r20110914/client/window_focus_fy2019.js
Requested by
Host: 6d00ba5207e9bad60d35193393cb2b25.safeframe.googlesyndication.com
URL: https://6d00ba5207e9bad60d35193393cb2b25.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://6d00ba5207e9bad60d35193393cb2b25.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 31 Aug 2021 02:56:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
155
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1339
x-xss-protection
0
server
cafe
etag
2275704724217174249
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 14 Sep 2021 02:56:05 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame D37C 		122 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 6d00ba5207e9bad60d35193393cb2b25.safeframe.googlesyndication.com
URL: https://6d00ba5207e9bad60d35193393cb2b25.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bc737a01a72ef54ff0decd38e4ada36dad376930b764cabfad012682cdc262ae
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://6d00ba5207e9bad60d35193393cb2b25.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 31 Aug 2021 02:58:40 GMT
content-encoding
gzip
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server
sffe
etag
"1630322985459792"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
x-content-type-options
nosniff
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37796
x-xss-protection
0
expires
Tue, 31 Aug 2021 02:58:40 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210826/r20110914/client/ Frame D37C 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210826/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: 6d00ba5207e9bad60d35193393cb2b25.safeframe.googlesyndication.com
URL: https://6d00ba5207e9bad60d35193393cb2b25.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
114dabe187311ee2e303549831223ef80d06385cb854e2aa1647ec1e0ca148f5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://6d00ba5207e9bad60d35193393cb2b25.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 31 Aug 2021 02:56:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
119
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6183
x-xss-protection
0
server
cafe
etag
901432759052127119
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 14 Sep 2021 02:56:41 GMT
bf370751b3c301aa27eddd739f5e1f7e.js
www.gstatic.com/mysidia/ Frame D37C 		26 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/bf370751b3c301aa27eddd739f5e1f7e.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: 6d00ba5207e9bad60d35193393cb2b25.safeframe.googlesyndication.com
URL: https://6d00ba5207e9bad60d35193393cb2b25.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e12ca129385ec88177c0fb34c59fd33dd1cd5d4f6531eb1b0b44cab8c3167ac6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://6d00ba5207e9bad60d35193393cb2b25.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 30 Aug 2021 08:44:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
65679
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10800
x-xss-protection
0
last-modified
Tue, 24 Aug 2021 06:33:32 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Sun, 28 Nov 2021 08:44:01 GMT
integrator.js
adservice.google.de/adsid/ Frame FDB4 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.sanook.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021082301.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 31 Aug 2021 02:58:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame FDB4 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.sanook.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021082301.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 31 Aug 2021 02:58:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ Frame FDB4 		651 KB
44 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1701483380256487&correlator=2939235058024109&output=ldjh&impl=fif&eid=31062297&vrg=2021082301&ptt=17&sc=1&sfv=1-0-38&ecs=20210831&iu_parts=21863666334%2C55034_Sanook_1x1&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&cookie=ID%3D040b4a3ec4fa0e2e%3AT%3D1630378719%3AS%3DALNI_MZHy_lt9h43gNqFH-_2oP3VR39GAA&cdm=www.sanook.com&bc=31&abxe=1&lmt=1630378720&dt=1630378720211&dlt=1630378719581&idt=611&ea=0&frm=23&biw=1600&bih=1200&oid=3&adxs=-12245933&adys=-12245933&adks=1033481451&ucis=7wufkfcwvu98&ifi=1&ifk=2206672769&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&u_java=false&flash=0&nhd=1&url=https%3A%2F%2Fwww.sanook.com%2Fnews%2F8435186%2F&top=https%3A%2F%2Fwww.sanook.com%2Fnews%2F8435186%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=0x0&msz=0x0&ga_vid=544567794.1630378720&ga_sid=1630378720&ga_hid=1094686020&ga_fc=false&fws=256&ohw=0&btvi=-1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021082301.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
2997f00dd83f424df019122d13ea3f301d180d720e2977e8d81ffe0a5649e326
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 31 Aug 2021 02:58:40 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
45506
x-xss-protection
0
google-lineitem-id
5546075965
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138331849821
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.sanook.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
e708a1b2eb7ee529558f921728aa12d4.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame BEA2 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://e708a1b2eb7ee529558f921728aa12d4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021082301.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
e708a1b2eb7ee529558f921728aa12d4.safeframe.googlesyndication.com
:scheme
https
:path
/safeframe/1-0-38/html/container.html?n=1
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.sanook.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer
https://www.sanook.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
3108
date
Tue, 31 Aug 2021 02:58:40 GMT
expires
Wed, 31 Aug 2022 02:58:40 GMT
cache-control
public, immutable, max-age=31536000
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
integrator.js
adservice.google.de/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.sanook.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021083001.js?31062435
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 31 Aug 2021 02:58:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.sanook.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021083001.js?31062435
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 31 Aug 2021 02:58:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		362 B
176 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3650423137310197&correlator=3079829377648606&output=ldjh&impl=fif&eid=31062367%2C31062435%2C31062438%2C44748552%2C31062297&vrg=2021083001&ptt=17&sc=1&sfv=1-0-38&ecs=20210831&iu_parts=4899711%2Cnews.sanook%2Cdesktop%2Csocial%2Creadpage%2Cleaderboard&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4%2F5&prev_iu_szs=728x90%7C468x60&prev_scp=category%3Dnews%2C%25E0%25B8%25AA%25E0%25B8%25A5%25E0%25B8%25B2%25E0%25B8%2581%25E0%25B8%2581%25E0%25B8%25B4%25E0%25B8%2599%25E0%25B9%2581%25E0%25B8%259A%25E0%25B9%2588%25E0%25B8%2587%25E0%25B8%25A3%25E0%25B8%25B1%25E0%25B8%2590%25E0%25B8%259A%25E0%25B8%25B2%25E0%25B8%25A5%2Cnews-2015%2Csanook-news-exclusive%2Csocial%26subcategory%3Dhilight-politic%2Chilight-index-social%2Chilight-social%26tags%3D%25E0%25B9%2581%25E0%25B8%25A1%25E0%25B9%2588%25E0%25B8%2599%25E0%25B9%2589%25E0%25B8%25B3%25E0%25B8%25AB%25E0%25B8%2599%25E0%25B8%25B6%25E0%25B9%2588%25E0%25B8%2587%2C%25E0%25B9%2580%25E0%25B8%25A5%25E0%25B8%2582%25E0%25B9%2581%25E0%25B8%25A1%25E0%25B9%2588%25E0%25B8%2599%25E0%25B9%2589%25E0%25B8%25B3%25E0%25B8%25AB%25E0%25B8%2599%25E0%25B8%25B6%25E0%25B9%2588%25E0%25B8%2587%2C%25E0%25B9%2580%25E0%25B8%25A5%25E0%25B8%2582%25E0%25B9%2580%25E0%25B8%2594%25E0%25B9%2587%25E0%25B8%2594%25E0%25B8%25A7%25E0%25B8%25B1%25E0%25B8%2584%25E0%25B8%258B%25E0%25B8%25B5%25E0%25B8%2599%25E0%25B9%2582%25E0%25B8%2584%25E0%25B8%25A7%25E0%25B8%25B4%25E0%25B8%2594%2C%25E0%25B9%2580%25E0%25B8%25A5%25E0%25B8%2582%25E0%25B8%25AD%25E0%25B9%2588%25E0%25B8%25B2%25E0%25B8%2587%25E0%25B8%2599%25E0%25B9%2589%25E0%25B8%25B3%25E0%25B8%25A1%25E0%25B8%2599%25E0%25B8%2595%25E0%25B9%258C%2C%25E0%25B9%2580%25E0%25B8%25A5%25E0%25B8%2582%25E0%25B8%2598%25E0%25B8%25B9%25E0%25B8%259B%2C%25E0%25B8%25A5%25E0%25B8%25AD%25E0%25B8%2595%25E0%25B9%2580%25E0%25B8%2595%25E0%25B8%25AD%25E0%25B8%25A3%25E0%25B8%25B5%25E0%25B9%2588%2C%25E0%25B8%25AB%25E0%25B8%25A7%25E0%25B8%25A2%2C%25E0%25B9%2580%25E0%25B8%25A5%25E0%25B8%2582%25E0%25B9%2580%25E0%25B8%2594%25E0%25B9%2587%25E0%25B8%2594%2C%25E0%25B9%2580%25E0%25B8%25A5%25E0%25B8%2582%25E0%25B9%2580%25E0%25B8%2594%25E0%25B9%2587%25E0%25B8%2594%25E0%25B8%2587%25E0%25B8%25A7%25E0%25B8%2594%25E0%25B8%2599%25E0%25B8%25B5%25E0%25B9%2589%2C%25E0%25B8%259C%25E0%25B8%25A5%25E0%25B8%25AA%25E0%25B8%25A5%25E0%25B8%25B2%25E0%25B8%2581%2C%25E0%25B8%2595%25E0%25B8%25A3%25E0%25B8%25A7%25E0%25B8%2588%25E0%25B8%25AA%25E0%25B8%25A5%25E0%25B8%25B2%25E0%25B8%2581%2C%25E0%25B8%259C%25E0%25B8%25A5%25E0%25B8%25AA%25E0%25B8%25A5%25E0%25B8%25B2%25E0%25B8%2581%25E0%25B8%2581%25E0%25B8%25B4%25E0%25B8%2599%25E0%25B9%2581%25E0%25B8%259A%25E0%25B9%2588%25E0%25B8%2587%25E0%25B8%25A3%25E0%25B8%25B1%25E0%25B8%2590%25E0%25B8%259A%25E0%25B8%25B2%25E0%25B8%25A5%2C%25E0%25B8%2582%25E0%25B9%2588%25E0%25B8%25B2%25E0%25B8%25A7%25E0%25B8%25AB%25E0%25B8%25A7%25E0%25B8%25A2%2C%25E0%25B8%2595%25E0%25B8%25A3%25E0%25B8%25A7%25E0%25B8%2588%25E0%25B8%25AB%25E0%25B8%25A7%25E0%25B8%25A2%2C%25E0%25B8%25AB%25E0%25B8%25A7%25E0%25B8%25A2%25E0%25B8%2587%25E0%25B8%25A7%25E0%25B8%2594%25E0%25B8%2599%25E0%25B8%25B5%25E0%25B9%2589%2Clottery%2C%25E0%25B8%25AB%25E0%25B8%25A7%25E0%25B8%25A2%25201%2520%25E0%25B8%2581.%25E0%25B8%25A2.%252064%2C%25E0%25B8%2595%25E0%25B8%25A3%25E0%25B8%25A7%25E0%25B8%2588%25E0%25B8%25AB%25E0%25B8%25A7%25E0%25B8%25A2%25201%2520%25E0%25B8%2581%25E0%25B8%25B1%25E0%25B8%2599%25E0%25B8%25A2%25E0%25B8%25B2%25E0%25B8%25A2%25E0%25B8%2599%25202564%2C%25E0%25B8%25AA%25E0%25B8%25A5%25E0%25B8%25B2%25E0%25B8%2581%25E0%25B8%2581%25E0%25B8%25B4%25E0%25B8%2599%25E0%25B9%2581%25E0%25B8%259A%25E0%25B9%2588%25E0%25B8%2587%25E0%25B8%25A3%25E0%25B8%25B1%25E0%25B8%2590%25E0%25B8%259A%25E0%25B8%25B2%25E0%25B8%25A5%2C%25E0%25B8%2595%25E0%25B8%25A3%25E0%25B8%25A7%25E0%25B8%2588%25E0%25B8%25AA%25E0%25B8%25A5%25E0%25B8%25B2%25E0%25B8%2581%25E0%25B8%2581%25E0%25B8%25B4%25E0%25B8%2599%25E0%25B9%2581%25E0%25B8%259A%25E0%25B9%2588%25E0%25B8%2587%25E0%25B8%25A3%25E0%25B8%25B1%25E0%25B8%2590%25E0%25B8%259A%25E0%25B8%25B2%25E0%25B8%25A5%2C%25E0%25B8%2595%25E0%25B8%25A3%25E0%25B8%25A7%25E0%25B8%2588%25E0%25B8%25A5%25E0%25B8%25AD%25E0%25B8%2595%25E0%25B9%2580%25E0%25B8%2595%25E0%25B8%25AD%25E0%25B8%25A3%25E0%25B8%25B5%25E0%25B9%2588%2C%25E0%25B8%2582%25E0%25B9%2588%25E0%25B8%25B2%25E0%25B8%25A7%25E0%25B8%2594%25E0%25B9%2588%25E0%25B8%25A7%25E0%25B8%2599%2C%25E0%25B8%2582%25E0%25B9%2588%25E0%25B8%25B2%25E0%25B8%25A7%25E0%25B8%25A7%25E0%25B8%25B1%25E0%25B8%2599%25E0%25B8%2599%25E0%25B8%25B5%25E0%25B9%2589%2C%25E0%25B8%2582%25E0%25B9%2588%25E0%25B8%25B2%25E0%25B8%25A7%25E0%25B8%25A5%25E0%25B9%2588%25E0%25B8%25B2%25E0%25B8%25AA%25E0%25B8%25B8%25E0%25B8%2594%2C%25E0%25B8%25AA%25E0%25B8%25B1%25E0%25B8%2587%25E0%25B8%2584%25E0%25B8%25A1%26partner%3Dsanook-news-exclusive%26entry_id%3D8435186&eri=1&cookie=ID%3D040b4a3ec4fa0e2e%3AT%3D1630378719%3AS%3DALNI_MZHy_lt9h43gNqFH-_2oP3VR39GAA&bc=31&abxe=1&lmt=1630378720&dt=1630378720266&dlt=1630378715334&idt=2645&frm=20&biw=1600&bih=1200&oid=3&adxs=255&adys=1304&adks=4070681855&ucis=4&ifi=4&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&u_java=false&flash=0&url=https%3A%2F%2Fwww.sanook.com%2Fnews%2F8435186%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=728x0&msz=728x0&psts=AGkb-H_9U_7rROyIqrLUTTIjPbsv2-G-IQKKNg7t3k2LY7hEbOrz-O_uV1ZmHih31F5jRPa73YtSsl_u4xREomw_GBegVSgU3jdwdCcdmpOpYpffwCOzo4Gd2b0%2CAGkb-H9awlplzm3R5rYar7qljqzk&ga_vid=1319978328.1630378716&ga_sid=1630378719&ga_hid=1589978888&ga_fc=false&fws=0&ohw=0&btvi=3&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/news/8435186/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
d16190d79aed6c40f9542f79e05ff925cac777331d0ebd1da581d39d5ae2a8e4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 31 Aug 2021 02:58:40 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
147
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.sanook.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		42 KB
15 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3650423137310197&correlator=1348133260431172&output=ldjh&impl=fif&eid=31062367%2C31062435%2C31062438%2C44748552%2C31062297&vrg=2021083001&ptt=17&sc=1&sfv=1-0-38&ecs=20210831&iu_parts=4899711%2Cnews.sanook%2Cdesktop%2Csocial%2Creadpage%2Creca&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4%2F5&prev_iu_szs=300x250%7C320x50%7C257x240%7C300x125&prev_scp=category%3Dnews%2C%25E0%25B8%25AA%25E0%25B8%25A5%25E0%25B8%25B2%25E0%25B8%2581%25E0%25B8%2581%25E0%25B8%25B4%25E0%25B8%2599%25E0%25B9%2581%25E0%25B8%259A%25E0%25B9%2588%25E0%25B8%2587%25E0%25B8%25A3%25E0%25B8%25B1%25E0%25B8%2590%25E0%25B8%259A%25E0%25B8%25B2%25E0%25B8%25A5%2Cnews-2015%2Csanook-news-exclusive%2Csocial%26subcategory%3Dhilight-politic%2Chilight-index-social%2Chilight-social%26tags%3D%25E0%25B9%2581%25E0%25B8%25A1%25E0%25B9%2588%25E0%25B8%2599%25E0%25B9%2589%25E0%25B8%25B3%25E0%25B8%25AB%25E0%25B8%2599%25E0%25B8%25B6%25E0%25B9%2588%25E0%25B8%2587%2C%25E0%25B9%2580%25E0%25B8%25A5%25E0%25B8%2582%25E0%25B9%2581%25E0%25B8%25A1%25E0%25B9%2588%25E0%25B8%2599%25E0%25B9%2589%25E0%25B8%25B3%25E0%25B8%25AB%25E0%25B8%2599%25E0%25B8%25B6%25E0%25B9%2588%25E0%25B8%2587%2C%25E0%25B9%2580%25E0%25B8%25A5%25E0%25B8%2582%25E0%25B9%2580%25E0%25B8%2594%25E0%25B9%2587%25E0%25B8%2594%25E0%25B8%25A7%25E0%25B8%25B1%25E0%25B8%2584%25E0%25B8%258B%25E0%25B8%25B5%25E0%25B8%2599%25E0%25B9%2582%25E0%25B8%2584%25E0%25B8%25A7%25E0%25B8%25B4%25E0%25B8%2594%2C%25E0%25B9%2580%25E0%25B8%25A5%25E0%25B8%2582%25E0%25B8%25AD%25E0%25B9%2588%25E0%25B8%25B2%25E0%25B8%2587%25E0%25B8%2599%25E0%25B9%2589%25E0%25B8%25B3%25E0%25B8%25A1%25E0%25B8%2599%25E0%25B8%2595%25E0%25B9%258C%2C%25E0%25B9%2580%25E0%25B8%25A5%25E0%25B8%2582%25E0%25B8%2598%25E0%25B8%25B9%25E0%25B8%259B%2C%25E0%25B8%25A5%25E0%25B8%25AD%25E0%25B8%2595%25E0%25B9%2580%25E0%25B8%2595%25E0%25B8%25AD%25E0%25B8%25A3%25E0%25B8%25B5%25E0%25B9%2588%2C%25E0%25B8%25AB%25E0%25B8%25A7%25E0%25B8%25A2%2C%25E0%25B9%2580%25E0%25B8%25A5%25E0%25B8%2582%25E0%25B9%2580%25E0%25B8%2594%25E0%25B9%2587%25E0%25B8%2594%2C%25E0%25B9%2580%25E0%25B8%25A5%25E0%25B8%2582%25E0%25B9%2580%25E0%25B8%2594%25E0%25B9%2587%25E0%25B8%2594%25E0%25B8%2587%25E0%25B8%25A7%25E0%25B8%2594%25E0%25B8%2599%25E0%25B8%25B5%25E0%25B9%2589%2C%25E0%25B8%259C%25E0%25B8%25A5%25E0%25B8%25AA%25E0%25B8%25A5%25E0%25B8%25B2%25E0%25B8%2581%2C%25E0%25B8%2595%25E0%25B8%25A3%25E0%25B8%25A7%25E0%25B8%2588%25E0%25B8%25AA%25E0%25B8%25A5%25E0%25B8%25B2%25E0%25B8%2581%2C%25E0%25B8%259C%25E0%25B8%25A5%25E0%25B8%25AA%25E0%25B8%25A5%25E0%25B8%25B2%25E0%25B8%2581%25E0%25B8%2581%25E0%25B8%25B4%25E0%25B8%2599%25E0%25B9%2581%25E0%25B8%259A%25E0%25B9%2588%25E0%25B8%2587%25E0%25B8%25A3%25E0%25B8%25B1%25E0%25B8%2590%25E0%25B8%259A%25E0%25B8%25B2%25E0%25B8%25A5%2C%25E0%25B8%2582%25E0%25B9%2588%25E0%25B8%25B2%25E0%25B8%25A7%25E0%25B8%25AB%25E0%25B8%25A7%25E0%25B8%25A2%2C%25E0%25B8%2595%25E0%25B8%25A3%25E0%25B8%25A7%25E0%25B8%2588%25E0%25B8%25AB%25E0%25B8%25A7%25E0%25B8%25A2%2C%25E0%25B8%25AB%25E0%25B8%25A7%25E0%25B8%25A2%25E0%25B8%2587%25E0%25B8%25A7%25E0%25B8%2594%25E0%25B8%2599%25E0%25B8%25B5%25E0%25B9%2589%2Clottery%2C%25E0%25B8%25AB%25E0%25B8%25A7%25E0%25B8%25A2%25201%2520%25E0%25B8%2581.%25E0%25B8%25A2.%252064%2C%25E0%25B8%2595%25E0%25B8%25A3%25E0%25B8%25A7%25E0%25B8%2588%25E0%25B8%25AB%25E0%25B8%25A7%25E0%25B8%25A2%25201%2520%25E0%25B8%2581%25E0%25B8%25B1%25E0%25B8%2599%25E0%25B8%25A2%25E0%25B8%25B2%25E0%25B8%25A2%25E0%25B8%2599%25202564%2C%25E0%25B8%25AA%25E0%25B8%25A5%25E0%25B8%25B2%25E0%25B8%2581%25E0%25B8%2581%25E0%25B8%25B4%25E0%25B8%2599%25E0%25B9%2581%25E0%25B8%259A%25E0%25B9%2588%25E0%25B8%2587%25E0%25B8%25A3%25E0%25B8%25B1%25E0%25B8%2590%25E0%25B8%259A%25E0%25B8%25B2%25E0%25B8%25A5%2C%25E0%25B8%2595%25E0%25B8%25A3%25E0%25B8%25A7%25E0%25B8%2588%25E0%25B8%25AA%25E0%25B8%25A5%25E0%25B8%25B2%25E0%25B8%2581%25E0%25B8%2581%25E0%25B8%25B4%25E0%25B8%2599%25E0%25B9%2581%25E0%25B8%259A%25E0%25B9%2588%25E0%25B8%2587%25E0%25B8%25A3%25E0%25B8%25B1%25E0%25B8%2590%25E0%25B8%259A%25E0%25B8%25B2%25E0%25B8%25A5%2C%25E0%25B8%2595%25E0%25B8%25A3%25E0%25B8%25A7%25E0%25B8%2588%25E0%25B8%25A5%25E0%25B8%25AD%25E0%25B8%2595%25E0%25B9%2580%25E0%25B8%2595%25E0%25B8%25AD%25E0%25B8%25A3%25E0%25B8%25B5%25E0%25B9%2588%2C%25E0%25B8%2582%25E0%25B9%2588%25E0%25B8%25B2%25E0%25B8%25A7%25E0%25B8%2594%25E0%25B9%2588%25E0%25B8%25A7%25E0%25B8%2599%2C%25E0%25B8%2582%25E0%25B9%2588%25E0%25B8%25B2%25E0%25B8%25A7%25E0%25B8%25A7%25E0%25B8%25B1%25E0%25B8%2599%25E0%25B8%2599%25E0%25B8%25B5%25E0%25B9%2589%2C%25E0%25B8%2582%25E0%25B9%2588%25E0%25B8%25B2%25E0%25B8%25A7%25E0%25B8%25A5%25E0%25B9%2588%25E0%25B8%25B2%25E0%25B8%25AA%25E0%25B8%25B8%25E0%25B8%2594%2C%25E0%25B8%25AA%25E0%25B8%25B1%25E0%25B8%2587%25E0%25B8%2584%25E0%25B8%25A1%26partner%3Dsanook-news-exclusive%26entry_id%3D8435186&eri=1&cookie=ID%3D040b4a3ec4fa0e2e%3AT%3D1630378719%3AS%3DALNI_MZHy_lt9h43gNqFH-_2oP3VR39GAA&bc=31&abxe=1&lmt=1630378720&dt=1630378720287&dlt=1630378715334&idt=2645&frm=20&biw=1600&bih=1200&oid=3&adxs=1045&adys=815&adks=2209577734&ucis=5&ifi=5&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&u_java=false&flash=0&url=https%3A%2F%2Fwww.sanook.com%2Fnews%2F8435186%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x0&msz=300x0&psts=AGkb-H_9U_7rROyIqrLUTTIjPbsv2-G-IQKKNg7t3k2LY7hEbOrz-O_uV1ZmHih31F5jRPa73YtSsl_u4xREomw_GBegVSgU3jdwdCcdmpOpYpffwCOzo4Gd2b0%2CAGkb-H9awlplzm3R5rYar7qljqzk&ga_vid=1319978328.1630378716&ga_sid=1630378719&ga_hid=1589978888&ga_fc=false&fws=0&ohw=0&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/news/8435186/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
8cd15eb98cd850f5ab18e9c33efb8d9e6753afe11b1770ec028df8a23eff6f6e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 31 Aug 2021 02:58:40 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15786
x-xss-protection
0
google-lineitem-id
5745047882
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138356811492
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.sanook.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		42 KB
10 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3650423137310197&correlator=2162461657766666&output=ldjh&impl=fif&eid=31062367%2C31062435%2C31062438%2C44748552%2C31062297&vrg=2021083001&ptt=17&sc=1&sfv=1-0-38&ecs=20210831&iu_parts=4899711%2Cnews.sanook%2Cdesktop%2Csocial%2Creadpage%2Ctower&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4%2F5&prev_iu_szs=300x250%7C300x600%7C160x600%7C120x600%7C240x400&prev_scp=category%3Dnews%2C%25E0%25B8%25AA%25E0%25B8%25A5%25E0%25B8%25B2%25E0%25B8%2581%25E0%25B8%2581%25E0%25B8%25B4%25E0%25B8%2599%25E0%25B9%2581%25E0%25B8%259A%25E0%25B9%2588%25E0%25B8%2587%25E0%25B8%25A3%25E0%25B8%25B1%25E0%25B8%2590%25E0%25B8%259A%25E0%25B8%25B2%25E0%25B8%25A5%2Cnews-2015%2Csanook-news-exclusive%2Csocial%26subcategory%3Dhilight-politic%2Chilight-index-social%2Chilight-social%26tags%3D%25E0%25B9%2581%25E0%25B8%25A1%25E0%25B9%2588%25E0%25B8%2599%25E0%25B9%2589%25E0%25B8%25B3%25E0%25B8%25AB%25E0%25B8%2599%25E0%25B8%25B6%25E0%25B9%2588%25E0%25B8%2587%2C%25E0%25B9%2580%25E0%25B8%25A5%25E0%25B8%2582%25E0%25B9%2581%25E0%25B8%25A1%25E0%25B9%2588%25E0%25B8%2599%25E0%25B9%2589%25E0%25B8%25B3%25E0%25B8%25AB%25E0%25B8%2599%25E0%25B8%25B6%25E0%25B9%2588%25E0%25B8%2587%2C%25E0%25B9%2580%25E0%25B8%25A5%25E0%25B8%2582%25E0%25B9%2580%25E0%25B8%2594%25E0%25B9%2587%25E0%25B8%2594%25E0%25B8%25A7%25E0%25B8%25B1%25E0%25B8%2584%25E0%25B8%258B%25E0%25B8%25B5%25E0%25B8%2599%25E0%25B9%2582%25E0%25B8%2584%25E0%25B8%25A7%25E0%25B8%25B4%25E0%25B8%2594%2C%25E0%25B9%2580%25E0%25B8%25A5%25E0%25B8%2582%25E0%25B8%25AD%25E0%25B9%2588%25E0%25B8%25B2%25E0%25B8%2587%25E0%25B8%2599%25E0%25B9%2589%25E0%25B8%25B3%25E0%25B8%25A1%25E0%25B8%2599%25E0%25B8%2595%25E0%25B9%258C%2C%25E0%25B9%2580%25E0%25B8%25A5%25E0%25B8%2582%25E0%25B8%2598%25E0%25B8%25B9%25E0%25B8%259B%2C%25E0%25B8%25A5%25E0%25B8%25AD%25E0%25B8%2595%25E0%25B9%2580%25E0%25B8%2595%25E0%25B8%25AD%25E0%25B8%25A3%25E0%25B8%25B5%25E0%25B9%2588%2C%25E0%25B8%25AB%25E0%25B8%25A7%25E0%25B8%25A2%2C%25E0%25B9%2580%25E0%25B8%25A5%25E0%25B8%2582%25E0%25B9%2580%25E0%25B8%2594%25E0%25B9%2587%25E0%25B8%2594%2C%25E0%25B9%2580%25E0%25B8%25A5%25E0%25B8%2582%25E0%25B9%2580%25E0%25B8%2594%25E0%25B9%2587%25E0%25B8%2594%25E0%25B8%2587%25E0%25B8%25A7%25E0%25B8%2594%25E0%25B8%2599%25E0%25B8%25B5%25E0%25B9%2589%2C%25E0%25B8%259C%25E0%25B8%25A5%25E0%25B8%25AA%25E0%25B8%25A5%25E0%25B8%25B2%25E0%25B8%2581%2C%25E0%25B8%2595%25E0%25B8%25A3%25E0%25B8%25A7%25E0%25B8%2588%25E0%25B8%25AA%25E0%25B8%25A5%25E0%25B8%25B2%25E0%25B8%2581%2C%25E0%25B8%259C%25E0%25B8%25A5%25E0%25B8%25AA%25E0%25B8%25A5%25E0%25B8%25B2%25E0%25B8%2581%25E0%25B8%2581%25E0%25B8%25B4%25E0%25B8%2599%25E0%25B9%2581%25E0%25B8%259A%25E0%25B9%2588%25E0%25B8%2587%25E0%25B8%25A3%25E0%25B8%25B1%25E0%25B8%2590%25E0%25B8%259A%25E0%25B8%25B2%25E0%25B8%25A5%2C%25E0%25B8%2582%25E0%25B9%2588%25E0%25B8%25B2%25E0%25B8%25A7%25E0%25B8%25AB%25E0%25B8%25A7%25E0%25B8%25A2%2C%25E0%25B8%2595%25E0%25B8%25A3%25E0%25B8%25A7%25E0%25B8%2588%25E0%25B8%25AB%25E0%25B8%25A7%25E0%25B8%25A2%2C%25E0%25B8%25AB%25E0%25B8%25A7%25E0%25B8%25A2%25E0%25B8%2587%25E0%25B8%25A7%25E0%25B8%2594%25E0%25B8%2599%25E0%25B8%25B5%25E0%25B9%2589%2Clottery%2C%25E0%25B8%25AB%25E0%25B8%25A7%25E0%25B8%25A2%25201%2520%25E0%25B8%2581.%25E0%25B8%25A2.%252064%2C%25E0%25B8%2595%25E0%25B8%25A3%25E0%25B8%25A7%25E0%25B8%2588%25E0%25B8%25AB%25E0%25B8%25A7%25E0%25B8%25A2%25201%2520%25E0%25B8%2581%25E0%25B8%25B1%25E0%25B8%2599%25E0%25B8%25A2%25E0%25B8%25B2%25E0%25B8%25A2%25E0%25B8%2599%25202564%2C%25E0%25B8%25AA%25E0%25B8%25A5%25E0%25B8%25B2%25E0%25B8%2581%25E0%25B8%2581%25E0%25B8%25B4%25E0%25B8%2599%25E0%25B9%2581%25E0%25B8%259A%25E0%25B9%2588%25E0%25B8%2587%25E0%25B8%25A3%25E0%25B8%25B1%25E0%25B8%2590%25E0%25B8%259A%25E0%25B8%25B2%25E0%25B8%25A5%2C%25E0%25B8%2595%25E0%25B8%25A3%25E0%25B8%25A7%25E0%25B8%2588%25E0%25B8%25AA%25E0%25B8%25A5%25E0%25B8%25B2%25E0%25B8%2581%25E0%25B8%2581%25E0%25B8%25B4%25E0%25B8%2599%25E0%25B9%2581%25E0%25B8%259A%25E0%25B9%2588%25E0%25B8%2587%25E0%25B8%25A3%25E0%25B8%25B1%25E0%25B8%2590%25E0%25B8%259A%25E0%25B8%25B2%25E0%25B8%25A5%2C%25E0%25B8%2595%25E0%25B8%25A3%25E0%25B8%25A7%25E0%25B8%2588%25E0%25B8%25A5%25E0%25B8%25AD%25E0%25B8%2595%25E0%25B9%2580%25E0%25B8%2595%25E0%25B8%25AD%25E0%25B8%25A3%25E0%25B8%25B5%25E0%25B9%2588%2C%25E0%25B8%2582%25E0%25B9%2588%25E0%25B8%25B2%25E0%25B8%25A7%25E0%25B8%2594%25E0%25B9%2588%25E0%25B8%25A7%25E0%25B8%2599%2C%25E0%25B8%2582%25E0%25B9%2588%25E0%25B8%25B2%25E0%25B8%25A7%25E0%25B8%25A7%25E0%25B8%25B1%25E0%25B8%2599%25E0%25B8%2599%25E0%25B8%25B5%25E0%25B9%2589%2C%25E0%25B8%2582%25E0%25B9%2588%25E0%25B8%25B2%25E0%25B8%25A7%25E0%25B8%25A5%25E0%25B9%2588%25E0%25B8%25B2%25E0%25B8%25AA%25E0%25B8%25B8%25E0%25B8%2594%2C%25E0%25B8%25AA%25E0%25B8%25B1%25E0%25B8%2587%25E0%25B8%2584%25E0%25B8%25A1%26partner%3Dsanook-news-exclusive%26entry_id%3D8435186&eri=1&cookie=ID%3D040b4a3ec4fa0e2e%3AT%3D1630378719%3AS%3DALNI_MZHy_lt9h43gNqFH-_2oP3VR39GAA&bc=31&abxe=1&lmt=1630378720&dt=1630378720294&dlt=1630378715334&idt=2645&frm=20&biw=1600&bih=1200&oid=3&adxs=1045&adys=2620&adks=2342216021&ucis=6&ifi=6&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&u_java=false&flash=0&url=https%3A%2F%2Fwww.sanook.com%2Fnews%2F8435186%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x0&msz=300x0&psts=AGkb-H_9U_7rROyIqrLUTTIjPbsv2-G-IQKKNg7t3k2LY7hEbOrz-O_uV1ZmHih31F5jRPa73YtSsl_u4xREomw_GBegVSgU3jdwdCcdmpOpYpffwCOzo4Gd2b0%2CAGkb-H9awlplzm3R5rYar7qljqzk&ga_vid=1319978328.1630378716&ga_sid=1630378719&ga_hid=1589978888&ga_fc=false&fws=0&ohw=0&btvi=4&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/news/8435186/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
960e9c2e9773839ca0c3caa810c9d9432ed8f5bfd5d4a823abfff3b7bbcc1035
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 31 Aug 2021 02:58:40 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10607
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.sanook.com
access-control-expose-headers
x-google-amp-ad-validated-version
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 6B88 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsthsG2vuqmtvXw1-eD2H-95yxEqqP4qs6gA31WvW9_HGhnLtXTCe_fTnxKNvs_wiGfJ-2HAOxaMNraBw1JwEX93rG1qTB6Y7PMpUahiKdp1h0aK0S9Xh5NohKtWRA9oAO9Mp854YamDqJwyMUnIuJKLjSsVCfsLQIXMzryeL0Qa4n420dvxYG4M44WjbzfLlSZ1kQGq4cvBa9PZtwZPuftldj1yrkE73oUwYoHM_PfPh7bhtWJeGSjFLCKgswXaN98ShL40G5tesZH-5AXpGLWUSC3uNRsAy7cdi7yK0r3KSZv-HK7Q0PELdcuw7_74SZs&sig=Cg0ArKJSzJTmuuv7Ahp0EAE&urlfix=1&adurl=
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/news/8435186/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 31 Aug 2021 02:58:40 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.3.1/ Frame 6B88 		85 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021082301.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 30 Aug 2021 14:28:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
44984
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
30399
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 30 Aug 2022 14:28:56 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 6B88 		122 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021082301.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bc737a01a72ef54ff0decd38e4ada36dad376930b764cabfad012682cdc262ae
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 31 Aug 2021 02:58:40 GMT
content-encoding
gzip
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server
sffe
etag
"1630322985459792"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
x-content-type-options
nosniff
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37796
x-xss-protection
0
expires
Tue, 31 Aug 2021 02:58:40 GMT
osd.js
www.googletagservices.com/activeview/js/current/ Frame FDB4 		72 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/osd.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021082301.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9973d4837254463d18af1f1fa3d201f5c46270b8516e1d1fa0886e14e1c39334
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 31 Aug 2021 02:58:40 GMT
content-encoding
gzip
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server
sffe
etag
"1630322975956640"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
x-content-type-options
nosniff
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27566
x-xss-protection
0
expires
Tue, 31 Aug 2021 02:58:40 GMT
list
a.giraff.io/rtb/match/ 		76 B
594 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://a.giraff.io/rtb/match/list
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/news/8435186/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
195.161.16.132 , Russian Federation, ASN8342 (RTCOMM-AS, RU),
Reverse DNS
Software
nginx /
Resource Hash
8291d78312b19f795793b32bfb8a532bba6c288e4515f60226afa5ce1b51d508

