urlscan.io logo urlscan.io
SecurityTrails logo

www.sanook.com Open in urlscan Pro
61.91.93.188  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://game.sanook.com/
Effective URL: https://www.sanook.com/game/
Submission: On August 31 via api from SG
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 78 IPs in 12 countries across 70 domains to perform 349 HTTP transactions. The main IP is 61.91.93.188, located in Thailand and belongs to TRUEINTERNET-AS-AP TRUE INTERNET Co.,Ltd., TH. The main domain is www.sanook.com.
TLS certificate: Issued by DigiCert TLS RSA SHA256 2020 CA1 on May 27th 2021. Valid for: a year.
This is the only time www.sanook.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 203.151.128.134 4618 (INET-TH-A...)
3 61.91.93.188 7470 (TRUEINTER...)
91 61.91.221.41 38082 (IIT-TIG-A...)
3 2a02:2638::3 44788 (ASN-CRITE...)
4 150.109.90.96 132203 (TENCENT-N...)
2 2a00:1450:400... 15169 (GOOGLE)
2 101.33.11.45 132203 (TENCENT-N...)
3 203.151.133.6 4618 (INET-TH-A...)
2 2a03:2880:f02... 32934 (FACEBOOK)
4 2.18.233.180 16625 (AKAMAI-AS)
4 2a00:1450:400... 15169 (GOOGLE)
14 28 172.217.16.130 15169 (GOOGLE)
1 8 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
2 2a03:2880:f12... 32934 (FACEBOOK)
2 4 2a02:2638::1c 44788 (ASN-CRITE...)
3 178.250.0.157 44788 (ASN-CRITE...)
4 2a00:1450:400... 15169 (GOOGLE)
15 142.250.184.226 15169 (GOOGLE)
1 3 13.224.93.85 16509 (AMAZON-02)
3 104.92.102.247 16625 (AKAMAI-AS)
1 203.151.133.5 4618 (INET-TH-A...)
4 185.64.189.112 62713 (AS-PUBMATIC)
4 178.250.2.131 44788 (ASN-CRITE...)
6 12 185.33.223.38 29990 (ASN-APPNEX)
2 2.18.232.7 16625 (AKAMAI-AS)
2 69.173.144.140 26667 (RUBICONPR...)
2 2.21.111.28 16625 (AKAMAI-AS)
2 77.245.57.78 36057 (WEBAIR-IN...)
12 34.98.64.218 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
4 119.81.192.134 36351 (SOFTLAYER)
2 2a00:1450:400... 15169 (GOOGLE)
2 2.18.232.130 16625 (AKAMAI-AS)
4 22 2.18.234.21 16625 (AKAMAI-AS)
2 104.117.200.100 16625 (AKAMAI-AS)
1 51.89.21.21 16276 (OVH)
1 2 52.209.129.133 16509 (AMAZON-02)
3 8 13.248.242.197 16509 (AMAZON-02)
1 185.64.189.115 62713 (AS-PUBMATIC)
7 8 37.157.4.39 198622 (ADFORM)
2 2 213.155.156.169 1299 (TELIANET ...)
7 185.64.190.80 62713 (AS-PUBMATIC)
1 178.250.2.151 44788 (ASN-CRITE...)
1 1 85.114.159.93 24961 (MYLOC-AS ...)
8 185.64.189.110 62713 (AS-PUBMATIC)
6 6 52.30.222.33 16509 (AMAZON-02)
1 1 198.148.27.140 19189 (PULSEPOINT)
1 1 185.86.139.113 201081 (SMARTADSE...)
6 6 185.29.132.245 30419 (MEDIAMATH...)
3 185.64.189.114 62713 (AS-PUBMATIC)
3 3 51.222.80.231 16276 (OVH)
1 2 2606:4700:10:... 13335 (CLOUDFLAR...)
1 2 159.253.128.188 36351 (SOFTLAYER)
3 3 3.126.56.137 16509 (AMAZON-02)
1 4 2a00:1288:110... 34010 (YAHOO-IRD)
3 3 2620:116:800d... 16509 (AMAZON-02)
6 6 54.93.122.90 16509 (AMAZON-02)
2 2 52.17.151.21 16509 (AMAZON-02)
2 2 2001:678:cb4:... 56396 (TURN)
2 2 151.101.14.49 54113 (FASTLY)
1 2a02:fa8:8806... 41041 (VCLK-EU-SE)
2 2 66.155.71.25 13768 (COGECO-PEER1)
1 1 178.62.202.251 14061 (DIGITALOC...)
3 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
1 101.33.11.88 132203 (TENCENT-N...)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2 52.46.133.124 16509 (AMAZON-02)
2 3 104.111.242.53 16625 (AKAMAI-AS)
8 2a00:1450:400... 15169 (GOOGLE)
2 2 18.158.226.176 16509 (AMAZON-02)
2 2 51.178.20.140 16276 (OVH)
1 2606:4700:303... 13335 (CLOUDFLAR...)
1 1 35.156.165.31 16509 (AMAZON-02)
4 7 69.173.144.165 26667 (RUBICONPR...)
1 2a00:1288:80:... 203220 (YAHOO-DEB)
1 35.244.174.68 15169 (GOOGLE)
11 2a00:1450:400... 15169 (GOOGLE)
14 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
3 216.58.212.162 15169 (GOOGLE)
1 1 34.204.22.100 14618 (AMAZON-AES)
2 2 216.52.2.39 29791 (VOXEL-DOT...)
1 1 13.224.93.120 16509 (AMAZON-02)
1 1 34.251.138.107 16509 (AMAZON-02)
2 2 13.248.245.213 16509 (AMAZON-02)
1 2001:4de0:ac1... 20446 (HIGHWINDS3)
4 185.64.190.82 62713 (AS-PUBMATIC)
1 34.249.175.116 16509 (AMAZON-02)
1 34.107.231.31 15169 (GOOGLE)
1 151.101.13.27 54113 (FASTLY)
1 162.247.242.18 23467 (NEWRELIC-...)
1 203.151.133.55 4618 (INET-TH-A...)
349 78
1    203.151.128.134 (Bangkok, Thailand)

ASN4618 (INET-TH-AS Internet Thailand Company Limited, TH)
PTR: 134.128.151.203.sta.inet.co.th
game.sanook.com
3    61.91.93.188 (Thailand)

ASN7470 (TRUEINTERNET-AS-AP TRUE INTERNET Co.,Ltd., TH)
PTR: 61-91-93-188.static.asianet.co.th
www.sanook.com
graph.sanook.com
91    61.91.221.41 (Bangkok, Thailand)

ASN38082 (IIT-TIG-AS-AP True International Gateway Co., Ltd., TH)
PTR: 61-91-221-41.static.asianet.co.th
s.isanook.com
3    2a02:2638::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
static.criteo.net
4    150.109.90.96 (Singapore, Singapore)

ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN)
p3.isanook.com
2    2a00:1450:4001:80e::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
2    101.33.11.45 (Frankfurt am Main, Germany)

ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN)
lvs2.truehits.in.th
3    203.151.133.6 (Bangkok, Thailand)

ASN4618 (INET-TH-AS Internet Thailand Company Limited, TH)
PTR: 6.134.151.203.sta.inet.co.th
sal.isanook.com
2    2a03:2880:f02d:12:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
4    2.18.233.180 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-233-180.deploy.static.akamaitechnologies.com
ads.pubmatic.com
4    2a00:1450:4001:801::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
28    172.217.16.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra15s46-in-f2.1e100.net
www.googleadservices.com
cm.g.doubleclick.net
8    2a00:1450:4001:82a::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
3    2a00:1450:4001:808::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
1    2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
1    2a00:1450:400c:c06::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
2    2a00:1450:4001:800::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
adservice.google.de
2    2a00:1450:4001:80e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
2    2a03:2880:f12d:181:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
4    2a02:2638::1c (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
gum.criteo.com
3    178.250.0.157 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
mug.criteo.com
4    2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
pagead2.googlesyndication.com
15    142.250.184.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f2.1e100.net
securepubads.g.doubleclick.net
3    13.224.93.85 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-93-85.zrh50.r.cloudfront.net
sb.scorecardresearch.com
3    104.92.102.247 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-92-102-247.deploy.static.akamaitechnologies.com
avd.innity.net
1    203.151.133.5 (Bangkok, Thailand)

ASN4618 (INET-TH-AS Internet Thailand Company Limited, TH)
PTR: 5.134.151.203.sta.inet.co.th
api.u1sf.com
4    185.64.189.112 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
hbopenbid.pubmatic.com
4    178.250.2.131 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
PTR: bidder.am5.vip.prod.criteo.com
bidder.criteo.com
12    185.33.223.38 (Amsterdam, Netherlands)

ASN29990 (ASN-APPNEX, US)
PTR: 400.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
ib.adnxs.com
secure.adnxs.com
2    2.18.232.7 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-232-7.deploy.static.akamaitechnologies.com
a.teads.tv
2    69.173.144.140 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
fastlane.rubiconproject.com
2    2.21.111.28 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-21-111-28.deploy.static.akamaitechnologies.com
htlb.casalemedia.com
2    77.245.57.78 (United States)

ASN36057 (WEBAIR-INTERNET-MTL, US)
rtb-eu.andbeyond.media
12    34.98.64.218 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 218.64.98.34.bc.googleusercontent.com
tencentth-d.openx.net
eu-u.openx.net
us-u.openx.net
1    2a00:1450:4001:803::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.de
1    2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
2    2a00:1450:4001:813::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
b4e02b29aa7af6553704a9949471b1cb.safeframe.googlesyndication.com
4    119.81.192.134 (Singapore, Singapore)

ASN36351 (SOFTLAYER, US)
PTR: 86.c0.5177.ip4.static.sl-reverse.com
avd.innity.com
2    2a00:1450:4001:809::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
2    2.18.232.130 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-232-130.deploy.static.akamaitechnologies.com
acdn.adnxs.com
22    2.18.234.21 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-21.deploy.static.akamaitechnologies.com
js-sec.indexww.com
ssum-sec.casalemedia.com
dsum-sec.casalemedia.com
dsum.casalemedia.com
2    104.117.200.100 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-117-200-100.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
1    51.89.21.21 (London, United Kingdom)

ASN16276 (OVH, FR)
PTR: p13.id5-sync.com
id5-sync.com
2    52.209.129.133 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-209-129-133.eu-west-1.compute.amazonaws.com
id.crwdcntrl.net
sync.crwdcntrl.net
8    13.248.242.197 (United States)

ASN16509 (AMAZON-02, US)
PTR: a97adde81b00f2ca4.awsglobalaccelerator.com
match.adsrvr.org
1    185.64.189.115 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
8    37.157.4.39 (Denmark)

ASN198622 (ADFORM, DK)
c1.adform.net
2    213.155.156.169 (Uppsala, Sweden)

ASN1299 (TELIANET Telia Carrier, SE)
PTR: 213-155-156-169.teliacarrier-cust.com
d5p.de17a.com
7    185.64.190.80 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image2.pubmatic.com
1    178.250.2.151 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
dis.criteo.com
1    85.114.159.93 (Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com
dsp.adfarm1.adition.com
8    185.64.189.110 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
simage2.pubmatic.com
6    52.30.222.33 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-30-222-33.eu-west-1.compute.amazonaws.com
match.prod.bidr.io
1    198.148.27.140 (New York, United States)

ASN19189 (PULSEPOINT, US)
bh.contextweb.com
1    185.86.139.113 (France)

ASN201081 (SMARTADSERVER, FR)
rtb-csync.smartadserver.com
6    185.29.132.245 (United Kingdom)

ASN30419 (MEDIAMATH-INC, US)
sync.mathtag.com
3    185.64.189.114 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image4.pubmatic.com
simage4.pubmatic.com
3    51.222.80.231 (Canada)

ASN16276 (OVH, FR)
PTR: pikafka-4.cloudy.ovh
pixel.onaudience.com
2    2606:4700:10::6816:1857 (United States)

ASN13335 (CLOUDFLARENET, US)
spl.zeotap.com
mwzeom.zeotap.com
2    159.253.128.188 (Amsterdam, Netherlands)

ASN36351 (SOFTLAYER, US)
PTR: bc.80.fd9f.ip4.static.sl-reverse.com
um.simpli.fi
3    3.126.56.137 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-126-56-137.eu-central-1.compute.amazonaws.com
ups.analytics.yahoo.com
4    2a00:1288:110:c305::8000 (Dublin, Ireland)

ASN34010 (YAHOO-IRD, GB)
pr-bh.ybp.yahoo.com
3    2620:116:800d:21:5a23:9c4e:e774:96c1 (United States)

ASN16509 (AMAZON-02, US)
pixel.quantserve.com
6    54.93.122.90 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
x.bidswitch.net
2    52.17.151.21 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-17-151-21.eu-west-1.compute.amazonaws.com
ads.avct.cloud
2    2001:678:cb4:bbbb::11 (United Kingdom)

ASN56396 (TURN, GB)
ad.turn.com
2    151.101.14.49 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
1    2a02:fa8:8806:13::1370 (Singapore)

ASN41041 (VCLK-EU-SE, US)
pubmatic-match.dotomi.com
2    66.155.71.25 (Portsmouth, United Kingdom)

ASN13768 (COGECO-PEER1, CA)
pixel-sync.sitescout.com
1    178.62.202.251 (Amsterdam, Netherlands)

ASN14061 (DIGITALOCEAN-ASN, US)
match.adsby.bidtheatre.com
3    2a00:1450:4001:812::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
4    2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
1    101.33.11.88 (Frankfurt am Main, Germany)

ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN)
img-as.fsanook.com
1    2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.ch
1    2a00:1450:4001:82f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
bd32c7d69457b9a3804e3ec032720be5.safeframe.googlesyndication.com
2    52.46.133.124 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
s.amazon-adsystem.com
3    104.111.242.53 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-242-53.deploy.static.akamaitechnologies.com
px.owneriq.net
8    2a00:1450:4001:829::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
2    18.158.226.176 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
pm.w55c.net
2    51.178.20.140 (France)

ASN16276 (OVH, FR)
PTR: ns31193670.ip-51-178-20.eu
gu.dyntrk.com
1    2606:4700:3039::6815:c06a (United States)

ASN13335 (CLOUDFLARENET, US)
ad4m.at
1    35.156.165.31 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-156-165-31.eu-central-1.compute.amazonaws.com
sonata-notifications.taptapnetworks.com
7    69.173.144.165 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
token.rubiconproject.com
pixel.rubiconproject.com
1    2a00:1288:80:800::7001 (Frankfurt am Main, Germany)

ASN203220 (YAHOO-DEB, GB)
ads.yahoo.com
1    35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com
id.rlcdn.com
11    2a00:1450:4001:811::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
s0.2mdn.net
14    2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
1    2a00:1450:4001:82b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
3    216.58.212.162 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: fra24s01-in-f2.1e100.net
googleads4.g.doubleclick.net
ade.googlesyndication.com
1    34.204.22.100 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
sync.srv.stackadapt.com
2    216.52.2.39 (United States)

ASN29791 (VOXEL-DOT-NET, US)
ap.lijit.com
1    13.224.93.120 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-93-120.zrh50.r.cloudfront.net
s.ad.smaato.net
1    34.251.138.107 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-251-138-107.eu-west-1.compute.amazonaws.com
ads.yieldmo.com
2    13.248.245.213 (United States)

ASN16509 (AMAZON-02, US)
eb2.3lift.com
1    2001:4de0:ac18::1:a:2a (Netherlands)

ASN20446 (HIGHWINDS3, US)
code.jquery.com
4    185.64.190.82 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
t.pubmatic.com
1    34.249.175.116 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-249-175-116.eu-west-1.compute.amazonaws.com
global.cloud.netacuity.com
1    34.107.231.31 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 31.231.107.34.bc.googleusercontent.com
p.adlooxtracking.com
1    151.101.13.27 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
js-agent.newrelic.com
1    162.247.242.18 (United States)

ASN23467 (NEWRELIC-AS-1, US)
PTR: bam-6.nr-data.net
bam.nr-data.net
1    203.151.133.55 (Bangkok, Thailand)