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 31 Aug 2021 02:58:41 GMT
content-encoding
gzip
allow
GET, POST, HEAD, OPTIONS
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
p3p
policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.sanook.com
access-control-max-age
1728000
access-control-allow-credentials
true
content-type
text/plain; charset=utf-8
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
integrator.js
adservice.google.de/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.sanook.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021083001.js?31062435
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 31 Aug 2021 02:58:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.sanook.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021083001.js?31062435
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 31 Aug 2021 02:58:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		42 KB
15 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3650423137310197&correlator=3828771300340407&output=ldjh&impl=fif&eid=31062367%2C31062435%2C31062438%2C44748552%2C31062297&vrg=2021083001&ptt=17&sc=1&sfv=1-0-38&ecs=20210831&iu_parts=4899711%2Cnews.sanook%2Cdesktop%2Csocial%2Creadpage%2Cbillboard&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4%2F5&prev_iu_szs=1130x250%7C1090x250%7C970x250&prev_scp=category%3Dnews%2C%25E0%25B8%25AA%25E0%25B8%25A5%25E0%25B8%25B2%25E0%25B8%2581%25E0%25B8%2581%25E0%25B8%25B4%25E0%25B8%2599%25E0%25B9%2581%25E0%25B8%259A%25E0%25B9%2588%25E0%25B8%2587%25E0%25B8%25A3%25E0%25B8%25B1%25E0%25B8%2590%25E0%25B8%259A%25E0%25B8%25B2%25E0%25B8%25A5%2Cnews-2015%2Csanook-news-exclusive%2Csocial%26subcategory%3Dhilight-politic%2Chilight-index-social%2Chilight-social%26tags%3D%25E0%25B9%2581%25E0%25B8%25A1%25E0%25B9%2588%25E0%25B8%2599%25E0%25B9%2589%25E0%25B8%25B3%25E0%25B8%25AB%25E0%25B8%2599%25E0%25B8%25B6%25E0%25B9%2588%25E0%25B8%2587%2C%25E0%25B9%2580%25E0%25B8%25A5%25E0%25B8%2582%25E0%25B9%2581%25E0%25B8%25A1%25E0%25B9%2588%25E0%25B8%2599%25E0%25B9%2589%25E0%25B8%25B3%25E0%25B8%25AB%25E0%25B8%2599%25E0%25B8%25B6%25E0%25B9%2588%25E0%25B8%2587%2C%25E0%25B9%2580%25E0%25B8%25A5%25E0%25B8%2582%25E0%25B9%2580%25E0%25B8%2594%25E0%25B9%2587%25E0%25B8%2594%25E0%25B8%25A7%25E0%25B8%25B1%25E0%25B8%2584%25E0%25B8%258B%25E0%25B8%25B5%25E0%25B8%2599%25E0%25B9%2582%25E0%25B8%2584%25E0%25B8%25A7%25E0%25B8%25B4%25E0%25B8%2594%2C%25E0%25B9%2580%25E0%25B8%25A5%25E0%25B8%2582%25E0%25B8%25AD%25E0%25B9%2588%25E0%25B8%25B2%25E0%25B8%2587%25E0%25B8%2599%25E0%25B9%2589%25E0%25B8%25B3%25E0%25B8%25A1%25E0%25B8%2599%25E0%25B8%2595%25E0%25B9%258C%2C%25E0%25B9%2580%25E0%25B8%25A5%25E0%25B8%2582%25E0%25B8%2598%25E0%25B8%25B9%25E0%25B8%259B%2C%25E0%25B8%25A5%25E0%25B8%25AD%25E0%25B8%2595%25E0%25B9%2580%25E0%25B8%2595%25E0%25B8%25AD%25E0%25B8%25A3%25E0%25B8%25B5%25E0%25B9%2588%2C%25E0%25B8%25AB%25E0%25B8%25A7%25E0%25B8%25A2%2C%25E0%25B9%2580%25E0%25B8%25A5%25E0%25B8%2582%25E0%25B9%2580%25E0%25B8%2594%25E0%25B9%2587%25E0%25B8%2594%2C%25E0%25B9%2580%25E0%25B8%25A5%25E0%25B8%2582%25E0%25B9%2580%25E0%25B8%2594%25E0%25B9%2587%25E0%25B8%2594%25E0%25B8%2587%25E0%25B8%25A7%25E0%25B8%2594%25E0%25B8%2599%25E0%25B8%25B5%25E0%25B9%2589%2C%25E0%25B8%259C%25E0%25B8%25A5%25E0%25B8%25AA%25E0%25B8%25A5%25E0%25B8%25B2%25E0%25B8%2581%2C%25E0%25B8%2595%25E0%25B8%25A3%25E0%25B8%25A7%25E0%25B8%2588%25E0%25B8%25AA%25E0%25B8%25A5%25E0%25B8%25B2%25E0%25B8%2581%2C%25E0%25B8%259C%25E0%25B8%25A5%25E0%25B8%25AA%25E0%25B8%25A5%25E0%25B8%25B2%25E0%25B8%2581%25E0%25B8%2581%25E0%25B8%25B4%25E0%25B8%2599%25E0%25B9%2581%25E0%25B8%259A%25E0%25B9%2588%25E0%25B8%2587%25E0%25B8%25A3%25E0%25B8%25B1%25E0%25B8%2590%25E0%25B8%259A%25E0%25B8%25B2%25E0%25B8%25A5%2C%25E0%25B8%2582%25E0%25B9%2588%25E0%25B8%25B2%25E0%25B8%25A7%25E0%25B8%25AB%25E0%25B8%25A7%25E0%25B8%25A2%2C%25E0%25B8%2595%25E0%25B8%25A3%25E0%25B8%25A7%25E0%25B8%2588%25E0%25B8%25AB%25E0%25B8%25A7%25E0%25B8%25A2%2C%25E0%25B8%25AB%25E0%25B8%25A7%25E0%25B8%25A2%25E0%25B8%2587%25E0%25B8%25A7%25E0%25B8%2594%25E0%25B8%2599%25E0%25B8%25B5%25E0%25B9%2589%2Clottery%2C%25E0%25B8%25AB%25E0%25B8%25A7%25E0%25B8%25A2%25201%2520%25E0%25B8%2581.%25E0%25B8%25A2.%252064%2C%25E0%25B8%2595%25E0%25B8%25A3%25E0%25B8%25A7%25E0%25B8%2588%25E0%25B8%25AB%25E0%25B8%25A7%25E0%25B8%25A2%25201%2520%25E0%25B8%2581%25E0%25B8%25B1%25E0%25B8%2599%25E0%25B8%25A2%25E0%25B8%25B2%25E0%25B8%25A2%25E0%25B8%2599%25202564%2C%25E0%25B8%25AA%25E0%25B8%25A5%25E0%25B8%25B2%25E0%25B8%2581%25E0%25B8%2581%25E0%25B8%25B4%25E0%25B8%2599%25E0%25B9%2581%25E0%25B8%259A%25E0%25B9%2588%25E0%25B8%2587%25E0%25B8%25A3%25E0%25B8%25B1%25E0%25B8%2590%25E0%25B8%259A%25E0%25B8%25B2%25E0%25B8%25A5%2C%25E0%25B8%2595%25E0%25B8%25A3%25E0%25B8%25A7%25E0%25B8%2588%25E0%25B8%25AA%25E0%25B8%25A5%25E0%25B8%25B2%25E0%25B8%2581%25E0%25B8%2581%25E0%25B8%25B4%25E0%25B8%2599%25E0%25B9%2581%25E0%25B8%259A%25E0%25B9%2588%25E0%25B8%2587%25E0%25B8%25A3%25E0%25B8%25B1%25E0%25B8%2590%25E0%25B8%259A%25E0%25B8%25B2%25E0%25B8%25A5%2C%25E0%25B8%2595%25E0%25B8%25A3%25E0%25B8%25A7%25E0%25B8%2588%25E0%25B8%25A5%25E0%25B8%25AD%25E0%25B8%2595%25E0%25B9%2580%25E0%25B8%2595%25E0%25B8%25AD%25E0%25B8%25A3%25E0%25B8%25B5%25E0%25B9%2588%2C%25E0%25B8%2582%25E0%25B9%2588%25E0%25B8%25B2%25E0%25B8%25A7%25E0%25B8%2594%25E0%25B9%2588%25E0%25B8%25A7%25E0%25B8%2599%2C%25E0%25B8%2582%25E0%25B9%2588%25E0%25B8%25B2%25E0%25B8%25A7%25E0%25B8%25A7%25E0%25B8%25B1%25E0%25B8%2599%25E0%25B8%2599%25E0%25B8%25B5%25E0%25B9%2589%2C%25E0%25B8%2582%25E0%25B9%2588%25E0%25B8%25B2%25E0%25B8%25A7%25E0%25B8%25A5%25E0%25B9%2588%25E0%25B8%25B2%25E0%25B8%25AA%25E0%25B8%25B8%25E0%25B8%2594%2C%25E0%25B8%25AA%25E0%25B8%25B1%25E0%25B8%2587%25E0%25B8%2584%25E0%25B8%25A1%26partner%3Dsanook-news-exclusive%26entry_id%3D8435186%26pwtsid%3D846c407784e605b%26pwtbst%3D1%26pwtecp%3D0.01%26pwtpid%3Dpubmatic%26pwtpubid%3D155976%26pwtprofid%3D781%26pwtverid%3D56%26pwtsz%3D970x250%26pwtplt%3Ddisplay&eri=1&cookie=ID%3D040b4a3ec4fa0e2e%3AT%3D1630378719%3AS%3DALNI_MZHy_lt9h43gNqFH-_2oP3VR39GAA&bc=31&abxe=1&lmt=1630378720&dt=1630378720539&dlt=1630378715334&idt=2645&frm=20&biw=1600&bih=1200&oid=3&adxs=255&adys=75&adks=1758136767&ucis=7&ifi=7&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&u_java=false&flash=0&url=https%3A%2F%2Fwww.sanook.com%2Fnews%2F8435186%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1090x-1&msz=1090x-1&psts=AGkb-H_9U_7rROyIqrLUTTIjPbsv2-G-IQKKNg7t3k2LY7hEbOrz-O_uV1ZmHih31F5jRPa73YtSsl_u4xREomw_GBegVSgU3jdwdCcdmpOpYpffwCOzo4Gd2b0%2CAGkb-H9awlplzm3R5rYar7qljqzk&ga_vid=1319978328.1630378716&ga_sid=1630378719&ga_hid=1589978888&ga_fc=false&fws=4&ohw=1090&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/news/8435186/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
01303e8a3ae5202215835a41361974001d3dd377d81dd248d8a7b04d8e295fb8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 31 Aug 2021 02:58:40 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15792
x-xss-protection
0
google-lineitem-id
5745047882
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138356775242
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.sanook.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 6B88 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstEQ0jsqlEJMnb6wU_Eum2VW6Wm0jSYssbmFEN6B_LHKde5p7OrVqVmKmX-Ju-yzDTL56rKj1VsuSY7O_VbYDf4xsO9DUX_WFr0ellZQARcq5EGNQHyL9vAzGf4-lxD4qzs0Z_r5LT0qh6bapn49SS0CU2Kyo94H-I_4do7_jsXnZLlIa6JJZDdlDMQQpfO95BLyLCtZ_i6vzZdh-FqLXlN7JcWmgGb55byeSkwvBBiRqnoTqQBTbC3P1A31cwW4YXjcnEEPtlFz0vfZOw9ReysdMTZKH5j-pbRytgoENASCq2pYrLDbd39X0iclvDaYbqyMg&sig=Cg0ArKJSzFTDJvGTj_jAEAE&urlfix=1&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 31 Aug 2021 02:58:40 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Tue, 31 Aug 2021 02:58:40 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 7400 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsulwVNNV-VWWA9_Ji1lwRBLTWEv2HXqY13D7FqG-Wejvc5jDp3UXDwALOvMCisZ0ixQRwU2DChOfRGWhiIQgKMNsKCnUteMwJxJrh3pI2CeQceEmeVNa0edQFMUmwjgOzfOmhlPlGmJRfFDppTtmhZcJfNywuSBC2-SOw4Ks_Wn4w-2vMlX4Dd_-jEeUADESmyYhD7s8zH2iXv7xbJMvE3pby3QEYXuGoZj4hZcQf04viVp83tTs7d_rVbJ58RlEQ0527MBoXAwL8-e2Xf9fOGYRvWkO88RJeG1VM91Td3oOjA9qtqElCHqRdwvxIMed0a_1vNfxfBHbiOunzO4OsdPbbw&sig=Cg0ArKJSzKrQj3m3QKQhEAE&adurl=
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/news/8435186/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 31 Aug 2021 02:58:40 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210826/r20110914/ Frame 7400 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210826/r20110914/abg_lite_fy2019.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021083001.js?31062435
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
47b2e4e5ae504cbefc5c71d8bab25c4571c65321f1009411150b689dcc2901f5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 31 Aug 2021 02:51:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
417
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7645
x-xss-protection
0
server
cafe
etag
13200147268341533873
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 14 Sep 2021 02:51:43 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210826/r20110914/client/ Frame 7400 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210826/r20110914/client/window_focus_fy2019.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021083001.js?31062435
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 31 Aug 2021 02:56:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
155
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1339
x-xss-protection
0
server
cafe
etag
2275704724217174249
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 14 Sep 2021 02:56:05 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 7400 		122 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021083001.js?31062435
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bc737a01a72ef54ff0decd38e4ada36dad376930b764cabfad012682cdc262ae
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 31 Aug 2021 02:58:40 GMT
content-encoding
gzip
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server
sffe
etag
"1630322985459792"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
x-content-type-options
nosniff
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37796
x-xss-protection
0
expires
Tue, 31 Aug 2021 02:58:40 GMT
8098832714011419080
tpc.googlesyndication.com/simgad/ Frame 7400 		35 KB
35 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/8098832714011419080
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021083001.js?31062435
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6945240273217734a7abf2fced1ed5dbe2b8617d48b3133306ecb9f42ebe0856
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 27 Aug 2021 19:11:43 GMT
x-content-type-options
nosniff
age
287217
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36051
x-xss-protection
0
last-modified
Tue, 20 Jul 2021 11:25:21 GMT
server
sffe
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 27 Aug 2022 19:11:43 GMT
amp4ads-v0.mjs
cdn.ampproject.org/rtv/012108170213000/ Frame C667 		188 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012108170213000/amp4ads-v0.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021083001.js?31062435
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c76cc68adbbc958993e23bf9ad18979f7aeaab6274b1f2322afb581d22eb855f
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
452615
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
55333
x-xss-protection
0
server
sffe
date
Wed, 25 Aug 2021 21:15:05 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"55ff93a1040e5c38"
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 25 Aug 2022 21:15:05 GMT
amp-ad-exit-0.1.mjs
cdn.ampproject.org/rtv/012108170213000/v0/ Frame C667 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012108170213000/v0/amp-ad-exit-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021083001.js?31062435
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fae2773cd95cb857866b4b3a54777c88f6c03e0167bf323c2a1f431985887b61
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
453524
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4999
x-xss-protection
0
server
sffe
date
Wed, 25 Aug 2021 20:59:56 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"6b551ff8c0a78d7e"
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 25 Aug 2022 20:59:56 GMT
amp-analytics-0.1.mjs
cdn.ampproject.org/rtv/012108170213000/v0/ Frame C667 		89 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012108170213000/v0/amp-analytics-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021083001.js?31062435
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
48bb89434a42b4fb519f27e9272e018e8151383b4b7f46f26260f5fd29e5f05e
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
453524
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28538
x-xss-protection
0
server
sffe
date
Wed, 25 Aug 2021 20:59:56 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"523ca413d5eb4bb0"
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 25 Aug 2022 20:59:56 GMT
amp-fit-text-0.1.mjs
cdn.ampproject.org/rtv/012108170213000/v0/ Frame C667 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012108170213000/v0/amp-fit-text-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021083001.js?31062435
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f4a74fe2cef1d4e3ca293944e20763b350954439d0966a662691d304d9e1aac3
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
453524
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1653
x-xss-protection
0
server
sffe
date
Wed, 25 Aug 2021 20:59:56 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"a4d9605fb26cf0ce"
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 25 Aug 2022 20:59:56 GMT
amp-form-0.1.mjs
cdn.ampproject.org/rtv/012108170213000/v0/ Frame C667 		40 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012108170213000/v0/amp-form-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021083001.js?31062435
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9158e53d7052a6df65c12e3a59a8c77a8be353425523e4eff057fa5578e654ad
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
453524
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12821
x-xss-protection
0
server
sffe
date
Wed, 25 Aug 2021 20:59:56 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"bd81b3ba02634f28"
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 25 Aug 2022 20:59:56 GMT
truncated
/ Frame C667 		218 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
dcc88c99f66fecaa3bda80d74854aa20e5d9299446e70f59b9312498f6026ee6