ASN4618 (INET-TH-AS Internet Thailand Company Limited, TH)
PTR: 55.134.151.203.sta.inet.co.th
notification.sanook.com
Apex Domain
Subdomains		 Transfer
98 isanook.com
s.isanook.com
p3.isanook.com
sal.isanook.com
3 MB
48 doubleclick.net
googleads.g.doubleclick.net
stats.g.doubleclick.net
securepubads.g.doubleclick.net
cm.g.doubleclick.net
googleads4.g.doubleclick.net
369 KB
31 pubmatic.com
ads.pubmatic.com
hbopenbid.pubmatic.com
image6.pubmatic.com
image2.pubmatic.com
simage2.pubmatic.com
image4.pubmatic.com
t.pubmatic.com
simage4.pubmatic.com
265 KB
30 googlesyndication.com
b4e02b29aa7af6553704a9949471b1cb.safeframe.googlesyndication.com
tpc.googlesyndication.com
bd32c7d69457b9a3804e3ec032720be5.safeframe.googlesyndication.com
pagead2.googlesyndication.com
ade.googlesyndication.com
165 KB
20 casalemedia.com
htlb.casalemedia.com
ssum-sec.casalemedia.com
dsum-sec.casalemedia.com
dsum.casalemedia.com
25 KB
14 adnxs.com
ib.adnxs.com
acdn.adnxs.com
secure.adnxs.com
44 KB
12 openx.net
tencentth-d.openx.net
eu-u.openx.net
us-u.openx.net
3 KB
12 criteo.com
gum.criteo.com
mug.criteo.com
bidder.criteo.com
dis.criteo.com
8 KB
11 2mdn.net
s0.2mdn.net
454 KB
11 rubiconproject.com
fastlane.rubiconproject.com
eus.rubiconproject.com
token.rubiconproject.com
pixel.rubiconproject.com
18 KB
11 google.com
www.google.com
adservice.google.com
2 KB
8 yahoo.com
ups.analytics.yahoo.com
pr-bh.ybp.yahoo.com
ads.yahoo.com
5 KB
8 adform.net
c1.adform.net
4 KB
8 adsrvr.org
match.adsrvr.org
3 KB
7 googletagservices.com
www.googletagservices.com
227 KB
6 bidswitch.net
x.bidswitch.net
2 KB
6 mathtag.com
sync.mathtag.com
3 KB
6 bidr.io
match.prod.bidr.io
3 KB
5 google.de
www.google.de
adservice.google.de
568 B
5 sanook.com
game.sanook.com
www.sanook.com
graph.sanook.com
notification.sanook.com
41 KB
4 indexww.com
js-sec.indexww.com
4 KB
4 innity.com
avd.innity.com
2 KB
4 google-analytics.com
www.google-analytics.com
59 KB
3 owneriq.net
px.owneriq.net
1 KB
3 quantserve.com
pixel.quantserve.com
1 KB
3 onaudience.com
pixel.onaudience.com
1 KB
3 innity.net
avd.innity.net
13 KB
3 scorecardresearch.com
sb.scorecardresearch.com
2 KB
3 criteo.net
static.criteo.net
39 KB
2 3lift.com
eb2.3lift.com
945 B
2 lijit.com
ap.lijit.com
1 KB
2 dyntrk.com
gu.dyntrk.com
1 KB
2 w55c.net
pm.w55c.net
2 KB
2 amazon-adsystem.com
s.amazon-adsystem.com
2 KB
2 sitescout.com
pixel-sync.sitescout.com
947 B
2 everesttech.net
sync-tm.everesttech.net
742 B
2 turn.com
ad.turn.com
943 B
2 avct.cloud
ads.avct.cloud
894 B
2 simpli.fi
um.simpli.fi
1 KB
2 zeotap.com
spl.zeotap.com
mwzeom.zeotap.com
888 B
2 de17a.com
d5p.de17a.com
634 B
2 crwdcntrl.net
id.crwdcntrl.net
sync.crwdcntrl.net
1 KB
2 andbeyond.media
rtb-eu.andbeyond.media
566 B
2 teads.tv
a.teads.tv
724 B
2 facebook.com
www.facebook.com
106 B
2 googleadservices.com
www.googleadservices.com
15 KB
2 facebook.net
connect.facebook.net
113 KB
2 truehits.in.th
lvs2.truehits.in.th
4 KB
2 googletagmanager.com
www.googletagmanager.com
97 KB
1 nr-data.net
bam.nr-data.net
278 B
1 newrelic.com
js-agent.newrelic.com
9 KB
1 adlooxtracking.com
p.adlooxtracking.com
4 KB
1 netacuity.com
global.cloud.netacuity.com
435 B
1 jquery.com
code.jquery.com
30 KB
1 yieldmo.com
ads.yieldmo.com
462 B
1 smaato.net
s.ad.smaato.net
692 B
1 stackadapt.com
sync.srv.stackadapt.com
728 B
1 googleapis.com
ajax.googleapis.com
30 KB
1 rlcdn.com
id.rlcdn.com
42 B
1 taptapnetworks.com
sonata-notifications.taptapnetworks.com
311 B
1 ad4m.at
ad4m.at
1 google.ch
adservice.google.ch
853 B
1 fsanook.com
img-as.fsanook.com
50 KB
1 bidtheatre.com
match.adsby.bidtheatre.com
550 B
1 dotomi.com
pubmatic-match.dotomi.com
104 B
1 smartadserver.com
rtb-csync.smartadserver.com
753 B
1 contextweb.com
bh.contextweb.com
794 B
1 adition.com
dsp.adfarm1.adition.com
501 B
1 id5-sync.com
id5-sync.com
532 B
1 u1sf.com
api.u1sf.com
430 B
349 70
Domain Requested by
91 s.isanook.com www.sanook.com
s.isanook.com
26 cm.g.doubleclick.net 14 redirects eu-u.openx.net
www.sanook.com
googleads.g.doubleclick.net
b4e02b29aa7af6553704a9949471b1cb.safeframe.googlesyndication.com
15 pagead2.googlesyndication.com b4e02b29aa7af6553704a9949471b1cb.safeframe.googlesyndication.com
googleads.g.doubleclick.net
securepubads.g.doubleclick.net
tpc.googlesyndication.com
s0.2mdn.net
www.googletagservices.com
www.sanook.com
15 securepubads.g.doubleclick.net www.googletagservices.com
www.sanook.com
securepubads.g.doubleclick.net
13 dsum-sec.casalemedia.com 4 redirects ssum-sec.casalemedia.com
googleads.g.doubleclick.net
11 s0.2mdn.net www.sanook.com
s0.2mdn.net
b4e02b29aa7af6553704a9949471b1cb.safeframe.googlesyndication.com
11 tpc.googlesyndication.com securepubads.g.doubleclick.net
b4e02b29aa7af6553704a9949471b1cb.safeframe.googlesyndication.com
tpc.googlesyndication.com
s0.2mdn.net
11 ib.adnxs.com 5 redirects www.sanook.com
acdn.adnxs.com
8 simage2.pubmatic.com ads.pubmatic.com
8 c1.adform.net 7 redirects ads.pubmatic.com
8 match.adsrvr.org 3 redirects www.sanook.com
eu-u.openx.net
ssum-sec.casalemedia.com
8 www.google.com 1 redirects www.sanook.com
securepubads.g.doubleclick.net
b4e02b29aa7af6553704a9949471b1cb.safeframe.googlesyndication.com
tpc.googlesyndication.com
7 image2.pubmatic.com ads.pubmatic.com
7 www.googletagservices.com s.isanook.com
securepubads.g.doubleclick.net
b4e02b29aa7af6553704a9949471b1cb.safeframe.googlesyndication.com
6 x.bidswitch.net 6 redirects
6 sync.mathtag.com 6 redirects
6 match.prod.bidr.io 6 redirects
6 eu-u.openx.net ads.pubmatic.com
eu-u.openx.net
4 t.pubmatic.com www.sanook.com
4 token.rubiconproject.com 4 redirects
4 us-u.openx.net eu-u.openx.net
4 pr-bh.ybp.yahoo.com 1 redirects ads.pubmatic.com
ssum-sec.casalemedia.com
4 js-sec.indexww.com ads.pubmatic.com
ssum-sec.casalemedia.com
4 avd.innity.com avd.innity.net
www.sanook.com
4 bidder.criteo.com www.sanook.com
static.criteo.net
4 hbopenbid.pubmatic.com www.sanook.com
4 gum.criteo.com 2 redirects static.criteo.net
4 googleads.g.doubleclick.net 1 redirects www.googleadservices.com
b4e02b29aa7af6553704a9949471b1cb.safeframe.googlesyndication.com
www.sanook.com
4 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
www.sanook.com
4 ads.pubmatic.com s.isanook.com
ads.pubmatic.com
4 p3.isanook.com www.sanook.com
s.isanook.com
p3.isanook.com
3 pixel.rubiconproject.com www.sanook.com
3 px.owneriq.net 2 redirects ssum-sec.casalemedia.com
3 ssum-sec.casalemedia.com js-sec.indexww.com
ssum-sec.casalemedia.com
3 pixel.quantserve.com 3 redirects
3 ups.analytics.yahoo.com 3 redirects
3 pixel.onaudience.com 3 redirects
3 adservice.google.com securepubads.g.doubleclick.net
3 avd.innity.net p3.isanook.com
avd.innity.net
www.sanook.com
3 sb.scorecardresearch.com 1 redirects p3.isanook.com
www.sanook.com
3 mug.criteo.com www.sanook.com
3 www.google.de www.sanook.com
3 sal.isanook.com www.sanook.com
3 static.criteo.net www.sanook.com
2 eb2.3lift.com 2 redirects
2 ap.lijit.com 2 redirects
2 googleads4.g.doubleclick.net www.sanook.com
2 gu.dyntrk.com 2 redirects
2 pm.w55c.net 2 redirects
2 dsum.casalemedia.com ssum-sec.casalemedia.com
2 s.amazon-adsystem.com 1 redirects ssum-sec.casalemedia.com
2 pixel-sync.sitescout.com 2 redirects
2 sync-tm.everesttech.net 2 redirects
2 ad.turn.com 2 redirects
2 ads.avct.cloud 2 redirects
2 um.simpli.fi 1 redirects ads.pubmatic.com
2 image4.pubmatic.com ads.pubmatic.com
2 d5p.de17a.com 2 redirects
2 eus.rubiconproject.com ads.pubmatic.com
eus.rubiconproject.com
2 acdn.adnxs.com ads.pubmatic.com
2 b4e02b29aa7af6553704a9949471b1cb.safeframe.googlesyndication.com securepubads.g.doubleclick.net
2 adservice.google.de securepubads.g.doubleclick.net
2 tencentth-d.openx.net www.sanook.com
2 rtb-eu.andbeyond.media www.sanook.com
2 htlb.casalemedia.com www.sanook.com
2 fastlane.rubiconproject.com www.sanook.com
2 a.teads.tv www.sanook.com
2 graph.sanook.com s.isanook.com
2 www.facebook.com www.sanook.com
connect.facebook.net
2 www.googleadservices.com www.googletagmanager.com
www.googleadservices.com
2 connect.facebook.net www.sanook.com
connect.facebook.net
2 lvs2.truehits.in.th www.sanook.com
2 www.googletagmanager.com www.sanook.com
www.googletagmanager.com
1 notification.sanook.com www.sanook.com
1 ade.googlesyndication.com
1 bam.nr-data.net js-agent.newrelic.com
1 js-agent.newrelic.com www.sanook.com
1 p.adlooxtracking.com www.sanook.com
1 simage4.pubmatic.com ads.pubmatic.com
1 global.cloud.netacuity.com www.sanook.com
1 code.jquery.com www.sanook.com
1 ads.yieldmo.com 1 redirects
1 s.ad.smaato.net 1 redirects
1 sync.srv.stackadapt.com 1 redirects
1 ajax.googleapis.com securepubads.g.doubleclick.net
1 id.rlcdn.com www.sanook.com
1 ads.yahoo.com www.sanook.com
1 sonata-notifications.taptapnetworks.com 1 redirects
1 ad4m.at ssum-sec.casalemedia.com
1 secure.adnxs.com 1 redirects
1 bd32c7d69457b9a3804e3ec032720be5.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 adservice.google.ch securepubads.g.doubleclick.net
1 img-as.fsanook.com securepubads.g.doubleclick.net
1 match.adsby.bidtheatre.com 1 redirects
1 pubmatic-match.dotomi.com ads.pubmatic.com
1 mwzeom.zeotap.com ads.pubmatic.com
1 spl.zeotap.com 1 redirects
1 sync.crwdcntrl.net 1 redirects
1 rtb-csync.smartadserver.com 1 redirects
1 bh.contextweb.com 1 redirects
1 dsp.adfarm1.adition.com 1 redirects
1 dis.criteo.com ads.pubmatic.com
1 image6.pubmatic.com ads.pubmatic.com
1 id.crwdcntrl.net www.sanook.com
1 id5-sync.com www.sanook.com
1 api.u1sf.com s.isanook.com
1 stats.g.doubleclick.net www.sanook.com
1 www.sanook.com
1 game.sanook.com 1 redirects
349 109
Subject Issuer Validity Valid
*.sanook.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-05-27 -
2022-06-27		 a year crt.sh
*.isanook.com
DigiCert SHA2 Secure Server CA		 2020-09-14 -
2021-10-15		 a year crt.sh
*.criteo.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2021-06-27 -
2021-09-24		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2021-08-16 -
2021-11-08		 3 months crt.sh
lvs2.truehits.in.th
Sectigo RSA Domain Validation Secure Server CA		 2021-02-12 -
2022-02-27		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2021-07-20 -
2021-10-18		 3 months crt.sh
*.pubmatic.com
DigiCert SHA2 Secure Server CA		 2021-03-30 -
2022-04-04		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2021-08-16 -
2021-11-08		 3 months crt.sh
*.googleadservices.com
GTS CA 1C3		 2021-08-16 -
2021-11-08		 3 months crt.sh
www.google.com
GTS CA 1C3		 2021-08-16 -
2021-11-08		 3 months crt.sh
*.google.com
GTS CA 1C3		 2021-08-16 -
2021-11-08		 3 months crt.sh
www.google.de
GTS CA 1C3		 2021-08-16 -
2021-11-08		 3 months crt.sh
*.google.de
GTS CA 1C3		 2021-08-16 -
2021-11-08		 3 months crt.sh
*.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2021-06-27 -
2021-09-24		 3 months crt.sh
*.scorecardresearch.com
Amazon		 2021-02-28 -
2022-03-29		 a year crt.sh
*.innity.net
DigiCert SHA2 Secure Server CA		 2021-05-12 -
2022-05-17		 a year crt.sh
*.u1sf.com
DigiCert SHA2 Secure Server CA		 2020-01-21 -
2022-03-16		 2 years crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2021-03-05 -
2022-02-19		 a year crt.sh
teads.tv
R3		 2021-08-23 -
2021-11-21		 3 months crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-03-30 -
2022-04-04		 a year crt.sh
san.casalemedia.com
GeoTrust RSA CA 2018		 2021-02-05 -
2022-02-09		 a year crt.sh
*.andbeyond.media
Starfield Secure Certificate Authority - G2		 2021-02-22 -
2022-03-26		 a year crt.sh
*.openx.net
GeoTrust RSA CA 2018		 2021-07-08 -
2022-08-08		 a year crt.sh
*.innity.com
Sectigo RSA Domain Validation Secure Server CA		 2020-11-11 -
2021-12-12		 a year crt.sh
cdn.adnxs.com
GeoTrust RSA CA 2018		 2021-03-11 -
2022-02-07		 a year crt.sh
*.id5-sync.com
R3		 2021-07-13 -
2021-10-11		 3 months crt.sh
*.crwdcntrl.net
Go Daddy Secure Certificate Authority - G2		 2021-04-29 -
2022-05-31		 a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2021-03-18 -
2022-04-19		 a year crt.sh
track.adform.net
DigiCert SHA2 Secure Server CA		 2019-09-16 -
2021-09-20		 2 years crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-07-05 -
2022-07-04		 a year crt.sh
*.simpli.fi
DigiCert SHA2 Secure Server CA		 2019-09-18 -
2021-12-12		 2 years crt.sh
*.pbp.bf2.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2021-08-18 -
2021-11-17		 3 months crt.sh
*.dotomi.com
GlobalSign RSA OV SSL CA 2018		 2021-08-10 -
2022-09-11		 a year crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2021-08-16 -
2021-11-08		 3 months crt.sh
*.fsanook.com
DigiCert SHA2 Secure Server CA		 2019-09-19 -
2021-12-22		 2 years crt.sh
*.google.ch
GTS CA 1C3		 2021-08-16 -
2021-11-08		 3 months crt.sh
s.amazon-adsystem.com
Amazon		 2021-07-14 -
2022-06-27		 a year crt.sh
*.owneriq.net
GeoTrust RSA CA 2018		 2021-01-29 -
2022-02-02		 a year crt.sh
*.ads.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2021-08-16 -
2021-10-06		 2 months crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA		 2021-02-25 -
2022-03-28		 a year crt.sh
*.doubleclick.net
GTS CA 1C3		 2021-08-16 -
2021-11-08		 3 months crt.sh
upload.video.google.com
GTS CA 1O1		 2021-08-16 -
2021-11-08		 3 months crt.sh
*.jquery.com
Sectigo RSA Domain Validation Secure Server CA		 2021-07-14 -
2022-08-14		 a year crt.sh
*.cloud.netacuity.com
Amazon		 2021-04-11 -
2022-05-10		 a year crt.sh
p.adlooxtracking.com
GTS CA 1D4		 2021-08-25 -
2021-11-23		 3 months crt.sh
*.newrelic.com
GlobalSign Atlas R3 DV TLS CA 2020		 2021-05-05 -
2022-06-06		 a year crt.sh
*.nr-data.net
DigiCert SHA2 Secure Server CA		 2020-02-05 -
2022-02-08		 2 years crt.sh

This page contains 34 frames:

Primary Page: https://www.sanook.com/game/
Frame ID: BD37710CDF3F47540600F0BDC6CF93F4
Requests: 185 HTTP requests in this frame

Frame: https://p3.isanook.com/jo/0/mu/evt/_cross_storage/ex/hub.html
Frame ID: CFA633FF26D7F4B2E2E71F83FAEB9966
Requests: 2 HTTP requests in this frame

Frame: https://b4e02b29aa7af6553704a9949471b1cb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 1B836275C97310C589C4E707613802BD
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: 013B29D1CED978E30257D57D4C881260
Requests: 22 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: 32D095B6319E1FCC1393E7742E4B46C8
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvyf8eNWFSVe9kqsnmFPOgkeRg3zH-km0kaEdfk_HRNvVSAJfO0T7Fzj73YFNU1JVwUVcsFOFzxQ40UsqKEnA8Xv4xOu7gYWBkvh7d9A_4GJmQYMjvgLLUUZVry7NFkvVaqxCkYukg-UFdv59-tK9aBH5gcwXIus3azyb5Wok8d9Bi-hNfKdE_CkCesM-T91i_cX0mFHqNI0pQs0squcUpG-ntRkBIozsuKkDKfSXtrUNf0hxVqrp_NmUGy1McZwlQfo70TfBAFPLVrNiRlINcxjv35tPoz7w5HOsfbTDoymWUPU5zmmhPY-q83SIq9tY1wBuigxK2asbinacZ3zYk_iINwJw&sai=AMfl-YSAg2zMahHkjN8LYlI3LSoKUEkAdVm2_83s59n_DPiFYljSnTx2qyqdkaTElwvImx64Oq6bLdMU2RarlC3wOCSPA_4G4qy66vHG56aNZQYxY8ccF1vhaQGSggzqZYU&sig=Cg0ArKJSzDTIzrLdITW2EAE&urlfix=1&adurl=
Frame ID: E576248E24431D7B7286D09038048081
Requests: 12 HTTP requests in this frame

Frame: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=37e95722-5599-4708-ac2b-c16016d6597d&gdpr=0
Frame ID: 5FAD3270254C1BA83CE06CA1F44CC2BF
Requests: 7 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: AEFA04F1A128B1D99A22D99771D7E0F5
Requests: 3 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: AE38B2F1D71C1A0B25836CB8AE7D4B1C
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 8550500BCFC6C78BD6B860539DF9A5EE
Requests: 3 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 39F0E26EE22FB29A92C65C1FCA2E2CAD
Requests: 1 HTTP requests in this frame

Frame: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=37e95722-5599-4708-ac2b-c16016d6597d&gdpr=0
Frame ID: 47539F21D866F466FBDC996B8EA13896
Requests: 7 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: D755E5B77016DA138A819C084F8D886B
Requests: 10 HTTP requests in this frame

Frame: https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=20EBCD15-507E-41D5-AACE-CCB0D489747B
Frame ID: 1DC05BC563297AEFB819734547727679
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=687683238581355749
Frame ID: 9BBB1B065F3F235B6A311FD343B1AE99
Requests: 1 HTTP requests in this frame

Frame: https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Frame ID: 53B15297B950C42070B4DE99A0BB45D4
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=7002492891084617876
Frame ID: F8092408AB65BE4465A36B0543B406B2
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AADy8E7CW7QAABujY7smPQ
Frame ID: 58D0C6DB0824B336F715006F3802F639
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https://www.sanook.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Frame ID: 4AB754D5FE1656E8FA2E782D618B22C1
Requests: 10 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https://www.sanook.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Frame ID: 4FBDA4E64F03E06F5F9B73252E9F7B61
Requests: 10 HTTP requests in this frame

Frame: https://b4e02b29aa7af6553704a9949471b1cb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 594E873654801D05F650AB4257555848
Requests: 16 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjste98cCpDCSt-bBtYvSksWvIXaYEl8_Yx3Ji2al8twATLaJmQoI6Sk4BoAAIULdHzyyjJQrEBV1_9CetiMQGlHULtuyhE2lM6b8w3aJJ309higJJZV2uCdwpgXKNir6DLs_sQMqAJcd-SOEe5Zdo-xiDFq1cvv5anVTAAMfFyqC4CKPoDLHeoA28jadtHF4cAc9ugxtsholS_9MwCBquyKBVJH3EGxz1iNFCr-754OsBC5g-PPblFIthVy0hwO-UfXfAdyotkcfu1AYWT7D4Q_J4SimjUYsEGH8rKn63Ooovk7F6qabwUkUkWaZSAIB9ZNRmXn15AMN5QzCqtJTCA&sig=Cg0ArKJSzO7knFwSXt7jEAE&adurl=
Frame ID: 313ED127550002A87B5EA378B9A7E577
Requests: 9 HTTP requests in this frame

Frame: https://bd32c7d69457b9a3804e3ec032720be5.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Frame ID: 1219D4C3EA0E244E074F7D91B8517D67
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMW7lQEQ4oWWARjBg-VRMAE&v=APEucNWcjYFD1oyuGmVHHh79wOwa2r5TmTGFUZUnfwtr71atjkTJb4yNmg0pAuh5AYghf_O5ZiAWDuG53oojUNbUbOGq55YH4A
Frame ID: C895DC0CD4380E6EEBD07B3EB99AA997
Requests: 4 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjss-VfVQONPjquPM3395An7LNzXkIk5qW3Zj07-W5SNo38KlcLQZN7dWangL1WetZJOBTMswde4H5q4FEXzLpOFFUP4wCbPzbiVvEEswsT5gohr-o0MAiUBEL_mlVxqthpU7xHtQqgde2jHzZNkBtJxTVXiiosp7HxEUr4YgevSAIhwI1X0BOM79UwlVFpwlpr179CjY241Us_ikxkz5DG-7-VsOwoDwfbtmp35Xd32HTmITV38QNtOQfjqMJ8elcOQNg1yqOz7Lusft-OKAsjQGxdeL9Qt3tvLOxTBc3uto5vXEaUhiCzyvPdPFzKZt&sig=Cg0ArKJSzNkgzY0Ky1SfEAE&urlfix=1&adurl=
Frame ID: CAEF210B834DE5F536EA929B83DD31CC
Requests: 5 HTTP requests in this frame

Frame: https://s0.2mdn.net/ads/richmedia/studio/pv2/61835325/20210624010034874/index.html?e=69&leftOffset=0&topOffset=0&c=jWAGbkyAuO&t=1&renderingType=2
Frame ID: B9E44FC012473FFEB0F8E2BDFB78997F
Requests: 12 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: CC56DD3162C38C453BB4F8ADE0CBC9BE
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 2893F6A49CB3B5E2DE678048D92839A8
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: 2CA3F5C5DEF5D514D619056D347897C3
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 870564E1FF46B73281C2C4D97F5BB40C
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/JSi02Q6GJynUs5OPQnU6ClbAiSGuMk75N6kjZ1kLosw.js
Frame ID: A0C1D8BDA4E8353654FDB58E3C329356
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.sanook.com
Frame ID: A11D84168B4E848FF681F1494A04853C
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: 8ACE69D10AFAFC0E6BC2F2A710B7AC6D
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 2498111C162738DA2202F846685A3DE9
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

เกมส์ เกมออนไลน์ใหม่ เกมมือถือ เล่นเกมฟรี

Page URL History Show full URLs

  1. http://game.sanook.com/ HTTP 301
    https://www.sanook.com/game/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /nginx(?:\/([\d.]+))?/i
Overall confidence: 100%
Detected patterns
  • html /<[^>]+data-react/i
Overall confidence: 100%
Detected patterns
  • script /googletagservices\.com\/tag\/js\/gpt(?:_mobile)?\.js/i
Overall confidence: 100%
Detected patterns
  • script /\/\/connect\.facebook\.net\/[^/]*\/[a-z]*\.js/i
Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i
Overall confidence: 100%
Detected patterns
  • html /<iframe[^>]* (?:id="comscore"|scr=[^>]+comscore)|\.scorecardresearch\.com\/beacon\.js|COMSCORE\.beacon/i
  • script /\.scorecardresearch\.com\/beacon\.js|COMSCORE\.beacon/i
Overall confidence: 100%
Detected patterns
  • script /jquery[.-]([\d.]*\d)[^/]*\.js/i
  • script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