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type
image/png
620243259523883660
tpc.googlesyndication.com/simgad/ Frame C667 		87 KB
87 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/620243259523883660?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qniGNNemwcqBIj1yUPNw4rN92NRXg
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/news/8435186/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6ca9919b8e835115e0061f7586f2781b5de4d4280c22d6307cb7f8e681a2ba3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sat, 28 Aug 2021 16:04:27 GMT
x-content-type-options
nosniff
last-modified
Thu, 26 Aug 2021 04:28:56 GMT
server
sffe
age
212053
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
88807
x-xss-protection
0
expires
Sun, 28 Aug 2022 16:04:27 GMT
th.png
tpc.googlesyndication.com/pagead/images/abg/ Frame C667 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/th.png
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/news/8435186/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
cad58f215d074424bf4b9310a814d9ea51931235a3afe31ee2e69c58e8f75bec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 30 Aug 2021 17:32:00 GMT
x-content-type-options
nosniff
server
cafe
age
34000
etag
12800268860518071124
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
content-type
image/png
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3306
x-xss-protection
0
expires
Tue, 31 Aug 2021 17:32:00 GMT
icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame C667 		344 B
368 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/icon.png
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/news/8435186/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 30 Aug 2021 18:28:40 GMT
x-content-type-options
nosniff
server
cafe
age
30600
etag
6766994032117382215
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
content-type
image/png
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
344
x-xss-protection
0
expires
Tue, 31 Aug 2021 18:28:40 GMT
l
www.google.com/ads/measurement/ Frame C667 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaRtQq1eDKaxnvi0bMC9-4bJ5-A-kV3Xrqr1tbUkkXlNLnTGpLfXkD8mLeSlCmSRRqoaZdGr
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/news/8435186/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers
adview
securepubads.g.doubleclick.net/pagead/ Frame C667 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CRPOh4JotYcbwFeTX7_UP_uey0ArX8LLtZLG-ts69Dq4CEAEgr9HbH2CV-vCBjAegAa3ciogDyAEC4AIAqAMByAMIqgThAU_QOPVQbKEXwVbBKFVlZncj-79LxlB5--SIXfCdTcW6-SlhUBUMJd_XNOn323x88SB5jn7iOH7P8IOCfWCxH-svV7b_bKNtCRXuFeedbbwmiUAilyJeBjuoyc6a7IKb9v-hHgQtoZLU8oLoNf_dplCScnZed-AOLXmuGdNZ-2OGElRJYMs6NX2Hukm2gnA7grKL-PWIdn7gmoaEPMpIcxdX-lUrnkcmVK39FTaXZPcELLIomf0iT_y_P3aosF_6LqrTW1Eq01ROZDUBBsKQq6L5_nEhubPs6RFXPNMGXPX_KcAE26S2nOEB4AQBkgUECAQYAZIFBAgFGASSBQQIBRgYkgUFCAUYqAGgBgKAB4KmxWqoB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7paxAqgHpr4b2AcB8gcEEPDsB9IICQiA4YBwEAEYHYAKA8gLAdgTDNAVAYAXAbIXHgocCAASFHB1Yi02MTY3MjM4NzEyNzI5MDMyGPeBEA&sigh=bkZtAjEysG0
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/news/8435186/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers
adview
securepubads.g.doubleclick.net/pagead/ Frame D37C 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=ChIa135otYf_1J42L7_UPz72x-Aq93tLgZK7d2qWOC-yY-t3NGRABIK_R2x9glfrwgYwHoAHpjsHNAsgBCakCQv-9RenKsz7gAgCoAwHIA5sEqgTcAU_QrChlkZ8GbuG-lS1b8Ad2EEePlz2g5qaeDFsped7VQiKBOr_E08EitmahuyYfSsJ9jSbmXUP7hDrNc6heP152VGZkV4on0kN5VYJKxc686IiGZavYxt6fferuyeuik9S208NuGdwyN5QCbaRsR2D5RXdwl_t9uBBXv10hrVpwXL-j8k_nU4PoVq1sezFtxtB9zt6xaiE79_F3G5NrKiFdxL2nM_KPZKrH31ZKiVT6PgMTyKzX9cwV2ujeTmUxsyfKsWB4JIyLPsczJjDk6bmtKHvygQNcbhdZSxDABPHwmYjzAuAEAZIFBAgEGAGSBQQIBRgEkgUECAUYGJIFBQgFGKgBoAYugAf_8L6yAagH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7paxAqgHpr4b2AcA8gcEEKPsD9IICQiA4YBwEAEYHYAKA8gLAdgTDtAVAZgWAYAXAbIXHgocCAASFHB1Yi02MTY3MjM4NzEyNzI5MDMyGPeBEA&sigh=SYjZwxUjxNk&template_id=494
Requested by
Host: 6d00ba5207e9bad60d35193393cb2b25.safeframe.googlesyndication.com
URL: https://6d00ba5207e9bad60d35193393cb2b25.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
/
Resource Hash

Request headers

Referer
https://6d00ba5207e9bad60d35193393cb2b25.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers
shopping
encrypted-tbn0.gstatic.com/ Frame D37C 		49 KB
49 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://encrypted-tbn0.gstatic.com/shopping?q=tbn:ANd9GcQkvro9c25swH1iTdxDvoqz8gP6kubWt9mWrbZSMLEgW41zguYtSEuISmaYIw&usqp=CAI
Requested by
Host: 6d00ba5207e9bad60d35193393cb2b25.safeframe.googlesyndication.com
URL: https://6d00ba5207e9bad60d35193393cb2b25.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6e60332df508bd4c5951c3073c23b266ff306aafd7457226d7c58b4b7944d74e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://6d00ba5207e9bad60d35193393cb2b25.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sat, 28 Aug 2021 08:27:12 GMT
x-content-type-options
nosniff
last-modified
Mon, 03 Aug 2020 10:08:13 GMT
server
sffe
age
239488
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
content-type
image/jpeg
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
50343
x-xss-protection
0
expires
Sun, 28 Aug 2022 08:27:12 GMT
shopping
encrypted-tbn1.gstatic.com/ Frame D37C 		41 KB
41 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://encrypted-tbn1.gstatic.com/shopping?q=tbn:ANd9GcRMNWE6DpC9eTwC21Z7vM1lbQz_ZGVHW6kWqUExDdoH8B9ETRZ2e_H1Rz5Hcds&usqp=CAI
Requested by
Host: 6d00ba5207e9bad60d35193393cb2b25.safeframe.googlesyndication.com
URL: https://6d00ba5207e9bad60d35193393cb2b25.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f0f836070094fe0b492fc1dbac6b1d8c9db4155baf72f9c02205abb613209e0f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://6d00ba5207e9bad60d35193393cb2b25.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sat, 28 Aug 2021 14:41:01 GMT
x-content-type-options
nosniff
last-modified
Wed, 10 Feb 2021 00:06:38 GMT
server
sffe
age
217059
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
content-type
image/jpeg
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
41617
x-xss-protection
0
expires
Sun, 28 Aug 2022 14:41:01 GMT
shopping
encrypted-tbn0.gstatic.com/ Frame D37C 		20 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://encrypted-tbn0.gstatic.com/shopping?q=tbn:ANd9GcRhZxxYroGXmzg0aRZmaL__2xvillUVEd0vrZugV0X7GIL9Cjt1abxs4nrkhg&usqp=CAI
Requested by
Host: 6d00ba5207e9bad60d35193393cb2b25.safeframe.googlesyndication.com
URL: https://6d00ba5207e9bad60d35193393cb2b25.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6abd3046d023dea7174ab5cf7614e1f44efd08ed1dbebddf0f86c38d806acc96
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://6d00ba5207e9bad60d35193393cb2b25.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 24 Aug 2021 12:53:20 GMT
x-content-type-options
nosniff
last-modified
Fri, 20 Aug 2021 20:30:08 GMT
server
sffe
age
569120
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
content-type
image/jpeg
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20987
x-xss-protection
0
expires
Wed, 24 Aug 2022 12:53:20 GMT
shopping
encrypted-tbn0.gstatic.com/ Frame D37C 		43 KB
43 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://encrypted-tbn0.gstatic.com/shopping?q=tbn:ANd9GcT0NoDqN3mI5haR9eIO0-kRcwmOfILXnbwpddKzPyZsqBIoT5nyPnjTdXHYIQ&usqp=CAI
Requested by
Host: 6d00ba5207e9bad60d35193393cb2b25.safeframe.googlesyndication.com
URL: https://6d00ba5207e9bad60d35193393cb2b25.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2eb9c3bf0c2b11644dba28a5035dc371dbd811e5c3a119d8846e101cd4496ad8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://6d00ba5207e9bad60d35193393cb2b25.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 27 Aug 2021 11:47:45 GMT
x-content-type-options
nosniff
last-modified
Wed, 10 Feb 2021 00:06:26 GMT
server
sffe
age
313855
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
content-type
image/jpeg
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43758
x-xss-protection
0
expires
Sat, 27 Aug 2022 11:47:45 GMT
shopping
encrypted-tbn3.gstatic.com/ Frame D37C 		30 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://encrypted-tbn3.gstatic.com/shopping?q=tbn:ANd9GcQ6ufCwtf2tZ5RJBrOir6eFsSr7k9FgZ4SG6ey1tg5GgAk-kruraYZfBThkxsg&usqp=CAI
Requested by
Host: 6d00ba5207e9bad60d35193393cb2b25.safeframe.googlesyndication.com
URL: https://6d00ba5207e9bad60d35193393cb2b25.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
21f441ba86119d8bb0fd42599640a3eb41481afcda38d7fd86a982af12c892d1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://6d00ba5207e9bad60d35193393cb2b25.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sat, 28 Aug 2021 13:20:47 GMT
x-content-type-options
nosniff
last-modified
Fri, 30 Jul 2021 09:02:46 GMT
server
sffe
age
221873
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
content-type
image/jpeg
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
30526
x-xss-protection
0
expires
Sun, 28 Aug 2022 13:20:47 GMT
shopping
encrypted-tbn2.gstatic.com/ Frame D37C 		17 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://encrypted-tbn2.gstatic.com/shopping?q=tbn:ANd9GcTkoeF4t6RJa06gfV32qned5OOgXVdzHZCa-_Mb5hjlaBn0BSdy3n2GmVPkL7Y&usqp=CAI
Requested by
Host: 6d00ba5207e9bad60d35193393cb2b25.safeframe.googlesyndication.com
URL: https://6d00ba5207e9bad60d35193393cb2b25.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1381ddce722e71695f406ed6fc66bfb31653d1a8f631c9bbf6ee0ee4ee475379
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://6d00ba5207e9bad60d35193393cb2b25.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 29 Aug 2021 20:28:27 GMT
x-content-type-options
nosniff
last-modified
Wed, 05 Aug 2020 14:32:49 GMT
server
sffe
age
109813
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
content-type
image/jpeg
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
17506
x-xss-protection
0
expires
Mon, 29 Aug 2022 20:28:27 GMT
shopping
encrypted-tbn3.gstatic.com/ Frame D37C 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://encrypted-tbn3.gstatic.com/shopping?q=tbn:ANd9GcR1FM9UJxwTU_9YBS_9pqy_-jhIcDRp0TZXx-WadZE82MpvP6cS&usqp=CAI
Requested by
Host: 6d00ba5207e9bad60d35193393cb2b25.safeframe.googlesyndication.com
URL: https://6d00ba5207e9bad60d35193393cb2b25.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
87b2af840e9a29525b0ebf64fb3ce6e1c009fe1648c46bf252d3b03990be56bf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://6d00ba5207e9bad60d35193393cb2b25.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sat, 28 Aug 2021 12:33:16 GMT
x-content-type-options
nosniff
last-modified
Fri, 13 Apr 2018 18:58:25 GMT
server
sffe
age
224724
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
content-type
image/jpeg
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19095
x-xss-protection
0
expires
Sun, 28 Aug 2022 12:33:16 GMT
truncated
/ Frame D37C 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
84f3d5ef8f191d7ebea61b62a37928cfcf901b82bb4d4e748b0063ee070fbf16

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type
image/png
view
securepubads.g.doubleclick.net/pcs/ Frame FDB4 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssLLIue6OKGcPFzAR4mK0Ga09m7joRRVVE6LFrtT5ySJrp3rTSreB6dh8jegw59Uv_pkWAaqw-g3XQaGXeS2wpmHWyhMQ5EjhboJUUzUqydrz4cD0r-GZzRImWGOLCvCJCuJsHqp1GhOFSRa_2ljwRFK5mavgVZDAPwgeKpDNE5jY25jTcEFp-ZXDTzy0CY79y__4UD1gdVsLDPdL79wGQnRDYSG3TrYT8dI2Q4sClmHjFgD8JmIDQaci6pDdWMra9NBxKbUwtKNhNHTI8bruPXbqn04FzEW2gdBbhYx1_3WtsaE9aNJs-YvVJ5McVpnPJFJNRUydABRtypS-gSuHgGy2Kk7GnygBSaww&sai=AMfl-YQhpEh5oS3dWKV0fEiIFIsXeinJn8tUDGt5q7tnG7R-g51yMFrG9t5MrI7hVOKkyMDjLJYd0-ETiGv8fW8fxgR5Dvah9-caFciHodbgH_yuYTScvuJS1fLuuC4yhuI&sig=Cg0ArKJSzDHU7DEPPorgEAE&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ%3D%3D&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 31 Aug 2021 02:58:40 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Tue, 31 Aug 2021 02:58:40 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame FDB4 		0
0
si
googleads.g.doubleclick.net/pagead/drt/ Frame C667
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/news/8435186/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Redirect headers

date
Tue, 31 Aug 2021 02:58:40 GMT
x-content-type-options
nosniff
server
safe
content-type
text/html; charset=UTF-8
location
https://googleads.g.doubleclick.net/pagead/drt/si
cache-control
private
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
246
x-xss-protection
0
ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2
fonts.gstatic.com/s/googlesansdisplay/v15/ Frame D37C 		20 KB
21 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/googlesansdisplay/v15/ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
475700259e64d480d1a70023e14741bb298a025e338bb608552e2472d4505a65
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://6d00ba5207e9bad60d35193393cb2b25.safeframe.googlesyndication.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 24 Aug 2021 16:30:42 GMT
x-content-type-options
nosniff
age
556078
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20900
x-xss-protection
0
last-modified
Mon, 19 Apr 2021 22:53:16 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 24 Aug 2022 16:30:42 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 7400 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuIxkpxOSzWmG6EtP0ls6z4K2ciNKpT4-F8Vt5brMFqDmJuL_eSLaYJqN3o2WtxyPX0gmEycrywvW8021Cq-pWqL0n5-VZQCWLYfSDAYEKpIQLF7PUEufZo5fLXHHWEGYtwZLqYcDgzhhUQ-AaFGcnle-oDjXdB6Bu9l5XZGITEkTAqwEBKFwMoVl-hmbxyX0uAIVubdkQF1rHVzrsaYKKdsEK0K5kgusjJc3cbEN7hurmyu7s_6h8wOd00hyzVSEWE5rfoJ95rZEJvMHvrKc8aJZa4glr_fLnZplszbRGwEhuXiUyguZun5tP2uMxMGCDSLpy9bU_MgW-29Tnuk5sN13oC1g&sig=Cg0ArKJSzOjIKe2p-pwhEAE&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 31 Aug 2021 02:58:40 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Tue, 31 Aug 2021 02:58:40 GMT
truncated
/ Frame 7400 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
318e21c9f1120efbce5b97bdc2cc4d2cbf27c7d4f38d07d94981303fd95443fe

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type
image/png
view
securepubads.g.doubleclick.net/pcs/ Frame 4371 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsszb1xdV9SSc6HaO9Y7jJJHk-OeAv_MOlWqw5454-u5ZzEu4HocfACcnVq0VIaXDBmTzmFgNACbSQQgZ3gyOiJ9IBDFjCuBe_bdfsLFe-MEml9VCNh5a6c5udOJi5GLgq978qXIls9_puHOQT_J4f22bAf2k0EYFhHR94c_z8TMIp-iPPXeOIcYajJZEYyyzH0gKv3FdJScrW-o58ge9CCVNbVxJSXzW3E8TRuFWWOFJULGkj92WVUndmCyBC8YjilfMPGCb45Mub9ZRfpAB631P5V2RKVngsMFLgbjFnxdxwnmdInPRT8hauqoRUWI5mkbQyDcXEEsoiTYmQdamXbqMULSAsSDDg&sig=Cg0ArKJSzAkHOafj8hX-EAE&adurl=
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/news/8435186/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 31 Aug 2021 02:58:40 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210826/r20110914/ Frame 4371 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210826/r20110914/abg_lite_fy2019.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021083001.js?31062435
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
47b2e4e5ae504cbefc5c71d8bab25c4571c65321f1009411150b689dcc2901f5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 31 Aug 2021 02:51:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
417
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7645
x-xss-protection
0
server
cafe
etag
13200147268341533873
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 14 Sep 2021 02:51:43 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210826/r20110914/client/ Frame 4371 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210826/r20110914/client/window_focus_fy2019.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021083001.js?31062435
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 31 Aug 2021 02:56:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
155
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1339
x-xss-protection
0
server
cafe
etag
2275704724217174249
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 14 Sep 2021 02:56:05 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 4371 		122 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021083001.js?31062435
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bc737a01a72ef54ff0decd38e4ada36dad376930b764cabfad012682cdc262ae
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 31 Aug 2021 02:58:40 GMT
content-encoding
gzip
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server
sffe
etag
"1630322985459792"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
x-content-type-options
nosniff
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37796
x-xss-protection
0
expires
Tue, 31 Aug 2021 02:58:40 GMT
2901933747944120350
tpc.googlesyndication.com/simgad/ Frame 4371 		108 KB
108 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/2901933747944120350
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021083001.js?31062435
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
96a867861a1eacf26cfb2d56ac3de70c0b03e08ef133d1b74fe289720807c251
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sat, 28 Aug 2021 14:39:56 GMT
x-content-type-options
nosniff
age
217124
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
110573
x-xss-protection
0
last-modified
Tue, 20 Jul 2021 11:26:36 GMT
server
sffe
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/content-ads-owners
expires
Sun, 28 Aug 2022 14:39:56 GMT
crum
dsum-sec.casalemedia.com/ Frame 4533
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1
  • https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YS2a4J1d43G73Utg5s8myAAA
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEJdqd_skSCzsPo0NQdy9c9M&google_cver=1&gdpr=1
43 B
1000 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEJdqd_skSCzsPo0NQdy9c9M&google_cver=1&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.sanook.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.108.145.8 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-108-145-8.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 31 Aug 2021 02:58:41 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Tue, 31 Aug 2021 02:58:41 GMT

Redirect headers

pragma
no-cache
date
Tue, 31 Aug 2021 02:58:41 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEJdqd_skSCzsPo0NQdy9c9M&google_cver=1&gdpr=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
325
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
casale
match.adsrvr.org/track/cmf/ Frame 4533 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/casale?gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.sanook.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.248.242.197 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a97adde81b00f2ca4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 31 Aug 2021 02:58:40 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
usermatchredir
ssum-sec.casalemedia.com/ Frame 4533
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YS2a4J1d43G73Utg5s8mwgAABLoAAAIB&gdpr_consent=&us_privacy=&gdpr=1
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESELt0TolWym1PCz9L9dwykiM&google_cver=1
43 B
315 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESELt0TolWym1PCz9L9dwykiM&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.sanook.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.108.145.8 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-108-145-8.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 31 Aug 2021 02:58:41 GMT
Server
Apache
Vary
Is-Traffic-Usersync
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
43
Expires
Tue, 31 Aug 2021 02:58:41 GMT

Redirect headers

pragma
no-cache
date
Tue, 31 Aug 2021 02:58:40 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESELt0TolWym1PCz9L9dwykiM&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
343
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dcm
s.amazon-adsystem.com/ Frame 4533
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YS2a4J1d43G73Utg5s8mwgAABLoAAAIB
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YS2a4J1d43G73Utg5s8mwgAABLoAAAIB&dcc=t
43 B
645 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YS2a4J1d43G73Utg5s8mwgAABLoAAAIB&dcc=t
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.sanook.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.133.124 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 31 Aug 2021 02:58:43 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
7S2TVY2ASTT0ZV61Z94Y
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Tue, 31 Aug 2021 02:58:42 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
V3N6E56B312Z9F6BKR3K
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YS2a4J1d43G73Utg5s8mwgAABLoAAAIB&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame 4533
Redirect Chain
  • https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1&gdpr=1
  • https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1&gdpr=1&prevuid=&knw=0
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=
43 B
315 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.sanook.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.108.145.8 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-108-145-8.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 31 Aug 2021 02:58:44 GMT
Server
Apache
Vary
Is-Traffic-Usersync
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
43
Expires
Tue, 31 Aug 2021 02:58:44 GMT

Redirect headers

date
Tue, 31 Aug 2021 02:58:44 GMT
server
nginx
access-control-allow-origin
*
transfer-encoding
chunked
access-control-allow-methods
POST, GET, OPTIONS
p3p
CP="NOI DEV OUR BUS UNI"
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=
cache-control
no-cache
content-type
text/html; charset=UTF-8
access-control-allow-headers
Origin
keep-alive
timeout=10
noop
px.owneriq.net/ Frame 4533
Redirect Chain
  • https://px.owneriq.net/eucm/p/cc?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D31%26external_user_id%3D(OIQ_UUID)
  • https://px.owneriq.net/ecc?redir=https%3a%2f%2fdsum-sec.casalemedia.com%2fcrum%3fcm_dsp_id%3d31%26external_user_id%3dQ6836651241273060049&uid=Q6836651241273060049&ref=%2Feucm%2Fp%2Fcc
  • https://px.owneriq.net/noop?ct=image%2Fgif
0
287 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.owneriq.net/noop?ct=image%2Fgif
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.sanook.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
92.123.21.100 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a92-123-21-100.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Tue, 31 Aug 2021 02:58:44 GMT
Server
Apache/2.2.15 (CentOS)
Connection
keep-alive
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
X-Powered-By
PHP/5.3.3
Content-Length
0
Content-Type
image/gif

Redirect headers

Location
https://px.owneriq.net/noop?ct=image%2Fgif
Date
Tue, 31 Aug 2021 02:58:44 GMT
Server
AkamaiGHost
Connection
keep-alive
Content-Length
0
crum
dsum-sec.casalemedia.com/ Frame 4533
Redirect Chain
  • https://nep.advangelists.com/xp/user-sync?acctid=405&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D195%26external_user_id%3D%7BPARTNER_VISITOR_ID%7D%0A
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=195&external_user_id=av-feac9805-77c2-46bc-beb4-cf0ae171ee97
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=195&external_user_id=av-feac9805-77c2-46bc-beb4-cf0ae171ee97
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.sanook.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.108.145.8 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-108-145-8.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 31 Aug 2021 02:58:42 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Tue, 31 Aug 2021 02:58:42 GMT

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=195&external_user_id=av-feac9805-77c2-46bc-beb4-cf0ae171ee97
date
Tue, 31 Aug 2021 02:58:42 GMT
server
Apache-Coyote/1.1
content-length
0
bridge
cm.adgrx.com/ Frame 4533 		43 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.adgrx.com/bridge?AG_PID=casale&AG_SETCOOKIE&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.sanook.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
72.251.241.206 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
Cowboy /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 31 Aug 2021 02:58:43 GMT
server
Cowboy
P3P
CP="NOI OTC OTP OUR NOR"
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate, proxy-revalidate
Connection
keep-alive
Content-Type
image/gif
X-RealServer-NX
ams-delivery-4
Content-Length
43
Expires
Thu, 23 Sep 2004 17:42:04 GMT
htw-pixel.gif
js-sec.indexww.com/ht/ Frame 4533 		43 B
424 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://js-sec.indexww.com/ht/htw-pixel.gif?YS2a4J1d43G73Utg5s8mwgAA%261210
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.sanook.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.108.145.8 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-108-145-8.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Tue, 31 Aug 2021 02:58:40 GMT
Last-Modified
Tue, 24 Jan 2017 19:36:04 GMT
Server
Apache
ETag
"902a3d-2b-546dc3a097100"
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=976
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
image/gif
Content-Length
43
Expires
Tue, 31 Aug 2021 03:14:56 GMT
crum
dsum-sec.casalemedia.com/ Frame C876
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1
  • https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YS2a4J1d43G73Utg5s8myAAA
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEJdqd_skSCzsPo0NQdy9c9M&google_cver=1&gdpr=1
43 B
1000 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEJdqd_skSCzsPo0NQdy9c9M&google_cver=1&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.sanook.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.108.145.8 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-108-145-8.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 31 Aug 2021 02:58:41 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Tue, 31 Aug 2021 02:58:41 GMT

Redirect headers

pragma
no-cache
date
Tue, 31 Aug 2021 02:58:41 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEJdqd_skSCzsPo0NQdy9c9M&google_cver=1&gdpr=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
325
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
casale
match.adsrvr.org/track/cmf/ Frame C876 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/casale?gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.sanook.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.248.242.197 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a97adde81b00f2ca4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 31 Aug 2021 02:58:40 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
usermatchredir
ssum-sec.casalemedia.com/ Frame C876
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YS2a4J1d43G73Utg5s8mxQAABHIAAAIB&gdpr_consent=&us_privacy=&gdpr=1
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESELt0TolWym1PCz9L9dwykiM&google_cver=1
43 B
315 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESELt0TolWym1PCz9L9dwykiM&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.sanook.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.108.145.8 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-108-145-8.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 31 Aug 2021 02:58:41 GMT
Server
Apache
Vary
Is-Traffic-Usersync
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
43
Expires
Tue, 31 Aug 2021 02:58:41 GMT

Redirect headers

pragma
no-cache
date
Tue, 31 Aug 2021 02:58:40 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESELt0TolWym1PCz9L9dwykiM&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
343
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dcm
s.amazon-adsystem.com/ Frame C876
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YS2a4J1d43G73Utg5s8mxQAABHIAAAIB
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YS2a4J1d43G73Utg5s8mxQAABHIAAAIB&dcc=t
43 B
645 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YS2a4J1d43G73Utg5s8mxQAABHIAAAIB&dcc=t
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.sanook.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.133.124 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 31 Aug 2021 02:58:43 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
059D2V8SBAKJQQB8FFT4
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Tue, 31 Aug 2021 02:58:42 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
C79JG0CHNPHTSH3R6Z30
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YS2a4J1d43G73Utg5s8mxQAABHIAAAIB&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
CookieIndex
rtb.adentifi.com/ Frame C876 		0
88 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.adentifi.com/CookieIndex
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.sanook.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.201.149.59 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-201-149-59.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Connection
keep-alive
Content-Length
0
Content-Type
text/plain
rum
dsum-sec.casalemedia.com/ Frame C876
Redirect Chain
  • https://pixel.quantserve.com/pixel/p-Z8PuJEk6U7Hyq.gif?idmatch=0&gdpr=1
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=1&external_user_id=YnuYqm0rzqh5Lsn5YCmH92d7z_p5eJOvZit0UuMl
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=1&external_user_id=YnuYqm0rzqh5Lsn5YCmH92d7z_p5eJOvZit0UuMl
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.sanook.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.108.145.8 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-108-145-8.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 31 Aug 2021 02:58:41 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Tue, 31 Aug 2021 02:58:41 GMT