349
Requests

99 %
HTTPS

33 %
IPv6

70
Domains

109
Subdomains

78
IPs

12
Countries

5447 kB
Transfer

13295 kB
Size

8
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://game.sanook.com/ HTTP 301
    https://www.sanook.com/game/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 97
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1007499765/?random=1039236082&cv=9&fst=1630394925466&num=1&value=0&label=JxFSCKqXqfMBEPXztOAD&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg8u0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.sanook.com%2Fgame%2F&tiba=%E0%B9%80%E0%B8%81%E0%B8%A1%E0%B8%AA%E0%B9%8C%20%E0%B9%80%E0%B8%81%E0%B8%A1%E0%B8%AD%E0%B8%AD%E0%B8%99%E0%B9%84%E0%B8%A5%E0%B8%99%E0%B9%8C%E0%B9%83%E0%B8%AB%E0%B8%A1%E0%B9%88%20%E0%B9%80%E0%B8%81%E0%B8%A1%E0%B8%A1%E0%B8%B7%E0%B8%AD%E0%B8%96%E0%B8%B7&auid=2065361516.1630394925&capi=1&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=LdotYebRHtqEgAfnzY7oAw&sscte=1&crd=&eitems=ChAI8Ka3iQYQ-JiYhYKX484xEh0A7I6xo31q7cKjVzEzIg_mJk0u5oIjAzyS13gJGA HTTP 302
  • https://www.google.com/pagead/1p-conversion/1007499765/?random=1039236082&cv=9&fst=1630394925466&num=1&value=0&label=JxFSCKqXqfMBEPXztOAD&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg8u0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.sanook.com%2Fgame%2F&tiba=%E0%B9%80%E0%B8%81%E0%B8%A1%E0%B8%AA%E0%B9%8C%20%E0%B9%80%E0%B8%81%E0%B8%A1%E0%B8%AD%E0%B8%AD%E0%B8%99%E0%B9%84%E0%B8%A5%E0%B8%99%E0%B9%8C%E0%B9%83%E0%B8%AB%E0%B8%A1%E0%B9%88%20%E0%B9%80%E0%B8%81%E0%B8%A1%E0%B8%A1%E0%B8%B7%E0%B8%AD%E0%B8%96%E0%B8%B7&auid=2065361516.1630394925&capi=1&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=LdotYebRHtqEgAfnzY7oAw&cid=CAQSKQCNIrLMhYx5niV-7qE2auLnukYpmXPg4FbI2g5c52M2xiV9XwiqFepz&eitems=ChAI8Ka3iQYQ-JiYhYKX484xEh0A7I6xo9gDJIKBJR0rEfkQgRw22Lk3DMT-0m1eGg&random=3473885834&resp=GooglemKTybQhCsO HTTP 302
  • https://www.google.de/pagead/1p-conversion/1007499765/?random=1039236082&cv=9&fst=1630394925466&num=1&value=0&label=JxFSCKqXqfMBEPXztOAD&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg8u0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.sanook.com%2Fgame%2F&tiba=%E0%B9%80%E0%B8%81%E0%B8%A1%E0%B8%AA%E0%B9%8C%20%E0%B9%80%E0%B8%81%E0%B8%A1%E0%B8%AD%E0%B8%AD%E0%B8%99%E0%B9%84%E0%B8%A5%E0%B8%99%E0%B9%8C%E0%B9%83%E0%B8%AB%E0%B8%A1%E0%B9%88%20%E0%B9%80%E0%B8%81%E0%B8%A1%E0%B8%A1%E0%B8%B7%E0%B8%AD%E0%B8%96%E0%B8%B7&auid=2065361516.1630394925&capi=1&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=LdotYebRHtqEgAfnzY7oAw&cid=CAQSKQCNIrLMhYx5niV-7qE2auLnukYpmXPg4FbI2g5c52M2xiV9XwiqFepz&eitems=ChAI8Ka3iQYQ-JiYhYKX484xEh0A7I6xo9gDJIKBJR0rEfkQgRw22Lk3DMT-0m1eGg&random=3473885834&resp=GooglemKTybQhCsO&ipr=y
Request Chain 102
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.sanook.com%2F&domain=www.sanook.com&cw=1&pbt=1 HTTP 302
  • https://mug.criteo.com/sid?cpp=OnSZInx3VElMbFVrb3BveVo4L2orNXFRV01xYlNDYmZFUzVYREpPNFBMZ0RVSkZFOUtmaHh3STE4aGFtcTdRRkFvS1ZycW1sL3ArbHBLL0dzN2xML3M1UmNGVGJnTnpaK1NTdnJ0clFQMXlNZTMzWXlzZEFNOHM2aC9yM25OQlpkRkFtTC9DWXNhNzZ3dUhTbXZpY05MRS9adlFDYXZtbzQ5V1J5VGRLcUNlZ0dUTkVQYmlIMjkzaFFhZ0dPd1VlVFlRZGxsMjFUdWVKdzF0c2FxNmVKeUVQMVhsQnVNcGZaajIrQUlYU09oMGxyekh3PXw&cppv=2
Request Chain 110
  • https://sb.scorecardresearch.com/b?c1=2&c2=14617386&ns__t=1630394926485&ns_c=UTF-8&cv=3.5&c8=%E0%B9%80%E0%B8%81%E0%B8%A1%E0%B8%AA%E0%B9%8C%20%E0%B9%80%E0%B8%81%E0%B8%A1%E0%B8%AD%E0%B8%AD%E0%B8%99%E0%B9%84%E0%B8%A5%E0%B8%99%E0%B9%8C%E0%B9%83%E0%B8%AB%E0%B8%A1%E0%B9%88%20%E0%B9%80%E0%B8%81%E0%B8%A1%E0%B8%A1%E0%B8%B7%E0%B8%AD%E0%B8%96%E0%B8%B7%E0%B8%AD%20%E0%B9%80%E0%B8%A5%E0%B9%88%E0%B8%99%E0%B9%80%E0%B8%81%E0%B8%A1%E0%B8%9F%E0%B8%A3%E0%B8%B5&c7=https%3A%2F%2Fwww.sanook.com%2Fgame%2F&c9= HTTP 302
  • https://sb.scorecardresearch.com/b2?c1=2&c2=14617386&ns__t=1630394926485&ns_c=UTF-8&cv=3.5&c8=%E0%B9%80%E0%B8%81%E0%B8%A1%E0%B8%AA%E0%B9%8C%20%E0%B9%80%E0%B8%81%E0%B8%A1%E0%B8%AD%E0%B8%AD%E0%B8%99%E0%B9%84%E0%B8%A5%E0%B8%99%E0%B9%8C%E0%B9%83%E0%B8%AB%E0%B8%A1%E0%B9%88%20%E0%B9%80%E0%B8%81%E0%B8%A1%E0%B8%A1%E0%B8%B7%E0%B8%AD%E0%B8%96%E0%B8%B7%E0%B8%AD%20%E0%B9%80%E0%B8%A5%E0%B9%88%E0%B8%99%E0%B9%80%E0%B8%81%E0%B8%A1%E0%B8%9F%E0%B8%A3%E0%B8%B5&c7=https%3A%2F%2Fwww.sanook.com%2Fgame%2F&c9=
Request Chain 183
  • https://c1.adform.net/serving/cookie/match?party=14&cid=20EBCD15-507E-41D5-AACE-CCB0D489747B HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=20EBCD15-507E-41D5-AACE-CCB0D489747B
Request Chain 184
  • https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
  • https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=687683238581355749
Request Chain 186
  • https://dsp.adfarm1.adition.com/cookie/?ssp=9 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=7002492891084617876
Request Chain 187
  • https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent= HTTP 303
  • https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=?_bee_ppp=1 HTTP 303
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFEeThFN0NXN1FBQUJ1alk3c21QUQ&bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 302
  • https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 303
  • https://bh.contextweb.com/bh/rtset?do=add&pid=558502&ev=AADy8E7CW7QAABujY7smPQ&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dsas%252Cpm%26bee_sync_current_partner%3Dpp%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D2 HTTP 302
  • https://match.prod.bidr.io/cookie-sync?bee_sync_partners=sas%2Cpm&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=2&ev=AADy8E7CW7QAABujY7smPQ&pid=558502&do=add HTTP 303
  • https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AADy8E7CW7QAABujY7smPQ&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dpm%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D3%26userid%3DSMART_USER_ID HTTP 302
  • https://match.prod.bidr.io/cookie-sync?bee_sync_partners=pm&bee_sync_current_partner=sas&bee_sync_initiator=adx&bee_sync_hop_count=3&userid=19684702925209638 HTTP 303
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AADy8E7CW7QAABujY7smPQ
Request Chain 188
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=IOvNFVB-QdWqzsyw1Il0ew%3D%3D HTTP 302
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Request Chain 189
  • https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=2142612d-da2f-4500-8f22-3f47f3ddea92
Request Chain 190
  • https://pixel.onaudience.com/?partner=214&mapped=20EBCD15-507E-41D5-AACE-CCB0D489747B HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1 HTTP 302
  • https://pixel.onaudience.com/?partner=147&mapped=4e034d5d-e3da-43f9-b3d1-b45a151413b0&icm HTTP 302
  • https://sync.crwdcntrl.net/map/c=8587/tp=CLOD?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D HTTP 302
  • https://pixel.onaudience.com/?partner=104&icm&cver&mapped=5570c5bd618c535b2baae1f834857089 HTTP 302
  • https://spl.zeotap.com/?zdid=1332&zcluid=370b8aba22af6b98 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=c32d13be-9e05-406d-4701-a08c813d0270&reqId=e714b161-47a0-46ee-5bcd-f4043b0abd47&zcluid=370b8aba22af6b98&zdid=1332 HTTP 302
  • https://mwzeom.zeotap.com/mw?google_gid=CAESEJKntKPuIaS52_62ZcHnVKQ&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=c32d13be-9e05-406d-4701-a08c813d0270&reqId=e714b161-47a0-46ee-5bcd-f4043b0abd47&zcluid=370b8aba22af6b98&zdid=1332
Request Chain 191
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=MjBFQkNEMTUtNTA3RS00MUQ1LUFBQ0UtQ0NCMEQ0ODk3NDdC&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Request Chain 192
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEMvgYxzwJSJfxFEORWHnZO4&google_cver=1
Request Chain 194
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=1228675886115935960
Request Chain 195
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:be5b612d-da2f-4a00-9a83-1350165ce452&gdpr=0&gdpr_consent=
Request Chain 196
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=4e034d5d-e3da-43f9-b3d1-b45a151413b0
Request Chain 197
  • https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA%3D%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=3733736052381167460&gdpr=0&gdpr_consent=
Request Chain 198
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=20EBCD15-507E-41D5-AACE-CCB0D489747B&redir=true&gdpr=0&gdpr_consent= HTTP 302
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=20EBCD15-507E-41D5-AACE-CCB0D489747B&redir=true&gdpr=0&gdpr_consent=&verify=true HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-XoBpUjZE2uVikupbMaxhfN7Pk_.w2Qk-~A&gdpr=0&gdpr_consent=
Request Chain 200
  • https://pixel.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=fHwqsi4sKrBnKS_ue38153opIONnKX3vLHS12tiZ
Request Chain 201
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.avct.cloud/getuid?url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dpubmatic HTTP 307
  • https://ads.avct.cloud/getuid?bounce=true&url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dpubmatic HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=59&user_id=4eb6fe09-2b78-41c7-be36-2cf03f87e0af&ssp=pubmatic HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=1bf93b4b-bb72-411d-a72c-2d428395ae7c&gdpr=&gdpr_consent=&gdpr_pd=
Request Chain 202
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=2700383727650159174&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 203
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D&_test=YS3aMAAEUE2w1gA4 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YS3aMAAEUE2w1gA4&gdpr=0&gdpr_consent=&_test=YS3aMAAEUE2w1gA4
Request Chain 205
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent= HTTP 302
  • https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=3&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=af0d14b0-cbc6-4f0e-b49b-4b995b63e42e-612dda31-4348&gdpr=0&gdpr_consent=
Request Chain 206
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:f6342970-e2c2-4f0c-aadd-00ef5702df1d&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Request Chain 207
  • https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D HTTP 302
  • https://eu-u.openx.net/w/1.0/sd?id=536872786&val=49c6612d-da2f-4200-9f7f-73a79d51deb1
Request Chain 208
  • https://pixel.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=ZHoJMjYqCTB_LwxuY3kWZ2IvA2N_L15vNHL6juZ-
Request Chain 209
  • https://c1.adform.net/serving/cookie/match?party=22 HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=22 HTTP 302
  • https://eu-u.openx.net/w/1.0/sd?id=537113484&val=1228675886115935960
Request Chain 212
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESECFQ5Z6gZz-2tB7g36BDi6I&google_cver=1
Request Chain 213
  • https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D HTTP 302
  • https://eu-u.openx.net/w/1.0/sd?id=536872786&val=8745612d-da2f-4e00-92e9-6bcc64853ed0
Request Chain 214
  • https://pixel.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=_xM5rq1DOazkRjz8qkAmrK0RbvnkGzioqkD8MGFG
Request Chain 215
  • https://c1.adform.net/serving/cookie/match?party=22 HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=22 HTTP 302
  • https://eu-u.openx.net/w/1.0/sd?id=537113484&val=1228675886115935960
Request Chain 218
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESECFQ5Z6gZz-2tB7g36BDi6I&google_cver=1
Request Chain 220
  • https://ib.adnxs.com/async_usersync?cbfn=queuePixels HTTP 307
  • https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
Request Chain 235
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YS3aL_to-p60hZwz5hQ3kAAABGUAAAIB&gdpr_consent=&us_privacy=&gdpr= HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESECAHS8Fn3Kc2r748w-dWdCI&google_cver=1
Request Chain 237
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YS3aL-to.p60hZwz5hQ3kAAA HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEKcPpMolgLzUE6sM6CNSe4g&google_cver=1&google_hm=2
Request Chain 238
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=YS3aL_to-p60hZwz5hQ3kAAABGUAAAIB HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=YS3aL_to-p60hZwz5hQ3kAAABGUAAAIB&dcc=t
Request Chain 239
  • https://px.owneriq.net/eucm/p/cc?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D31%26external_user_id%3D(OIQ_UUID) HTTP 302
  • https://px.owneriq.net/ecc?redir=https%3a%2f%2fdsum-sec.casalemedia.com%2fcrum%3fcm_dsp_id%3d31%26external_user_id%3dQ6836813282094665405&uid=Q6836813282094665405&ref=%2Feucm%2Fp%2Fcc HTTP 302
  • https://px.owneriq.net/noop?ct=image%2Fgif
Request Chain 240
  • https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=49c6612d-da2f-4200-9f7f-73a79d51deb1
Request Chain 241
  • https://ib.adnxs.com/getuid?https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=$UID HTTP 302
  • https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=3733736052381167460
Request Chain 242
  • https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=YS3aL_to-p60hZwz5hQ3kAAABGUAAAIB&gdpr_consent=&us_privacy=&gdpr= HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/casale/YS3aL_to-p60hZwz5hQ3kAAABGUAAAIB
Request Chain 252
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=3733736052381167460
Request Chain 254
  • https://match.prod.bidr.io/cookie-sync/ie HTTP 303
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AADy8E7CW7QAABujY7smPQ&expiration=1631604528
Request Chain 255
  • https://ad.turn.com/r/cs?pid=21 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=2700383727650159174
Request Chain 256
  • https://pm.w55c.net/ping_match.gif?ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_ HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_ HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=0JTqV1a01MkYcr5 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=0JTqV1a01MkYcr5&C=1
Request Chain 257
  • https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1 HTTP 302
  • https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1&prevuid=03030001_612dda334fe9f&knw=0 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=03030001_612dda334fe9f HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=03030001_612dda334fe9f&C=1
Request Chain 259
  • https://x.bidswitch.net/sync?ssp=index HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=index HTTP 302
  • https://sonata-notifications.taptapnetworks.com/web/cookie/bidswitch/sync?bidswitch_ssp_id=index&bsw_custom_parameter=1bf93b4b-bb72-411d-a72c-2d428395ae7c&gdpr=&gdpr_consent=&gdpr_pd= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=413&ssp=index&user_id=csonata_eb00efdb-14e2-42b6-92f1-ed2ccac8f1d5&bsw_param=1bf93b4b-bb72-411d-a72c-2d428395ae7c&expires=10 HTTP 302
  • https://dsum.casalemedia.com/rum?cm_dsp_id=51&external_user_id=1bf93b4b-bb72-411d-a72c-2d428395ae7c
Request Chain 261
  • https://token.rubiconproject.com/token?pid=25470 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1NaUjFMREctMVotMUIwRg==
Request Chain 263
  • https://token.rubiconproject.com/token?pid=2249&pt=n HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ZGZjOTg4OGUwZWM4MThmNjlkODY0ZDU5OWUwMGEyODg3M2RlYTZmMA
Request Chain 264
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEJkzkrITHwX1Ky5cWcAeidM&google_cver=1
Request Chain 265
  • https://token.rubiconproject.com/token?pid=26594 HTTP 302
  • https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=KSZR1LDG-1Z-1B0F&sigv=1&esig=2~f4f4687531bfeb26bd58f8053c7b8fc16c7589d7
Request Chain 266
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1 HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/xwXIrLfirC5kpKjEF28u88n5EUdSAgOZEtemQ7w0kco?csrc= HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=74534533770410898
Request Chain 267
  • https://sync.mathtag.com/sync/img?mt_exid=9&redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D4222%26nid%3D1512%26put%3D%5BMM_UUID%5D HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=49c6612d-da2f-4200-9f7f-73a79d51deb1
Request Chain 271
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKcPpMolgLzUE6sM6CNSe4g&google_cver=1
Request Chain 272
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YS3aL-to.p60hZwz5hQ3kAAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKcPpMolgLzUE6sM6CNSe4g&google_cver=1&google_hm=2
Request Chain 289
  • https://ib.adnxs.com/getuid?https%3A%2F%2Favd.innity.com%2Fsync%2F%3Fpartner%3Dappnexus%26token%3D%24UID%26type%3Dcookie%26itmcb%3D1630394928420 HTTP 302
  • https://avd.innity.com/sync/?partner=appnexus&token=3733736052381167460&type=cookie&itmcb=1630394928420
Request Chain 295
  • https://um.simpli.fi/gp_match?google_gid=CAESENLdeC9s994iaSkcZZWyEDU&google_cver=1&google_push=AYg5qPJUP8GaP3HBcvbikG1WmUiYfYwon8qEQssZhrXzzvTPd-EhlVNA8nhDf1qT3dTP7eKCDbHCNMCbsNheoKiNFdU7Cpj6hfe2 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=7AAACC6B71414737AAEAE28FB18AB480&google_push=AYg5qPJUP8GaP3HBcvbikG1WmUiYfYwon8qEQssZhrXzzvTPd-EhlVNA8nhDf1qT3dTP7eKCDbHCNMCbsNheoKiNFdU7Cpj6hfe2
Request Chain 296
  • https://sync.srv.stackadapt.com/sync?nid=154&google_gid=CAESECjAZp35RDOlCA3AvRMMaLM&google_cver=1&google_push=AYg5qPKoBy_BrJ4173lF4-OVQCtHxcFBZE8Jufg5UT2J26dEpQAqZPYLTUpgnyVCOpdPztZM09xUPxo3pw9apKVRwIvsxnbr2v8T HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=jn_7gI3FTupT9idPz9dWtluEiFY&google_push=AYg5qPKoBy_BrJ4173lF4-OVQCtHxcFBZE8Jufg5UT2J26dEpQAqZPYLTUpgnyVCOpdPztZM09xUPxo3pw9apKVRwIvsxnbr2v8T
Request Chain 297
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEMnjmX9XHayCphm1M9nolMw&google_cver=1&google_push=AYg5qPIhP_WV5McPVkYKlWG_chBMeOuP95tLfHvtQ_RSayCNXHNNxgJlL7zyUNj9nHvr90B_a0E-tP-8uGBwyRN4zvajwEna2lhI HTTP 307
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEMnjmX9XHayCphm1M9nolMw&google_cver=1&google_push=AYg5qPIhP_WV5McPVkYKlWG_chBMeOuP95tLfHvtQ_RSayCNXHNNxgJlL7zyUNj9nHvr90B_a0E-tP-8uGBwyRN4zvajwEna2lhI&sovrn_retry=true HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AYg5qPIhP_WV5McPVkYKlWG_chBMeOuP95tLfHvtQ_RSayCNXHNNxgJlL7zyUNj9nHvr90B_a0E-tP-8uGBwyRN4zvajwEna2lhI&google_hm=3fc1363c1d69b38ad49208b6 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AYg5qPIhP_WV5McPVkYKlWG_chBMeOuP95tLfHvtQ_RSayCNXHNNxgJlL7zyUNj9nHvr90B_a0E-tP-8uGBwyRN4zvajwEna2lhI&google_hm=3fc1363c1d69b38ad49208b6&google_tc=
Request Chain 298
  • https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEF36DwxDE_DgPJ5R3IXzBxg&google_cver=1&google_push=AYg5qPLXDTTnQ9Szt5b_dNoD3Lu6P_BV9bDdqGYYl94Eh5aTQD0Kjk0NEyf6xYTyQ5EJBhuhkaorJNZUNUqOXjh12oQSYdE6FfDLfg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_hm=d928b2f41614c8353898&google_redir=https%3A%2F%2Fs.ad.smaato.net%2Fc%2F%3FadExInit%3Dg&google_push=AYg5qPLXDTTnQ9Szt5b_dNoD3Lu6P_BV9bDdqGYYl94Eh5aTQD0Kjk0NEyf6xYTyQ5EJBhuhkaorJNZUNUqOXjh12oQSYdE6FfDLfg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_hm=d928b2f41614c8353898&google_redir=https%3A%2F%2Fs.ad.smaato.net%2Fc%2F%3FadExInit%3Dg&google_push=AYg5qPLXDTTnQ9Szt5b_dNoD3Lu6P_BV9bDdqGYYl94Eh5aTQD0Kjk0NEyf6xYTyQ5EJBhuhkaorJNZUNUqOXjh12oQSYdE6FfDLfg&google_tc=
Request Chain 299
  • https://ads.yieldmo.com/exptsync?google_gid=CAESELHcwHh9hCNzw7GHJZaIziw&google_cver=1&google_push=AYg5qPLauWZzlCN08dIV22QPLrxjUAO5Z24VOe-6QY0oD7npleRd88bTsLF7yhMTG050f003p-Wn-Ag9rXhUgc8Wa01y8q0MTpbr2A HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=yieldmo&google_push=AYg5qPLauWZzlCN08dIV22QPLrxjUAO5Z24VOe-6QY0oD7npleRd88bTsLF7yhMTG050f003p-Wn-Ag9rXhUgc8Wa01y8q0MTpbr2A&google_hm=ZzE2OGMwYjM1MTY2MDM1MjhiYzA=
Request Chain 300
  • https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEDMbfdQwbNTvNatGVbdZcg0&google_cver=1&google_push=AYg5qPITWAF_rfy-ZKcmeGVukUZIqr_d-m-92HXT95orVqmfSPaBdjldKqeSDNsktqoqrdUYCCszNNqvttczcOiaKrFWPgZ2okgPiA HTTP 302
  • https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&cmp_cs=&us_privacy=&sync=1&google_push=AYg5qPITWAF_rfy-ZKcmeGVukUZIqr_d-m-92HXT95orVqmfSPaBdjldKqeSDNsktqoqrdUYCCszNNqvttczcOiaKrFWPgZ2okgPiA&google_gid=CAESEDMbfdQwbNTvNatGVbdZcg0 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTc0NjQ0NzQ5MDg0OTc0MDg5MTE%3D&google_push=AYg5qPITWAF_rfy-ZKcmeGVukUZIqr_d-m-92HXT95orVqmfSPaBdjldKqeSDNsktqoqrdUYCCszNNqvttczcOiaKrFWPgZ2okgPiA
Request Chain 301
  • https://cs.chocolateplatform.com/pub?pid=ebda&google_gid=CAESEJmUw7PiYCg4ZPk2eXGf-ug&google_cver=1&google_push=AYg5qPKTbEd5r8AfUvt5DlEwhwo-2cQF-OjI3VZRG1K_yo1VU3x_YVRevJukI5525UcRejidzcSvqtEUL4SFpRelOx4Nu5vS4-_bhA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=chocolateplatform&google_hm=Y3AtOWI2ZjdlNjZmOWFmNDFlODQ1NGYwNDMzNWUzYjA1MWI=&google_push=AYg5qPKTbEd5r8AfUvt5DlEwhwo-2cQF-OjI3VZRG1K_yo1VU3x_YVRevJukI5525UcRejidzcSvqtEUL4SFpRelOx4Nu5vS4-_bhA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=chocolateplatform&google_hm=Y3AtOWI2ZjdlNjZmOWFmNDFlODQ1NGYwNDMzNWUzYjA1MWI=&google_push=AYg5qPKTbEd5r8AfUvt5DlEwhwo-2cQF-OjI3VZRG1K_yo1VU3x_YVRevJukI5525UcRejidzcSvqtEUL4SFpRelOx4Nu5vS4-_bhA&google_tc= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=chocolateplatform&google_hm=Y3AtOWI2ZjdlNjZmOWFmNDFlODQ1NGYwNDMzNWUzYjA1MWI=&google_push=AYg5qPKTbEd5r8AfUvt5DlEwhwo-2cQF-OjI3VZRG1K_yo1VU3x_YVRevJukI5525UcRejidzcSvqtEUL4SFpRelOx4Nu5vS4-_bhA&google_tc= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=chocolateplatform&google_hm=Y3AtOWI2ZjdlNjZmOWFmNDFlODQ1NGYwNDMzNWUzYjA1MWI=&google_push=AYg5qPKTbEd5r8AfUvt5DlEwhwo-2cQF-OjI3VZRG1K_yo1VU3x_YVRevJukI5525UcRejidzcSvqtEUL4SFpRelOx4Nu5vS4-_bhA&google_tc= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=chocolateplatform&google_hm=Y3AtOWI2ZjdlNjZmOWFmNDFlODQ1NGYwNDMzNWUzYjA1MWI=&google_push=AYg5qPKTbEd5r8AfUvt5DlEwhwo-2cQF-OjI3VZRG1K_yo1VU3x_YVRevJukI5525UcRejidzcSvqtEUL4SFpRelOx4Nu5vS4-_bhA&google_tc= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=chocolateplatform&google_hm=Y3AtOWI2ZjdlNjZmOWFmNDFlODQ1NGYwNDMzNWUzYjA1MWI=&google_push=AYg5qPKTbEd5r8AfUvt5DlEwhwo-2cQF-OjI3VZRG1K_yo1VU3x_YVRevJukI5525UcRejidzcSvqtEUL4SFpRelOx4Nu5vS4-_bhA&google_tc= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=chocolateplatform&google_hm=Y3AtOWI2ZjdlNjZmOWFmNDFlODQ1NGYwNDMzNWUzYjA1MWI=&google_push=AYg5qPKTbEd5r8AfUvt5DlEwhwo-2cQF-OjI3VZRG1K_yo1VU3x_YVRevJukI5525UcRejidzcSvqtEUL4SFpRelOx4Nu5vS4-_bhA&google_tc= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=chocolateplatform&google_hm=Y3AtOWI2ZjdlNjZmOWFmNDFlODQ1NGYwNDMzNWUzYjA1MWI=&google_push=AYg5qPKTbEd5r8AfUvt5DlEwhwo-2cQF-OjI3VZRG1K_yo1VU3x_YVRevJukI5525UcRejidzcSvqtEUL4SFpRelOx4Nu5vS4-_bhA&google_tc= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=chocolateplatform&google_hm=Y3AtOWI2ZjdlNjZmOWFmNDFlODQ1NGYwNDMzNWUzYjA1MWI=&google_push=AYg5qPKTbEd5r8AfUvt5DlEwhwo-2cQF-OjI3VZRG1K_yo1VU3x_YVRevJukI5525UcRejidzcSvqtEUL4SFpRelOx4Nu5vS4-_bhA&google_tc= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=chocolateplatform&google_hm=Y3AtOWI2ZjdlNjZmOWFmNDFlODQ1NGYwNDMzNWUzYjA1MWI=&google_push=AYg5qPKTbEd5r8AfUvt5DlEwhwo-2cQF-OjI3VZRG1K_yo1VU3x_YVRevJukI5525UcRejidzcSvqtEUL4SFpRelOx4Nu5vS4-_bhA&google_tc= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=chocolateplatform&google_hm=Y3AtOWI2ZjdlNjZmOWFmNDFlODQ1NGYwNDMzNWUzYjA1MWI=&google_push=AYg5qPKTbEd5r8AfUvt5DlEwhwo-2cQF-OjI3VZRG1K_yo1VU3x_YVRevJukI5525UcRejidzcSvqtEUL4SFpRelOx4Nu5vS4-_bhA&google_tc= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=chocolateplatform&google_hm=Y3AtOWI2ZjdlNjZmOWFmNDFlODQ1NGYwNDMzNWUzYjA1MWI=&google_push=AYg5qPKTbEd5r8AfUvt5DlEwhwo-2cQF-OjI3VZRG1K_yo1VU3x_YVRevJukI5525UcRejidzcSvqtEUL4SFpRelOx4Nu5vS4-_bhA&google_tc= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=chocolateplatform&google_hm=Y3AtOWI2ZjdlNjZmOWFmNDFlODQ1NGYwNDMzNWUzYjA1MWI=&google_push=AYg5qPKTbEd5r8AfUvt5DlEwhwo-2cQF-OjI3VZRG1K_yo1VU3x_YVRevJukI5525UcRejidzcSvqtEUL4SFpRelOx4Nu5vS4-_bhA&google_tc= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=chocolateplatform&google_hm=Y3AtOWI2ZjdlNjZmOWFmNDFlODQ1NGYwNDMzNWUzYjA1MWI=&google_push=AYg5qPKTbEd5r8AfUvt5DlEwhwo-2cQF-OjI3VZRG1K_yo1VU3x_YVRevJukI5525UcRejidzcSvqtEUL4SFpRelOx4Nu5vS4-_bhA&google_tc= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=chocolateplatform&google_hm=Y3AtOWI2ZjdlNjZmOWFmNDFlODQ1NGYwNDMzNWUzYjA1MWI=&google_push=AYg5qPKTbEd5r8AfUvt5DlEwhwo-2cQF-OjI3VZRG1K_yo1VU3x_YVRevJukI5525UcRejidzcSvqtEUL4SFpRelOx4Nu5vS4-_bhA&google_tc= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=chocolateplatform&google_hm=Y3AtOWI2ZjdlNjZmOWFmNDFlODQ1NGYwNDMzNWUzYjA1MWI=&google_push=AYg5qPKTbEd5r8AfUvt5DlEwhwo-2cQF-OjI3VZRG1K_yo1VU3x_YVRevJukI5525UcRejidzcSvqtEUL4SFpRelOx4Nu5vS4-_bhA&google_tc= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=chocolateplatform&google_hm=Y3AtOWI2ZjdlNjZmOWFmNDFlODQ1NGYwNDMzNWUzYjA1MWI=&google_push=AYg5qPKTbEd5r8AfUvt5DlEwhwo-2cQF-OjI3VZRG1K_yo1VU3x_YVRevJukI5525UcRejidzcSvqtEUL4SFpRelOx4Nu5vS4-_bhA&google_tc= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=chocolateplatform&google_hm=Y3AtOWI2ZjdlNjZmOWFmNDFlODQ1NGYwNDMzNWUzYjA1MWI=&google_push=AYg5qPKTbEd5r8AfUvt5DlEwhwo-2cQF-OjI3VZRG1K_yo1VU3x_YVRevJukI5525UcRejidzcSvqtEUL4SFpRelOx4Nu5vS4-_bhA&google_tc= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=chocolateplatform&google_hm=Y3AtOWI2ZjdlNjZmOWFmNDFlODQ1NGYwNDMzNWUzYjA1MWI=&google_push=AYg5qPKTbEd5r8AfUvt5DlEwhwo-2cQF-OjI3VZRG1K_yo1VU3x_YVRevJukI5525UcRejidzcSvqtEUL4SFpRelOx4Nu5vS4-_bhA&google_tc= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=chocolateplatform&google_hm=Y3AtOWI2ZjdlNjZmOWFmNDFlODQ1NGYwNDMzNWUzYjA1MWI=&google_push=AYg5qPKTbEd5r8AfUvt5DlEwhwo-2cQF-OjI3VZRG1K_yo1VU3x_YVRevJukI5525UcRejidzcSvqtEUL4SFpRelOx4Nu5vS4-_bhA&google_tc=
Request Chain 338
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=sanook.com&sn=ChromeSyncframe&so=0&topUrl=www.sanook.com&cw=1 HTTP 302
  • https://mug.criteo.com/sid?cpp=g5zBgXxoWlErbFhyNXptNnMwMnkwdStleEUzdE5oeTJDSkNZSXE5QzhXV1FIQ2w5ckhyTlk2QU9EQnlGQjgrV3BhYnRXbUpGY3JOc0w2SHBJRElnekFYemFkMFhQenRRNlBDUWpSOVlBazFsakpFcThMZFBobm9jYkZVZXVzTWRLekF5Q253Uk5QN2FYVEVKbkRzZHBEY1p4WUx5bmtnM3RwQUJSMFFodkhxcHVmTTNVTGE3ODdyNFgrZ1JkV3JUSloyUWNSUkJLWGdWSktXeVFuR2FPcUM1aWsyRHBOL3U5NGpyMjhjc2lDbER1L1VNKzczcnVQSWhpZ1FrL2YrSXhGdURXWU5hekhPa2ZjdEZRak9CZCtqQjMrZz09fA&cppv=2