Redirect headers

pragma
no-cache
date
Tue, 31 Aug 2021 02:58:40 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=1&external_user_id=YnuYqm0rzqh5Lsn5YCmH92d7z_p5eJOvZit0UuMl
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame C876
Redirect Chain
  • https://sync.extend.tv/r.gif?exchange=index
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=152&external_user_id=f5ee25f4-0dbd-459a-8efa-0c3ca0d0f801
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=152&external_user_id=f5ee25f4-0dbd-459a-8efa-0c3ca0d0f801
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.sanook.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.108.145.8 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-108-145-8.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 31 Aug 2021 02:58:42 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Tue, 31 Aug 2021 02:58:42 GMT

Redirect headers

Pragma
no-cache
Date
Tue, 31 Aug 2021 02:58:42 GMT
Access-Control-Allow-Origin
*
Content-Type
text/html; charset=utf-8
Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=152&external_user_id=f5ee25f4-0dbd-459a-8efa-0c3ca0d0f801
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
132
Expires
Tue, 29 May 1984 15:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame C876
Redirect Chain
  • https://nep.advangelists.com/xp/user-sync?acctid=405&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D195%26external_user_id%3D%7BPARTNER_VISITOR_ID%7D%0A
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=195&external_user_id=av-5aa81f8a-05cd-43d2-a5ec-8beabd762704
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=195&external_user_id=av-5aa81f8a-05cd-43d2-a5ec-8beabd762704
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.sanook.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.108.145.8 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-108-145-8.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 31 Aug 2021 02:58:42 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Tue, 31 Aug 2021 02:58:42 GMT

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=195&external_user_id=av-5aa81f8a-05cd-43d2-a5ec-8beabd762704
date
Tue, 31 Aug 2021 02:58:42 GMT
server
Apache-Coyote/1.1
content-length
0
htw-pixel.gif
js-sec.indexww.com/ht/ Frame C876 		43 B
424 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://js-sec.indexww.com/ht/htw-pixel.gif?YS2a4J1d43G73Utg5s8mxQAA%261138
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.sanook.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.108.145.8 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-108-145-8.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Tue, 31 Aug 2021 02:58:40 GMT
Last-Modified
Tue, 24 Jan 2017 19:36:04 GMT
Server
Apache
ETag
"902a3d-2b-546dc3a097100"
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=976
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
image/gif
Content-Length
43
Expires
Tue, 31 Aug 2021 03:14:56 GMT
dcm
s.amazon-adsystem.com/ Frame AA45
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YS2a4J1d43G73Utg5s8myAAABHIAAAAB
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YS2a4J1d43G73Utg5s8myAAABHIAAAAB&dcc=t
43 B
645 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YS2a4J1d43G73Utg5s8myAAABHIAAAAB&dcc=t
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.sanook.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.133.124 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 31 Aug 2021 02:58:43 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
ZCPN765HHW32YNN7TZQQ
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Tue, 31 Aug 2021 02:58:42 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
YWDTMMGQSK2AFRTQ3GRX
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YS2a4J1d43G73Utg5s8myAAABHIAAAAB&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
usermatchredir
ssum-sec.casalemedia.com/ Frame AA45
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YS2a4J1d43G73Utg5s8myAAABHIAAAAB&gdpr_consent=&us_privacy=&gdpr=1
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESELt0TolWym1PCz9L9dwykiM&google_cver=1
43 B
315 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESELt0TolWym1PCz9L9dwykiM&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.sanook.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.108.145.8 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-108-145-8.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 31 Aug 2021 02:58:41 GMT
Server
Apache
Vary
Is-Traffic-Usersync
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
43
Expires
Tue, 31 Aug 2021 02:58:41 GMT

Redirect headers

pragma
no-cache
date
Tue, 31 Aug 2021 02:58:41 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESELt0TolWym1PCz9L9dwykiM&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
343
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
casale
match.adsrvr.org/track/cmf/ Frame AA45 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/casale?gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.sanook.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.248.242.197 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a97adde81b00f2ca4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 31 Aug 2021 02:58:40 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
crum
dsum-sec.casalemedia.com/ Frame AA45
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1
  • https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YS2a4J1d43G73Utg5s8myAAA
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEJdqd_skSCzsPo0NQdy9c9M&google_cver=1&gdpr=1
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEJdqd_skSCzsPo0NQdy9c9M&google_cver=1&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.sanook.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.108.145.8 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-108-145-8.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 31 Aug 2021 02:58:41 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Tue, 31 Aug 2021 02:58:41 GMT

Redirect headers

pragma
no-cache
date
Tue, 31 Aug 2021 02:58:41 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEJdqd_skSCzsPo0NQdy9c9M&google_cver=1&gdpr=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
325
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sync
x.bidswitch.net/ Frame AA45 		43 B
145 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?ssp=index&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.sanook.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.121.111.29 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-121-111-29.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 31 Aug 2021 02:58:40 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
43
content-type
image/gif
index
dmp.brand-display.com/cm/api/ Frame AA45 		43 B
253 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dmp.brand-display.com/cm/api/index?cm_dsp_id=191&cm_user_id=%3CIndex_user_id%3E&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.sanook.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.241.40.233 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
233.40.241.35.bc.googleusercontent.com
Software
nginx/1.20.1 /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 31 Aug 2021 02:58:45 GMT
via
1.1 google
last-modified
Tue, 31 Aug 2021 02:58:45 GMT
server
nginx/1.20.1
content-type
image/gif
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
alt-svc
clear
content-length
43
expires
Tue, 31 Aug 2021 02:58:46 GMT
sync
ups.analytics.yahoo.com/ups/55940/ Frame AA45 		0
234 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=YS2a4J1d43G73Utg5s8myAAABHIAAAAB&gdpr_consent=&us_privacy=&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.sanook.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
3.126.56.137 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-126-56-137.eu-central-1.compute.amazonaws.com
Software
ATS/7.1.2.138 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Tue, 31 Aug 2021 02:58:47 GMT
Server
ATS/7.1.2.138
Connection
keep-alive
Age
0
Strict-Transport-Security
max-age=31536000
P3P
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
CookieIndex
rtb.adentifi.com/ Frame AA45 		0
88 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.adentifi.com/CookieIndex
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.sanook.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.201.149.59 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-201-149-59.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Connection
keep-alive
Content-Length
0
Content-Type
text/plain
htw-pixel.gif
js-sec.indexww.com/ht/ Frame AA45 		43 B
424 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://js-sec.indexww.com/ht/htw-pixel.gif?YS2a4J1d43G73Utg5s8myAAA%261138
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.sanook.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.108.145.8 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-108-145-8.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Tue, 31 Aug 2021 02:58:40 GMT
Last-Modified
Tue, 24 Jan 2017 19:36:04 GMT
Server
Apache
ETag
"902a3d-2b-546dc3a097100"
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=976
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
image/gif
Content-Length
43
Expires
Tue, 31 Aug 2021 03:14:56 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 4371 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu3fvEILZnNtlhe6sNNF0Y0ibS6UWB2_NL1Itr1hdHuJhPC2cvrgxMj4ClAo2S5Jv1-BYOoHOMLFKjAu3pIQogtF3SqECn-jPZMgJNn22IFPEa2emDKFklDvHyqkrW-9dGy5dwtw-FmClZTnmgkMecL1lN08nLwl8IpqsYAHeFOZjUDpnayBDhPifxzue6nO01quSHrrKc0bvikg0NnpIsX7D_HF7tbIz-Ri0YLaHyLykxuiOczmWqY4uVnDE8cjUcirrLbD22eZG_mve15_NdHd23mP7SRIWPooD8UDULsmnYenCi23wW1ebXVw_LqgEW4zKXRxas_31901CFLgsTmXw9w7VsVtncy&sig=Cg0ArKJSzGS-kwWVPul4EAE&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 31 Aug 2021 02:58:41 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Tue, 31 Aug 2021 02:58:41 GMT
truncated
/ Frame 4371 		217 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
2eb29862c80658c1650bcf34cca1763357c0f960942cbc1edc160b4f14c7e5eb

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type
image/png
usermatchredir
ssum-sec.casalemedia.com/ Frame B41D
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YS2a4KsE6IcxpgEr846JKQAABFoAAAAB&gdpr_consent=&us_privacy=&gdpr=1
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESELt0TolWym1PCz9L9dwykiM&google_cver=1
43 B
315 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESELt0TolWym1PCz9L9dwykiM&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.sanook.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.108.145.8 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-108-145-8.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 31 Aug 2021 02:58:41 GMT
Server
Apache
Vary
Is-Traffic-Usersync
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
43
Expires
Tue, 31 Aug 2021 02:58:41 GMT

Redirect headers

pragma
no-cache
date
Tue, 31 Aug 2021 02:58:41 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESELt0TolWym1PCz9L9dwykiM&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
343
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dcm
s.amazon-adsystem.com/ Frame B41D
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YS2a4KsE6IcxpgEr846JKQAABFoAAAAB
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YS2a4KsE6IcxpgEr846JKQAABFoAAAAB&dcc=t
43 B
645 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YS2a4KsE6IcxpgEr846JKQAABFoAAAAB&dcc=t
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.sanook.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.133.124 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 31 Aug 2021 02:58:43 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
VC7SXRB94MH52QJ2K6ET
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Tue, 31 Aug 2021 02:58:42 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
208N6QWCFB1P5CJ300BG
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YS2a4KsE6IcxpgEr846JKQAABFoAAAAB&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
casale
match.adsrvr.org/track/cmf/ Frame B41D 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/casale?gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.sanook.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.248.242.197 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a97adde81b00f2ca4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 31 Aug 2021 02:58:41 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
crum
dsum-sec.casalemedia.com/ Frame B41D
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1
  • https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YS2a4KsE6IcxpgEr846JKQAA
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEJdqd_skSCzsPo0NQdy9c9M&google_cver=1&gdpr=1
43 B
999 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEJdqd_skSCzsPo0NQdy9c9M&google_cver=1&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.sanook.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.108.145.8 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-108-145-8.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 31 Aug 2021 02:58:41 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Tue, 31 Aug 2021 02:58:41 GMT

Redirect headers

pragma
no-cache
date
Tue, 31 Aug 2021 02:58:41 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEJdqd_skSCzsPo0NQdy9c9M&google_cver=1&gdpr=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
325
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sync
ups.analytics.yahoo.com/ups/55940/ Frame B41D 		0
234 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=YS2a4KsE6IcxpgEr846JKQAABFoAAAAB&gdpr_consent=&us_privacy=&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.sanook.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
3.126.56.137 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-126-56-137.eu-central-1.compute.amazonaws.com
Software
ATS/7.1.2.138 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Tue, 31 Aug 2021 02:58:47 GMT
Server
ATS/7.1.2.138
Connection
keep-alive
Age
0
Strict-Transport-Security
max-age=31536000
P3P
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
ix
ad4m.at/ad/sim/ Frame B41D 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad4m.at/ad/sim/ix?gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.sanook.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3039::6815:c06d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers
tpid=YS2a4KsE6IcxpgEr846JKQAA%261114
bcp.crwdcntrl.net/map/c=6725/tp=INDX/ Frame B41D 		49 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bcp.crwdcntrl.net/map/c=6725/tp=INDX/tpid=YS2a4KsE6IcxpgEr846JKQAA%261114?gdpr_consent=&us_privacy=&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.sanook.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.253.111.115 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-253-111-115.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 31 Aug 2021 02:58:41 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.45.4.172
content-type
image/gif
content-length
49
expires
0
rum
dsum-sec.casalemedia.com/ Frame B41D
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=48&gdpr=1
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=64&external_user_id=no-consent&expiration=1632970721
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=64&external_user_id=no-consent&expiration=1632970721
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.sanook.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.108.145.8 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-108-145-8.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 31 Aug 2021 02:58:41 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Tue, 31 Aug 2021 02:58:41 GMT

Redirect headers

pragma
no-cache
date
Tue, 31 Aug 2021 02:58:40 GMT
server
AC1.1
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=64&external_user_id=no-consent&expiration=1632970721
cache-control
max-age=0,no-cache,no-store
content-length
0
expires
Tue, 11 Oct 1977 12:34:56 GMT
htw-pixel.gif
js-sec.indexww.com/ht/ Frame B41D 		43 B
424 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://js-sec.indexww.com/ht/htw-pixel.gif?YS2a4KsE6IcxpgEr846JKQAA%261114
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.sanook.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.108.145.8 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-108-145-8.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Tue, 31 Aug 2021 02:58:41 GMT
Last-Modified
Tue, 24 Jan 2017 19:36:04 GMT
Server
Apache
ETag
"902a3d-2b-546dc3a097100"
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=975
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
image/gif
Content-Length
43
Expires
Tue, 31 Aug 2021 03:14:56 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame FDB4 		0
0
activeview
pagead2.googlesyndication.com/pcs/ Frame 6B88 		0
0
jquery-3.2.1.min.js
code.jquery.com/ 		85 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-3.2.1.min.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/news/8435186/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4de0:ac18::1:a:2b , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
nginx /
Resource Hash
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 31 Aug 2021 02:58:41 GMT
content-encoding
gzip
last-modified
Mon, 20 Mar 2017 19:01:15 GMT
server
nginx
etag
W/"58d026fb-15283"
vary
Accept-Encoding
x-hw
1630378721.dop130.fr8.t,1630378721.cds227.fr8.hn,1630378721.cds133.fr8.c
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
30125
async_usersync
ib.adnxs.com/ Frame 1A9D 		0
731 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.91 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
721.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 31 Aug 2021 02:58:41 GMT
X-Proxy-Origin
89.249.64.171; 89.249.64.171; 721.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
f5fcbede-2225-43ef-a505-9c4eb429a8e0
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
dc-script-v2.min.js
sal.isanook.com/dc/ 		25 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sal.isanook.com/dc/dc-script-v2.min.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/news/8435186/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
203.151.133.6 Bangkok, Thailand, ASN4618 (INET-TH-AS Internet Thailand Company Limited, TH),
Reverse DNS
6.134.151.203.sta.inet.co.th
Software
nginx /
Resource Hash
3742d5b28f7d0667a9e788a9a6867410194c116b62d93bcd6d256dad386189ad

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Tue, 31 Aug 2021 02:58:41 GMT
Last-Modified
Mon, 16 Nov 2020 11:46:30 GMT
Server
nginx
Content-Type
application/javascript
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
25278
Expires
Thu, 30 Sep 2021 02:58:41 GMT
sync.cgi
ssp.adriver.ru/cgi-bin/ 		42 B
201 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssp.adriver.ru/cgi-bin/sync.cgi?ssp_id=77&external_id=2144246092
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/news/8435186/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
81.222.128.214 , Russian Federation, ASN20597 (ELTEL-AS, RU),
Reverse DNS
ad14.adriver.ru
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Tue, 31 Aug 2021 02:58:42 GMT
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
Content-Type
image/gif
wl
t.pubmatic.com/ 		17 B
181 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.pubmatic.com/wl?pubid=155976
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/news/8435186/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.226 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
0d111d61901004eafd87c672f12f6cd54b3c376513aa672bf58100506dfe76f5

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

pragma
no-cache
date
Tue, 31 Aug 2021 02:58:42 GMT
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://www.sanook.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
17
expires
0
wl
t.pubmatic.com/ 		17 B
93 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.pubmatic.com/wl?pubid=155976
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/news/8435186/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.226 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
0d111d61901004eafd87c672f12f6cd54b3c376513aa672bf58100506dfe76f5

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

pragma
no-cache
date
Tue, 31 Aug 2021 02:58:42 GMT
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://www.sanook.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
17
expires
0
wl
t.pubmatic.com/ 		17 B
93 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.pubmatic.com/wl?pubid=155976
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/news/8435186/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.226 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
0d111d61901004eafd87c672f12f6cd54b3c376513aa672bf58100506dfe76f5

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

pragma
no-cache
date
Tue, 31 Aug 2021 02:58:42 GMT
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://www.sanook.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
17
expires
0
wl
t.pubmatic.com/ 		17 B
93 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.pubmatic.com/wl?pubid=155976
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/news/8435186/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.226 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
0d111d61901004eafd87c672f12f6cd54b3c376513aa672bf58100506dfe76f5

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

pragma
no-cache
date
Tue, 31 Aug 2021 02:58:42 GMT
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://www.sanook.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
17
expires
0
wl
t.pubmatic.com/ 		17 B
93 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.pubmatic.com/wl?pubid=155976
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/news/8435186/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.226 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
0d111d61901004eafd87c672f12f6cd54b3c376513aa672bf58100506dfe76f5

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

pragma
no-cache
date
Tue, 31 Aug 2021 02:58:42 GMT
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://www.sanook.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
17
expires
0
wl
t.pubmatic.com/ 		17 B
93 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.pubmatic.com/wl?pubid=155976
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/news/8435186/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.226 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
0d111d61901004eafd87c672f12f6cd54b3c376513aa672bf58100506dfe76f5

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

pragma
no-cache
date
Tue, 31 Aug 2021 02:58:42 GMT
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://www.sanook.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
17
expires
0
wl
t.pubmatic.com/ 		17 B
93 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.pubmatic.com/wl?pubid=155976
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/news/8435186/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.226 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
0d111d61901004eafd87c672f12f6cd54b3c376513aa672bf58100506dfe76f5

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

pragma
no-cache
date
Tue, 31 Aug 2021 02:58:42 GMT
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://www.sanook.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
17
expires
0
/
graph.sanook.com/ 		215 B
765 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://graph.sanook.com/?operationName=getDiscussion&variables=%7B%22app%22%3A%22news%22%2C%22entryId%22%3A%228435186%22%2C%22orderBy%22%3A%22DESC%22%2C%22limit%22%3A3%2C%22first%22%3A20%2C%22status%22%3A%5B%22online%22%2C%22approve%22%2C%22pending%22%5D%7D&extensions=%7B%22persistedQuery%22%3A%7B%22version%22%3A1%2C%22sha256Hash%22%3A%22a59061cdbb7378531ac02ef6b766b1fa659bd748%22%7D%7D
Requested by
Host: s.isanook.com
URL: https://s.isanook.com/sr/0/_next/static/San4Xsdy9aLUgv4S5czLl/pages/_app.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
61.91.93.188 , Thailand, ASN7470 (TRUEINTERNET-AS-AP TRUE INTERNET Co.,Ltd., TH),
Reverse DNS
61-91-93-188.static.asianet.co.th
Software
nginx /
Resource Hash
f3dbd491523a33c32738d4c32d863d3277547cef8fd931f41c34fe47157aaf06
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains;

Request headers

accept
*/*
Referer
https://www.sanook.com/
XPURGE
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
content-type
application/json

Response headers

Date
Tue, 31 Aug 2021 02:58:43 GMT
Content-Encoding
br
Vary
Accept-Encoding, Origin
Server
nginx
Strict-Transport-Security
max-age=15724800; includeSubDomains;
Access-Control-Allow-Methods
GET, POST, OPTIONS, HEAD
Content-Type
application/json
Access-Control-Allow-Origin
https://www.sanook.com
Transfer-Encoding
chunked
X-Cache
BYPASS
Connection
keep-alive
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range,XPURGE,Authorization
/
graph.sanook.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://graph.sanook.com/?operationName=getDiscussion&variables=%7B%22app%22%3A%22news%22%2C%22entryId%22%3A%228435186%22%2C%22orderBy%22%3A%22DESC%22%2C%22limit%22%3A3%2C%22first%22%3A20%2C%22status%22%3A%5B%22online%22%2C%22approve%22%2C%22pending%22%5D%7D&extensions=%7B%22persistedQuery%22%3A%7B%22version%22%3A1%2C%22sha256Hash%22%3A%22a59061cdbb7378531ac02ef6b766b1fa659bd748%22%7D%7D
Protocol
HTTP/1.1
Server
61.91.93.188 , Thailand, ASN7470 (TRUEINTERNET-AS-AP TRUE INTERNET Co.,Ltd., TH),
Reverse DNS
61-91-93-188.static.asianet.co.th
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains;

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
content-type,xpurge
Origin
https://www.sanook.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

Server
nginx
Date
Tue, 31 Aug 2021 02:58:42 GMT
Connection
keep-alive
Access-Control-Max-Age
300
X-Cache
BYPASS
Vary
Origin
Access-Control-Allow-Origin
https://www.sanook.com
Access-Control-Allow-Credentials
true
Access-Control-Allow-Methods
GET, POST, OPTIONS, HEAD
Access-Control-Allow-Headers
DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range,XPURGE,Authorization
Strict-Transport-Security
max-age=15724800; includeSubDomains;
query
global.cloud.netacuity.com/webservice/ 		567 B
435 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://global.cloud.netacuity.com/webservice/query?u=04842bc1-ecc8-4db1-aeec-6a7708559ff2&json=true
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/news/8435186/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.77.78.130 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-77-78-130.eu-west-1.compute.amazonaws.com
Software
Apache/2.4.46 (Amazon) OpenSSL/1.0.2k-fips /
Resource Hash
db40a93211c20b31afc72ed34161599ec4e6ec7495f43178d8cdf2608ed81575

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

access-control-allow-origin
*
date
Tue, 31 Aug 2021 02:58:41 GMT
content-encoding
gzip
server
Apache/2.4.46 (Amazon) OpenSSL/1.0.2k-fips
content-length
255
vary
Accept-Encoding
content-type
application/json;charset=UTF-8
jquery-1.8.3.min.js
s.isanook.com/sh/0/js/ 		91 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sh/0/js/jquery-1.8.3.min.js
Requested by
Host: s.isanook.com
URL: https://s.isanook.com/sr/0/_next/static/chunks/296c2f46e05a3698b69e11aff904f199bbae8293.917adce89b0ea44db467.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
150.109.191.115 Bangkok, Thailand, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
Lego Server /
Resource Hash
61c6caebd23921741fb5ffe6603f16634fca9840c2bf56ac8201e9264d6daccf

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 24 Aug 2021 15:31:05 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit, Hit From Inner Cluster
x-original-content-length
93636
server
Lego Server
age
179486
etag
"52394427-16dc4"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-nws-log-uuid
7654194825564206788
accept-ranges
bytes
content-length
33419
expires
Tue, 21 Sep 2021 13:28:41 GMT
260067.js
a.th.giraff.io/data/ 		29 B
682 B 		Script
General
Check archive.org
Download Go to
Full URL
https://a.th.giraff.io/data/260067.js?json=1&async=1&cs=utf-8&rand=0.3170790010361788&num=9&as=&nodupes=1&callback=callback41800930921485246
Requested by
Host: code.th.giraff.io
URL: https://code.th.giraff.io/data/widget-sanookcom-news.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
23.106.253.186 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS
Software
nginx /
Resource Hash
f7ad4e45be8cd8b1ebe73e850287e1cff04483698c4520f98ac481955f796c73

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 31 Aug 2021 02:58:42 GMT
content-encoding
gzip
allow
GET, POST, HEAD, OPTIONS
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CUR OUR NOR", policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
*
access-control-max-age
1728000
access-control-allow-credentials
true
content-type
application/javascript; charset=utf-8
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
activeview
pagead2.googlesyndication.com/pcs/ Frame 7400 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuMuVzJJ5jx-AIC4n3oNolhw4ysS31p7mMIGRBst14qNt0_p2U5g1yv5igQjHFNb3rWAJMqWs-bEVVzytnnnGQ3lArg5F89mAnVLLtblqzfqL1x125K&sig=Cg0ArKJSzBOyPTqM7BboEAE&id=lidar2&mcvt=1000&p=790,1045,1040,1345&asp=790,1045,1040,1345&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20210830&bin=7&avms=nio&bs=1600,1200&mc=1&app=0&itpl=3&adk=2209577734&rs=4&met=mue&la=0&cr=0&osd=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ%3D%3D&vs=4&eosm=0&rst=1630378720614&rpt=219&isd=0&lsd=0&r=v
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 31 Aug 2021 02:58:41 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
a.js
p.adlooxtracking.com/gpt/ 		8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://p.adlooxtracking.com/gpt/a.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/news/8435186/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.231.31 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
31.231.107.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
9a59c5e5bf506c979d9baf8521375edc46c510007ea428f877717bdf90a81528
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 31 Aug 2021 02:11:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Sun, 11 Jul 2021 15:29:14 GMT
server
nginx
age
2833
etag
W/"91f36cb612bb5287d05f3c7044927cbe"
vary
Accept-Encoding
content-type
application/javascript
via
1.1 google
cache-control
public, max-age=3600
timing-allow-origin
*
alt-svc
clear
content-length
3532
activeview
pagead2.googlesyndication.com/pcs/ Frame 4371 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuCxZyKet6bvXku1uQ1mvgN5t4P2eZooNgIZOyTWjAJehPrmPV9eTK_fZ8FHPou3WuvyHiDDnhBiBN2lI2d_GZV2UfSPUOiJhdgFz8QqijnL5rtPmmD&sig=Cg0ArKJSzKZ8rnh4NVc7EAE&id=lidar2&mcvt=1011&p=75,255,325,1345&asp=75,255,325,1345&mtos=1011,1011,1011,1011,1011&tos=1011,0,0,0,0&v=20210830&bin=7&avms=nio&bs=1600,1200&mc=1&app=0&itpl=3&adk=1758136767&rs=4&met=mue&la=1&cr=0&osd=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ%3D%3D&vs=4&eosm=0&rst=1630378720866&rpt=142&isd=0&lsd=0&r=v
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 31 Aug 2021 02:58:41 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
SPug
simage4.pubmatic.com/AdServer/ Frame D2BD 		0
260 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=155976&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.114 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 31 Aug 2021 02:58:41 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
PugMaster
image6.pubmatic.com/AdServer/ Frame 2734 		3 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=18645614&p=155976&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.115 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
4b4d409cc05474f019fca53de775812a4915210a11765129709315bd4fcc596d

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 31 Aug 2021 02:58:41 GMT
content-type
text/html; charset=UTF-8
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
260065.js
a.th.giraff.io/data/ 		29 B
532 B 		Script
General
Check archive.org
Download Go to
Full URL
https://a.th.giraff.io/data/260065.js?json=1&async=1&cs=utf-8&rand=0.6378517180188947&num=9&as=&callback=callback31092488586405165
Requested by
Host: code.th.giraff.io
URL: https://code.th.giraff.io/data/widget-sanookcom-news.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
23.106.253.186 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS
Software
nginx /
Resource Hash
4658c9c8f3b1f30222d89e951695bfb98a40178a5d7011e1256febc7a03494ed