349 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.sanook.com/game/
Redirect Chain
  • http://game.sanook.com/
  • https://www.sanook.com/game/
296 KB
38 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.sanook.com/game/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
61.91.93.188 , Thailand, ASN7470 (TRUEINTERNET-AS-AP TRUE INTERNET Co.,Ltd., TH),
Reverse DNS
61-91-93-188.static.asianet.co.th
Software
nginx /
Resource Hash
d1d3f52372b240c7d567c84796b02f25ae93bb190a0d726120dd1f8dc88523b2
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains;

Request headers

Host
www.sanook.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
none
Sec-Fetch-Mode
navigate
Sec-Fetch-User
?1
Sec-Fetch-Dest
document
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Server
nginx
Date
Tue, 31 Aug 2021 07:28:44 GMT
Content-Type
text/html; charset=utf-8
Transfer-Encoding
chunked
Connection
keep-alive
Vary
Accept-Encoding
SN-Cache-Status
HIT
X-Ua-Device
desktop
X-Ua-Type
human
X-Ua-Key
cover_display
X-Ua-Exp
notset
X-Ua-isExpReadpage
0
X-Ua-shouldPass
0
Content-Encoding
gzip
Strict-Transport-Security
max-age=15724800; includeSubDomains;

Redirect headers

Date
Tue, 31 Aug 2021 07:22:17 GMT
Location
https://www.sanook.com/game/
Vary
Accept-Encoding
Content-Encoding
gzip
Content-Length
195
Content-Type
text/html; charset=iso-8859-1
Age
385
Connection
keep-alive
styles.4af493dc.chunk.css
s.isanook.com/sr/0/_next/static/css/ 		35 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sr/0/_next/static/css/styles.4af493dc.chunk.css
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/game/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
61.91.221.41 Bangkok, Thailand, ASN38082 (IIT-TIG-AS-AP True International Gateway Co., Ltd., TH),
Reverse DNS
61-91-221-41.static.asianet.co.th
Software
Lego Server /
Resource Hash
31bd8f1d5a0f3fce868b971c7f52603de284a7efe3693a5fdc2f019ab20d965a

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sat, 28 Aug 2021 07:57:52 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit
x-original-content-length
35704
server
Lego Server
age
0
etag
W/"6127737e-8b78"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
x-nws-log-uuid
10314403119956716258
accept-ranges
bytes
content-length
7388
expires
Mon, 27 Sep 2021 07:57:52 GMT
category.js.b1d1731c.chunk.css
s.isanook.com/sr/0/_next/static/css/static/San4Xsdy9aLUgv4S5czLl/pages/common/ 		7 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sr/0/_next/static/css/static/San4Xsdy9aLUgv4S5czLl/pages/common/category.js.b1d1731c.chunk.css
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/game/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
61.91.221.41 Bangkok, Thailand, ASN38082 (IIT-TIG-AS-AP True International Gateway Co., Ltd., TH),
Reverse DNS
61-91-221-41.static.asianet.co.th
Software
Lego Server /
Resource Hash
ce11179ccf594346d325caa4819473a0145b816d50e6312478ef59c836033275

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 27 Aug 2021 11:52:16 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit, Hit From Inner Cluster
x-original-content-length
7115
server
Lego Server
age
0
etag
W/"PSA-aj-9D0e2Q0rSr"
vary
Accept-Encoding, User-Agent,Save-Data
content-type
text/css
access-control-allow-origin
*
x-nws-log-uuid
6836580923201980537
accept-ranges
bytes
content-length
1655
expires
Sun, 26 Sep 2021 09:46:59 GMT
pubmatic_desktop.1.0.0.js
s.isanook.com/sh/0/js/ 		1 KB
772 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sh/0/js/pubmatic_desktop.1.0.0.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/game/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
61.91.221.41 Bangkok, Thailand, ASN38082 (IIT-TIG-AS-AP True International Gateway Co., Ltd., TH),
Reverse DNS
61-91-221-41.static.asianet.co.th
Software
Lego Server /
Resource Hash
f5c2cea9fb4541a86979fdf18bb69f11555678d14a9d0b9be1758b65d180553b

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sat, 28 Aug 2021 20:51:59 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit, Hit From Inner Cluster
last-modified
Wed, 16 May 2018 08:30:09 GMT
server
Lego Server
age
0
etag
W/"5afbec11-43f"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000, s-maxage=10
x-nws-log-uuid
3330621584488250901
accept-ranges
bytes
content-length
550
expires
Mon, 27 Sep 2021 20:51:59 GMT
publishertag.js
static.criteo.net/js/ld/ 		118 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/game/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
3982c942590876cf5a57ea212976927e47b081f65ead1a24e8d0c563e97e89b7

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 31 Aug 2021 07:28:45 GMT
content-encoding
gzip
last-modified
Thu, 12 Aug 2021 15:58:03 GMT
server
nginx
etag
W/"6115450b-1d808"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Wed, 01 Sep 2021 07:28:45 GMT
beacon.v1.js
p3.isanook.com/sh/0/js/ 		319 B
449 B 		Script
General
Check archive.org
Download Go to
Full URL
https://p3.isanook.com/sh/0/js/beacon.v1.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/game/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
150.109.90.96 Singapore, Singapore, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
Lego Server /
Resource Hash
7884ea512c3977a6c9bfa2835b3fd5200d2760b691d0ed3adf02adf271808359

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 31 Aug 2021 07:28:46 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit
server
Lego Server
etag
W/"PSA-aj-wjZq0flWx2"
content-type
application/javascript
access-control-allow-origin
*
x-nws-log-uuid
14511527941986710449
accept-ranges
bytes
content-length
239
spacer.gif
p3.isanook.com/sh/0/di/ac/vl/ 		0
0
FloatingIcon.png
s.isanook.com/sr/0/images/sport/events/paralympics2020/ 		50 KB
50 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.isanook.com/sr/0/images/sport/events/paralympics2020/FloatingIcon.png
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/game/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
61.91.221.41 Bangkok, Thailand, ASN38082 (IIT-TIG-AS-AP True International Gateway Co., Ltd., TH),
Reverse DNS
61-91-221-41.static.asianet.co.th
Software
Lego Server /
Resource Hash
8ca84095025b024952aee1f4000a3ffa5dd0321987688526f57d926d90d179ba

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 29 Aug 2021 07:22:58 GMT
x-cache-lookup
Cache Hit
server
Lego Server
age
0
etag
"61277389-c868"
content-type
image/png
access-control-allow-origin
https://www.sanook.com
x-nws-log-uuid
18158368146354453084
accept-ranges
bytes
content-length
51304
expires
Tue, 28 Sep 2021 07:22:58 GMT
aHR0cHM6Ly9zLmlzYW5vb2suY29tL2dhLzAvdWQvMjIyLzExMTQ2NTcvcHViZ21vYmlsZSgxKS5qcGc=.jpg
s.isanook.com/ga/0/rp/rc/w535h321/ya0xa0m1w0/ 		50 KB
50 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.isanook.com/ga/0/rp/rc/w535h321/ya0xa0m1w0/aHR0cHM6Ly9zLmlzYW5vb2suY29tL2dhLzAvdWQvMjIyLzExMTQ2NTcvcHViZ21vYmlsZSgxKS5qcGc=.jpg
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/game/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
61.91.221.41 Bangkok, Thailand, ASN38082 (IIT-TIG-AS-AP True International Gateway Co., Ltd., TH),
Reverse DNS
61-91-221-41.static.asianet.co.th
Software
Lego Server /
Resource Hash
6970c548045e9fde9a1b4f04418a8efbdd39bbb53040b099fb804c1441098339

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 31 Aug 2021 06:23:02 GMT
x-cache-lookup
Cache Hit
server
Lego Server
age
0
vary
Accept-Encoding
access-control-allow-origin
*
cache-control
max-age=2592000, s-maxage=10
x-nws-log-uuid
16375524481928956802
accept-ranges
bytes
content-length
51201
expires
Thu, 30 Sep 2021 06:23:02 GMT
aHR0cHM6Ly9zLmlzYW5vb2suY29tL2dhLzAvdWQvMjIyLzExMTQ2MzMvY2hpbmEoMSkuanBn.jpg
s.isanook.com/ga/0/rp/rc/w165h99/ya0xa0m1w0/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.isanook.com/ga/0/rp/rc/w165h99/ya0xa0m1w0/aHR0cHM6Ly9zLmlzYW5vb2suY29tL2dhLzAvdWQvMjIyLzExMTQ2MzMvY2hpbmEoMSkuanBn.jpg
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/game/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
61.91.221.41 Bangkok, Thailand, ASN38082 (IIT-TIG-AS-AP True International Gateway Co., Ltd., TH),
Reverse DNS
61-91-221-41.static.asianet.co.th
Software
Lego Server /
Resource Hash
889f512c16e8de291c2e9453fa060f4aa809d658f1a022e58372cbd4ea9bbfd4

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 31 Aug 2021 06:23:02 GMT
x-cache-lookup
Cache Hit
server
Lego Server
age
0
vary
Accept-Encoding
access-control-allow-origin
*
cache-control
max-age=2592000, s-maxage=10
x-nws-log-uuid
13381188645409561234
accept-ranges
bytes
content-length
6832
expires
Thu, 30 Sep 2021 06:23:02 GMT
aHR0cHM6Ly9zLmlzYW5vb2suY29tL2dhLzAvdWQvMjIyLzExMTQ1OTMvZ2Vuc2hpbl9pbXBhY3RfMi5qcGc=.jpg
s.isanook.com/ga/0/rp/rc/w165h99/ya0xa0m1w0/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.isanook.com/ga/0/rp/rc/w165h99/ya0xa0m1w0/aHR0cHM6Ly9zLmlzYW5vb2suY29tL2dhLzAvdWQvMjIyLzExMTQ1OTMvZ2Vuc2hpbl9pbXBhY3RfMi5qcGc=.jpg
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/game/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
61.91.221.41 Bangkok, Thailand, ASN38082 (IIT-TIG-AS-AP True International Gateway Co., Ltd., TH),
Reverse DNS
61-91-221-41.static.asianet.co.th
Software
Lego Server /
Resource Hash
b666d84f40157beb87568560827c6d0aaa0ebe272125cef5e82567b5d7134e4e

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 31 Aug 2021 05:43:13 GMT
x-cache-lookup
Cache Hit, Hit From Inner Cluster
server
Lego Server
age
0
etag
W/"PSA-AL1J1sYIE6"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=2592000, s-maxage=10
x-nws-log-uuid
7654593479039763556
accept-ranges
bytes
content-length
6628
expires
Thu, 30 Sep 2021 05:43:13 GMT
aHR0cHM6Ly9zLmlzYW5vb2suY29tL2dhLzAvdWQvMjIyLzExMTQ2MDkvcmVzaWRlbnRfZXZpbF93ZWxjb21lX3JhY2Nvb24uanBn.jpg
s.isanook.com/ga/0/rp/rc/w165h99/ya0xa0m1w0/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.isanook.com/ga/0/rp/rc/w165h99/ya0xa0m1w0/aHR0cHM6Ly9zLmlzYW5vb2suY29tL2dhLzAvdWQvMjIyLzExMTQ2MDkvcmVzaWRlbnRfZXZpbF93ZWxjb21lX3JhY2Nvb24uanBn.jpg
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/game/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
61.91.221.41 Bangkok, Thailand, ASN38082 (IIT-TIG-AS-AP True International Gateway Co., Ltd., TH),
Reverse DNS
61-91-221-41.static.asianet.co.th
Software
Lego Server /
Resource Hash
c90cba902c8334480af919bab3782813e040f24375b9d079f95bdb253ca452b6

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 31 Aug 2021 01:57:29 GMT
x-cache-lookup
Cache Hit, Hit From Inner Cluster
server
Lego Server
age
0
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=2592000, s-maxage=10
x-nws-log-uuid
14832767631916296421
accept-ranges
bytes
content-length
4450
expires
Thu, 30 Sep 2021 01:57:29 GMT
aHR0cHM6Ly9zLmlzYW5vb2suY29tL2dhLzAvdWQvMjE4LzEwOTQ3ODUvYXlhbWUtY29zcGxheS5qcGc=.jpg
s.isanook.com/ga/0/rp/rc/w165h99/ya0xa0m1w0/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.isanook.com/ga/0/rp/rc/w165h99/ya0xa0m1w0/aHR0cHM6Ly9zLmlzYW5vb2suY29tL2dhLzAvdWQvMjE4LzEwOTQ3ODUvYXlhbWUtY29zcGxheS5qcGc=.jpg
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/game/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
61.91.221.41 Bangkok, Thailand, ASN38082 (IIT-TIG-AS-AP True International Gateway Co., Ltd., TH),
Reverse DNS
61-91-221-41.static.asianet.co.th
Software
Lego Server /
Resource Hash
b19ee291304641b8c6ba634ee2a097937d8e4dfe3cbf5c625fa82c56ac56b81e

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 30 Aug 2021 14:13:41 GMT
x-cache-lookup
Cache Hit, Hit From Inner Cluster
server
Lego Server
age
0
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=2592000, s-maxage=10
x-nws-log-uuid
5925527813619729020
accept-ranges
bytes
content-length
6532
expires
Wed, 29 Sep 2021 14:13:41 GMT
aHR0cHM6Ly9zLmlzYW5vb2suY29tL2dhLzAvdWQvMjIyLzExMTQ1ODUvcHM1KDEpLmpwZw==.jpg
s.isanook.com/ga/0/rp/rc/w165h99/ya0xa0m1w0/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.isanook.com/ga/0/rp/rc/w165h99/ya0xa0m1w0/aHR0cHM6Ly9zLmlzYW5vb2suY29tL2dhLzAvdWQvMjIyLzExMTQ1ODUvcHM1KDEpLmpwZw==.jpg
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/game/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
61.91.221.41 Bangkok, Thailand, ASN38082 (IIT-TIG-AS-AP True International Gateway Co., Ltd., TH),
Reverse DNS
61-91-221-41.static.asianet.co.th
Software
Lego Server /
Resource Hash
16ab2b0ef702fcf0ebda607376f9d1bf01c16ed05e922526ae8ef68902259068

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 30 Aug 2021 11:20:25 GMT
x-cache-lookup
Cache Hit, Hit From Inner Cluster
server
Lego Server
age
0
vary
Accept-Encoding
access-control-allow-origin
*
cache-control
max-age=2592000, s-maxage=10
x-nws-log-uuid
2269392549435161762
accept-ranges
bytes
content-length
4283
expires
Wed, 29 Sep 2021 11:20:25 GMT
aHR0cHM6Ly9zLmlzYW5vb2suY29tL2dhLzAvdWQvMjIyLzExMTQ1NjkvcmVtZWR5X2NvdmVyLmpwZw==.jpg
s.isanook.com/ga/0/rp/rc/w165h99/ya0xa0m1w0/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.isanook.com/ga/0/rp/rc/w165h99/ya0xa0m1w0/aHR0cHM6Ly9zLmlzYW5vb2suY29tL2dhLzAvdWQvMjIyLzExMTQ1NjkvcmVtZWR5X2NvdmVyLmpwZw==.jpg
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/game/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
61.91.221.41 Bangkok, Thailand, ASN38082 (IIT-TIG-AS-AP True International Gateway Co., Ltd., TH),
Reverse DNS
61-91-221-41.static.asianet.co.th
Software
Lego Server /
Resource Hash
6eea49df2bf15a48d708dcc8ecc0229c7ace2b757f1baf8b9a6ba5490c288b38

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 30 Aug 2021 11:15:27 GMT
x-cache-lookup
Cache Hit, Hit From Inner Cluster
server
Lego Server
age
0
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=2592000, s-maxage=10
x-nws-log-uuid
3823284879127683446
accept-ranges
bytes
content-length
8185
expires
Wed, 29 Sep 2021 11:15:27 GMT
aHR0cHM6Ly9zLmlzYW5vb2suY29tL2dhLzAvdWQvMjIyLzExMTQ0MTcvZ2Vuc2hpbl90aHVtbmFpbF8zLmpwZw==.jpg
s.isanook.com/ga/0/rp/rc/w165h99/ya0xa0m1w0/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.isanook.com/ga/0/rp/rc/w165h99/ya0xa0m1w0/aHR0cHM6Ly9zLmlzYW5vb2suY29tL2dhLzAvdWQvMjIyLzExMTQ0MTcvZ2Vuc2hpbl90aHVtbmFpbF8zLmpwZw==.jpg
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/game/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
61.91.221.41 Bangkok, Thailand, ASN38082 (IIT-TIG-AS-AP True International Gateway Co., Ltd., TH),
Reverse DNS
61-91-221-41.static.asianet.co.th
Software
Lego Server /
Resource Hash
7094ae9018082af0d5f47028bfc1ff340cde399054f0720a6c4b119fa70afeca

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 30 Aug 2021 02:54:22 GMT
x-cache-lookup
Cache Hit
server
Lego Server
age
0
vary
Accept-Encoding
access-control-allow-origin
*
cache-control
max-age=2592000, s-maxage=10
x-nws-log-uuid
8811348230607698989
accept-ranges
bytes
content-length
6508
expires
Wed, 29 Sep 2021 02:54:22 GMT
aHR0cHM6Ly9zLmlzYW5vb2suY29tL2dhLzAvdWQvMjIyLzExMTQ0ODkvcm92X3RodW1uYWlsMS5qcGc=.jpg
s.isanook.com/ga/0/rp/rc/w165h99/ya0xa0m1w0/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.isanook.com/ga/0/rp/rc/w165h99/ya0xa0m1w0/aHR0cHM6Ly9zLmlzYW5vb2suY29tL2dhLzAvdWQvMjIyLzExMTQ0ODkvcm92X3RodW1uYWlsMS5qcGc=.jpg
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/game/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
61.91.221.41 Bangkok, Thailand, ASN38082 (IIT-TIG-AS-AP True International Gateway Co., Ltd., TH),
Reverse DNS
61-91-221-41.static.asianet.co.th
Software
Lego Server /
Resource Hash
7b8bc42aece1fd529939627806e54eac636c07bf1ac77a02bcd42559aba9a834

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 30 Aug 2021 15:38:00 GMT
x-cache-lookup
Cache Hit, Hit From Inner Cluster
server
Lego Server
age
0
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=2592000, s-maxage=10
x-nws-log-uuid
11785936425751038165
accept-ranges
bytes
content-length
6748
expires
Wed, 29 Sep 2021 15:38:00 GMT
aHR0cHM6Ly9zLmlzYW5vb2suY29tL2dhLzAvdWQvMjIyLzExMTQ0NDEvcHNwbHVzX2NvdmVyLmpwZw==.jpg
s.isanook.com/ga/0/rp/rc/w165h99/ya0xa0m1w0/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.isanook.com/ga/0/rp/rc/w165h99/ya0xa0m1w0/aHR0cHM6Ly9zLmlzYW5vb2suY29tL2dhLzAvdWQvMjIyLzExMTQ0NDEvcHNwbHVzX2NvdmVyLmpwZw==.jpg
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/game/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
61.91.221.41 Bangkok, Thailand, ASN38082 (IIT-TIG-AS-AP True International Gateway Co., Ltd., TH),
Reverse DNS
61-91-221-41.static.asianet.co.th
Software
Lego Server /
Resource Hash
97085f45209a496fd7645a55059fdfcb28b8fb6d275335b3b2ace3f7ae4c845b

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 29 Aug 2021 09:39:09 GMT
x-cache-lookup
Cache Hit
server
Lego Server
age
0
etag
W/"PSA-qbPpt5lrHd"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=2592000, s-maxage=10
x-nws-log-uuid
89062962328856302
accept-ranges
bytes
content-length
8795
expires
Tue, 28 Sep 2021 09:39:09 GMT
0003set000_military-guy_535x5.png
s.isanook.com/ga/0/ud/214/1070265/ 		629 KB
630 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.isanook.com/ga/0/ud/214/1070265/0003set000_military-guy_535x5.png
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/game/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
61.91.221.41 Bangkok, Thailand, ASN38082 (IIT-TIG-AS-AP True International Gateway Co., Ltd., TH),
Reverse DNS
61-91-221-41.static.asianet.co.th
Software
Lego Server /
Resource Hash
77c4b68719f5a26bff56c04d0931fbe41b71ac43a4bae8f1c125bfbfb910a98e

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 30 Aug 2021 07:59:22 GMT
x-cache-lookup
Cache Hit, Hit From Inner Cluster
last-modified
Mon, 10 Aug 2020 08:30:33 GMT
server
Lego Server
age
0
etag
"5f3105a9-9d35d"
content-type
image/png
access-control-allow-origin
https://www.sanook.com
cache-control
max-age=2592000, s-maxage=10
x-nws-log-uuid
15605760822720403217
accept-ranges
bytes
content-length
643933
expires
Wed, 29 Sep 2021 07:59:22 GMT
0000set000_sf_535x533.jpg
s.isanook.com/ga/0/ud/211/1057531/ 		175 KB
176 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.isanook.com/ga/0/ud/211/1057531/0000set000_sf_535x533.jpg
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/game/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
61.91.221.41 Bangkok, Thailand, ASN38082 (IIT-TIG-AS-AP True International Gateway Co., Ltd., TH),
Reverse DNS
61-91-221-41.static.asianet.co.th
Software
Lego Server /
Resource Hash
37fd66605d10849eadec44c2589c61a334651945df2abaa85dd43d9955a76d32

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 29 Aug 2021 05:22:38 GMT
x-cache-lookup
Cache Hit, Hit From Inner Cluster
last-modified
Fri, 10 Apr 2020 07:25:38 GMT
server
Lego Server
age
0
etag
"5e901f72-2bda1"
content-type
image/jpeg
access-control-allow-origin
https://www.sanook.com
cache-control
max-age=2592000, s-maxage=10
x-nws-log-uuid
9179390221711805942
accept-ranges
bytes
content-length
179617
expires
Tue, 28 Sep 2021 05:22:38 GMT
800x800.png
s.isanook.com/ga/0/ud/205/1029793/ 		575 KB
576 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.isanook.com/ga/0/ud/205/1029793/800x800.png
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/game/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
61.91.221.41 Bangkok, Thailand, ASN38082 (IIT-TIG-AS-AP True International Gateway Co., Ltd., TH),
Reverse DNS
61-91-221-41.static.asianet.co.th
Software
Lego Server /
Resource Hash
42263e66369cdc509762b46fd294f80004cede097214c284b770341763c07398

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 29 Aug 2021 03:59:42 GMT
x-cache-lookup
Cache Hit, Hit From Inner Cluster
last-modified
Wed, 08 May 2019 06:33:33 GMT
server
Lego Server
age
0
etag
"5cd2783d-8fb44"
content-type
image/png
access-control-allow-origin
https://www.sanook.com
cache-control
max-age=2592000
x-nws-log-uuid
3828515767626344930
accept-ranges
bytes
content-length
588612
expires
Tue, 28 Sep 2021 03:59:42 GMT
pleasedontrolloff_1.jpg
s.isanook.com/ga/0/ud/204/1020641/ 		132 KB
132 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.isanook.com/ga/0/ud/204/1020641/pleasedontrolloff_1.jpg
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/game/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
61.91.221.41 Bangkok, Thailand, ASN38082 (IIT-TIG-AS-AP True International Gateway Co., Ltd., TH),
Reverse DNS
61-91-221-41.static.asianet.co.th
Software
Lego Server /
Resource Hash
5c43a84d5a79b665eef85053d697dffb0ebbdacda7c3bf7b0ecdcde13146d6e4

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 27 Aug 2021 12:59:33 GMT
x-cache-lookup
Cache Hit
last-modified
Thu, 08 Nov 2018 04:05:14 GMT
server
Lego Server
age
0
etag
"5be3b5fa-210a6"
content-type
image/jpeg
access-control-allow-origin
https://www.sanook.com
cache-control
max-age=2592000, s-maxage=10
x-nws-log-uuid
9896300630342954697
accept-ranges
bytes
content-length
135334
expires
Sun, 26 Sep 2021 12:59:33 GMT
zumbasreversi_1.jpg
s.isanook.com/ga/0/ud/204/1020633/ 		160 KB
161 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.isanook.com/ga/0/ud/204/1020633/zumbasreversi_1.jpg
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/game/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
61.91.221.41 Bangkok, Thailand, ASN38082 (IIT-TIG-AS-AP True International Gateway Co., Ltd., TH),
Reverse DNS
61-91-221-41.static.asianet.co.th
Software
Lego Server /
Resource Hash
d2eb15f0f1379c3d22d015e90d1fa575462d6b385dc6be0db12dd7aa396f5f41

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 30 Aug 2021 08:26:34 GMT
x-cache-lookup
Cache Hit, Hit From Inner Cluster
last-modified
Thu, 08 Nov 2018 04:17:02 GMT
server
Lego Server
age
0
etag
"5be3b8be-281a8"
content-type
image/jpeg
access-control-allow-origin
https://www.sanook.com
cache-control
max-age=2592000, s-maxage=10
x-nws-log-uuid
17593766226848840143
accept-ranges
bytes
content-length
164264
expires
Wed, 29 Sep 2021 08:26:34 GMT
aHR0cHM6Ly9zLmlzYW5vb2suY29tL2dhLzAvdWQvMjIyLzExMTQ1NzcvbWluZWNyYWZ0KDEpLmpwZw==.jpg
s.isanook.com/ga/0/rp/rc/w375h225/ya0xa0m1w0/ 		32 KB
32 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.isanook.com/ga/0/rp/rc/w375h225/ya0xa0m1w0/aHR0cHM6Ly9zLmlzYW5vb2suY29tL2dhLzAvdWQvMjIyLzExMTQ1NzcvbWluZWNyYWZ0KDEpLmpwZw==.jpg
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/game/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
61.91.221.41 Bangkok, Thailand, ASN38082 (IIT-TIG-AS-AP True International Gateway Co., Ltd., TH),
Reverse DNS
61-91-221-41.static.asianet.co.th
Software
Lego Server /
Resource Hash
71aa393c3d32875d2072f63859ee09962d50ab2d7b2afa60a7e6b869badabf22

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 31 Aug 2021 06:23:19 GMT
x-cache-lookup
Cache Hit, Hit From Inner Cluster
server
Lego Server
age
0
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=2592000, s-maxage=10
x-nws-log-uuid
12935970704853301266
accept-ranges
bytes
content-length
32978
expires
Thu, 30 Sep 2021 06:23:19 GMT
aHR0cHM6Ly9zLmlzYW5vb2suY29tL2dhLzAvdWQvMjIyLzExMTQ1MTMvbWFydmVsZnV0dXJlcmV2b2x1dGlvbigxKS5qcGc=.jpg
s.isanook.com/ga/0/rp/rc/w375h225/ya0xa0m1w0/ 		29 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.isanook.com/ga/0/rp/rc/w375h225/ya0xa0m1w0/aHR0cHM6Ly9zLmlzYW5vb2suY29tL2dhLzAvdWQvMjIyLzExMTQ1MTMvbWFydmVsZnV0dXJlcmV2b2x1dGlvbigxKS5qcGc=.jpg
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/game/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
61.91.221.41 Bangkok, Thailand, ASN38082 (IIT-TIG-AS-AP True International Gateway Co., Ltd., TH),
Reverse DNS
61-91-221-41.static.asianet.co.th
Software
Lego Server /
Resource Hash
7636c8970de30bee306638c784834092e13180849662eff159c1e338abc828c1

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 31 Aug 2021 05:43:13 GMT
x-cache-lookup
Cache Hit, Hit From Inner Cluster
server
Lego Server
age
0
etag
W/"PSA-avUhCB0RTn"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=2592000, s-maxage=10
x-nws-log-uuid
1886454329061199009
accept-ranges
bytes
content-length
29964
expires
Thu, 30 Sep 2021 05:43:13 GMT
aHR0cHM6Ly9zLmlzYW5vb2suY29tL2dhLzAvdWQvMjIyLzExMTQ2MDEvcmVzaWRlbnQtZXZpbC1kdXJpbmctdGhlLXN0b3JfMS5qcGc=.jpg
s.isanook.com/ga/0/rp/rc/w258h155/ya0xa0m1w0/ 		17 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.isanook.com/ga/0/rp/rc/w258h155/ya0xa0m1w0/aHR0cHM6Ly9zLmlzYW5vb2suY29tL2dhLzAvdWQvMjIyLzExMTQ2MDEvcmVzaWRlbnQtZXZpbC1kdXJpbmctdGhlLXN0b3JfMS5qcGc=.jpg
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/game/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
61.91.221.41 Bangkok, Thailand, ASN38082 (IIT-TIG-AS-AP True International Gateway Co., Ltd., TH),
Reverse DNS
61-91-221-41.static.asianet.co.th
Software
Lego Server /
Resource Hash
e490cc088dfd48a8187f4ad854c73a8210a283b0953b033d16206519a331705f

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 30 Aug 2021 12:15:51 GMT
x-cache-lookup
Cache Hit, Hit From Inner Cluster
server
Lego Server
age
0
etag
W/"PSA-W6L-5q_1Tq"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=2592000, s-maxage=10
x-nws-log-uuid
12487227517311445338
accept-ranges
bytes
content-length
17735
expires
Wed, 29 Sep 2021 12:15:51 GMT
aHR0cHM6Ly9zLmlzYW5vb2suY29tL2dhLzAvdWQvMjIyLzExMTQ1NDUvdW5kZWNlbWJlci0oMSkuanBn.jpg
s.isanook.com/ga/0/rp/rc/w258h155/ya0xa0m1w0/ 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.isanook.com/ga/0/rp/rc/w258h155/ya0xa0m1w0/aHR0cHM6Ly9zLmlzYW5vb2suY29tL2dhLzAvdWQvMjIyLzExMTQ1NDUvdW5kZWNlbWJlci0oMSkuanBn.jpg
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/game/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
61.91.221.41 Bangkok, Thailand, ASN38082 (IIT-TIG-AS-AP True International Gateway Co., Ltd., TH),
Reverse DNS
61-91-221-41.static.asianet.co.th
Software
Lego Server /
Resource Hash
382e66a75259c4eaba292747c6954260b2cdc883728e1854a3949ab79b49e0d7

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 30 Aug 2021 11:09:30 GMT
x-cache-lookup
Cache Hit
server
Lego Server
age
0
etag
W/"PSA-nWLZYO7XdG"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=2592000, s-maxage=10
x-nws-log-uuid
3123617406164591993
accept-ranges
bytes
content-length
16473
expires
Wed, 29 Sep 2021 11:09:30 GMT
aHR0cHM6Ly9zLmlzYW5vb2suY29tL2dhLzAvdWQvMjIyLzExMTQ1MzcvZ3VuZ3JhdmUtKDEpLmpwZw==.jpg
s.isanook.com/ga/0/rp/rc/w258h155/ya0xa0m1w0/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.isanook.com/ga/0/rp/rc/w258h155/ya0xa0m1w0/aHR0cHM6Ly9zLmlzYW5vb2suY29tL2dhLzAvdWQvMjIyLzExMTQ1MzcvZ3VuZ3JhdmUtKDEpLmpwZw==.jpg
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/game/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
61.91.221.41 Bangkok, Thailand, ASN38082 (IIT-TIG-AS-AP True International Gateway Co., Ltd., TH),
Reverse DNS
61-91-221-41.static.asianet.co.th
Software
Lego Server /
Resource Hash
9e39a43bfe9e12f2ff8a278214d4c72c16f972d6c3080eee9cc01eb6b1fb1901

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 30 Aug 2021 11:49:24 GMT
x-cache-lookup
Cache Hit, Hit From Inner Cluster
server
Lego Server
age
0
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=2592000, s-maxage=10
x-nws-log-uuid
16536524844274950432
accept-ranges
bytes
content-length
9219
expires
Wed, 29 Sep 2021 11:49:24 GMT
aHR0cHM6Ly9zLmlzYW5vb2suY29tL2dhLzAvdWQvMjIyLzExMTQ1MDUvZGVhdGgtc3RyYW5kaW5nLTIoNikuanBn.jpg
s.isanook.com/ga/0/rp/rc/w258h155/ya0xa0m1w0/ 		10 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.isanook.com/ga/0/rp/rc/w258h155/ya0xa0m1w0/aHR0cHM6Ly9zLmlzYW5vb2suY29tL2dhLzAvdWQvMjIyLzExMTQ1MDUvZGVhdGgtc3RyYW5kaW5nLTIoNikuanBn.jpg
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/game/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
61.91.221.41 Bangkok, Thailand, ASN38082 (IIT-TIG-AS-AP True International Gateway Co., Ltd., TH),
Reverse DNS
61-91-221-41.static.asianet.co.th
Software
Lego Server /
Resource Hash
2469e4381d00e9a81777063691b88155b98cfa3a1fbf2e8477e9bd243b60f6a7