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 31 Aug 2021 02:58:42 GMT
content-encoding
gzip
allow
GET, POST, HEAD, OPTIONS
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CUR OUR NOR"
access-control-allow-origin
*
access-control-max-age
1728000
access-control-allow-credentials
true
content-type
application/javascript; charset=utf-8
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
/
csync.loopme.me/ Frame D16F 		85 B
152 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.loopme.me/?redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={device_id}&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.55.6.210 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.210.6.55.162.clients.your-server.de
Software
_ /
Resource Hash
e482a48fef03d183029fa2edf995fc8e9ce023f18649fd1d9149958e977068a1

Request headers

:method
GET
:authority
csync.loopme.me
:scheme
https
:path
/?redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={device_id}&gdpr=0&gdpr_consent=
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

content-length
85
content-type
text/plain
date
Tue, 31 Aug 2021 02:58:43 GMT
server
_
Pug
simage2.pubmatic.com/AdServer/ Frame E2DD
Redirect Chain
  • https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=6107650196
  • https://sync.1rx.io/usersync/tradedesk/103b18c4-d82b-45d3-b324-37cc26225d2a
  • https://sync.targeting.unrulymedia.com/csync/RX-257e8cff-5c83-4bc5-a3b7-165a49ce6539-003?redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-257e8cff-5c83-4bc5-a3b7-165a49ce6539-003
42 B
555 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-257e8cff-5c83-4bc5-a3b7-165a49ce6539-003
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

:method
GET
:authority
simage2.pubmatic.com
:scheme
https
:path
/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-257e8cff-5c83-4bc5-a3b7-165a49ce6539-003
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
KADUSERCOOKIE=8B4EC3BE-AA14-4328-BCCF-1F66E820ACD8; PUBMDCID=3; KRTBCOOKIE_153=19420-nj5wJZFuJieFayF2nGxveJs-J3WFPXsgmm5T_VAu&KRTB&22979-nj5wJZFuJieFayF2nGxveJs-J3WFPXsgmm5T_VAu; KRTBCOOKIE_80=22987-CAESEJEgpjpGFZuID1taZ7ICrqU&KRTB&16514-CAESEJEgpjpGFZuID1taZ7ICrqU&KRTB&23025-CAESEJEgpjpGFZuID1taZ7ICrqU; KRTBCOOKIE_57=22776-4047021949935290411; KRTBCOOKIE_377=6810-103b18c4-d82b-45d3-b324-37cc26225d2a&KRTB&22918-103b18c4-d82b-45d3-b324-37cc26225d2a&KRTB&23031-103b18c4-d82b-45d3-b324-37cc26225d2a; KRTBCOOKIE_391=22924-9118664458665646425&KRTB&23263-9118664458665646425; KRTBCOOKIE_336=5844-5751815231257979321; KRTBCOOKIE_27=16735-uid:2c55612d-9ae0-4800-bb4f-a75df13cf803&KRTB&16736-uid:2c55612d-9ae0-4800-bb4f-a75df13cf803&KRTB&23019-uid:2c55612d-9ae0-4800-bb4f-a75df13cf803&KRTB&23114-uid:2c55612d-9ae0-4800-bb4f-a75df13cf803; KRTBCOOKIE_188=3189-no-consent; KRTBCOOKIE_218=22978-YS2a4AAET_rhiQA4&KRTB&23194-YS2a4AAET_rhiQA4&KRTB&23209-YS2a4AAET_rhiQA4&KRTB&23244-YS2a4AAET_rhiQA4; KRTBCOOKIE_22=14911-7764677129612852222; chkChromeAb67Sec=2; DPSync3=1630454400%3A174%7C1631577600%3A201_197_219_221_226_227%7C1632960000%3A232; SyncRTB3=1631232000%3A63%7C1631664000%3A35%7C1632960000%3A203%7C1631577600%3A189_176_54_22_81_165_5_8_21_234_99_104_7_13_56_204_161_3_166_88_231_71_55_222_57_220_230_233%7C1630972800%3A2_15_223%7C1635552000%3A69; KRTBCOOKIE_466=16530-ddec21da-356c-47d3-904f-2da74b94bc48; PugT=1630378723; KRTBCOOKIE_1101=23040-7002423295386515603; SPugT=1630378723
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Tue, 31 Aug 2021 02:58:45 GMT
content-type
image/gif; charset=utf-8
content-length
42
set-cookie
KRTBCOOKIE_594=17105-RX-257e8cff-5c83-4bc5-a3b7-165a49ce6539-003&KRTB&17107-RX-257e8cff-5c83-4bc5-a3b7-165a49ce6539-003; domain=pubmatic.com; SameSite=None; secure; expires=Mon, 29-Nov-2021 02:58:45 GMT; path=/ PugT=1630378725; domain=pubmatic.com; SameSite=None; secure; expires=Thu, 30-Sep-2021 02:58:45 GMT; path=/ PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Mon, 29-Nov-2021 02:58:45 GMT; path=/
x-lat
lhrpug007:0:438
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

server
Tengine
date
Tue, 31 Aug 2021 02:58:45 GMT
content-type
text/html
set-cookie
_rxuuid=%7B%22rx_uuid%22%3A%22RX-257e8cff-5c83-4bc5-a3b7-165a49ce6539-003%22%7D; path=/; expires=Wed, 31 Aug 2022 02:58:45 GMT; domain=.targeting.unrulymedia.com; samesite=none; secure; httponly
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-257e8cff-5c83-4bc5-a3b7-165a49ce6539-003
etag
RX257e8cff5c834bc5a3b7165a49ce6539003
bridge
cm.adgrx.com/ Frame AB4D 		43 B
408 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
72.251.241.206 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
Cowboy /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Host
cm.adgrx.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ads.pubmatic.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

Date
Tue, 31 Aug 2021 02:58:43 GMT
Content-Type
image/gif
Content-Length
43
Connection
keep-alive
server
Cowboy
X-RealServer-NX
ams-delivery-4
Cache-Control
no-cache, no-store, must-revalidate, proxy-revalidate
Pragma
no-cache
Expires
Thu, 23 Sep 2004 17:42:04 GMT
P3P
CP="NOI OTC OTP OUR NOR"
Access-Control-Allow-Origin
*
Pug
image2.pubmatic.com/AdServer/ Frame C886
Redirect Chain
  • https://green.erne.co/pubmatic/cm?
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=5oh7vQsH3i2FTP3k5vZxXZsy
42 B
395 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=5oh7vQsH3i2FTP3k5vZxXZsy
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

:method
GET
:authority
image2.pubmatic.com
:scheme
https
:path
/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=5oh7vQsH3i2FTP3k5vZxXZsy
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
KRTBCOOKIE_594=17105-RX-257e8cff-5c83-4bc5-a3b7-165a49ce6539-003&KRTB&17107-RX-257e8cff-5c83-4bc5-a3b7-165a49ce6539-003; PugT=1630378725; PUBMDCID=3
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Tue, 31 Aug 2021 02:58:46 GMT
content-type
image/gif; charset=utf-8
content-length
42
set-cookie
KRTBCOOKIE_409=22966-5oh7vQsH3i2FTP3k5vZxXZsy; domain=pubmatic.com; SameSite=None; secure; expires=Thu, 30-Sep-2021 02:58:46 GMT; path=/ PugT=1630378726; domain=pubmatic.com; SameSite=None; secure; expires=Thu, 30-Sep-2021 02:58:46 GMT; path=/ PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Mon, 29-Nov-2021 02:58:46 GMT; path=/
x-lat
lhrpug008:0:420
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

server
openresty
date
Tue, 31 Aug 2021 02:58:45 GMT
content-length
0
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
set-cookie
u=5oh7vQsH3i2FTP3k5vZxXZsy; Max-Age=31536000; Domain=.erne.co; Path=/; Secure; SameSite=None
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=5oh7vQsH3i2FTP3k5vZxXZsy
strict-transport-security
max-age=0; includeSubDomains;
dpe
ad4m.at/ad/ Frame 8D2A 		42 B
960 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/ad/dpe?b=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjkmdGw9MTI5NjAw&piggybackCookie=$UID
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3039::6815:c06d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; report-to report-endpoint; report-uri https://as.ad4m.at/ad/rcv; upgrade-insecure-requests; sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox

Request headers

:method
GET
:authority
ad4m.at
:scheme
https
:path
/ad/dpe?b=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjkmdGw9MTI5NjAw&piggybackCookie=$UID
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

date
Tue, 31 Aug 2021 02:58:42 GMT
content-type
image/gif
content-length
42
report-to
{"endpoints":[{"url":"https://as.ad4m.at/ad/vre"}],"group":"report-endpoint","max_age":86400}
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0"}
expires
0
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
content-security-policy
block-all-mixed-content; report-to report-endpoint; report-uri https://as.ad4m.at/ad/rcv; upgrade-insecure-requests; sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
referrer-policy
same-origin
pragma
no-cache
surrogate-control
no-store
x-fastcgi-cache
BYPASS
x-backend-server
adsrv-7b12
via
1.1 google
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
6872ffa81a2c4e79-FRA
i.match
s.tribalfusion.com/z/ Frame 08AD
Redirect Chain
  • https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATI...
  • https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMA...
43 B
419 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:d05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0

Request headers

:method
GET
:authority
s.tribalfusion.com
:scheme
https
:path
/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
ANON_ID=aynoeURwEfUS2QVqs96Za2kUrvZbSpaijVn3oO34sA
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

date
Tue, 31 Aug 2021 02:58:43 GMT
content-type
image/gif; charset=utf-8
content-length
43
p3p
CP="NOI DEVo TAIa OUR BUS"
x-function
302
cache-control
no-cache private
expires
Thu, 01 Jan 1970 00:00:00 GMT
pragma
no-cache
set-cookie
ANON_ID=a6ns6EMZaAC6pqGpS71cOtwqUUZdZbC8TIZdbwbdDgKcS20DvV09ZabXGoPCD3eeGkr6eGAdEEE9YmBmavqO4IqEx; path=/; domain=.tribalfusion.com; expires=Mon, 29-Nov-2021 02:58:43 GMT; SameSite=None; Secure; ANON_ID_old=a6ns6EMZaAC6pqGpS71cOtwqUUZdZbC8TIZdbwbdDgKcS20DvV09ZabXGoPCD3eeGkr6eGAdEEE9YmBmavqO4IqEx; path=/; domain=.tribalfusion.com; expires=Mon, 29-Nov-2021 02:58:43 GMT;
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
6872ffabfa7b4e1a-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

Redirect headers

date
Tue, 31 Aug 2021 02:58:43 GMT
content-type
text/html
p3p
CP="NOI DEVo TAIa OUR BUS"
x-function
206
x-reuse-index
3763
cache-control
no-cache private
expires
Thu, 01 Jan 1970 00:00:00 GMT
pragma
no-cache
set-cookie
ANON_ID=aynoeURwEfUS2QVqs96Za2kUrvZbSpaijVn3oO34sA; path=/; domain=.tribalfusion.com; expires=Mon, 29-Nov-2021 02:58:43 GMT; SameSite=None; Secure; ANON_ID_old=aynoeURwEfUS2QVqs96Za2kUrvZbSpaijVn3oO34sA; path=/; domain=.tribalfusion.com; expires=Mon, 29-Nov-2021 02:58:43 GMT;
location
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
6872ffaa58e44e1a-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
rtb-h
match.taboola.com/sg/pubmatic-ssp-network/1/ Frame 36E9
Redirect Chain
  • https://trc.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw&piggybackCookie=uid:$UID
  • https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=3d8b292c-a87c-48a6-b7a4-ada7f370658c-tuct8272062&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdSe...
0
147 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=3d8b292c-a87c-48a6-b7a4-ada7f370658c-tuct8272062&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:method
GET
:authority
match.taboola.com
:scheme
https
:path
/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=3d8b292c-a87c-48a6-b7a4-ada7f370658c-tuct8272062&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
t_gid=3d8b292c-a87c-48a6-b7a4-ada7f370658c-tuct8272062
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
accept-ranges
bytes
date
Tue, 31 Aug 2021 02:58:42 GMT
via
1.1 varnish
x-served-by
cache-fra19148-FRA
x-cache
MISS
x-cache-hits
0
x-timer
S1630378723.860615,VS0,VE9
content-length
0

Redirect headers

server
nginx
set-cookie
t_gid=3d8b292c-a87c-48a6-b7a4-ada7f370658c-tuct8272062;Version=1;Path=/;Domain=.taboola.com;Expires=Wed, 31-Aug-2022 02:58:42 GMT;Max-Age=31536000;Secure;SameSite=None
location
https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=3d8b292c-a87c-48a6-b7a4-ada7f370658c-tuct8272062&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
accept-ranges
bytes
date
Tue, 31 Aug 2021 02:58:42 GMT
via
1.1 varnish
x-served-by
cache-fra19131-FRA
x-cache
MISS
x-cache-hits
0
x-timer
S1630378723.595004,VS0,VE9
x-vcl-time-ms
9
content-length
0
141
match.deepintent.com/usersync/ Frame 4C2B 		0
44 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.deepintent.com/usersync/141?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
38.91.45.7 , United States, ASN398989 (DEEPINTENT, US),
Reverse DNS
Software
b /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:method
GET
:authority
match.deepintent.com
:scheme
https
:path
/usersync/141?gdpr=0&gdpr_consent=
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

content-length
0
date
Tue, 31 Aug 2021 02:58:46 GMT
server
b
Pug
simage2.pubmatic.com/AdServer/ Frame 1C12
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent=
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:Qwl8qbR21MkTZ35&gdpr=0&gdpr_consent=
42 B
211 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:Qwl8qbR21MkTZ35&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

:method
GET
:authority
simage2.pubmatic.com
:scheme
https
:path
/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:Qwl8qbR21MkTZ35&gdpr=0&gdpr_consent=
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
KRTBCOOKIE_594=17105-RX-257e8cff-5c83-4bc5-a3b7-165a49ce6539-003&KRTB&17107-RX-257e8cff-5c83-4bc5-a3b7-165a49ce6539-003; PUBMDCID=3; KRTBCOOKIE_409=22966-5oh7vQsH3i2FTP3k5vZxXZsy; PugT=1630378726
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Tue, 31 Aug 2021 02:58:46 GMT
content-type
image/gif; charset=utf-8
content-length
42
set-cookie
KRTBCOOKIE_107=1471-uid:Qwl8qbR21MkTZ35; domain=pubmatic.com; SameSite=None; secure; expires=Mon, 29-Nov-2021 02:58:46 GMT; path=/ PugT=1630378726; domain=pubmatic.com; SameSite=None; secure; expires=Thu, 30-Sep-2021 02:58:46 GMT; path=/ PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Mon, 29-Nov-2021 02:58:46 GMT; path=/
x-lat
lhrpug003:0:295
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

Cache-Control
no-cache, must-revalidate
Date
Tue, 31 Aug 2021 02:58:45 GMT
Expires
Fri, 01 Jan 1990 00:00:00 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:Qwl8qbR21MkTZ35&gdpr=0&gdpr_consent=
P3P
policyref="https://cts.w55c.net/ct/p3p_policy_ref.xml", CP="UNI PUR COM INT STA OTC STP OUR CUR TAIo COR DSP NOI"
Pragma
no-cache
Server
PingMatch/v2.0.30-669-g517f080#rel-ec2-master i-0670be21af8977517@eu-central-1a@dxedge-app-eu-central-1-prod-asg
Set-Cookie
wfivefivec=Qwl8qbR21MkTZ35; Domain=.w55c.net; Expires=Fri, 30-Sep-2022 02:58:46 GMT; Path=/; SameSite=None; Secure matchpubmatic=5; Domain=.w55c.net; Expires=Thu, 30-Sep-2021 02:58:46 GMT; Path=/; SameSite=None; Secure
Strict-Transport-Security
max-age=2592000; includeSubDomains
Content-Length
0
Connection
keep-alive
usersync
match.bnmla.com/ Frame 967B 		0
112 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.bnmla.com/usersync?sspid=10738&redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3NzUmdGw9MTI5NjAw%26piggybackCookie%3D%5BUUID%5D
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
38.27.122.126 Chestertown, United States, ASN174 (COGENT-174, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Host
match.bnmla.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ads.pubmatic.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

Server
nginx
Date
Tue, 31 Aug 2021 02:58:46 GMT
Content-Length
0
Connection
keep-alive
Pug
simage2.pubmatic.com/AdServer/ Frame FF0F
Redirect Chain
  • https://um.simpli.fi/pm_match?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:$UID
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:AB587ED07B8340E0B98FA9D2E6B5A9BF
1 B
68 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:AB587ED07B8340E0B98FA9D2E6B5A9BF
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

:method
GET
:authority
simage2.pubmatic.com
:scheme
https
:path
/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:AB587ED07B8340E0B98FA9D2E6B5A9BF
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
KADUSERCOOKIE=8B4EC3BE-AA14-4328-BCCF-1F66E820ACD8; PUBMDCID=3; KRTBCOOKIE_153=19420-nj5wJZFuJieFayF2nGxveJs-J3WFPXsgmm5T_VAu&KRTB&22979-nj5wJZFuJieFayF2nGxveJs-J3WFPXsgmm5T_VAu; KRTBCOOKIE_80=22987-CAESEJEgpjpGFZuID1taZ7ICrqU&KRTB&16514-CAESEJEgpjpGFZuID1taZ7ICrqU&KRTB&23025-CAESEJEgpjpGFZuID1taZ7ICrqU; KRTBCOOKIE_57=22776-4047021949935290411; KRTBCOOKIE_377=6810-103b18c4-d82b-45d3-b324-37cc26225d2a&KRTB&22918-103b18c4-d82b-45d3-b324-37cc26225d2a&KRTB&23031-103b18c4-d82b-45d3-b324-37cc26225d2a; KRTBCOOKIE_391=22924-9118664458665646425&KRTB&23263-9118664458665646425; KRTBCOOKIE_336=5844-5751815231257979321; KRTBCOOKIE_27=16735-uid:2c55612d-9ae0-4800-bb4f-a75df13cf803&KRTB&16736-uid:2c55612d-9ae0-4800-bb4f-a75df13cf803&KRTB&23019-uid:2c55612d-9ae0-4800-bb4f-a75df13cf803&KRTB&23114-uid:2c55612d-9ae0-4800-bb4f-a75df13cf803; KRTBCOOKIE_188=3189-no-consent; KRTBCOOKIE_218=22978-YS2a4AAET_rhiQA4&KRTB&23194-YS2a4AAET_rhiQA4&KRTB&23209-YS2a4AAET_rhiQA4&KRTB&23244-YS2a4AAET_rhiQA4; KRTBCOOKIE_22=14911-7764677129612852222; SPugT=1630378721; chkChromeAb67Sec=2; DPSync3=1630454400%3A174%7C1631577600%3A201_197_219_221_226_227%7C1632960000%3A232; SyncRTB3=1631232000%3A63%7C1631664000%3A35%7C1632960000%3A203%7C1631577600%3A189_176_54_22_81_165_5_8_21_234_99_104_7_13_56_204_161_3_166_88_231_71_55_222_57_220_230_233%7C1630972800%3A2_15_223%7C1635552000%3A69; KRTBCOOKIE_466=16530-ddec21da-356c-47d3-904f-2da74b94bc48; PugT=1630378723; KRTBCOOKIE_1101=23040-7002423295386515603
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Tue, 31 Aug 2021 02:58:43 GMT
content-type
text/html; charset=utf-8
content-length
1
set-cookie
PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Mon, 29-Nov-2021 02:58:43 GMT; path=/
x-lat
lhrpug014:0:275
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

server
nginx
date
Tue, 31 Aug 2021 02:58:43 GMT
content-type
text/html
content-length
154
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:AB587ED07B8340E0B98FA9D2E6B5A9BF
set-cookie
suid=AB587ED07B8340E0B98FA9D2E6B5A9BF; Path=/; domain=simpli.fi; Expires=Thu, 01-Sep-22 02:58:43 GMT; SameSite=none; Secure; suid_legacy=AB587ED07B8340E0B98FA9D2E6B5A9BF; Path=/; domain=simpli.fi; Expires=Thu, 01-Sep-22 02:58:43 GMT; Secure;
expires
Mon, 30 Aug 2021 02:58:43 GMT
cache-control
no-cache
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
access-control-allow-origin
*
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Pug
simage2.pubmatic.com/AdServer/ Frame 88EA
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=11
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=-LFovMIARGtSpAsjqU6T5Fn5QKs
42 B
219 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=-LFovMIARGtSpAsjqU6T5Fn5QKs
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

:method
GET
:authority
simage2.pubmatic.com
:scheme
https
:path
/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=-LFovMIARGtSpAsjqU6T5Fn5QKs
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
KRTBCOOKIE_594=17105-RX-257e8cff-5c83-4bc5-a3b7-165a49ce6539-003&KRTB&17107-RX-257e8cff-5c83-4bc5-a3b7-165a49ce6539-003; PUBMDCID=3; KRTBCOOKIE_409=22966-5oh7vQsH3i2FTP3k5vZxXZsy; PugT=1630378726; KRTBCOOKIE_1074=22956-e_fec5e4e4-bfb9-4657-9c5b-ce9ffe4dffcc; KRTBCOOKIE_107=1471-uid:Qwl8qbR21MkTZ35; KRTBCOOKIE_279=22890-5bc74f0b-0a07-11ec-ba3c-09af8c3825be&KRTB&23011-5bc74f0b-0a07-11ec-ba3c-09af8c3825be
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Tue, 31 Aug 2021 02:58:46 GMT
content-type
image/gif; charset=utf-8
content-length
42
set-cookie
KRTBCOOKIE_860=16335--LFovMIARGtSpAsjqU6T5Fn5QKs; domain=pubmatic.com; SameSite=None; secure; expires=Mon, 29-Nov-2021 02:58:46 GMT; path=/ PugT=1630378726; domain=pubmatic.com; SameSite=None; secure; expires=Thu, 30-Sep-2021 02:58:46 GMT; path=/ PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Mon, 29-Nov-2021 02:58:46 GMT; path=/
x-lat
lhrpug011:0:437
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

Content-Type
text/html; charset=utf-8
Date
Tue, 31 Aug 2021 02:58:46 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=-LFovMIARGtSpAsjqU6T5Fn5QKs
Set-Cookie
sa-user-id=s%3A0-f8b168bc-c200-446b-52a4-0b23a94e93e4.MJlfv9f3NkFtp9pMWEQOZwAMUGGOidjkcPhsgd8oYlg; Max-Age=31536000; Secure; SameSite=None sa-user-id-v2=s%3A0-f8b168bc-c200-446b-52a4-0b23a94e93e4%24ip%2489.249.64.171.bVB7%2BzoV5IR%2BGdO9R9zB5w8p2Rmh%2BFPbcTzz6yIyXD0; Domain=srv.stackadapt.com; Max-Age=31536000; Secure; SameSite=None
Content-Length
159
Connection
keep-alive
Artemis
aud.pubmatic.com/AdServer/ Frame 2734
Redirect Chain
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=8B4EC3BE-AA14-4328-BCCF-1F66E820ACD8&gdpr=
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=8B4EC3BE-AA14-4328-BCCF-1F66E820ACD8&gdpr=&fbounce=1
  • https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=8B4EC3BE-AA14-4328-BCCF-1F66E820ACD8&addseg=19,36,42
43 B
43 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=8B4EC3BE-AA14-4328-BCCF-1F66E820ACD8&addseg=19,36,42
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/news/8435186/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.64.189.249 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 31 Aug 2021 02:58:46 GMT
content-length
43
content-type
text/plain; charset=utf-8

Redirect headers

date
Tue, 31 Aug 2021 02:58:46 GMT
via
1.1 google
p3p
CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
location
https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=8B4EC3BE-AA14-4328-BCCF-1F66E820ACD8&addseg=19,36,42
cache-control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
content-type
text/html; charset=utf-8
alt-svc
clear
content-length
141
info2
uipglob.semasio.net/pubmatic/1/ Frame 2734
Redirect Chain
  • https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=8B4EC3BE-AA14-4328-BCCF-1F66E820ACD8&sInitiator=external&gdpr=0&gdpr_consent=
  • https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=8B4EC3BE-AA14-4328-BCCF-1F66E820ACD8&sInitiator=external&gdpr=0&gdpr_consent=
42 B
604 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=8B4EC3BE-AA14-4328-BCCF-1F66E820ACD8&sInitiator=external&gdpr=0&gdpr_consent=
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/news/8435186/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
77.243.60.138 Aalborg, Denmark, ASN42697 (NETIC-AS, DK),
Reverse DNS
Software
/
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 31 Aug 2021 02:58:43 GMT
frontend-id
10
p3p
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
access-control-allow-origin
*
uip-response-status
Ok
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type
image/gif
content-length
42
routing-server-id
-1
expires
Sat, 01 Jan 2011 12:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 31 Aug 2021 02:58:43 GMT
frontend-id
9
location
/pubmatic/1/info2?sType=sync&sExtCookieId=8B4EC3BE-AA14-4328-BCCF-1F66E820ACD8&sInitiator=external&gdpr=0&gdpr_consent=
p3p
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
access-control-allow-origin
*
uip-response-status
Ok
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
0
routing-server-id
-1
expires
Sat, 01 Jan 2011 12:00:00 GMT
mw
mwzeom.zeotap.com/ Frame 2734 		95 B
455 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=1384&env=mWeb&gdpr=0&gdpr_consent=&cid=8B4EC3BE-AA14-4328-BCCF-1F66E820ACD8
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/news/8435186/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 31 Aug 2021 02:58:42 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://ads.pubmatic.com
access-control-allow-credentials
true
cf-ray
6872ffa82a044e0d-FRA
access-control-allow-headers
*
content-length
95
/
loadm.exelator.com/load/ Frame 2734
Redirect Chain
  • https://loadm.exelator.com/load/?p=204&g=71&buid=8B4EC3BE-AA14-4328-BCCF-1F66E820ACD8&gdpr=0&gdpr_consent=&j=0
  • https://loadm.exelator.com/load/?p=204&g=71&buid=8B4EC3BE-AA14-4328-BCCF-1F66E820ACD8&gdpr=0&gdpr_consent=&j=0&xl8blockcheck=1
0
751 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://loadm.exelator.com/load/?p=204&g=71&buid=8B4EC3BE-AA14-4328-BCCF-1F66E820ACD8&gdpr=0&gdpr_consent=&j=0&xl8blockcheck=1
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/news/8435186/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.198.69.109 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-198-69-109.eu-central-1.compute.amazonaws.com
Software
nginx / Undertow/1
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 31 Aug 2021 02:58:46 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
x-powered-by
Undertow/1
p3p
policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA