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 30 Aug 2021 08:45:31 GMT
x-cache-lookup
Cache Hit, Hit From Inner Cluster
server
Lego Server
age
0
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=2592000, s-maxage=10
x-nws-log-uuid
10486966664897347029
accept-ranges
bytes
content-length
10591
expires
Wed, 29 Sep 2021 08:45:31 GMT
aHR0cHM6Ly9zLmlzYW5vb2suY29tL2dhLzAvdWQvMjIyLzExMTQ0ODkvcm92X3RodW1uYWlsMS5qcGc=.jpg
s.isanook.com/ga/0/rp/rc/w258h155/ya0xa0m1w0/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.isanook.com/ga/0/rp/rc/w258h155/ya0xa0m1w0/aHR0cHM6Ly9zLmlzYW5vb2suY29tL2dhLzAvdWQvMjIyLzExMTQ0ODkvcm92X3RodW1uYWlsMS5qcGc=.jpg
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/game/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
61.91.221.41 Bangkok, Thailand, ASN38082 (IIT-TIG-AS-AP True International Gateway Co., Ltd., TH),
Reverse DNS
61-91-221-41.static.asianet.co.th
Software
Lego Server /
Resource Hash
fdea2bda12017447e43df9ef7b12060f3bee71b5ffdbb530644c80de25be9498

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 30 Aug 2021 13:19:55 GMT
x-cache-lookup
Cache Hit, Hit From Inner Cluster
x-original-content-length
13736
server
Lego Server
age
0
etag
W/"PSA-aj-Dz6j3zPaln"
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=2591993
x-nws-log-uuid
12139245363500661302
accept-ranges
bytes
content-length
11335
expires
Wed, 29 Sep 2021 13:19:49 GMT
aHR0cHM6Ly9zLmlzYW5vb2suY29tL2dhLzAvdWQvMjIyLzExMTQ0NzMvdGV0cmlzX2NvdmVyLmpwZw==.jpg
s.isanook.com/ga/0/rp/rc/w258h155/ya0xa0m1w0/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.isanook.com/ga/0/rp/rc/w258h155/ya0xa0m1w0/aHR0cHM6Ly9zLmlzYW5vb2suY29tL2dhLzAvdWQvMjIyLzExMTQ0NzMvdGV0cmlzX2NvdmVyLmpwZw==.jpg
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/game/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
61.91.221.41 Bangkok, Thailand, ASN38082 (IIT-TIG-AS-AP True International Gateway Co., Ltd., TH),
Reverse DNS
61-91-221-41.static.asianet.co.th
Software
Lego Server /
Resource Hash
cdf7f5d9b079628fecc5e3303c19baaf2561510bcff0cc3d195379cf696f3a22

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 30 Aug 2021 07:09:02 GMT
x-cache-lookup
Cache Hit
server
Lego Server
age
0
etag
W/"PSA-IK1Hm5Un6G"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=2592000, s-maxage=10
x-nws-log-uuid
8930499862673211091
accept-ranges
bytes
content-length
8943
expires
Wed, 29 Sep 2021 07:09:02 GMT
aHR0cHM6Ly9zLmlzYW5vb2suY29tL2dhLzAvdWQvMjIyLzExMTQ0MTcvZ2Vuc2hpbl90aHVtbmFpbF8zLmpwZw==.jpg
s.isanook.com/ga/0/rp/rc/w258h155/ya0xa0m1w0/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.isanook.com/ga/0/rp/rc/w258h155/ya0xa0m1w0/aHR0cHM6Ly9zLmlzYW5vb2suY29tL2dhLzAvdWQvMjIyLzExMTQ0MTcvZ2Vuc2hpbl90aHVtbmFpbF8zLmpwZw==.jpg
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/game/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
61.91.221.41 Bangkok, Thailand, ASN38082 (IIT-TIG-AS-AP True International Gateway Co., Ltd., TH),
Reverse DNS
61-91-221-41.static.asianet.co.th
Software
Lego Server /
Resource Hash
066c45e1a68e732e622fd2b52e4404cb40e994495e4e7f7f2dbde18fd6f7d9f3

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 30 Aug 2021 03:30:53 GMT
x-cache-lookup
Cache Hit, Hit From Inner Cluster
x-original-content-length
12492
server
Lego Server
age
0
etag
W/"PSA-aj-lCEq2Xzm9e"
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=2590183
x-nws-log-uuid
10248534345148320858
accept-ranges
bytes
content-length
10298
expires
Wed, 29 Sep 2021 03:00:37 GMT
aHR0cHM6Ly9zLmlzYW5vb2suY29tL2dhLzAvdWQvMjIyLzExMTQ0MjUvZmYxNF9jb3Zlci5qcGc=.jpg
s.isanook.com/ga/0/rp/rc/w258h155/ya0xa0m1w0/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.isanook.com/ga/0/rp/rc/w258h155/ya0xa0m1w0/aHR0cHM6Ly9zLmlzYW5vb2suY29tL2dhLzAvdWQvMjIyLzExMTQ0MjUvZmYxNF9jb3Zlci5qcGc=.jpg
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/game/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
61.91.221.41 Bangkok, Thailand, ASN38082 (IIT-TIG-AS-AP True International Gateway Co., Ltd., TH),
Reverse DNS
61-91-221-41.static.asianet.co.th
Software
Lego Server /
Resource Hash
421e3578f08c01061afc739ea1cf15ddf647a890f1975f16122034bf3e4af466

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 29 Aug 2021 12:28:05 GMT
x-cache-lookup
Cache Hit, Hit From Inner Cluster
server
Lego Server
age
0
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=2592000, s-maxage=10
x-nws-log-uuid
14586303293688547086
accept-ranges
bytes
content-length
12357
expires
Tue, 28 Sep 2021 12:28:05 GMT
aHR0cHM6Ly9zLmlzYW5vb2suY29tL2dhLzAvdWQvMjIyLzExMTQ0NDEvcHNwbHVzX2NvdmVyLmpwZw==.jpg
s.isanook.com/ga/0/rp/rc/w258h155/ya0xa0m1w0/ 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.isanook.com/ga/0/rp/rc/w258h155/ya0xa0m1w0/aHR0cHM6Ly9zLmlzYW5vb2suY29tL2dhLzAvdWQvMjIyLzExMTQ0NDEvcHNwbHVzX2NvdmVyLmpwZw==.jpg
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/game/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
61.91.221.41 Bangkok, Thailand, ASN38082 (IIT-TIG-AS-AP True International Gateway Co., Ltd., TH),
Reverse DNS
61-91-221-41.static.asianet.co.th
Software
Lego Server /
Resource Hash
7f11f9581d3ef4bc76798877a4d8023220314c45351ed1a582f3a0626135a0b3

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 29 Aug 2021 12:28:05 GMT
x-cache-lookup
Cache Hit
server
Lego Server
age
0
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=2592000, s-maxage=10
x-nws-log-uuid
13321152313453971628
accept-ranges
bytes
content-length
16592
expires
Tue, 28 Sep 2021 12:28:05 GMT
aHR0cHM6Ly9zLmlzYW5vb2suY29tL2dhLzAvdWQvMjIyLzExMTQzNDUvc3VtbW9uZXJzLXdhci1jaHJvbmljbGVzLSgxKS5wbmc=.png
s.isanook.com/ga/0/rp/rc/w258h155/ya0xa0m1w0/ 		93 KB
93 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.isanook.com/ga/0/rp/rc/w258h155/ya0xa0m1w0/aHR0cHM6Ly9zLmlzYW5vb2suY29tL2dhLzAvdWQvMjIyLzExMTQzNDUvc3VtbW9uZXJzLXdhci1jaHJvbmljbGVzLSgxKS5wbmc=.png
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/game/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
61.91.221.41 Bangkok, Thailand, ASN38082 (IIT-TIG-AS-AP True International Gateway Co., Ltd., TH),
Reverse DNS
61-91-221-41.static.asianet.co.th
Software
Lego Server /
Resource Hash
33b9cc419dd62c857550f8db512c0a5a92cb9ba44ec863fea9aca56cc3228596

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 30 Aug 2021 04:47:42 GMT
x-cache-lookup
Cache Hit
server
Lego Server
age
0
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=2592000, s-maxage=10
x-nws-log-uuid
17946160539523615695
accept-ranges
bytes
content-length
95115
expires
Wed, 29 Sep 2021 04:47:42 GMT
aHR0cHM6Ly9zLmlzYW5vb2suY29tL2dhLzAvdWQvMjIyLzExMTQzNjkvZ2F0ZW9mbmlnaHRtYXJlcy0oMSkuanBn.jpg
s.isanook.com/ga/0/rp/rc/w258h155/ya0xa0m1w0/ 		21 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.isanook.com/ga/0/rp/rc/w258h155/ya0xa0m1w0/aHR0cHM6Ly9zLmlzYW5vb2suY29tL2dhLzAvdWQvMjIyLzExMTQzNjkvZ2F0ZW9mbmlnaHRtYXJlcy0oMSkuanBn.jpg
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/game/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
61.91.221.41 Bangkok, Thailand, ASN38082 (IIT-TIG-AS-AP True International Gateway Co., Ltd., TH),
Reverse DNS
61-91-221-41.static.asianet.co.th
Software
Lego Server /
Resource Hash
071f98fff473edd419315173162dd731e898925cfa6abc98b871167a24c36e62

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sat, 28 Aug 2021 17:32:57 GMT
x-cache-lookup
Cache Hit
server
Lego Server
age
0
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=2592000, s-maxage=10
x-nws-log-uuid
6145901077314604846
accept-ranges
bytes
content-length
21797
expires
Mon, 27 Sep 2021 17:32:57 GMT
aHR0cHM6Ly9zLmlzYW5vb2suY29tL2dhLzAvdWQvMjIyLzExMTQzMTMvc3BlY2lhbGZvcmNlKDEpLmpwZw==.jpg
s.isanook.com/ga/0/rp/rc/w258h155/ya0xa0m1w0/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.isanook.com/ga/0/rp/rc/w258h155/ya0xa0m1w0/aHR0cHM6Ly9zLmlzYW5vb2suY29tL2dhLzAvdWQvMjIyLzExMTQzMTMvc3BlY2lhbGZvcmNlKDEpLmpwZw==.jpg
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/game/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
61.91.221.41 Bangkok, Thailand, ASN38082 (IIT-TIG-AS-AP True International Gateway Co., Ltd., TH),
Reverse DNS
61-91-221-41.static.asianet.co.th
Software
Lego Server /
Resource Hash
daf1ca14f92f1e1f0d2567626adc75c8c42c1fac7121baa1051ca0173ea8ee1f

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sat, 28 Aug 2021 13:11:34 GMT
x-cache-lookup
Cache Hit, Hit From Inner Cluster
server
Lego Server
age
0
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=2592000, s-maxage=10
x-nws-log-uuid
2527042437156216991
accept-ranges
bytes
content-length
11252
expires
Mon, 27 Sep 2021 13:11:34 GMT
aHR0cHM6Ly9zLmlzYW5vb2suY29tL2dhLzAvdWQvMjIyLzExMTQzMDUvZ2hvc3Qtb2YtdHN1c2hpbWEoMSkuanBn.jpg
s.isanook.com/ga/0/rp/rc/w258h155/ya0xa0m1w0/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.isanook.com/ga/0/rp/rc/w258h155/ya0xa0m1w0/aHR0cHM6Ly9zLmlzYW5vb2suY29tL2dhLzAvdWQvMjIyLzExMTQzMDUvZ2hvc3Qtb2YtdHN1c2hpbWEoMSkuanBn.jpg
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/game/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
61.91.221.41 Bangkok, Thailand, ASN38082 (IIT-TIG-AS-AP True International Gateway Co., Ltd., TH),
Reverse DNS
61-91-221-41.static.asianet.co.th
Software
Lego Server /
Resource Hash
4dc18ad6c14207ddeb9db2e1bd9aab51195a6debb981427304a44a05571e28cd

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sat, 28 Aug 2021 07:57:00 GMT
x-cache-lookup
Cache Hit, Hit From Inner Cluster
server
Lego Server
age
0
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=2592000, s-maxage=10
x-nws-log-uuid
16337631081989489682
accept-ranges
bytes
content-length
13133
expires
Mon, 27 Sep 2021 07:57:00 GMT
aHR0cHM6Ly9zLmlzYW5vb2suY29tL2dhLzAvdWQvMjIyLzExMTQyNjUvYmF0dGxlZmllbGR2KDEpLmpwZw==.jpg
s.isanook.com/ga/0/rp/rc/w258h155/ya0xa0m1w0/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.isanook.com/ga/0/rp/rc/w258h155/ya0xa0m1w0/aHR0cHM6Ly9zLmlzYW5vb2suY29tL2dhLzAvdWQvMjIyLzExMTQyNjUvYmF0dGxlZmllbGR2KDEpLmpwZw==.jpg
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/game/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
61.91.221.41 Bangkok, Thailand, ASN38082 (IIT-TIG-AS-AP True International Gateway Co., Ltd., TH),
Reverse DNS
61-91-221-41.static.asianet.co.th
Software
Lego Server /
Resource Hash
17420b908e18f0ad3553f39101d9e7330c9d593732eb5fed1a557f365f1a7dca

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sat, 28 Aug 2021 03:44:23 GMT
x-cache-lookup
Cache Hit, Hit From Inner Cluster
server
Lego Server
age
0
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=2592000, s-maxage=10
x-nws-log-uuid
3830087750558158387
accept-ranges
bytes
content-length
10867
expires
Mon, 27 Sep 2021 03:44:23 GMT
aHR0cHM6Ly9zLmlzYW5vb2suY29tL2dhLzAvdWQvMjIyLzExMTQyMjUvZWZvb3RiYWxsKDEpLmpwZw==.jpg
s.isanook.com/ga/0/rp/rc/w258h155/ya0xa0m1w0/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.isanook.com/ga/0/rp/rc/w258h155/ya0xa0m1w0/aHR0cHM6Ly9zLmlzYW5vb2suY29tL2dhLzAvdWQvMjIyLzExMTQyMjUvZWZvb3RiYWxsKDEpLmpwZw==.jpg
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/game/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
61.91.221.41 Bangkok, Thailand, ASN38082 (IIT-TIG-AS-AP True International Gateway Co., Ltd., TH),
Reverse DNS
61-91-221-41.static.asianet.co.th
Software
Lego Server /
Resource Hash
4328776afecc1afe66cbb1982b7e0b51e7412dfa2015381278cdcdbfde7475f5

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 27 Aug 2021 12:19:45 GMT
x-cache-lookup
Cache Hit, Hit From Inner Cluster
server
Lego Server
age
0
etag
W/"PSA-2H135Z01sB"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=2592000, s-maxage=10
x-nws-log-uuid
4684403142016798567
accept-ranges
bytes
content-length
8242
expires
Sun, 26 Sep 2021 12:19:45 GMT
aHR0cHM6Ly9zLmlzYW5vb2suY29tL2dhLzAvdWQvMjIyLzExMTQyMDEvZXBpY2dhbWVzKDEpLmpwZw==.jpg
s.isanook.com/ga/0/rp/rc/w258h155/ya0xa0m1w0/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.isanook.com/ga/0/rp/rc/w258h155/ya0xa0m1w0/aHR0cHM6Ly9zLmlzYW5vb2suY29tL2dhLzAvdWQvMjIyLzExMTQyMDEvZXBpY2dhbWVzKDEpLmpwZw==.jpg
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/game/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
61.91.221.41 Bangkok, Thailand, ASN38082 (IIT-TIG-AS-AP True International Gateway Co., Ltd., TH),
Reverse DNS
61-91-221-41.static.asianet.co.th
Software
Lego Server /
Resource Hash
206e35109f6c8f608a2cb02c05a8845c02b77e47d94e351c159c804c473e35f4

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 27 Aug 2021 11:41:14 GMT
x-cache-lookup
Cache Hit, Hit From Inner Cluster
server
Lego Server
age
0
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=2592000, s-maxage=10
x-nws-log-uuid
17756672620278780765
accept-ranges
bytes
content-length
11088
expires
Sun, 26 Sep 2021 11:41:14 GMT
category.js
s.isanook.com/sr/0/_next/static/San4Xsdy9aLUgv4S5czLl/pages/common/ 		683 KB
148 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sr/0/_next/static/San4Xsdy9aLUgv4S5czLl/pages/common/category.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/game/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
61.91.221.41 Bangkok, Thailand, ASN38082 (IIT-TIG-AS-AP True International Gateway Co., Ltd., TH),
Reverse DNS
61-91-221-41.static.asianet.co.th
Software
Lego Server /
Resource Hash
e85c484f6c89adb2fa384c6a37acb03f6f9f50bd512cf2701c11922de364aef9

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 26 Aug 2021 11:04:07 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit, Hit From Inner Cluster
x-original-content-length
699030
server
Lego Server
age
0
etag
W/"6127737d-aaa96"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-nws-log-uuid
18383913003830335060
accept-ranges
bytes
content-length
151316
expires
Sat, 25 Sep 2021 11:04:07 GMT
_app.js
s.isanook.com/sr/0/_next/static/San4Xsdy9aLUgv4S5czLl/pages/ 		333 KB
67 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sr/0/_next/static/San4Xsdy9aLUgv4S5czLl/pages/_app.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/game/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
61.91.221.41 Bangkok, Thailand, ASN38082 (IIT-TIG-AS-AP True International Gateway Co., Ltd., TH),
Reverse DNS
61-91-221-41.static.asianet.co.th
Software
Lego Server /
Resource Hash
add959e269a4562dd13010ed646398d5a6156e11db1886292b5eee313b4fb373

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 27 Aug 2021 12:06:43 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit, Hit From Inner Cluster
x-original-content-length
341208
server
Lego Server
age
0
etag
W/"6127737e-534d8"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-nws-log-uuid
3972592387100854161
accept-ranges
bytes
content-length
68214
expires
Sun, 26 Sep 2021 12:06:43 GMT
webpack-bf727a6e86cd493ae7aa.js
s.isanook.com/sr/0/_next/static/runtime/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sr/0/_next/static/runtime/webpack-bf727a6e86cd493ae7aa.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/game/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
61.91.221.41 Bangkok, Thailand, ASN38082 (IIT-TIG-AS-AP True International Gateway Co., Ltd., TH),
Reverse DNS
61-91-221-41.static.asianet.co.th
Software
Lego Server /
Resource Hash
d8405abefbd33ff333e343802dcc12751bd42a8f1b6524846420d09176d348ad

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 29 Aug 2021 01:07:12 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit
last-modified
Thu, 26 Aug 2021 10:57:03 GMT
server
Lego Server
age
0
etag
W/"6127737f-1aa1"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000
x-nws-log-uuid
391757561066175914
accept-ranges
bytes
content-length
3010
expires
Tue, 28 Sep 2021 01:07:12 GMT
framework.a8c446334694403b7af5.js
s.isanook.com/sr/0/_next/static/chunks/ 		136 KB
45 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sr/0/_next/static/chunks/framework.a8c446334694403b7af5.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/game/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
61.91.221.41 Bangkok, Thailand, ASN38082 (IIT-TIG-AS-AP True International Gateway Co., Ltd., TH),
Reverse DNS
61-91-221-41.static.asianet.co.th
Software
Lego Server /
Resource Hash
ec661b5d4dc72d264f577068c594b27ce38d5fe584110dbb4ef92c163e755a69

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 27 Aug 2021 11:06:29 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit
last-modified
Thu, 26 Aug 2021 10:57:02 GMT
server
Lego Server
age
3597
etag
W/"6127737e-220b4"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000, s-maxage=10
x-nws-log-uuid
18044073730645776852
accept-ranges
bytes
content-length
46310
expires
Sun, 26 Sep 2021 11:06:29 GMT
5e47f296327e8a1a9906ba09f75097b1698d8d51.6ee61761ec68b3509c52.js
s.isanook.com/sr/0/_next/static/chunks/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sr/0/_next/static/chunks/5e47f296327e8a1a9906ba09f75097b1698d8d51.6ee61761ec68b3509c52.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/game/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
61.91.221.41 Bangkok, Thailand, ASN38082 (IIT-TIG-AS-AP True International Gateway Co., Ltd., TH),
Reverse DNS
61-91-221-41.static.asianet.co.th
Software
Lego Server /
Resource Hash
1f3a1c6c709557abdb6d89dab8b86d8f9a5db9961647ec29dbce164c127031db

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 29 Aug 2021 01:07:12 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit
last-modified
Thu, 26 Aug 2021 10:57:02 GMT
server
Lego Server
age
0
etag
W/"6127737e-1995"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000, s-maxage=10
x-nws-log-uuid
12502768709256297434
accept-ranges
bytes
content-length
2437
expires
Tue, 28 Sep 2021 01:07:12 GMT
40a6c1b6bb6a3d42f91661f0560a3fe503d632ec.3b72f283b635eb4eacd3.js
s.isanook.com/sr/0/_next/static/chunks/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sr/0/_next/static/chunks/40a6c1b6bb6a3d42f91661f0560a3fe503d632ec.3b72f283b635eb4eacd3.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/game/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
61.91.221.41 Bangkok, Thailand, ASN38082 (IIT-TIG-AS-AP True International Gateway Co., Ltd., TH),
Reverse DNS
61-91-221-41.static.asianet.co.th
Software
Lego Server /
Resource Hash
56f36534c63fc42b782437937dd71f47ee3fdcdfaa70f1483533ff44c5fde84a

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 27 Aug 2021 13:12:01 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit
last-modified
Thu, 26 Aug 2021 10:57:02 GMT
server
Lego Server
age
0
etag
W/"6127737e-1def"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000, s-maxage=10
x-nws-log-uuid
16330016727789479776
accept-ranges
bytes
content-length
2496
expires
Sun, 26 Sep 2021 13:12:01 GMT
5a620b34399a1c67dbc88ce988e37ec431282bc2.f848520e63915f6f252c.js
s.isanook.com/sr/0/_next/static/chunks/ 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sr/0/_next/static/chunks/5a620b34399a1c67dbc88ce988e37ec431282bc2.f848520e63915f6f252c.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/game/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
61.91.221.41 Bangkok, Thailand, ASN38082 (IIT-TIG-AS-AP True International Gateway Co., Ltd., TH),
Reverse DNS
61-91-221-41.static.asianet.co.th
Software
Lego Server /
Resource Hash
fc29b5106b5b25458f3d8b90c4613be97c66a641ef62017e02691398d5742d3e

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 27 Aug 2021 13:17:49 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit, Hit From Inner Cluster
last-modified
Thu, 26 Aug 2021 10:57:02 GMT
server
Lego Server
age
0
etag
"6127737e-320a"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000, s-maxage=10
x-nws-log-uuid
13308492796801324057
accept-ranges
bytes
content-length
4710
expires
Sun, 26 Sep 2021 13:17:49 GMT
1daddbe518133c024802cb6086a3af5f8dc433d0.b7595c8340c8fcd5e360.js
s.isanook.com/sr/0/_next/static/chunks/ 		47 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sr/0/_next/static/chunks/1daddbe518133c024802cb6086a3af5f8dc433d0.b7595c8340c8fcd5e360.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/game/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
61.91.221.41 Bangkok, Thailand, ASN38082 (IIT-TIG-AS-AP True International Gateway Co., Ltd., TH),
Reverse DNS
61-91-221-41.static.asianet.co.th
Software
Lego Server /
Resource Hash
fc11c4b0a709faf866afca7038605816b1ef771453695eba9b964217d2c41609

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 26 Aug 2021 11:00:53 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit
x-original-content-length
48628
server
Lego Server
age
0
etag
W/"6127737e-bdf4"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000, s-maxage=10
x-nws-log-uuid
9126919375936696462
accept-ranges
bytes
content-length
17703
expires
Sat, 25 Sep 2021 11:00:53 GMT
5a06b70ae33e96b53e8232bd260bc1b13eff74ad.03303b89d1895002b2ec.js
s.isanook.com/sr/0/_next/static/chunks/ 		151 KB
46 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sr/0/_next/static/chunks/5a06b70ae33e96b53e8232bd260bc1b13eff74ad.03303b89d1895002b2ec.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/game/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
61.91.221.41 Bangkok, Thailand, ASN38082 (IIT-TIG-AS-AP True International Gateway Co., Ltd., TH),
Reverse DNS
61-91-221-41.static.asianet.co.th
Software
Lego Server /
Resource Hash
f7499ace47711e1d551810c1f8125288e98509a74f22065442f9c901ca8b18d5

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 31 Aug 2021 04:39:44 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit, Hit From Inner Cluster
last-modified
Thu, 26 Aug 2021 10:57:02 GMT
server
Lego Server
age
0
etag
W/"6127737e-25b1e"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000, s-maxage=10
x-nws-log-uuid
14160488395165018555
accept-ranges
bytes
content-length
47341
expires
Thu, 30 Sep 2021 04:39:44 GMT
f984ce8743817d99155f468bc01d17674342c98a.7a1a2b2083b0c66bf6e7.js
s.isanook.com/sr/0/_next/static/chunks/ 		40 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sr/0/_next/static/chunks/f984ce8743817d99155f468bc01d17674342c98a.7a1a2b2083b0c66bf6e7.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/game/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
61.91.221.41 Bangkok, Thailand, ASN38082 (IIT-TIG-AS-AP True International Gateway Co., Ltd., TH),
Reverse DNS
61-91-221-41.static.asianet.co.th
Software
Lego Server /
Resource Hash
140582e47785a6324e4440adcd51bc14005892d083eff72f66265b568db5933b

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 27 Aug 2021 13:17:50 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit
x-original-content-length
40871
server
Lego Server
age
0
etag
W/"6127737e-9fa7"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-nws-log-uuid
201269366362777449
accept-ranges
bytes
content-length
14049
expires
Sun, 26 Sep 2021 13:17:50 GMT
ae84cd41c73f67182b5244d1f0779236d441a25d.80991efe8bb1a9543cba.js
s.isanook.com/sr/0/_next/static/chunks/ 		39 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sr/0/_next/static/chunks/ae84cd41c73f67182b5244d1f0779236d441a25d.80991efe8bb1a9543cba.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/game/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
61.91.221.41 Bangkok, Thailand, ASN38082 (IIT-TIG-AS-AP True International Gateway Co., Ltd., TH),
Reverse DNS
61-91-221-41.static.asianet.co.th
Software
Lego Server /
Resource Hash
635664c62c16fe2ab1476757c43e3018ca1a14e8f83dbad2ca843c08a0ec8898

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 27 Aug 2021 14:41:57 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit
last-modified
Thu, 26 Aug 2021 10:57:02 GMT
server
Lego Server
age
0
etag
W/"6127737e-9d9c"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000
x-nws-log-uuid
5620421100131139143
accept-ranges
bytes
content-length
12382
expires
Sun, 26 Sep 2021 14:41:57 GMT
f4870a16efa30f974ce772dc1cfd77d71e6f712b.313df431fe256f08a617.js
s.isanook.com/sr/0/_next/static/chunks/ 		62 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sr/0/_next/static/chunks/f4870a16efa30f974ce772dc1cfd77d71e6f712b.313df431fe256f08a617.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/game/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
61.91.221.41 Bangkok, Thailand, ASN38082 (IIT-TIG-AS-AP True International Gateway Co., Ltd., TH),
Reverse DNS
61-91-221-41.static.asianet.co.th
Software
Lego Server /
Resource Hash
fc5d359705d84854b9d91a3e590b31e8202b5930684d90cf46316c996055c947

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 27 Aug 2021 09:45:52 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit
x-original-content-length
63750
server
Lego Server
age
6512
etag
W/"6127737e-f906"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-nws-log-uuid
12943542460241272187
accept-ranges
bytes
content-length
18959
expires
Sun, 26 Sep 2021 09:45:52 GMT
4a63ff3961ef6ae7bf4751d874a3909b599c6c33.f2ede5c6c7d27e1d37cf.js
s.isanook.com/sr/0/_next/static/chunks/ 		18 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sr/0/_next/static/chunks/4a63ff3961ef6ae7bf4751d874a3909b599c6c33.f2ede5c6c7d27e1d37cf.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/game/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
61.91.221.41 Bangkok, Thailand, ASN38082 (IIT-TIG-AS-AP True International Gateway Co., Ltd., TH),
Reverse DNS
61-91-221-41.static.asianet.co.th
Software
Lego Server /
Resource Hash
7c97733cfcb2cf9c407d64412fa84f3204bd2f7148b0c9dac79153e00e0d808f

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 27 Aug 2021 13:12:02 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit, Hit From Inner Cluster
last-modified
Thu, 26 Aug 2021 10:57:02 GMT
server
Lego Server
age
0
etag
W/"6127737e-49e1"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000, s-maxage=10
x-nws-log-uuid
17473457220645562732
accept-ranges
bytes
content-length
5941
expires
Sun, 26 Sep 2021 13:12:02 GMT
abfcd4e2fbe88066bb74ae719336e4784bea213f.06b2d8d4bdefedc62910.js
s.isanook.com/sr/0/_next/static/chunks/ 		19 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sr/0/_next/static/chunks/abfcd4e2fbe88066bb74ae719336e4784bea213f.06b2d8d4bdefedc62910.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/game/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
61.91.221.41 Bangkok, Thailand, ASN38082 (IIT-TIG-AS-AP True International Gateway Co., Ltd., TH),
Reverse DNS
61-91-221-41.static.asianet.co.th
Software
Lego Server /
Resource Hash
556b54759c6cef79505607ce76cb1b45c1ea663582f337599d7c602b46e70a0c

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 27 Aug 2021 13:17:52 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit, Hit From Inner Cluster
last-modified
Thu, 26 Aug 2021 10:57:02 GMT
server
Lego Server
age
0
etag
"6127737e-4cdc"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000, s-maxage=10
x-nws-log-uuid
10834366493143355029
accept-ranges
bytes
content-length
6662
expires
Sun, 26 Sep 2021 13:17:52 GMT
5f9919215684809646a61de8f847b80ea40bf13f.25b32f2bf3ce9d3af029.js
s.isanook.com/sr/0/_next/static/chunks/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sr/0/_next/static/chunks/5f9919215684809646a61de8f847b80ea40bf13f.25b32f2bf3ce9d3af029.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/game/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
61.91.221.41 Bangkok, Thailand, ASN38082 (IIT-TIG-AS-AP True International Gateway Co., Ltd., TH),
Reverse DNS
61-91-221-41.static.asianet.co.th
Software
Lego Server /
Resource Hash
ea72489e4dedb4e925a111a877cfbf6ab169d4b29b9d037bec637c670b32df1d

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sat, 28 Aug 2021 22:40:45 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit
last-modified
Thu, 26 Aug 2021 10:57:02 GMT
server
Lego Server
age
0
etag
"6127737e-2e11"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000, s-maxage=10
x-nws-log-uuid
367907863309280762
accept-ranges
bytes
content-length
3367
expires
Mon, 27 Sep 2021 22:40:45 GMT
296c2f46e05a3698b69e11aff904f199bbae8293.917adce89b0ea44db467.js
s.isanook.com/sr/0/_next/static/chunks/ 		281 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sr/0/_next/static/chunks/296c2f46e05a3698b69e11aff904f199bbae8293.917adce89b0ea44db467.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/game/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
61.91.221.41 Bangkok, Thailand, ASN38082 (IIT-TIG-AS-AP True International Gateway Co., Ltd., TH),
Reverse DNS
61-91-221-41.static.asianet.co.th
Software
Lego Server /
Resource Hash
7039a31cabdf37972bc95cdd885b69560a1a9353d063d1372d7c8407e846452d

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 27 Aug 2021 13:12:01 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit, Hit From Inner Cluster
last-modified
Thu, 26 Aug 2021 10:57:02 GMT
server
Lego Server
age
0
etag
W/"6127737e-463f8"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000, s-maxage=10
x-nws-log-uuid
8861996794678077128
accept-ranges
bytes
content-length
51615
expires
Sun, 26 Sep 2021 13:12:01 GMT
059f517648083c4cc99dfdde6159ac5517e5e50d.80c231de7f2569350341.js
s.isanook.com/sr/0/_next/static/chunks/ 		18 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sr/0/_next/static/chunks/059f517648083c4cc99dfdde6159ac5517e5e50d.80c231de7f2569350341.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/game/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
61.91.221.41 Bangkok, Thailand, ASN38082 (IIT-TIG-AS-AP True International Gateway Co., Ltd., TH),
Reverse DNS
61-91-221-41.static.asianet.co.th
Software
Lego Server /
Resource Hash
e9a7f88990e25e0fd3d4cc931050b9e17f4ac792808d3fcb35babb4a41a9275d

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 26 Aug 2021 11:00:53 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit, Hit From Inner Cluster
x-original-content-length
17987
server
Lego Server
age
0
etag
W/"6127737e-4643"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-nws-log-uuid
1288873513026934583
accept-ranges
bytes
content-length
5387
expires
Sat, 25 Sep 2021 11:00:53 GMT
styles.e56987f829e6da55bdfa.js
s.isanook.com/sr/0/_next/static/chunks/ 		107 B
333 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sr/0/_next/static/chunks/styles.e56987f829e6da55bdfa.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/game/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
61.91.221.41 Bangkok, Thailand, ASN38082 (IIT-TIG-AS-AP True International Gateway Co., Ltd., TH),
Reverse DNS
61-91-221-41.static.asianet.co.th
Software
Lego Server /
Resource Hash
e2c1c46b95e76e5aa6f3568f5632db433ed8ff053dddb6698f46c6483413a586

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sat, 28 Aug 2021 13:52:36 GMT
x-cache-lookup
Cache Hit, Hit From Inner Cluster
last-modified
Thu, 26 Aug 2021 10:57:02 GMT
server
Lego Server
age
0
etag
"6127737e-6b"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000, s-maxage=10
x-nws-log-uuid
18338545728585744734
accept-ranges
bytes
content-length
107
expires
Mon, 27 Sep 2021 13:52:36 GMT
main-c4548a6c5259798ceb68.js
s.isanook.com/sr/0/_next/static/runtime/ 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sr/0/_next/static/runtime/main-c4548a6c5259798ceb68.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/game/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
61.91.221.41 Bangkok, Thailand, ASN38082 (IIT-TIG-AS-AP True International Gateway Co., Ltd., TH),
Reverse DNS
61-91-221-41.static.asianet.co.th
Software
Lego Server /
Resource Hash
70c43dce4a0660213c91932e6b1b2c2a4370402bdbf51206a877d0b8d92312e2

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sat, 28 Aug 2021 10:00:52 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit
x-original-content-length
13391
server
Lego Server
age
0
etag
W/"6127737f-344f"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-nws-log-uuid
18417513413167753855
accept-ranges
bytes
content-length
4923
expires
Mon, 27 Sep 2021 10:00:52 GMT
dc9a8663c1eefa251dd550396c9e16229a3b5fba.827f1a69452106b0f878.js
s.isanook.com/sr/0/_next/static/chunks/ 		251 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sr/0/_next/static/chunks/dc9a8663c1eefa251dd550396c9e16229a3b5fba.827f1a69452106b0f878.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/game/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
61.91.221.41 Bangkok, Thailand, ASN38082 (IIT-TIG-AS-AP True International Gateway Co., Ltd., TH),
Reverse DNS
61-91-221-41.static.asianet.co.th
Software
Lego Server /
Resource Hash
a4dd6d1a338ee6666d4479f8a436bca06fb273c809c21e94f1da92cc0ca4ce06

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 26 Aug 2021 11:00:53 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit
x-original-content-length
256628
server
Lego Server
age
0
etag
W/"6127737e-3ea74"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-nws-log-uuid
16382760032024872230
accept-ranges
bytes
content-length
19861
expires
Sat, 25 Sep 2021 11:00:53 GMT
ab3892aacfceb4ef2a725033e958c965fa67f28e.02e73207f7dab7fbde40.js
s.isanook.com/sr/0/_next/static/chunks/ 		18 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sr/0/_next/static/chunks/ab3892aacfceb4ef2a725033e958c965fa67f28e.02e73207f7dab7fbde40.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/game/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
61.91.221.41 Bangkok, Thailand, ASN38082 (IIT-TIG-AS-AP True International Gateway Co., Ltd., TH),
Reverse DNS
61-91-221-41.static.asianet.co.th
Software
Lego Server /
Resource Hash
a531318f14411b60f76e9f1ff557a0624d3d4ae4fabca14fdde110389dcfbcad

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sat, 28 Aug 2021 15:41:48 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit
x-original-content-length
18354
server
Lego Server
age
0
etag
W/"6127737e-47b2"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-nws-log-uuid
3338345054447403792
accept-ranges
bytes
content-length
5292
expires
Mon, 27 Sep 2021 15:41:48 GMT
fb98b1ff8c843897229594d0871fe7639edf6d86.fe5608beb7219774760b.js
s.isanook.com/sr/0/_next/static/chunks/ 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sr/0/_next/static/chunks/fb98b1ff8c843897229594d0871fe7639edf6d86.fe5608beb7219774760b.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/game/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
61.91.221.41 Bangkok, Thailand, ASN38082 (IIT-TIG-AS-AP True International Gateway Co., Ltd., TH),
Reverse DNS
61-91-221-41.static.asianet.co.th
Software
Lego Server /
Resource Hash
180425af28d98940d88774e896fe688dcb33b41df94ac547989b4d41d6925f5c

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 27 Aug 2021 08:03:14 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit
x-original-content-length
13459
server
Lego Server
age
47641
etag
W/"6127737e-3493"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-nws-log-uuid
190173475750786733
accept-ranges
bytes
content-length
4584
expires
Sun, 26 Sep 2021 08:03:14 GMT
36f18939174bdec1174e6e4232aca37f2ac87597.8c7201dca81875cd9bba.js
s.isanook.com/sr/0/_next/static/chunks/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sr/0/_next/static/chunks/36f18939174bdec1174e6e4232aca37f2ac87597.8c7201dca81875cd9bba.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/game/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
61.91.221.41 Bangkok, Thailand, ASN38082 (IIT-TIG-AS-AP True International Gateway Co., Ltd., TH),
Reverse DNS
61-91-221-41.static.asianet.co.th
Software
Lego Server /
Resource Hash
202c62154b85f60edb1b14a28a22e83e5a87f97f2c5f8567590cedea75a0cd78

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 26 Aug 2021 11:00:53 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit, Hit From Inner Cluster
x-original-content-length
11819
server
Lego Server
age
0
etag
W/"6127737e-2e2b"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-nws-log-uuid
1939656330402794881
accept-ranges
bytes
content-length
3870
expires
Sat, 25 Sep 2021 11:00:53 GMT
8ab386d58aa3a665f05cabdf9944d29ddc817c3f.0dad4ce0315027f9003e.js
s.isanook.com/sr/0/_next/static/chunks/ 		205 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sr/0/_next/static/chunks/8ab386d58aa3a665f05cabdf9944d29ddc817c3f.0dad4ce0315027f9003e.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/game/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
61.91.221.41 Bangkok, Thailand, ASN38082 (IIT-TIG-AS-AP True International Gateway Co., Ltd., TH),
Reverse DNS
61-91-221-41.static.asianet.co.th
Software
Lego Server /
Resource Hash
c09778e8a6f52094885727d8c19f5ebad50b297fe9bc09431f2b04505b6c47b3

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 29 Aug 2021 08:06:35 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit, Hit From Inner Cluster
x-original-content-length
210380
server
Lego Server
age
161185
etag
W/"6127737e-335cc"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-nws-log-uuid
16838872898709938059
accept-ranges
bytes
content-length
44835
expires
Tue, 28 Sep 2021 08:06:35 GMT
0015fcc910c18fad36b943eeeb66e44dbf6e9ef9.e873317aa70e511fdce3.js
s.isanook.com/sr/0/_next/static/chunks/ 		16 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sr/0/_next/static/chunks/0015fcc910c18fad36b943eeeb66e44dbf6e9ef9.e873317aa70e511fdce3.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/game/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
61.91.221.41 Bangkok, Thailand, ASN38082 (IIT-TIG-AS-AP True International Gateway Co., Ltd., TH),
Reverse DNS
61-91-221-41.static.asianet.co.th
Software
Lego Server /
Resource Hash
ab7a9e1dd7e6c7d5e3fa41ef5ff9c1fd12e0067c2b2875e6eb79a7bc6433658b

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 27 Aug 2021 18:09:07 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit, Hit From Inner Cluster
last-modified
Thu, 26 Aug 2021 10:57:02 GMT
server
Lego Server
age
0
etag
W/"6127737e-4114"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000, s-maxage=10
x-nws-log-uuid
5843152519057059661
accept-ranges
bytes
content-length
4035
expires
Sun, 26 Sep 2021 18:09:07 GMT
e5d67cc7fb9e57ec1a94d9d0e91d8f7dad6820d6.373763efdd431ed68264.js
s.isanook.com/sr/0/_next/static/chunks/ 		34 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sr/0/_next/static/chunks/e5d67cc7fb9e57ec1a94d9d0e91d8f7dad6820d6.373763efdd431ed68264.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/game/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
61.91.221.41 Bangkok, Thailand, ASN38082 (IIT-TIG-AS-AP True International Gateway Co., Ltd., TH),
Reverse DNS
61-91-221-41.static.asianet.co.th
Software
Lego Server /
Resource Hash
74122d6bed0fd8d76af426f4643a54866d666807a69255ac875e5303b6742fed

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 26 Aug 2021 11:00:53 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit
x-original-content-length
34596
server
Lego Server
age
0
etag
W/"6127737e-8724"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-nws-log-uuid
5623263913513023815
accept-ranges
bytes
content-length
8098
expires
Sat, 25 Sep 2021 11:00:53 GMT
ed625dc825875053e87b8bdde60bbaaa766bbef4.1c26ec41cba2d9195163.js
s.isanook.com/sr/0/_next/static/chunks/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sr/0/_next/static/chunks/ed625dc825875053e87b8bdde60bbaaa766bbef4.1c26ec41cba2d9195163.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/game/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
61.91.221.41 Bangkok, Thailand, ASN38082 (IIT-TIG-AS-AP True International Gateway Co., Ltd., TH),
Reverse DNS
61-91-221-41.static.asianet.co.th
Software
Lego Server /
Resource Hash
d3d234c662434057ebd6fe55270a6c0e7b935a5719344e8e71ebe625afd7222a

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 26 Aug 2021 11:00:53 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit
x-original-content-length
5823
server
Lego Server
age
335
etag
W/"6127737e-16bf"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-nws-log-uuid
17776286750395683479
accept-ranges
bytes
content-length
2659
expires
Sat, 25 Sep 2021 11:00:53 GMT
62494f545b0f5660c288bc7465bf323452d22e96.99c2898dcbff2a789c9c.js
s.isanook.com/sr/0/_next/static/chunks/ 		29 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sr/0/_next/static/chunks/62494f545b0f5660c288bc7465bf323452d22e96.99c2898dcbff2a789c9c.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/game/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
61.91.221.41 Bangkok, Thailand, ASN38082 (IIT-TIG-AS-AP True International Gateway Co., Ltd., TH),
Reverse DNS
61-91-221-41.static.asianet.co.th
Software
Lego Server /
Resource Hash
2c3140b46d7335d89224e60f1e12d6257851eb8b99bf4d9e72adbbd564ffb797