Redirect headers

date
Tue, 31 Aug 2021 02:58:45 GMT
server
nginx
x-powered-by
Undertow/1
p3p
policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
location
https://loadm.exelator.com/load/?p=204&g=71&buid=8B4EC3BE-AA14-4328-BCCF-1F66E820ACD8&gdpr=0&gdpr_consent=&j=0&xl8blockcheck=1
cache-control
no-cache
access-control-allow-credentials
true
content-type
image/gif
content-length
0
Pug
simage2.pubmatic.com/AdServer/ Frame 2734
Redirect Chain
  • https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
  • https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
  • https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA%3D%26piggybackCookie%3D%24UID
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=5964268076335762879
42 B
110 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=5964268076335762879
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/news/8435186/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 31 Aug 2021 02:58:46 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug002:0:325
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Pragma
no-cache
Date
Tue, 31 Aug 2021 02:58:46 GMT
X-Proxy-Origin
89.249.64.171; 89.249.64.171; 727.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
5969942e-2c63-491f-afc0-36cbc721cf92
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=5964268076335762879
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 2734
Redirect Chain
  • https://rtb.gumgum.com/getuid/d1ba4609?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw%26piggybackCookie%3D
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw&piggybackCookie=e_fec5e4e4-bfb9-4657-9c5b-ce9ffe4dffcc
42 B
225 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw&piggybackCookie=e_fec5e4e4-bfb9-4657-9c5b-ce9ffe4dffcc
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/news/8435186/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 31 Aug 2021 02:58:46 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug012:0:398
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw&piggybackCookie=e_fec5e4e4-bfb9-4657-9c5b-ce9ffe4dffcc
date
Tue, 31 Aug 2021 02:58:45 GMT
p3p
CP="This is not a P3P policy"
server
nginx
timing-allow-origin
*
content-length
0
content-language
en-US
Pug
simage2.pubmatic.com/AdServer/ Frame 2734
Redirect Chain
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=${ADELPHIC_CUID}&gdpr=0&gdpr_cons...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=5bc74f0b-0a07-11ec-ba3c-09af8c3825be&gdpr=0&gdpr_consent=
1 B
216 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=5bc74f0b-0a07-11ec-ba3c-09af8c3825be&gdpr=0&gdpr_consent=
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/news/8435186/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 31 Aug 2021 02:58:46 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug018:0:438
server
nginx
content-type
text/html; charset=utf-8
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=5bc74f0b-0a07-11ec-ba3c-09af8c3825be&gdpr=0&gdpr_consent=
Date
Tue, 31 Aug 2021 02:58:45 GMT
Server
Apache-Coyote/1.1
Connection
keep-alive
Content-Length
0
X-CI-RTID
5bc74f0c-0a07-11ec-ba3c-09af8c3825be
260073.js
a.th.giraff.io/data/ 		28 B
531 B 		Script
General
Check archive.org
Download Go to
Full URL
https://a.th.giraff.io/data/260073.js?json=1&async=1&cs=utf-8&rand=0.6665966972426118&num=2&as=&nodupes=1&callback=callback7644692906543804
Requested by
Host: code.th.giraff.io
URL: https://code.th.giraff.io/data/widget-sanookcom-news.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
23.106.253.186 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS
Software
nginx /
Resource Hash
969b03e3082fbe1078200690783e454443b73cea2d68dd9a292cf733d9a9206d

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 31 Aug 2021 02:58:42 GMT
content-encoding
gzip
allow
GET, POST, HEAD, OPTIONS
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CUR OUR NOR"
access-control-allow-origin
*
access-control-max-age
1728000
access-control-allow-credentials
true
content-type
application/javascript; charset=utf-8
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
260071.js
a.th.giraff.io/data/ 		29 B
532 B 		Script
General
Check archive.org
Download Go to
Full URL
https://a.th.giraff.io/data/260071.js?json=1&async=1&cs=utf-8&rand=0.870784606694452&num=2&as=&callback=callback45956067243624554
Requested by
Host: code.th.giraff.io
URL: https://code.th.giraff.io/data/widget-sanookcom-news.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
23.106.253.186 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS
Software
nginx /
Resource Hash
634d25803746e26c5ff2998a141b81b1e7dbd7baaaee81b3de99c547e811ef78

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 31 Aug 2021 02:58:43 GMT
content-encoding
gzip
allow
GET, POST, HEAD, OPTIONS
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CUR OUR NOR"
access-control-allow-origin
*
access-control-max-age
1728000
access-control-allow-credentials
true
content-type
application/javascript; charset=utf-8
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
260070.js
a.th.giraff.io/data/ 		28 B
531 B 		Script
General
Check archive.org
Download Go to
Full URL
https://a.th.giraff.io/data/260070.js?json=1&async=1&cs=utf-8&rand=0.9857191805768557&num=3&as=&nodupes=1&callback=callback6817209456798372
Requested by
Host: code.th.giraff.io
URL: https://code.th.giraff.io/data/widget-sanookcom-news.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
23.106.253.186 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS
Software
nginx /
Resource Hash
95b852bbd835b61ef7b759f293de1fc5983189bdc26ebc41a9d837cd6f9d439c

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 31 Aug 2021 02:58:43 GMT
content-encoding
gzip
allow
GET, POST, HEAD, OPTIONS
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CUR OUR NOR"
access-control-allow-origin
*
access-control-max-age
1728000
access-control-allow-credentials
true
content-type
application/javascript; charset=utf-8
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
50x50-02.png
p3.isanook.com/sh/0/di/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p3.isanook.com/sh/0/di/50x50-02.png
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/news/8435186/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
150.109.90.96 Singapore, Singapore, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
Lego Server /
Resource Hash
94f4b6b010394a7da60c8fa8789ef2b34cd3fb3180fccbdc5b600307aaeddd05

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 31 Aug 2021 02:58:43 GMT
x-cache-lookup
Cache Hit
last-modified
Fri, 01 Mar 2013 10:59:59 GMT
server
Lego Server
etag
"51308a2f-4ba"
content-type
image/png
cache-control
max-age=2592000, s-maxage=10
x-nws-log-uuid
17521402533388245252
accept-ranges
bytes
content-length
1210
1.gif
s.isanook.com/sr/0/images/emoji/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.isanook.com/sr/0/images/emoji/1.gif
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/news/8435186/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
150.109.191.115 Bangkok, Thailand, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
Lego Server /
Resource Hash
35c9c1ae4c3df9a7f113edf895afee54e4908a1995c5254d4858c8bc470db8d0

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sat, 28 Aug 2021 10:22:25 GMT
x-cache-lookup
Cache Hit
server
Lego Server
age
0
etag
"61277387-62e"
content-type
image/gif
access-control-allow-origin
https://www.sanook.com
x-nws-log-uuid
17769896511832609627
accept-ranges
bytes
content-length
1582
expires
Mon, 27 Sep 2021 10:22:25 GMT
2.gif
s.isanook.com/sr/0/images/emoji/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.isanook.com/sr/0/images/emoji/2.gif
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/news/8435186/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
150.109.191.115 Bangkok, Thailand, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
Lego Server /
Resource Hash
97a99e100778059aca0bd2216cef21af553a0f7cb0191143e027267c03a0e16e

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sat, 28 Aug 2021 13:31:20 GMT
x-cache-lookup
Cache Hit
server
Lego Server
age
0
etag
"61277387-70c"
content-type
image/gif
access-control-allow-origin
https://www.sanook.com
x-nws-log-uuid
7094184125592810063
accept-ranges
bytes
content-length
1804
expires
Mon, 27 Sep 2021 13:31:20 GMT
3.gif
s.isanook.com/sr/0/images/emoji/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.isanook.com/sr/0/images/emoji/3.gif
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/news/8435186/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
150.109.191.115 Bangkok, Thailand, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
Lego Server /
Resource Hash
1d19fca94525bced7ad4e7a82e7ed60df670cb0043062c36cc75251e9e27a8a2

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 27 Aug 2021 14:29:28 GMT
x-cache-lookup
Cache Hit, Hit From Inner Cluster
last-modified
Thu, 26 Aug 2021 10:57:11 GMT
server
Lego Server
age
0
etag
"61277387-be5"
content-type
image/gif
access-control-allow-origin
https://www.sanook.com
cache-control
max-age=2592000, s-maxage=10
x-nws-log-uuid
11400180034562127481
accept-ranges
bytes
content-length
3045
expires
Sun, 26 Sep 2021 14:29:28 GMT
4.gif
s.isanook.com/sr/0/images/emoji/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.isanook.com/sr/0/images/emoji/4.gif
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/news/8435186/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
150.109.191.115 Bangkok, Thailand, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
Lego Server /
Resource Hash
6c813ea0c5e40673c9a5040635e44230d2a688474bc36855e426081667a5bbf7

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 26 Aug 2021 15:55:23 GMT
x-cache-lookup
Cache Hit, Hit From Inner Cluster
last-modified
Thu, 26 Aug 2021 10:57:11 GMT
server
Lego Server
age
0
etag
"61277387-1381"
content-type
image/gif
access-control-allow-origin
https://www.sanook.com
cache-control
max-age=2592000, s-maxage=10
x-nws-log-uuid
12863579210583411399
accept-ranges
bytes
content-length
4993
expires
Sat, 25 Sep 2021 15:55:23 GMT
5.gif
s.isanook.com/sr/0/images/emoji/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.isanook.com/sr/0/images/emoji/5.gif
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/news/8435186/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
150.109.191.115 Bangkok, Thailand, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
Lego Server /
Resource Hash
29c0ef5ab2d6df4bbce3486256be8a0fc89966908b00f3aaf53f83b8d16d5424

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 27 Aug 2021 01:33:55 GMT
x-cache-lookup
Cache Hit, Hit From Inner Cluster
last-modified
Thu, 26 Aug 2021 10:57:10 GMT
server
Lego Server
age
0
etag
"61277386-d50"
content-type
image/gif
access-control-allow-origin
https://www.sanook.com
cache-control
max-age=2592000, s-maxage=10
x-nws-log-uuid
15035124551862302586
accept-ranges
bytes
content-length
3408
expires
Sun, 26 Sep 2021 01:33:55 GMT
6.gif
s.isanook.com/sr/0/images/emoji/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.isanook.com/sr/0/images/emoji/6.gif
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/news/8435186/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
150.109.191.115 Bangkok, Thailand, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
Lego Server /
Resource Hash
3d83e9c94493629c76a9e919230e2e4dd47c97256050d34c7cce1d2a4f684a98

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 27 Aug 2021 14:29:38 GMT
x-cache-lookup
Cache Hit, Hit From Inner Cluster
last-modified
Thu, 26 Aug 2021 10:57:11 GMT
server
Lego Server
age
0
etag
"61277387-efa"
content-type
image/gif
access-control-allow-origin
https://www.sanook.com
cache-control
max-age=2592000
x-nws-log-uuid
10639417876070412974
accept-ranges
bytes
content-length
3834
expires
Sun, 26 Sep 2021 14:29:38 GMT
7.gif
s.isanook.com/sr/0/images/emoji/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.isanook.com/sr/0/images/emoji/7.gif
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/news/8435186/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
150.109.191.115 Bangkok, Thailand, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
Lego Server /
Resource Hash
4c2cf1b884f877847a5a361cbe7a799a6727193c518eac90db1d0c14af9807aa

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 26 Aug 2021 18:27:54 GMT
x-cache-lookup
Cache Hit, Hit From Inner Cluster
server
Lego Server
age
0
etag
"61277386-1f61"
content-type
image/gif
access-control-allow-origin
https://www.sanook.com
x-nws-log-uuid
7702377200877392082
accept-ranges
bytes
content-length
8033
expires
Sat, 25 Sep 2021 18:27:54 GMT
8.gif
s.isanook.com/sr/0/images/emoji/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.isanook.com/sr/0/images/emoji/8.gif
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/news/8435186/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
150.109.191.115 Bangkok, Thailand, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
Lego Server /
Resource Hash
2ae88801801cbaf45f70192763e8c1f46ef2ef468396347614de2c822b574b4c

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 29 Aug 2021 01:38:12 GMT
x-cache-lookup
Cache Hit
server
Lego Server
age
0
etag
"61277387-748"
content-type
image/gif
access-control-allow-origin
https://www.sanook.com
cache-control
max-age=2592000
x-nws-log-uuid
9074828401634461673
accept-ranges
bytes
content-length
1864
expires
Tue, 28 Sep 2021 01:38:12 GMT
9.gif
s.isanook.com/sr/0/images/emoji/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.isanook.com/sr/0/images/emoji/9.gif
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/news/8435186/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
150.109.191.115 Bangkok, Thailand, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
Lego Server /
Resource Hash
bc95034afe6f2d45474187a2f3dc75afa93299f0e1571ec75eac14ecb562d818

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 23 Aug 2021 16:09:50 GMT
x-cache-lookup
Cache Hit, Hit From Inner Cluster
server
Lego Server
age
0
etag
"61238b58-6c8"
content-type
image/gif
access-control-allow-origin
https://www.sanook.com
x-nws-log-uuid
7367429551207506977
accept-ranges
bytes
content-length
1736
expires
Wed, 22 Sep 2021 16:09:50 GMT
truncated
/ 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
076140e72d9bc811dc3fea615bfd16196a02e255a9326ae57c7f5c3ef00a1810

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type
image/gif
discussion2013.png
p4.isanook.com/sh/0/di/discussion/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p4.isanook.com/sh/0/di/discussion/discussion2013.png
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/news/8435186/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
150.109.90.96 Singapore, Singapore, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
Lego Server /
Resource Hash
b2f8560f1744785ef906efc90546c7e6cb1feea237191c8a537301ba37ae6fdf

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 31 Aug 2021 02:58:43 GMT
x-cache-lookup
Cache Hit, Hit From Inner Cluster
server
Lego Server
etag
W/"PSA-aj-hTdBBbAZpp"
content-type
image/png
cache-control
max-age=926033
x-nws-log-uuid
6598208278103736086
accept-ranges
bytes
content-length
15424
discussion2013.png
s.isanook.com/sr/0/images/discussion/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.isanook.com/sr/0/images/discussion/discussion2013.png
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/news/8435186/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
150.109.191.115 Bangkok, Thailand, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
Lego Server /
Resource Hash
b2f8560f1744785ef906efc90546c7e6cb1feea237191c8a537301ba37ae6fdf

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sat, 28 Aug 2021 08:08:41 GMT
x-cache-lookup
Cache Hit
last-modified
Thu, 26 Aug 2021 10:57:08 GMT
server
Lego Server
age
0
etag
"61277384-3c40"
content-type
image/png
access-control-allow-origin
https://www.sanook.com
cache-control
max-age=2592000, s-maxage=10
x-nws-log-uuid
12230145741862527658
accept-ranges
bytes
content-length
15424
expires
Mon, 27 Sep 2021 08:08:41 GMT
260068.js
a.th.giraff.io/data/ 		29 B
532 B 		Script
General
Check archive.org
Download Go to
Full URL
https://a.th.giraff.io/data/260068.js?json=1&async=1&cs=utf-8&rand=0.4650243242671386&num=3&as=&callback=callback04110586935768623
Requested by
Host: code.th.giraff.io
URL: https://code.th.giraff.io/data/widget-sanookcom-news.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
23.106.253.186 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS
Software
nginx /
Resource Hash
74a307407377f68e2cd3ec8ed3cb560a35e20087bd360052408d0a5592fe420f

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 31 Aug 2021 02:58:43 GMT
content-encoding
gzip
allow
GET, POST, HEAD, OPTIONS
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CUR OUR NOR"
access-control-allow-origin
*
access-control-max-age
1728000
access-control-allow-credentials
true
content-type
application/javascript; charset=utf-8
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
260074.js
a.th.giraff.io/data/ 		29 B
532 B 		Script
General
Check archive.org
Download Go to
Full URL
https://a.th.giraff.io/data/260074.js?json=1&async=1&cs=utf-8&rand=0.6101291814305965&num=2&as=&callback=callback15930452541662965
Requested by
Host: code.th.giraff.io
URL: https://code.th.giraff.io/data/widget-sanookcom-news.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
23.106.253.186 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS
Software
nginx /
Resource Hash
41aae3bd4199496e584e6ba518bc16b40600cb9c951a8d4f972f788ca8d1cd78

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 31 Aug 2021 02:58:43 GMT
content-encoding
gzip
allow
GET, POST, HEAD, OPTIONS
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CUR OUR NOR"
access-control-allow-origin
*
access-control-max-age
1728000
access-control-allow-credentials
true
content-type
application/javascript; charset=utf-8
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
260068.js
a.th.giraff.io/data/ 		28 B
531 B 		Script
General
Check archive.org
Download Go to
Full URL
https://a.th.giraff.io/data/260068.js?json=1&async=1&cs=utf-8&rand=0.8659507893581755&num=3&as=&callback=callback3846774914654185
Requested by
Host: code.th.giraff.io
URL: https://code.th.giraff.io/data/widget-sanookcom-news.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
23.106.253.186 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS
Software
nginx /
Resource Hash
c960e22eccc5b0531904177a2cd18054952e315d682a18866fac7f8dc63cafd1

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 31 Aug 2021 02:58:44 GMT
content-encoding
gzip
allow
GET, POST, HEAD, OPTIONS
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CUR OUR NOR"
access-control-allow-origin
*
access-control-max-age
1728000
access-control-allow-credentials
true
content-type
application/javascript; charset=utf-8
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
SPug
simage4.pubmatic.com/AdServer/ Frame 2734 		0
128 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=155976&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.114 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 31 Aug 2021 02:58:43 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
nr-1071.min.js
js-agent.newrelic.com/ 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js-agent.newrelic.com/nr-1071.min.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/news/8435186/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.13.27 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
56097e8b7ceb27db42a5e102af6d11dfdcaee13d8716477a8e242b4957d7a280

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-amz-version-id
null
content-encoding
gzip
etag
"a1a545c95f313a230157b47dca555c25"
x-amz-request-id
DM30SWKKVC6S9RTW
x-cache
HIT
content-length
9086
x-amz-id-2
PB2dZdkBAg3MOl6rQOIJs4rDAwkQxHHgoudypaqkid0YQ+oThDmxYru0sr4ENZXjvzCv3wU/M1w=
x-served-by
cache-fra19124-FRA
last-modified
Wed, 28 Feb 2018 23:33:31 GMT
server
AmazonS3
x-timer
S1630378729.620045,VS0,VE0
date
Tue, 31 Aug 2021 02:58:48 GMT
vary
Accept-Encoding
content-type
application/javascript
via
1.1 varnish
cache-control
public, max-age=7200, stale-if-error=604800
accept-ranges
bytes
x-cache-hits
15
syncframe
gum.criteo.com/ Frame 2D81 		11 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.sanook.com
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
58da6480fc50a14bd6f73842552e9bfbd623d883c9a81d68b7d27b52d0afe71c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

:method
GET
:authority
gum.criteo.com
:scheme
https
:path
/syncframe?origin=publishertag&topUrl=www.sanook.com
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.sanook.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer
https://www.sanook.com/

Response headers

cache-control
private, max-age=3600
content-type
text/html; charset=utf-8
content-encoding
gzip
vary
Accept-Encoding
strict-transport-security
max-age=31536000
cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy
require-corp
server-processing-duration-in-ticks
4738
set-cookie
uid=761c4e5e-7724-4692-ba1c-6de790db52ca; expires=Sun, 25 Sep 2022 02:58:48 GMT; domain=.criteo.com; path=/; secure; samesite=none
date
Tue, 31 Aug 2021 02:58:48 GMT
content-length
4666
sodar
pagead2.googlesyndication.com/getconfig/ 		11 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021083001&st=env
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/news/8435186/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f07914a9311fe83f1275adc3702a2f996f0c1ae1a7dd3eefa099184d47b935d5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 31 Aug 2021 02:58:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8552
x-xss-protection
0
8f062114d3
bam.nr-data.net/1/ 		57 B
278 B 		Script
General
Check archive.org
Download Go to
Full URL
https://bam.nr-data.net/1/8f062114d3?a=50891400&sa=1&v=1071.385e752&t=Unnamed%20Transaction&rst=15536&ref=https://www.sanook.com/news/8435186/&be=3095&fe=15433&dc=3247&af=err,xhr,stn,ins&perf=%7B%22timing%22:%7B%22of%22:1630378713163,%22n%22:0,%22f%22:0,%22dn%22:1,%22dne%22:539,%22c%22:539,%22s%22:620,%22ce%22:1387,%22rq%22:1387,%22rp%22:2168,%22rpe%22:2417,%22dl%22:2171,%22di%22:3246,%22ds%22:3246,%22de%22:3246,%22dc%22:15432,%22l%22:15432,%22le%22:15447%7D,%22navigation%22:%7B%7D%7D&jsonp=NREUM.setToken
Requested by
Host: js-agent.newrelic.com
URL: https://js-agent.newrelic.com/nr-1071.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
162.247.242.18 , United States, ASN23467 (NEWRELIC-AS-1, US),
Reverse DNS
bam-6.nr-data.net
Software
/
Resource Hash
f69a13217482dc43f25e74cfcb9391d0f06d22501f10f5cb5e413d2d98a5cd23

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Expires
Thu, 01 Jan 1970 00:00:00 GMT
Content-Length
57
Content-Type
text/javascript;charset=iso-8859-1
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021083001.js?31062435
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 31 Aug 2021 02:58:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1624308425655142"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6467
x-xss-protection
0
expires
Tue, 31 Aug 2021 02:58:48 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/224/ Frame F6BA 		12 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/sodar2/224/runner.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.sanook.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer
https://www.sanook.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
content-length
5029
date
Mon, 30 Aug 2021 18:18:57 GMT
expires
Tue, 30 Aug 2022 18:18:57 GMT
last-modified
Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
31191
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
aframe
www.google.com/recaptcha/api2/ Frame B0BC 		783 B
532 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
247e245b32b687b8a9c1a2e1d066c3a6fca899432f81ef160a4d1bbe10578c68
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-bH5sy7TIViy0dbkjrW3tXA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
www.google.com
:scheme
https
:path
/recaptcha/api2/aframe
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.sanook.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer
https://www.sanook.com/

Response headers

expires
Tue, 31 Aug 2021 02:58:48 GMT
date
Tue, 31 Aug 2021 02:58:48 GMT
cache-control
private, max-age=300
content-type
text/html; charset=utf-8
content-security-policy
script-src 'report-sample' 'nonce-bH5sy7TIViy0dbkjrW3tXA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
513
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
6gKGIMOXYYAaEt2loOPE_y5Y_PepjaUwyzoGEOWjQQI.js
pagead2.googlesyndication.com/bg/ Frame F6BA 		34 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/6gKGIMOXYYAaEt2loOPE_y5Y_PepjaUwyzoGEOWjQQI.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ea028620c39761801a12dda5a0e3c4ff2e58fcf7a98da530cb3a0610e5a34102
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 30 Aug 2021 21:02:59 GMT
content-encoding
br
x-content-type-options
nosniff
age
21349
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13187
x-xss-protection
0
last-modified
Mon, 23 Aug 2021 08:38:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 30 Aug 2022 21:02:59 GMT
sanook-notification.1.0.3.min.js
s.isanook.com/no/1/js/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/no/1/js/sanook-notification.1.0.3.min.js
Requested by
Host: s.isanook.com
URL: https://s.isanook.com/sr/0/_next/static/chunks/296c2f46e05a3698b69e11aff904f199bbae8293.917adce89b0ea44db467.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
150.109.191.115 Bangkok, Thailand, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
Lego Server /
Resource Hash
d282b4b30237c9c12f3dfdc0eb87274bcc7c140ac33733c663301d54a57e70bd

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 26 Aug 2021 14:33:02 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit, Hit From Inner Cluster
x-original-content-length
2114
server
Lego Server
age
0
etag
W/"5d9c5150-842"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-nws-log-uuid
9821459499344770509
accept-ranges
bytes
content-length
1054
expires
Sat, 25 Sep 2021 14:33:02 GMT
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=224&t=2&li=gpt_2021083001&jk=3650423137310197&bg=!d3SldDDNAAZOkH6FTpA7ACkAdvg8Wl0XEV5-0gI3UDE89ejZI3gxYW8dRUrIuE29hAog8kukQmO-IQIAAABeUgAAAA1oAQcKADv3Ixh6MW_0UIHQOAr-lgsX1Kwe0s_QzR4EytmqLlnGXo5p74ZG23Ha3YrTCeKjJGFPEdHWScolgKvBopkCeSgcEBo1End2Bc3HMLF-OBK4Wqj8X-qlzA_6Ra9jo1aZUIBsMOJxSBmcMDbEwkX1C0E7jQ9fMDU-hqOvVMJ61th0DFUV1z9B9KPXz-4yPfLIbpIqMjZ5hwl8GoiIVbmuH7j6LNqtDD4sglT8yi-_u5Mvd9vFo5elsMtes3HCXFWcFBJfyAO2oL1RQ67Z0CI7J8Y2nfQdP-fxPnuCq0TGriAS2Mp2UYgjDErpk82DmBJCWfVaABz8eLvZ1iorwvAhLxhngnatRlXtldnEBgcxgbkzCq96HsnTT0RC0t5L6BGMssXJh0lOHho_MejbUNFVIwGbomeLpDvAB3WID-zH_sKS0uk3QyR5pzOluhIaVii5jtMtXBgrwTuZz0oKeWczoV4kK21qhKcHHWWsoDaGOJ8HfGW1D7QjtFq4zp9HgYk3m6OmwldQzlqT7FJynhVrS5mquhkBW5GKnhr4zS1x6h0xHbnv242gZCeN_VbJMepEpw2dyVDOA9hIQwiXN4Vbb4nR9_YVzjQasC42xI8mHuj9h_dGGMZ_mA6ml40LFBXXiB4bi_mNw1RuQLY56pHkNUMeTa09Pcyy3WTgev_92_9xSN9ArqNYAz7McyyJl2cglUphW8ZUQCLgN9GGPoNmlqiLeJIiOhOi4Dt32SueVjSnXiSoqSVL-Bi7XtTQ1UWlmHkqWvMQR7_WAZvg0n0QzoU5ZNlMoC8yc1QgeoueyuwQwvI5Zb-IkNiAq2H6vVET5ax__bwhy2kbDCQY6dr5r9S9LVMxw4FafiWxXZB-fqIAv8wzmUvhiI7tUdc3Ffw3p0TGPWyd_FBB7CRvZdFwwUaQiICpdkjcEg
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers
sanook-notification-v1.017b.css
s.isanook.com/sh/0/cs/ 		3 KB
1004 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sh/0/cs/sanook-notification-v1.017b.css
Requested by
Host: s.isanook.com
URL: https://s.isanook.com/sh/0/js/jquery-1.8.3.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
150.109.191.115 Bangkok, Thailand, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
Lego Server /
Resource Hash
cda8e751c232a6ad5c61a5ea42846abf027f3bf7155b91655a6994837f06467f

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 29 Aug 2021 01:07:25 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit
x-original-content-length
3433
server
Lego Server
age
0
etag
W/"5d9c5105-d69"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
x-nws-log-uuid
12976513974154443164
accept-ranges
bytes
content-length
825
expires
Tue, 28 Sep 2021 01:07:25 GMT
socket.io.min.1.0.js
s.isanook.com/no/1/js/ 		42 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/no/1/js/socket.io.min.1.0.js
Requested by
Host: s.isanook.com
URL: https://s.isanook.com/no/1/js/sanook-notification.1.0.3.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
150.109.191.115 Bangkok, Thailand, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
Lego Server /
Resource Hash
7d1e4a5c70c6d44d81ffdcda7e780e82b161181b9bf77345021ccbf3039b0e0c

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 27 Aug 2021 12:06:26 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit, Hit From Inner Cluster
x-original-content-length
43330
server
Lego Server
age
0
etag
W/"52393b2d-a942"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-nws-log-uuid
8243586839768682841
accept-ranges
bytes
content-length
13513
expires
Sun, 26 Sep 2021 12:06:26 GMT
json
gum.criteo.com/sid/ Frame 2D81 		436 B
529 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=publishertag&domain=sanook.com&sn=ChromeSyncframe&so=0&topUrl=www.sanook.com&cw=1
Requested by
Host: gum.criteo.com
URL: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.sanook.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
da6f80546d3b99ef598273dce0c99c44c9aef9686a2cfff1133b212b97516560
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.sanook.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
content-encoding
gzip
date
Tue, 31 Aug 2021 02:58:49 GMT
vary
Accept-Encoding
content-type
application/json; charset=utf-8
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
2902
expires
0
/
notification.sanook.com/socket.io/1/ 		71 B
309 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://notification.sanook.com:9403/socket.io/1/?t=1630378734199
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/news/8435186/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
203.151.133.55 Bangkok, Thailand, ASN4618 (INET-TH-AS Internet Thailand Company Limited, TH),
Reverse DNS
55.134.151.203.sta.inet.co.th
Software
/
Resource Hash
758617cdb38dd60d647f49f92891b22fb39bad593d01ebd743ebecf0199c6926

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Access-Control-Allow-Origin
https://www.sanook.com
Date
Tue, 31 Aug 2021 02:58:55 GMT
Access-Control-Allow-Credentials
true
Connection
keep-alive
Transfer-Encoding
chunked
Content-Type
text/plain

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
pagead2.googlesyndication.com
URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021082301&st=env
Domain
pagead2.googlesyndication.com
URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstVI7bNnp2vSbv1EAyfdsRbb5_2WMhtv1yOC_lGiJoxjIR3KGTN6vHbP8AGFAXt5yTjl1Qy8bwG4xRlGu9YkpkKMaUoEyOJ8VjwD9Z5jSzsoBHmQlUq&sig=Cg0ArKJSzGvqLhp0sUYUEAE&id=lidartos&mcvt=0&p=0,0,0,0&asp=0,0,0,0&mtos=0,0,0,0,0&tos=0,0,0,0,0&v=20210830&bin=7&avms=nio&bs=1600,1200&mc=0&app=0&itpl=19&adk=4264991586&rs=4&met=ce&la=0&cr=0&osd=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ%3D%3D&vs=3&eosm=0&rst=1630378719581&rpt=1200&isd=0&lsd=0&r=u&ec=0
Domain
pagead2.googlesyndication.com
URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstmz4pfShXcRitoec4CI7NfX_1hlPqEb_xIcEXbKIn9b5WWwHt5PdTQT26Yi1W33_jccw0FwRttobxG4RzD_OBINoEC11O9SB2E61e5P0CPWEuW-8wI&sig=Cg0ArKJSzGcVJeJcTQ-gEAE&id=lidartos&mcvt=0&p=0,0,0,0&asp=0,0,0,0&mtos=0,0,0,0,0&tos=0,0,0,0,0&v=20210830&bin=7&avms=nio&bs=1600,1200&mc=0&app=0&itpl=19&adk=1033481451&rs=4&met=ce&la=0&cr=0&osd=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ%3D%3D&vs=3&eosm=0&rst=1630378720412&rpt=189&isd=0&lsd=0&r=u&ec=0

Verdicts & Comments Add Verdict or Comment

535 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 object| 17 object| 18 object| 19 object| 20 object| 21 object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated object| objGTMInitialValue object| smiData boolean| GTMFirstLoad object| dataLayer function| getPage boolean| THFirstLoad string| page string| SanookAnalyticsObject function| snSAL object| m function| fbq function| _fbq object| NREUM object| newrelic function| __nr_require object| PWT object| googletag string| deviceOS object| _izq object| criteo_pubtag object| criteo_pubtag_112 object| Criteo object| Criteo_112 object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga object| gaplugins object| gaGlobal object| gaData object| google_optimize function| _UA-8147095-6_sendHitTask function| onYouTubeIframeAPIReady function| GooglemKTybQhCsO function| google_trackConversion object| GooglebQhCsO object| innityDataLayer object| _comscore function| owpbjsChunk object| owpbjs object| _pbjsGlobals object| ucTag object| OWT string| partnerName string| key string| hash string| turlnameindex string| _hsv string| _ht string| _ctg string| _hc number| __thflag undefined| stat_frm string| truehitsurl object| tga number| VisitorT number| onSeconds string| p_cookie function| getLogonTime function| getLogoffTime function| path_cookie function| logon_getcookie function| Tracker function| _rdId function| _toHex function| _gsc function| _Flv function| _Hash function| _ref function| collector function| th_ajax_tracker function| domain_cmp string| __th_page string| udf string| arg string| _narg string| rf string| truehitsurl_top object| th_img object| th_link function| udm_ object| ns_p object| COMSCORE object| ggeac object| google_js_reporting_queue object| innitytagmgr boolean| bG57b51f2f1c51b15b6d1e8553 object| _innityq object| webpackJsonp object| _innity_wtl object| _innityoq object| V object| _iampt number| dz boolean| bG5f47736a47e7049801000002 function| Goog_AdSense_getAdAdapterInstance function| Goog_AdSense_OsdAdapter undefined| google_measure_js_timing object| container undefined| _izAlt object| izConfig function| _izooto object| regeneratorRuntime object| __NEXT_DATA__ function| __BUILD_MANIFEST_CB object| __NEXT_P object| next object| __BUILD_MANIFEST function| __NEXT_PRELOADREADY string| Oe string| Ce string| Ae string| Te string| Ee string| Le string| Ie string| Pe string| Ve string| Me string| Ne string| De string| Re string| He string| Be function| Fe function| $e object| qe function| ze function| Ge function| Xe function| We function| Ue function| Ke boolean| Ze function| Je function| Ye function| Qe function| tn function| en function| nn function| rn function| an function| on object| sn object| cn function| un object| saplugins object| saGlobal boolean| isLottoContent object| __consolidated_events_handlers__ boolean| snBillboardPlaceholder function| fbAsyncInit object| _taboola object| FB object| googleToken object| googleIMState function| processGoogleToken number| __google_ad_urls_id number| google_unique_id object| billboardRefreshList object| scCGSHMRCache object| vttjs function| WebVTT object| Base64 object| __google_ad_urls boolean| google_osd_loaded boolean| google_onload_fired boolean| giraffDebugInit object| giraff function| grf_change_article function| grf_run_widget function| cbGeo333093510 object| rvAgentPlayer string| rvApiKey string| rvApiEndpoint function| ResponsiveVoice object| responsiveVoice object| config boolean| splitTestEnabled boolean| splitTest_useGS function| GetRandomMsg function| getHiddenProp function| getVisibilityState function| isHidden function| isPrerendered boolean| prerenderUsed function| createCookie function| readCookie function| eraseCookie function| getOrCreateTest function| oneTimeTest function| trackEvent undefined| rvNotificationPopup function| hoverintent undefined| _grf_34326313547918863 undefined| VK undefined| ODKL function| Goog_Osd_UnloadAdBlock function| Goog_Osd_UpdateElementToMeasure function| google_osd_amcb object| ampInaboxIframes object| ampInaboxPendingMessages object| ampInaboxPositionObserver object| ampInaboxFrameOverlayManager object| msgData number| time_interval number| min_view_andbeyond number| min_view number| timebased_refresh_andbeyond number| residual number| refresh_andbeyond number| number number| refresh number| iframes object| observ object| slot_vis object| start_time object| total_vis string| country_rtb1 string| city_rtb string| city_ip string| city_region string| Countrytimezone number| timedate1 number| andstatus300 number| andstatus3001 number| prebid_active number| newtestunitcount number| adlooksstatus number| adlooksstatus1 number| adloox_fraud number| andbeyondadult function| calcTime undefined| width undefined| height object| block_url number| size3001status number| size3002status number| size3003status number| size3004status number| size3005status number| size3006status number| size3007status number| size3008status number| size3009status number| size30010status number| size30011status number| size30012status number| size30013status number| size30014status number| size30015status number| size30016status number| size30017status number| size30018status number| size30019status number| size30020status number| size30021status number| size30022status number| size30023status number| size30024status number| size30025status number| size30026status number| size30027status number| size30028status number| size30029status number| size30030status number| size30031status number| size30032status number| size30033status number| size30034status number| size30035status number| size30036status number| size30037status number| size30038status number| size30039status number| size30040status number| size30041status number| size30042status number| size30043status number| size30044status number| size30045status number| size6001status number| size6002status number| size6003status number| size6004status number| size6005status number| size6006status number| size6007status number| size6008status number| size60010status number| size7281status number| size7282status number| size7283status number| size7284status number| size7285status number| size7286status number| size7287status number| size7288status number| size7289status number| size72810status number| size72811status number| size72812status number| size72813status number| size72814status number| size72815status number| size72816status number| size72817status number| size72818status number| size72819status number| size72820status number| size72821status number| size72822status number| size72823status number| size72824status number| size72825status number| size9701status number| size9702status number| size9703status number| size9704status number| size9705status number| size9706status number| size9707status number| size9708status number| size9709status number| size97010status number| size9702501status number| size9702502status number| size9702503status number| size9702504status number| size9702505status number| size9702506status number| size9702507status number| size9702508status number| size9702509status number| size97025010status number| size1201status number| size1202status number| size1203status number| size1204status number| size1205status number| size1206status number| size1601status number| size1602status number| size1603status number| size1604status number| size1605status number| size1606status number| size1607status number| size1608status number| size1609status number| size3201status number| size3202status number| size3203status number| size3204status number| size3205status number| size3206status number| size3207status number| size3208status number| size3209status number| size32010status number| size32011status number| size32012status number| size32013status number| size32014status number| size32015status number| size32016status number| size32017status number| size32018status number| size32019status number| size32020status number| size32021status number| size1001status number| size1002status number| size1003status number| size1004status number| size1005status number| size1006status number| size1007status number| size1008status number| size1009status number| size10010status number| size4681status number| size4682status number| size4683status number| size4684status object| label_adapter object| machine_rules function| isInteger number| tier2 number| tier3 number| globalandbeyond number| factor_internal number| timebased number| timebased_refresh number| timer_refresh number| factor_visible number| factor_tier1 number| factor_tier2 string| factor_tier1_text string| factor_tier2_text string| no_refresh boolean| detectPartial number| highcpm number| highcpm1 number| windowwandtest number| strategy function| myTimer number| myVar function| isVisible number| randomval1 number| network1 number| network2 number| percent1 number| namemc function| bidadjust1 number| windowwidth2 number| PREBID_TIMEOUT_NEW number| floor number| ref object| pbjs object| activeadunit object| divandbeyond number| andbeyondtotalSeconds number| andbeyondtotalSeconds1 undefined| andbeyondtimestop function| andbeyonddisps function| addListenerMulti boolean| idleStates object| idleTimers object| block_domain_creative string| pathurl12 number| geoindiablock function| callbackand0 function| $ string| DataCollectionObject function| datCol function| jQuery string| Ct string| At string| cd35 string| cd36 function| callback41800930921485246 object| adloox_pubint object| ignore object| jQuery18308613034076704307 function| callback31092488586405165 function| callback7644692906543804 function| callback45956067243624554 function| callback6817209456798372 function| callback04110586935768623 function| callback15930452541662965 function| callback3846774914654185 number| refreshval number| number5 number| success number| timeflag string| idnew2 number| knew number| j number| newidflag string| vs3 number| nextactive number| nextpassive number| time_refreshunit number| nextnumber number| pos number| passivergptuniversalb2 number| activergptuniversalb2 number| time_refreshunitrgptuniversalb2 number| nextnumberrgptuniversalb2 number| newflag number| diff number| flagnewone number| passivergptbillboard7 number| activergptbillboard7 number| time_refreshunitrgptbillboard7 number| nextnumberrgptbillboard7 number| passivergptleaderboard3 number| activergptleaderboard3 number| time_refreshunitrgptleaderboard3 number| nextnumberrgptleaderboard3 number| passivergptinviewarticle8 number| activergptinviewarticle8 number| time_refreshunitrgptinviewarticle8 number| nextnumberrgptinviewarticle8 number| passivergptreca4 number| activergptreca4 number| time_refreshunitrgptreca4 number| nextnumberrgptreca4 number| passivergpttower5 number| activergpttower5 number| time_refreshunitrgpttower5 number| nextnumberrgpttower5 number| passivergptinviewadrequest6 number| activergptinviewadrequest6 number| time_refreshunitrgptinviewadrequest6 number| nextnumberrgptinviewadrequest6 object| GoogleGcLKhOms object| google_image_requests object| SanookNotification object| io boolean| WEB_SOCKET_DISABLE_AUTO_INITIALIZATION

4 Cookies

Domain/Path Name / Value
.bidr.io/ Name: bitoIsSecure
Value: ok
.bidr.io/ Name: bito
Value: AADkPE7CWzYAAB-pZHeDog
.pubmatic.com/ Name: SPugT
Value: 1630378727
.pubmatic.com/ Name: KADUSERCOOKIE
Value: 337DF811-FE62-4B2A-BB6B-C03A95CC7C9B

104 Console Messages

Source Level URL
Text
console-api warning URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js(Line 1)
Message:
fun-hooks: referenced 'registerAdserver' but it was never created
console-api log URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js(Line 1)
Message:
Calling handler function
console-api log URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js(Line 1)
Message:
Calling handler function
console-api log URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js(Line 1)
Message:
Calling handler function
console-api log URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js(Line 1)
Message:
Calling handler function
console-api log URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js(Line 1)
Message:
Calling handler function
console-api log URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js(Line 1)
Message:
Calling handler function
console-api log URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js(Line 1)
Message:
Calling handler function
console-api log URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js(Line 1)
Message:
Calling handler function
console-api log URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js(Line 1)
Message:
Calling handler function
console-api log URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js(Line 1)
Message:
Calling handler function
console-api log URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js(Line 1)
Message:
Calling handler function
console-api log URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js(Line 1)
Message:
Calling handler function
console-api log URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js(Line 1)
Message:
Calling handler function
console-api log URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js(Line 1)
Message:
Calling handler function
console-api warning URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021083001.js?31062435(Line 6)
Message:
[GPT] Cannot find targeting attribute "crt_pb" for "/4899711/news.sanook/desktop/social/readpage/billboard".
console-api warning URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021083001.js?31062435(Line 6)
Message:
[GPT] Cannot find targeting attribute "crt_bidid" for "/4899711/news.sanook/desktop/social/readpage/billboard".
console-api log URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js(Line 1)
Message:
Calling handler function
console-api log URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js(Line 1)
Message:
Calling handler function
console-api log URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js(Line 1)
Message:
Calling handler function
console-api log URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js(Line 1)
Message:
Calling handler function
console-api log URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js(Line 1)
Message:
Calling handler function
console-api log URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js(Line 1)
Message:
Calling handler function
console-api log URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js(Line 1)
Message:
Calling handler function
console-api log URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js(Line 1)
Message:
Calling handler function
console-api log URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js(Line 1)
Message:
Calling handler function
console-api log URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js(Line 1)
Message:
Calling handler function
console-api log URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js(Line 1)
Message:
Calling handler function
console-api log URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js(Line 1)
Message:
Calling handler function
console-api log URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js(Line 1)
Message:
Calling handler function
console-api log URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js(Line 1)
Message:
Calling handler function
console-api warning URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021083001.js?31062435(Line 6)
Message:
[GPT] Cannot find targeting attribute "crt_pb" for "/4899711/news.sanook/desktop/social/readpage/billboard".
console-api warning URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021083001.js?31062435(Line 6)
Message:
[GPT] Cannot find targeting attribute "crt_bidid" for "/4899711/news.sanook/desktop/social/readpage/billboard".
console-api log URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js(Line 1)
Message:
Calling handler function
console-api log URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js(Line 1)
Message:
Calling handler function
console-api log URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js(Line 1)
Message:
Calling handler function
console-api log URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js(Line 1)
Message:
Calling handler function
console-api log URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js(Line 1)
Message:
Calling handler function
console-api log URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js(Line 1)
Message:
Calling handler function
console-api log URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js(Line 1)
Message:
Calling handler function
console-api log URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js(Line 1)
Message:
Calling handler function
console-api log URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js(Line 1)
Message:
Calling handler function
console-api log URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js(Line 1)
Message:
Calling handler function
console-api log URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js(Line 1)
Message:
Calling handler function
console-api warning URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021083001.js?31062435(Line 6)
Message:
[GPT] Cannot find targeting attribute "crt_pb" for "/4899711/news.sanook/desktop/social/readpage/billboard".
console-api warning URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021083001.js?31062435(Line 6)
Message:
[GPT] Cannot find targeting attribute "crt_bidid" for "/4899711/news.sanook/desktop/social/readpage/billboard".
console-api log URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js(Line 1)
Message:
Calling handler function
console-api log URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js(Line 1)
Message:
Calling handler function
console-api log URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js(Line 1)
Message:
Calling handler function
console-api log URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js(Line 1)
Message:
Calling handler function
console-api log URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js(Line 1)
Message:
Calling handler function
console-api log URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js(Line 1)
Message:
Calling handler function
console-api log URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js(Line 1)
Message:
Calling handler function
console-api log URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js(Line 1)
Message:
Calling handler function
console-api log URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js(Line 1)
Message:
Calling handler function
console-api log URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js(Line 1)
Message:
Calling handler function
console-api log URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js(Line 1)
Message:
Calling handler function
console-api log URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js(Line 1)
Message:
Calling handler function
console-api log URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js(Line 1)
Message:
Calling handler function
console-api log URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js(Line 1)
Message:
Calling handler function
console-api log URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js(Line 1)
Message:
Calling handler function
console-api log URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js(Line 1)
Message:
Calling handler function
console-api log URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js(Line 1)
Message:
Calling handler function
console-api log URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js(Line 1)
Message:
Calling handler function
console-api log URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js(Line 1)
Message:
Calling handler function
console-api log URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js(Line 1)
Message:
Calling handler function
console-api log URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js(Line 1)
Message:
Calling handler function
console-api log URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js(Line 1)
Message:
Calling handler function
console-api log URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js(Line 1)
Message:
Calling handler function
console-api log URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js(Line 1)
Message:
Calling handler function
console-api log URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js(Line 1)
Message:
Calling handler function
console-api log URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js(Line 1)
Message:
Calling handler function
console-api log URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js(Line 1)
Message:
Calling handler function
console-api log URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js(Line 1)
Message:
Calling handler function
console-api warning URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021083001.js?31062435(Line 6)
Message:
[GPT] Cannot find targeting attribute "crt_pb" for "/4899711/news.sanook/desktop/social/readpage/billboard".
console-api warning URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021083001.js?31062435(Line 6)
Message:
[GPT] Cannot find targeting attribute "crt_bidid" for "/4899711/news.sanook/desktop/social/readpage/billboard".
console-api log URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js(Line 1)
Message:
Calling handler function
console-api log URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js(Line 1)
Message:
Calling handler function
console-api log URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js(Line 1)
Message:
Calling handler function
console-api log URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js(Line 1)
Message:
Calling handler function
console-api log URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js(Line 1)
Message:
Calling handler function
console-api log URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js(Line 1)
Message:
Calling handler function
console-api log URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js(Line 1)
Message:
Calling handler function
console-api log URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js(Line 1)
Message:
Calling handler function
console-api log URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js(Line 1)
Message:
Calling handler function
console-api log URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js(Line 1)
Message:
Calling handler function
console-api log URL: https://s.isanook.com/sr/0/_next/static/chunks/2be0d319d819306fce97e874e470fd03e07f4c5e.9000108fae36569ab5d5.js(Line 1)
Message:
Error: Bad response from server
console-api log URL: https://s.isanook.com/sr/0/js/voice/responsive-voice-1.0.3.min.js(Line 1)
Message:
ResponsiveVoice r1.6.1
console-api log URL: https://s.isanook.com/sr/0/js/voice/responsive-voice-1.0.3.min.js(Line 1)
Message:
isHidden: false
console-api log URL: https://s.isanook.com/sr/0/js/voice/responsive-voice-1.0.3.min.js(Line 1)
Message:
Prerender: false
console-api log URL: https://s.isanook.com/sr/0/js/voice/responsive-voice-1.0.3.min.js(Line 1)
Message:
Voice support NOT ready
console-api log URL: https://s.isanook.com/sr/0/js/voice/responsive-voice-1.0.3.min.js(Line 1)
Message:
Voice support NOT ready
console-api log URL: https://s.isanook.com/sr/0/js/voice/responsive-voice-1.0.3.min.js(Line 1)
Message:
Voice support NOT ready
console-api log URL: https://s.isanook.com/sr/0/js/voice/responsive-voice-1.0.3.min.js(Line 1)
Message:
Voice support NOT ready
console-api log URL: https://s.isanook.com/sr/0/js/voice/responsive-voice-1.0.3.min.js(Line 1)
Message:
Voice support NOT ready
console-api log URL: https://s.isanook.com/sr/0/js/voice/responsive-voice-1.0.3.min.js(Line 1)
Message:
Voice support NOT ready
console-api log URL: https://s.isanook.com/sr/0/js/voice/responsive-voice-1.0.3.min.js(Line 1)
Message:
RV: speechSynthesis present but no system voices found
console-api log URL: https://s.isanook.com/sr/0/js/voice/responsive-voice-1.0.3.min.js(Line 1)
Message:
RV: Enabling fallback mode
console-api log URL: https://s.isanook.com/sr/0/js/voice/responsive-voice-1.0.3.min.js(Line 1)
Message:
Voice support NOT ready
console-api log URL: https://s.isanook.com/sr/0/js/voice/responsive-voice-1.0.3.min.js(Line 1)
Message:
RV: speechSynthesis present but no system voices found
console-api log URL: https://s.isanook.com/sr/0/js/voice/responsive-voice-1.0.3.min.js(Line 1)
Message:
RV: Enabling fallback mode
console-api info URL: https://cdn.ampproject.org/rtv/012108170213000/amp4ads-v0.mjs(Line 6)
Message:
Powered by AMP ⚡ HTML – Version 2108170213000 https://www.sanook.com/news/8435186/
console-api log (Line 17564)
Message:
Country1DE
console-api log URL: https://s.isanook.com/sr/0/js/voice/responsive-voice-1.0.3.min.js(Line 1)
Message:
Configuring

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=15724800; includeSubDomains;

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

6d00ba5207e9bad60d35193393cb2b25.safeframe.googlesyndication.com
a.giraff.io
a.teads.tv
a.th.giraff.io
a.tribalfusion.com
acdn.adnxs.com
ad.turn.com
ad4m.at
ads.playground.xyz
ads.pubmatic.com
ads.yahoo.com
adservice.google.com
adservice.google.de
ajax.googleapis.com
api.u1sf.com
appx.sanook.com
as.innity.com
aud.pubmatic.com
avd.innity.com
avd.innity.net
bam.nr-data.net
bcp.crwdcntrl.net
bidder.criteo.com
c1.adform.net
cdn.ampproject.org
cm.adgrx.com
cm.g.doubleclick.net
code.jquery.com
code.th.giraff.io
connect.facebook.net
connect.ok.ru
csync.loopme.me
d5p.de17a.com
data.th.giraff.io
dis.criteo.com
dmp.brand-display.com
dsp.adfarm1.adition.com
dsum-sec.casalemedia.com
e708a1b2eb7ee529558f921728aa12d4.safeframe.googlesyndication.com
encrypted-tbn0.gstatic.com
encrypted-tbn1.gstatic.com
encrypted-tbn2.gstatic.com
encrypted-tbn3.gstatic.com
eu-u.openx.net
eus.rubiconproject.com
fastlane.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
global.cloud.netacuity.com
googleads.g.doubleclick.net
graph.facebook.com
graph.sanook.com
green.erne.co
gu.dyntrk.com
gum.criteo.com
hbopenbid.pubmatic.com
htlb.casalemedia.com
ib.adnxs.com
id.crwdcntrl.net
id.rlcdn.com
id5-sync.com
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
js-agent.newrelic.com
js-sec.indexww.com
loada.exelator.com
loadm.exelator.com
lvs2.truehits.in.th
match.adsby.bidtheatre.com
match.adsrvr.org
match.bnmla.com
match.deepintent.com
match.prod.bidr.io
match.taboola.com
mug.criteo.com
mwzeom.zeotap.com
nep.advangelists.com
notification.sanook.com
p.adlooxtracking.com
p3.isanook.com
p4.isanook.com
pagead2.googlesyndication.com
pixel-sync.sitescout.com
pixel.onaudience.com
pixel.quantserve.com
pixel.rubiconproject.com
pm.w55c.net
pr-bh.ybp.yahoo.com
pubmatic-match.dotomi.com
px.owneriq.net
rtb-eu.andbeyond.media
rtb.adentifi.com
rtb.gumgum.com
s.amazon-adsystem.com
s.isanook.com
s.tribalfusion.com
sal.isanook.com
sb.scorecardresearch.com
secure.adnxs.com
securepubads.g.doubleclick.net
simage2.pubmatic.com
simage4.pubmatic.com
sonata-notifications.taptapnetworks.com
ssp.adriver.ru
ssum-sec.casalemedia.com
static.criteo.net
stats.g.doubleclick.net
sync-tm.everesttech.net
sync.1rx.io
sync.crwdcntrl.net
sync.extend.tv
sync.ipredictive.com
sync.mathtag.com
sync.srv.stackadapt.com
sync.targeting.unrulymedia.com
t.pubmatic.com
tencentth-d.openx.net
token.rubiconproject.com
tpc.googlesyndication.com
trc.taboola.com
uipglob.semasio.net
um.simpli.fi
ups.analytics.yahoo.com
us-u.openx.net
visitor.fiftyt.com
vk.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.sanook.com
x.bidswitch.net
pagead2.googlesyndication.com
101.33.11.110
104.103.92.43
104.108.144.214
104.108.145.8
119.81.192.134
13.224.93.86
13.248.242.197
135.125.160.77
142.250.185.162
142.250.185.226
146.59.148.16
149.129.240.178
150.109.191.115
150.109.90.96
151.101.13.27
151.101.13.44
151.101.14.49
151.101.193.108
159.253.128.183
159.65.196.12
162.247.242.18
162.55.6.210
172.217.16.130
178.250.0.157
178.250.2.131
178.250.2.151
18.198.69.109
185.29.134.248
185.33.221.90
185.33.221.91
185.64.189.112
185.64.189.114
185.64.189.115
185.64.189.226
185.64.189.249
185.64.190.80
185.64.190.81
188.165.137.78
195.161.16.132
2001:4de0:ac18::1:a:2b
2001:678:cb4:bbbb::11
203.151.128.145
203.151.133.5
203.151.133.55
203.151.133.6
209.58.177.16
213.155.156.169
213.19.147.44
213.19.162.61
217.20.152.207
23.106.253.186
23.209.68.8
2606:4700:10::6816:4e7b
2606:4700:10::ac43:db6
2606:4700:3039::6815:c06d
2606:4700::6812:d05
2620:116:800d:21:5a23:9c4e:e774:96c1
2a00:1288:110:c305::8000
2a00:1288:80:800::7001
2a00:1450:4001:808::2003
2a00:1450:4001:809::200e
2a00:1450:4001:80e::2008
2a00:1450:4001:80f::2002
2a00:1450:4001:810::2001
2a00:1450:4001:810::200e
2a00:1450:4001:811::2001
2a00:1450:4001:811::2002
2a00:1450:4001:812::2004
2a00:1450:4001:813::2002
2a00:1450:4001:813::200a
2a00:1450:4001:827::200e
2a00:1450:4001:829::200a
2a00:1450:4001:82f::2001
2a00:1450:4001:82f::2003
2a00:1450:4001:830::2002
2a00:1450:4001:830::200e
2a00:1450:4001:831::2002
2a00:1450:400c:c0a::9d
2a02:2638:1::3
2a02:2638::1c
2a02:fa8:8806:12::1370
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f02d:e:face:b00c:0:2
2a03:2880:f12d:83:face:b00c:0:25de
2a04:4e42:3::300
3.121.111.29
3.123.143.157
3.126.56.137
34.107.231.31
34.204.22.100
34.232.92.67
34.251.173.19
34.253.111.115
34.98.107.212
35.156.165.31
35.201.96.126
35.241.40.233
35.244.159.8
35.244.174.68
37.157.4.28
38.27.122.126
38.91.45.7
52.201.149.59
52.44.213.11
52.46.133.124
52.49.238.187
54.236.185.42
54.36.109.186
54.77.78.130
54.78.254.47
61.91.93.188
66.155.71.150
69.173.144.139
72.251.241.206
77.243.60.138
77.245.57.78
81.222.128.214
85.114.159.118
87.240.190.67
88.221.7.65
92.122.26.214
92.123.21.100
01303e8a3ae5202215835a41361974001d3dd377d81dd248d8a7b04d8e295fb8
01d581ca675069c9743845725f5bca0f3fcfe3b55ece5605c53d7196d658d0a1
03751176989e20356e4d788db1a9eb6340fece610059ff1a584327b619771e3b
0464387ee82b37e9d2fe2be926c1e42e5a05acf1bf319cbed950509071f16e8f
076140e72d9bc811dc3fea615bfd16196a02e255a9326ae57c7f5c3ef00a1810
076d24cbdcf9e0597833fef55d3dca79e6b5fd281e45d85957bea5925473bc6c
09b8585932e9851125c885d435a53f925d6b4d508b9f49b5cb929690509f1d85
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
0d111d61901004eafd87c672f12f6cd54b3c376513aa672bf58100506dfe76f5
0f79581e76662fc3566b2aa83867812c0bc33a8e619a7b38c79ece3a8e261f9a
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
114dabe187311ee2e303549831223ef80d06385cb854e2aa1647ec1e0ca148f5
131b1d50ab454a7d5dbec1d9e95cfa391a3df469098a5675f41771b68575f30d
13542d9019e497c5f334a4865d73f4f28a17455388ba489c3d6a5f7c79ebe9fe
1381ddce722e71695f406ed6fc66bfb31653d1a8f631c9bbf6ee0ee4ee475379
13c6f1aeadd5d8c5f426b3658373db80484f412addc0070139bb11ec99f7435a
140582e47785a6324e4440adcd51bc14005892d083eff72f66265b568db5933b
15906e6d782942494450b5474366c4098c542e8ebfbf2aabb9b824b451971970
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
16873f3ca4427fdb235955bd52e9419dfdc5994c6341c2eddc1d65cf230169ca
180425af28d98940d88774e896fe688dcb33b41df94ac547989b4d41d6925f5c
181c45ddbce77208ff117d9ba2a408246a4f430fa273d4f0893e722939bbba0a
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
19dd274fc2f8319a727f0c14e7a80d27c5f9eeec3bd06169be4155fa9d6ae377
1bdfa9c643993d597a387f3d55294f33ea9da79a205c31237b14bf0075d77835
1c173a3c80e6dde8b7325baf95ddcb210c276eb19e809c44225d61c5e81b6d9d
1d19fca94525bced7ad4e7a82e7ed60df670cb0043062c36cc75251e9e27a8a2
1e0ee3c9c55e783ff1f0df953b235363c004ff40fc433ba5d085b1fc8aaad235
1f3a1c6c709557abdb6d89dab8b86d8f9a5db9961647ec29dbce164c127031db
202c62154b85f60edb1b14a28a22e83e5a87f97f2c5f8567590cedea75a0cd78
2168533bbcfe77296498d9ffd15e154f6d18f1e0e9a4083ce9c52286c8e96b78
2189b2ffa69fda833403071b6d1c9c2a803b560772bc7c38a8652efc10de0cf5
21f441ba86119d8bb0fd42599640a3eb41481afcda38d7fd86a982af12c892d1
22befe8ed8176cb89cbde1a4f93adce4bddb8de0a8e703f2c15366e6da968070
22db0197299c101eff614413ae53f2e9b440634500d2d084e47ad269ae247dbe
247e245b32b687b8a9c1a2e1d066c3a6fca899432f81ef160a4d1bbe10578c68
25b05137ee5f13c74e003f5caa99ed84778cec13bdf845c74fa28e62789d1741
25f169a66c777e53abd3573e27ea82e831d19a77de55454d78b76208f720b7e2
286165058d81e5000553b0363df366875623cc662ea4e2d285e399b267e78f3b
2997f00dd83f424df019122d13ea3f301d180d720e2977e8d81ffe0a5649e326
29c0ef5ab2d6df4bbce3486256be8a0fc89966908b00f3aaf53f83b8d16d5424
2ae88801801cbaf45f70192763e8c1f46ef2ef468396347614de2c822b574b4c
2c3140b46d7335d89224e60f1e12d6257851eb8b99bf4d9e72adbbd564ffb797
2c3282f6361e85f669bc3d248b8693c53dd22f8f06488c99beb57258e6e00f87
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2e1163d82a6d11895815dbb568079ea1a7bc7750e0e1dd16512508c3417a0061
2e6251295f2212910f888d9ac4b8676259664db5051d0883f322d622fe3244c3
2eb29862c80658c1650bcf34cca1763357c0f960942cbc1edc160b4f14c7e5eb
2eb9c3bf0c2b11644dba28a5035dc371dbd811e5c3a119d8846e101cd4496ad8
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
318e21c9f1120efbce5b97bdc2cc4d2cbf27c7d4f38d07d94981303fd95443fe
31bd8f1d5a0f3fce868b971c7f52603de284a7efe3693a5fdc2f019ab20d965a
35c9c1ae4c3df9a7f113edf895afee54e4908a1995c5254d4858c8bc470db8d0
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068
3742d5b28f7d0667a9e788a9a6867410194c116b62d93bcd6d256dad386189ad
3982c942590876cf5a57ea212976927e47b081f65ead1a24e8d0c563e97e89b7
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3d83e9c94493629c76a9e919230e2e4dd47c97256050d34c7cce1d2a4f684a98
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
4029e1cbbdd21124af3f32b42c297fc5420f64c899dce2a11b7fdbba17916688
41aae3bd4199496e584e6ba518bc16b40600cb9c951a8d4f972f788ca8d1cd78
44a8550a5891e70e072fe307ff01f77c94c89a120117c7aaa82e5e9ac2860436
458f47c8d4e71d58a27ff10bd155f9f77a2f630cba8d0479f5810cb74bd8596b
463952328dcbdef613d1c70cf251d9dc381db488f60e4bf3ccc19ec73afd127f
4658c9c8f3b1f30222d89e951695bfb98a40178a5d7011e1256febc7a03494ed
46ac864eaef04f0b4124dd8bda16a352d8287c4a9a8fa66bba86f5def26b3037
472f6e49b5f3cb5a2d9267e935f61debda47141148b4a79eeec7bdde83bd8932
475700259e64d480d1a70023e14741bb298a025e338bb608552e2472d4505a65
47b2e4e5ae504cbefc5c71d8bab25c4571c65321f1009411150b689dcc2901f5
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
48bb89434a42b4fb519f27e9272e018e8151383b4b7f46f26260f5fd29e5f05e
48d1186e375dd91148851d1b190b40e99f821b7258e175c3ac15f7c05673096a
4a419da4e15c1456d0144e6d56ca896ab3dbff1ae73892fa90f4129afa4fa6a0
4b4d409cc05474f019fca53de775812a4915210a11765129709315bd4fcc596d
4b9e2d9cb3a553b04a4f89fa2b40485c31e04dcc0516589f7c1fb9f87a3435c1
4c0d1635c2f06d486e469fdd124f8162c52823ba5836252b7ed669a7c7c09bc6
4c2cf1b884f877847a5a361cbe7a799a6727193c518eac90db1d0c14af9807aa
4d59a5633f0c0824633eb8631d3219b6893ab33de44b2f7989f7828bc599e9e9
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
5091ccddc911eda04d7e5f42dd92550b526d21db1f44fe946ea66598e5e05186
5309d5462505e21f1e3517d52a754090e785dd9068e0962b493d95c70e5b90dc
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
54718d25d78e639528a3d10739e66f99e5c86d02bedef6bb62149a3607caff87
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
556b54759c6cef79505607ce76cb1b45c1ea663582f337599d7c602b46e70a0c
56097e8b7ceb27db42a5e102af6d11dfdcaee13d8716477a8e242b4957d7a280
560d336f09a1a9e4fd3e7ea57f537d001bf9203a0ee633f41d237ae9d90a77c5
56f36534c63fc42b782437937dd71f47ee3fdcdfaa70f1483533ff44c5fde84a
58da6480fc50a14bd6f73842552e9bfbd623d883c9a81d68b7d27b52d0afe71c
5a44bb0da76356746f2a4720dbdcb4c385e865b5a009f76fb252960532ccad17
5d13330dbce2dbafe2bdb832ef63516443d3c6687735d0f10a06b1ae8d1dd27e
5d1f3a4ee5a02abdbc66a11aad769dd81cbe4d07f0b3799ff0940ad7b7d6cc1a
5e5e144f8aed55b696b3268a6cca042d5065429e557713c29d6bc73575dc6148
616d170a503f4e7a668bb4b6ccd21cb926059c5c2d0bac657ffbc09f25c0cdb5
61c6caebd23921741fb5ffe6603f16634fca9840c2bf56ac8201e9264d6daccf
61eaa2b6f8c640a70c883f049470e20855f7c63da9c0cf60aa1fbc12547ad905
62d8d67fa30964811cfbe1465848a0b0a0436e43d90ff3c330a3ce998d521cc6
634d25803746e26c5ff2998a141b81b1e7dbd7baaaee81b3de99c547e811ef78
635664c62c16fe2ab1476757c43e3018ca1a14e8f83dbad2ca843c08a0ec8898
64f55f3c746a8be7700cefa5766b912e686840b8d58b8c5f31b01fbbb861ff52
65a2c51a124c9c70ba2658a101e28c00535c64651897577b2ed90693e9aeabd4
65d92e36ac9a058f660398ed713dda9b407854b01e659fe29508f8548f9eb479
66a0968d5f5a81b1805bea5fc0e4ff75d121aa195ec808ee95829aaf20154cba
6945240273217734a7abf2fced1ed5dbe2b8617d48b3133306ecb9f42ebe0856
695e3e04c7d78887cbe74d3449f5c0a5e2ef92d173e6cbf8f692d3e028f4554d
6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c
6abd3046d023dea7174ab5cf7614e1f44efd08ed1dbebddf0f86c38d806acc96
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6c813ea0c5e40673c9a5040635e44230d2a688474bc36855e426081667a5bbf7
6e60332df508bd4c5951c3073c23b266ff306aafd7457226d7c58b4b7944d74e
7039a31cabdf37972bc95cdd885b69560a1a9353d063d1372d7c8407e846452d
70c43dce4a0660213c91932e6b1b2c2a4370402bdbf51206a877d0b8d92312e2
71ab8fc9615cfb5a1ac40096ff608cd2a3f59f0b9b568431771184c9859dab07
734b814220ae9a3d44b59d48528f68672c9e17be6857b1dfacb6f18a37fd172b
73852526b4a43c4eaca5dd41bd2fdd0e76592b81d3a0d0d4b1260b3738285f43
74122d6bed0fd8d76af426f4643a54866d666807a69255ac875e5303b6742fed
74a307407377f68e2cd3ec8ed3cb560a35e20087bd360052408d0a5592fe420f
758617cdb38dd60d647f49f92891b22fb39bad593d01ebd743ebecf0199c6926
76cf6ad6c4c47be06615bfb4b4ad77ca5226d605a708cb2fd7926d765de27fa0
7725538fe2f71147bffeba7452b434c826aef9009666cb4360c605d0b2a91d1d
7884ea512c3977a6c9bfa2835b3fd5200d2760b691d0ed3adf02adf271808359
7897bc9a4066b2205e3c1ded3a9abebeccdceac176a7caccf3ca3655a3a65a4e
79e294a7071dc71eebe41f088919fd137441a80f5ba5bd2765b978726ec5ee9d
7c97733cfcb2cf9c407d64412fa84f3204bd2f7148b0c9dac79153e00e0d808f
7d1e4a5c70c6d44d81ffdcda7e780e82b161181b9bf77345021ccbf3039b0e0c
7da6ca17349939c16f0a36047dda74941cc18fb314584cf8ffb4bb7f2453c843
7eca7977c6ade416c20775a7fd7cfa2291c5752cd1225d5c4342b057c37a000c
7f0aa3993bb76cc8bc3666b2b5ebdf5e899c39f3d20ea5e231f938631f77e396
8272b272604f1866594b610450b7fe0ed9e36daed3a3d1d7ccc15f49bc3134ea
8291d78312b19f795793b32bfb8a532bba6c288e4515f60226afa5ce1b51d508
831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
83b28f21efb067ab703e279905c471d2fd252b993dde8645cab0ff2a8e7e0d2a
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
84f3d5ef8f191d7ebea61b62a37928cfcf901b82bb4d4e748b0063ee070fbf16
852b86933d326a3c493f7f57ea4f3933167223b7bdfd37f3ee82523be4cd731e
86128b9ba700cc30d262ef818d0b1abbf894cac03dc67b1cd5b191363ba9c265
86be52bdb7547413cafb3ed175a806a798c65de98b40849e0b974c47d187de65
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de
87b2af840e9a29525b0ebf64fb3ce6e1c009fe1648c46bf252d3b03990be56bf
8b64b79dda8d774d63b1af9c94082312ba6f94472df616f30345fd0d14197aaa
8cd15eb98cd850f5ab18e9c33efb8d9e6753afe11b1770ec028df8a23eff6f6e
8d37f23647537d48ee4f0c05b8acdf093cb828fe3c5703653aedfdd5f88cde2d
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8d9ca9a070463bcbe29e90af7f3b2aff78adce09eb1481d5b261af72ef998f28
9005ef18fcfb3897cd13c7ec73f90d2b0da0cc7d6153be58cdbe90ad5e2741c8
912a2a5c965b978ff6eff64babed7425b118952d1a3497c31ba77f06b42fc598
9158e53d7052a6df65c12e3a59a8c77a8be353425523e4eff057fa5578e654ad
933da63d7005d410df6de52f3eb4b87fa7c74f6472b1f5c200d2a33d0a4440dd
94dfd4575f18abc94f25792fc2920463092432a4452fc02efaea02c9a7c1fe97
94f4b6b010394a7da60c8fa8789ef2b34cd3fb3180fccbdc5b600307aaeddd05
95b852bbd835b61ef7b759f293de1fc5983189bdc26ebc41a9d837cd6f9d439c
960e9c2e9773839ca0c3caa810c9d9432ed8f5bfd5d4a823abfff3b7bbcc1035
964b656289b3bc187440e3556d72226c8f364bdc257acb0b3a99956ad013b60a
969b03e3082fbe1078200690783e454443b73cea2d68dd9a292cf733d9a9206d
96a867861a1eacf26cfb2d56ac3de70c0b03e08ef133d1b74fe289720807c251
9784403bcb17571aac530afddf7fe9943d599301afc8d4797c9683549c5c9455
97a99e100778059aca0bd2216cef21af553a0f7cb0191143e027267c03a0e16e
9973d4837254463d18af1f1fa3d201f5c46270b8516e1d1fa0886e14e1c39334
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9a59c5e5bf506c979d9baf8521375edc46c510007ea428f877717bdf90a81528
9fcacc14bc2882b3699532796f84cf4d09fd4a10fe28595e45f15b579b1d454c
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a4dd6d1a338ee6666d4479f8a436bca06fb273c809c21e94f1da92cc0ca4ce06
a531318f14411b60f76e9f1ff557a0624d3d4ae4fabca14fdde110389dcfbcad
a562490a96851c1f77bd1d7642f8ea9393080cc5a841060f95ed0db6a76f527e
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a746d91d960f078de71f6b4883764a7c1ed2171108bb8640148b6c7b24b4cd27
a7eacc62dc6aac904f6336909b56e5de062954de5bdffea3eb1205381baf9c4b
ab7a9e1dd7e6c7d5e3fa41ef5ff9c1fd12e0067c2b2875e6eb79a7bc6433658b
ac0d14d8b4a66299b3a84068fc5447d86121c033e665a51bbd3fb23938e00d3f
ac8eabec563ca7a5dbba47a05fcccbce4a38cf4dbdcf1c82d08312268044ff07
add959e269a4562dd13010ed646398d5a6156e11db1886292b5eee313b4fb373
ae78732b0174bbedb17ffb7d1f16e9f7fdcc272760e6eac5663f74c345a3a5e6
af712efc61813d77d225facc71be0c12bd82969827ecfb391cbdff18a1f7b67c
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b2f8560f1744785ef906efc90546c7e6cb1feea237191c8a537301ba37ae6fdf
b6b92d79711a9cdc74b7dbc3732697dd3fed08458ed92915d4e59183e64fcab7
b6f3544a89ea7b5a6a0d9810c8ae513ef68603141231166a5575ff3aa0927a71
b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11
b73c6549f2066359e6be3ca77d90aa87d00522d6b4f31565b2541fa3a799703b
b954d75fe18fc4f434d917c09c8074086ccd126e5af3b9103ab2724a0afe9d30
ba6c1060631a2610ac4bc8dbb565dc7fbea08f1a9295908cdf3baa7db0b1140a
bae4cac950d588663fe65c25cdb64f9dc56f7cc91ba97da63b134fb97d2ae7fd
bb8500c9f4f27b11b17d0ee7c21ffe58fa2a4cc06524f5a9a9a94743f9578677
bc737a01a72ef54ff0decd38e4ada36dad376930b764cabfad012682cdc262ae
bc95034afe6f2d45474187a2f3dc75afa93299f0e1571ec75eac14ecb562d818
bed535e75d7dba5faa419ee99d7649ad132a2fff008c07c84887e904aae78ddc
bf8f1270e4fd19c15a5124f7cbbd1c04768916149fcde2bb6932d2a1a7ba747a
c094ef1f98c646cf0413d29db4278f571b05f0a686ecaa74c405833232397742
c09778e8a6f52094885727d8c19f5ebad50b297fe9bc09431f2b04505b6c47b3
c15422fde5b41648d49cbe2275e8fb3189c3dd669f788483204d97dae39c321d
c17b35a232e3339db946b717c561dbd2ff51d690a5cd5337fceff3db1d92d934
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c5ae339001ea35b2ac8a76d3463e2340f2cd2514581215421519af2b42ef326b
c66d3c1707ef5a6d8aa22fadd8fb728fe74a0fb33c0a8b50506b56d0f1ded0a1
c6a956e7c71fd758fcdf3fb9b1c7509fc54d4c278fd0fed826e0d6a9dab8c990
c76cc68adbbc958993e23bf9ad18979f7aeaab6274b1f2322afb581d22eb855f
c7824772a80a13b14b655587949e28bbd4334567e3deb600e4bb9324fe73ff8c
c8c555832866fc44c6671f90cf1b7789d180cece706459e225fd64036124ebe1
c960e22eccc5b0531904177a2cd18054952e315d682a18866fac7f8dc63cafd1
c9d1c829c2d3bf22b5fb4c886f6583ebaa8b1a2459c7f5b1a80f352d5381f571
cad58f215d074424bf4b9310a814d9ea51931235a3afe31ee2e69c58e8f75bec
cda8e751c232a6ad5c61a5ea42846abf027f3bf7155b91655a6994837f06467f
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d14ebb53fe6ab2ff75fed70e5c65265b05e1247e763c3519b2c930e44cf7b8f5
d151a6f61a6cce18812403026b537f78c196150373c6d2b81ec299bd7b99c30c
d16190d79aed6c40f9542f79e05ff925cac777331d0ebd1da581d39d5ae2a8e4
d26acdb9070a67b6023e8ac4ea0eb433c597ca85721c25cb0f89adddb776a5aa
d282b4b30237c9c12f3dfdc0eb87274bcc7c140ac33733c663301d54a57e70bd
d3d234c662434057ebd6fe55270a6c0e7b935a5719344e8e71ebe625afd7222a
d41b563ada9a172c523d64623347f1014d31637f1889e6863367c6d51eec78f2
d8405abefbd33ff333e343802dcc12751bd42a8f1b6524846420d09176d348ad
da6f80546d3b99ef598273dce0c99c44c9aef9686a2cfff1133b212b97516560
db242ac40ea13e23c0c47b046e1b9d1ee790392070ee6b58bd1b3dfd1279dd45
db33c4f990fbf4b25e7253b949eac346a83095d82af2ebfc72574c861a87a2c5
db40a93211c20b31afc72ed34161599ec4e6ec7495f43178d8cdf2608ed81575
dcc88c99f66fecaa3bda80d74854aa20e5d9299446e70f59b9312498f6026ee6
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e12ca129385ec88177c0fb34c59fd33dd1cd5d4f6531eb1b0b44cab8c3167ac6
e2c1c46b95e76e5aa6f3568f5632db433ed8ff053dddb6698f46c6483413a586
e2e8559a26e5b8b0e26447669be56fa8ee7e6042ebcbfbcb558a419d8a955177
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e482a48fef03d183029fa2edf995fc8e9ce023f18649fd1d9149958e977068a1
e4edca477a3e92e3bf8b32baa35f82f864afd66745cb5a63514f3d1d5a0ca9f3
e6e790fe5ae0603bb0ab57ac266957351dadc71115473582a47b1f1c0554ca59
e797e6462933f52af1b67079a8cc218539822e9ab97f5c3a9b260821969fc5c1
e89a316ebf1c63ea09e2b7b5889fb55e1ffb326c7b2b172027da0948f5709f6a
e90840ba8e99975dc53b26b16c56c117f267379efe7207981ec3c63fe991efba
e98ddc5a2fdd909b117ee2484be3b54f1e3eccc18e44e9cf88dbc2a96ffb4410
e9a7f88990e25e0fd3d4cc931050b9e17f4ac792808d3fcb35babb4a41a9275d
ea028620c39761801a12dda5a0e3c4ff2e58fcf7a98da530cb3a0610e5a34102
ea72489e4dedb4e925a111a877cfbf6ab169d4b29b9d037bec637c670b32df1d
ec661b5d4dc72d264f577068c594b27ce38d5fe584110dbb4ef92c163e755a69
ed63b9c17c1a6c6b43e74af9537b5d0d1c0e72d752dad79cb66c44799eb9fb20
eece3fb4a6b84e42c970703aaad0668edf8d6b32c3a5ee7d0daac1c740f71421
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f07914a9311fe83f1275adc3702a2f996f0c1ae1a7dd3eefa099184d47b935d5
f0f836070094fe0b492fc1dbac6b1d8c9db4155baf72f9c02205abb613209e0f
f37b1db68cffaa70e3a8f2ae9df52d0b2175543fa9603d05556c81fd9564ecbf
f3dbd491523a33c32738d4c32d863d3277547cef8fd931f41c34fe47157aaf06
f4a74fe2cef1d4e3ca293944e20763b350954439d0966a662691d304d9e1aac3
f5c2cea9fb4541a86979fdf18bb69f11555678d14a9d0b9be1758b65d180553b
f69a13217482dc43f25e74cfcb9391d0f06d22501f10f5cb5e413d2d98a5cd23
f6ca9919b8e835115e0061f7586f2781b5de4d4280c22d6307cb7f8e681a2ba3
f7499ace47711e1d551810c1f8125288e98509a74f22065442f9c901ca8b18d5
f7ad4e45be8cd8b1ebe73e850287e1cff04483698c4520f98ac481955f796c73
f7f800828767f52f45419f4282f09bc06af7d6564742409b491236ae30f15c29
fae2773cd95cb857866b4b3a54777c88f6c03e0167bf323c2a1f431985887b61
fc11c4b0a709faf866afca7038605816b1ef771453695eba9b964217d2c41609
fc29b5106b5b25458f3d8b90c4613be97c66a641ef62017e02691398d5742d3e
fc5d359705d84854b9d91a3e590b31e8202b5930684d90cf46316c996055c947
fcc942a675641c96eece079db85a189e972920be57c558bdd7272e5d78d53a4c
fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62
fdebd9e66a987b2c6f5edcbf8419624574a0c49d74c5a30e2ce484a76290988e
fe4805d0c7438bd9feb48caf4c27f74c139b9a62d05a8470206bf2413c6d59dc
fe51be74fadc05d383c935ebb5082a288dc185e3da08fc18e0f38214b6b55ef3
febf4b6ea349ed45cc6573a84639d1b16b042b5160fa4a73fb2b4770ebada448
ff69603153e83257f05d58f640c9aaf13ba0079250a00f29994b6e4e3af2f490