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 27 Aug 2021 21:12:55 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit, Hit From Inner Cluster
last-modified
Thu, 26 Aug 2021 10:57:02 GMT
server
Lego Server
age
0
etag
W/"6127737e-72c9"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000, s-maxage=10
x-nws-log-uuid
16484224362110696840
accept-ranges
bytes
content-length
5336
expires
Sun, 26 Sep 2021 21:12:55 GMT
13a412d4f6bd19a220ad2c4dc17e4a3895606f9f.9198c675175b2807bbec.js
s.isanook.com/sr/0/_next/static/chunks/ 		13 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sr/0/_next/static/chunks/13a412d4f6bd19a220ad2c4dc17e4a3895606f9f.9198c675175b2807bbec.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/game/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
61.91.221.41 Bangkok, Thailand, ASN38082 (IIT-TIG-AS-AP True International Gateway Co., Ltd., TH),
Reverse DNS
61-91-221-41.static.asianet.co.th
Software
Lego Server /
Resource Hash
2c5306a77509c297d3639e90a840f4fa8cb467c628aed90870545690a2cd081d

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 26 Aug 2021 11:09:35 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit
x-original-content-length
13172
server
Lego Server
age
328
etag
W/"6127737e-3374"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-nws-log-uuid
9473628440104447118
accept-ranges
bytes
content-length
3217
expires
Sat, 25 Sep 2021 11:04:07 GMT
_buildManifest.js
s.isanook.com/sr/0/_next/static/San4Xsdy9aLUgv4S5czLl/ 		7 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sr/0/_next/static/San4Xsdy9aLUgv4S5czLl/_buildManifest.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/game/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
61.91.221.41 Bangkok, Thailand, ASN38082 (IIT-TIG-AS-AP True International Gateway Co., Ltd., TH),
Reverse DNS
61-91-221-41.static.asianet.co.th
Software
Lego Server /
Resource Hash
0464387ee82b37e9d2fe2be926c1e42e5a05acf1bf319cbed950509071f16e8f

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sat, 28 Aug 2021 23:39:29 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit
server
Lego Server
age
0
etag
W/"6127737d-1ac4"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000, s-maxage=10
x-nws-log-uuid
4739131925447863508
accept-ranges
bytes
content-length
1921
expires
Mon, 27 Sep 2021 23:39:29 GMT
oppa.js
p3.isanook.com/sh/0/js/ 		537 B
580 B 		Script
General
Check archive.org
Download Go to
Full URL
https://p3.isanook.com/sh/0/js/oppa.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/game/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
150.109.90.96 Singapore, Singapore, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
Lego Server /
Resource Hash
8d9ca9a070463bcbe29e90af7f3b2aff78adce09eb1481d5b261af72ef998f28

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 31 Aug 2021 07:28:46 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit, Hit From Inner Cluster
last-modified
Wed, 17 May 2017 08:37:40 GMT
server
Lego Server
etag
"591c0bd4-219"
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000, s-maxage=10
x-nws-log-uuid
2107040765877248162
accept-ranges
bytes
content-length
363
db04b7e80825ebbe7211052ca9638d056f74acc8-1.10.0.js
s.isanook.com/sr/0/js/izooto/ 		173 KB
45 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sr/0/js/izooto/db04b7e80825ebbe7211052ca9638d056f74acc8-1.10.0.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/game/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
61.91.221.41 Bangkok, Thailand, ASN38082 (IIT-TIG-AS-AP True International Gateway Co., Ltd., TH),
Reverse DNS
61-91-221-41.static.asianet.co.th
Software
Lego Server /
Resource Hash
f76ba127a1d68a303774ec473e346f2c66b932b3c884f403e784658ed9f4978b

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 27 Aug 2021 12:22:54 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit
last-modified
Thu, 26 Aug 2021 10:57:17 GMT
server
Lego Server
age
0
etag
W/"6127738d-2b236"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000, s-maxage=10
x-nws-log-uuid
13414605141262113738
accept-ranges
bytes
content-length
45991
expires
Sun, 26 Sep 2021 12:22:54 GMT
gtm.js
www.googletagmanager.com/ 		138 KB
46 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-PNXLXRS
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/game/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
c2e3f3990f44cffc382e9a8e8131a77163c2dff6c355d96bd482c7697dcfcbb5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 31 Aug 2021 07:28:45 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47316
x-xss-protection
0
last-modified
Tue, 31 Aug 2021 06:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 31 Aug 2021 07:28:45 GMT
d0004449.js
lvs2.truehits.in.th/dataa/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://lvs2.truehits.in.th/dataa/d0004449.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/game/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
101.33.11.45 Frankfurt am Main, Germany, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
NWS_Oversea_AP /
Resource Hash
9b1871a52c377b6ff44b2c86e0e0a7620654212ee38f10bbd1364b80a7ed34b7

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Tue, 31 Aug 2021 07:28:45 GMT
Content-Encoding
gzip
X-Cache-Lookup
Hit From Disktank3 Gz, Hit From Inner Cluster
Last-Modified
Thu, 26 Aug 2021 07:02:00 GMT
Server
NWS_Oversea_AP
P3P
CP=NOI DSP COR NID ADMa OUR IND NAV; policyref="/w3c/p3p.xml"
Cache-Control
max-age=604800
X-Daa-Tunnel
hop_count=1
X-NWS-LOG-UUID
1ea95245-6dde-4533-8b50-546ddd598262
Connection
keep-alive
Content-Type
application/x-javascript
Content-Length
2944
Expires
Tue, 07 Sep 2021 07:28:44 GMT
a102.js
sal.isanook.com/js/ 		23 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sal.isanook.com/js/a102.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/game/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
203.151.133.6 Bangkok, Thailand, ASN4618 (INET-TH-AS Internet Thailand Company Limited, TH),
Reverse DNS
6.134.151.203.sta.inet.co.th
Software
nginx /
Resource Hash
65a2c51a124c9c70ba2658a101e28c00535c64651897577b2ed90693e9aeabd4

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Tue, 31 Aug 2021 07:28:46 GMT
Last-Modified
Mon, 10 Aug 2020 09:23:14 GMT
Server
nginx
Content-Type
application/javascript
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
24035
Expires
Thu, 30 Sep 2021 07:28:46 GMT
fbevents.js
connect.facebook.net/en_US/ 		99 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/game/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
e90840ba8e99975dc53b26b16c56c117f267379efe7207981ec3c63fe991efba
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
25996
x-xss-protection
0
pragma
public
x-fb-debug
DN4KtHM6c0ik9UmHeK2Z2U1Jv2/KBQ7FUBMcEjZWvgPOILM6JPEibuddLNlDwWbvVgC01eDFrYMCDdSdQHexVw==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Tue, 31 Aug 2021 07:28:45 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
logo-sanook.svg
s.isanook.com/sr/0/images/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.isanook.com/sr/0/images/logo-sanook.svg
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/game/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
61.91.221.41 Bangkok, Thailand, ASN38082 (IIT-TIG-AS-AP True International Gateway Co., Ltd., TH),
Reverse DNS
61-91-221-41.static.asianet.co.th
Software
Lego Server /
Resource Hash
b954d75fe18fc4f434d917c09c8074086ccd126e5af3b9103ab2724a0afe9d30

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 29 Aug 2021 01:48:42 GMT
x-cache-lookup
Cache Hit, Hit From Inner Cluster
last-modified
Thu, 26 Aug 2021 10:57:17 GMT
server
Lego Server
age
0
etag
W/"6127738d-1633"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=2592000
x-nws-log-uuid
14878530370657397772
accept-ranges
bytes
content-length
5683
expires
Tue, 28 Sep 2021 01:48:42 GMT
wetv-g.svg
s.isanook.com/sr/0/images/homewetv/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.isanook.com/sr/0/images/homewetv/wetv-g.svg
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/game/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
61.91.221.41 Bangkok, Thailand, ASN38082 (IIT-TIG-AS-AP True International Gateway Co., Ltd., TH),
Reverse DNS
61-91-221-41.static.asianet.co.th
Software
Lego Server /
Resource Hash
616d170a503f4e7a668bb4b6ccd21cb926059c5c2d0bac657ffbc09f25c0cdb5

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 27 Aug 2021 12:06:44 GMT
x-cache-lookup
Cache Hit
last-modified
Thu, 26 Aug 2021 10:57:08 GMT
server
Lego Server
age
5770
etag
W/"61277384-113a"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=2592000
x-nws-log-uuid
2209734006350929183
accept-ranges
bytes
content-length
4410
expires
Sun, 26 Sep 2021 12:06:44 GMT
tag-new.svg
s.isanook.com/sr/0/images/game/ 		883 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.isanook.com/sr/0/images/game/tag-new.svg
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/game/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
61.91.221.41 Bangkok, Thailand, ASN38082 (IIT-TIG-AS-AP True International Gateway Co., Ltd., TH),
Reverse DNS
61-91-221-41.static.asianet.co.th
Software
Lego Server /
Resource Hash
2901c0b5e928bee80cf26f45344fb8a07d09a8cda1c1cb3c3b76a21740fc6673

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 27 Aug 2021 12:48:10 GMT
x-cache-lookup
Cache Hit
last-modified
Thu, 26 Aug 2021 10:57:08 GMT
server
Lego Server
age
0
etag
"61277384-373"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=2592000
x-nws-log-uuid
2476381206423636858
accept-ranges
bytes
content-length
883
expires
Sun, 26 Sep 2021 12:48:10 GMT
base-icon-v1.0.33.woff2
s.isanook.com/sr/0/fonts/icon/ 		34 KB
34 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sr/0/fonts/icon/base-icon-v1.0.33.woff2
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/game/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
61.91.221.41 Bangkok, Thailand, ASN38082 (IIT-TIG-AS-AP True International Gateway Co., Ltd., TH),
Reverse DNS
61-91-221-41.static.asianet.co.th
Software
Lego Server /
Resource Hash
fdebd9e66a987b2c6f5edcbf8419624574a0c49d74c5a30e2ce484a76290988e

Request headers

Origin
https://www.sanook.com
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 30 Aug 2021 08:49:24 GMT
x-cache-lookup
Cache Hit, Hit From Inner Cluster
last-modified
Thu, 26 Aug 2021 10:57:05 GMT
server
Lego Server
age
0
etag
"61277381-886c"
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=2592000
x-nws-log-uuid
1088678199968871936
accept-ranges
bytes
content-length
34924
expires
Wed, 29 Sep 2021 08:49:24 GMT
SukhumvitReg.woff2
s.isanook.com/sr/0/fonts/sukhumvit/ 		31 KB
31 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sr/0/fonts/sukhumvit/SukhumvitReg.woff2
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/game/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
61.91.221.41 Bangkok, Thailand, ASN38082 (IIT-TIG-AS-AP True International Gateway Co., Ltd., TH),
Reverse DNS
61-91-221-41.static.asianet.co.th
Software
Lego Server /
Resource Hash
65d92e36ac9a058f660398ed713dda9b407854b01e659fe29508f8548f9eb479

Request headers

Origin
https://www.sanook.com
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 29 Aug 2021 03:43:56 GMT
x-cache-lookup
Cache Hit, Hit From Inner Cluster
last-modified
Thu, 26 Aug 2021 10:57:05 GMT
server
Lego Server
age
0
etag
"61277381-7a90"
vary
Accept-Encoding
content-type
text/plain
access-control-allow-origin
*
cache-control
public, max-age=2592000
x-nws-log-uuid
10231085848947703495
accept-ranges
bytes
content-length
31376
expires
Tue, 28 Sep 2021 03:43:56 GMT
SukhumvitBold.woff2
s.isanook.com/sr/0/fonts/sukhumvit/ 		31 KB
32 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sr/0/fonts/sukhumvit/SukhumvitBold.woff2
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/game/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
61.91.221.41 Bangkok, Thailand, ASN38082 (IIT-TIG-AS-AP True International Gateway Co., Ltd., TH),
Reverse DNS
61-91-221-41.static.asianet.co.th
Software
Lego Server /
Resource Hash
ac0d14d8b4a66299b3a84068fc5447d86121c033e665a51bbd3fb23938e00d3f

Request headers

Origin
https://www.sanook.com
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 30 Aug 2021 03:41:39 GMT
x-cache-lookup
Cache Hit, Hit From Inner Cluster
last-modified
Thu, 26 Aug 2021 10:57:05 GMT
server
Lego Server
age
13916
etag
"61277381-7df4"
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=2592000
x-nws-log-uuid
14034606732183300275
accept-ranges
bytes
content-length
32244
expires
Wed, 29 Sep 2021 03:41:39 GMT
1489944661112333
connect.facebook.net/signals/config/ 		306 KB
87 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/1489944661112333?v=2.9.45&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
c8c555832866fc44c6671f90cf1b7789d180cece706459e225fd64036124ebe1
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-xss-protection
0
pragma
public
x-fb-debug
23NIpDbnA0mWwcrEcpX3MZQWAEn8cLmGw143Gu+XEfauD5ODbE2XnTN2ycTyHqB2uLDBpo8oToORw1/SPgK9iA==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Tue, 31 Aug 2021 07:28:45 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
pwt.js
ads.pubmatic.com/AdServer/js/pwt/155976/781/ 		2 MB
213 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js
Requested by
Host: s.isanook.com
URL: https://s.isanook.com/sh/0/js/pubmatic_desktop.1.0.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
86128b9ba700cc30d262ef818d0b1abbf894cac03dc67b1cd5b191363ba9c265

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 31 Aug 2021 07:28:45 GMT
content-encoding
gzip
last-modified
Fri, 27 Aug 2021 04:49:25 GMT
server
Apache/2.2.15 (CentOS)
etag
"16a0a4a-1d8e4b-5ca833535cea3"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
public, max-age=129290
accept-ranges
bytes
content-type
text/javascript
content-length
217378
expires
Wed, 01 Sep 2021 19:23:35 GMT
js
www.googletagmanager.com/gtag/ 		128 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-M0RYDTKBFK&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PNXLXRS
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
d6e5d9c71c6bf3188a3d664bef49445399a0153d890c9d71c3b3e38cf2bd650c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 31 Aug 2021 07:28:45 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
51749
x-xss-protection
0
expires
Tue, 31 Aug 2021 07:28:45 GMT
analytics.js
www.google-analytics.com/ 		48 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PNXLXRS
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 11 Aug 2021 00:32:57 GMT
server
Golfe2
age
6986
date
Tue, 31 Aug 2021 05:32:19 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19747
expires
Tue, 31 Aug 2021 07:32:19 GMT
conversion_async.js
www.googleadservices.com/pagead/ 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/conversion_async.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PNXLXRS
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s46-in-f2.1e100.net
Software
cafe /
Resource Hash
02729899e910c0a0a5fe129ddf1906312da5be7e415b1b2272d216385759b0a8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 31 Aug 2021 07:28:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14057
x-xss-protection
0
server
cafe
etag
2037397246640056080
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Tue, 31 Aug 2021 07:28:45 GMT
js
www.google-analytics.com/gtm/ 		101 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/gtm/js?id=GTM-NBRLWV4&t=gtm4&cid=1403641444.1630394925
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
62618b3f5ed4533dff39f5a8bbcaace4f9efc311b058c2a49e082ed8235576d8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 31 Aug 2021 07:28:45 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
40533
x-xss-protection
0
expires
Tue, 31 Aug 2021 07:28:45 GMT
collect
www.google-analytics.com/g/ 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-M0RYDTKBFK&gtm=2oe8p0&_p=1154431772&sr=1600x1200&ul=en-us&cid=1403641444.1630394925&_s=1&dl=https%3A%2F%2Fwww.sanook.com%2Fgame%2F&dt=%E0%B9%80%E0%B8%81%E0%B8%A1%E0%B8%AA%E0%B9%8C%20%E0%B9%80%E0%B8%81%E0%B8%A1%E0%B8%AD%E0%B8%AD%E0%B8%99%E0%B9%84%E0%B8%A5%E0%B8%99%E0%B9%8C%E0%B9%83%E0%B8%AB%E0%B8%A1%E0%B9%88%20%E0%B9%80%E0%B8%81%E0%B8%A1%E0%B8%A1%E0%B8%B7%E0%B8%AD%E0%B8%96%E0%B8%B7%E0%B8%AD%20%E0%B9%80%E0%B8%A5%E0%B9%88%E0%B8%99%E0%B9%80%E0%B8%81%E0%B8%A1%E0%B8%9F%E0%B8%A3%E0%B8%B5&sid=1630394925&sct=1&seg=0&en=page_view&_fv=1&_ss=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-M0RYDTKBFK&l=dataLayer&cx=c
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Tue, 31 Aug 2021 07:28:45 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.sanook.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.googleadservices.com/pagead/conversion/1007499765/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/conversion/1007499765/?random=1630394925466&cv=9&fst=1630394925466&num=1&value=0&label=JxFSCKqXqfMBEPXztOAD&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg8u0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.sanook.com%2Fgame%2F&tiba=%E0%B9%80%E0%B8%81%E0%B8%A1%E0%B8%AA%E0%B9%8C%20%E0%B9%80%E0%B8%81%E0%B8%A1%E0%B8%AD%E0%B8%AD%E0%B8%99%E0%B9%84%E0%B8%A5%E0%B8%99%E0%B9%8C%E0%B9%83%E0%B8%AB%E0%B8%A1%E0%B9%88%20%E0%B9%80%E0%B8%81%E0%B8%A1%E0%B8%A1%E0%B8%B7%E0%B8%AD%E0%B8%96%E0%B8%B7&auid=2065361516.1630394925&capi=1&hn=www.googleadservices.com&bttype=purchase&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s46-in-f2.1e100.net
Software
cafe /
Resource Hash
80f862ec4c4b986aee2340a416952f9747cdc6d245e6694e1a015ccdc337ac31
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 31 Aug 2021 07:28:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1251
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/privacysandbox/conversion/1007499765/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/privacysandbox/conversion/1007499765/?random=1630394925466&cv=9&fst=1630394925466&num=1&fmt=3&value=0&label=JxFSCKqXqfMBEPXztOAD&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg8u0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.sanook.com%2Fgame%2F&tiba=%E0%B9%80%E0%B8%81%E0%B8%A1%E0%B8%AA%E0%B9%8C%20%E0%B9%80%E0%B8%81%E0%B8%A1%E0%B8%AD%E0%B8%AD%E0%B8%99%E0%B9%84%E0%B8%A5%E0%B8%99%E0%B9%8C%E0%B9%83%E0%B8%AB%E0%B8%A1%E0%B9%88%20%E0%B9%80%E0%B8%81%E0%B8%A1%E0%B8%A1%E0%B8%B7%E0%B8%AD%E0%B8%96%E0%B8%B7&auid=2065361516.1630394925&capi=1&hn=www.googleadservices.com&bttype=purchase&async=1
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/game/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/408516141/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/408516141/?random=1630394925473&cv=9&fst=1630394925473&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg8u0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.sanook.com%2Fgame%2F&tiba=%E0%B9%80%E0%B8%81%E0%B8%A1%E0%B8%AA%E0%B9%8C%20%E0%B9%80%E0%B8%81%E0%B8%A1%E0%B8%AD%E0%B8%AD%E0%B8%99%E0%B9%84%E0%B8%A5%E0%B8%99%E0%B9%8C%E0%B9%83%E0%B8%AB%E0%B8%A1%E0%B9%88%20%E0%B9%80%E0%B8%81%E0%B8%A1%E0%B8%A1%E0%B8%B7%E0%B8%AD%E0%B8%96%E0%B8%B7&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
937aa5159a245454c7273d8922ca7689c6f083721c2db0a98a7d033efb534eaa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 31 Aug 2021 07:28:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1051
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/j/ 		2 B
22 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j93&a=1154431772&t=pageview&_s=1&dl=https%3A%2F%2Fwww.sanook.com%2Fgame%2F&ul=en-us&de=UTF-8&dt=%E0%B9%80%E0%B8%81%E0%B8%A1%E0%B8%AA%E0%B9%8C%20%E0%B9%80%E0%B8%81%E0%B8%A1%E0%B8%AD%E0%B8%AD%E0%B8%99%E0%B9%84%E0%B8%A5%E0%B8%99%E0%B9%8C%E0%B9%83%E0%B8%AB%E0%B8%A1%E0%B9%88%20%E0%B9%80%E0%B8%81%E0%B8%A1%E0%B8%A1%E0%B8%B7%E0%B8%AD%E0%B8%96%E0%B8%B7%E0%B8%AD%20%E0%B9%80%E0%B8%A5%E0%B9%88%E0%B8%99%E0%B9%80%E0%B8%81%E0%B8%A1%E0%B8%9F%E0%B8%A3%E0%B8%B5&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGDAAEADQAAAAC~&jid=784783882&gjid=779757122&cid=1403641444.1630394925&tid=UA-8147095-6&_gid=420394952.1630394925&_r=1&gtm=2wg8u0PNXLXRS&cd4=0&cd12=1630394925478.lstj6n2r&cd22=game&cd23=indexpage&z=1536314896
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/game/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 31 Aug 2021 07:28:45 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.sanook.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/408516141/ 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/408516141/?random=1630394925473&cv=9&fst=1630393200000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg8u0&sendb=1&frm=0&url=https%3A%2F%2Fwww.sanook.com%2Fgame%2F&tiba=%E0%B9%80%E0%B8%81%E0%B8%A1%E0%B8%AA%E0%B9%8C%20%E0%B9%80%E0%B8%81%E0%B8%A1%E0%B8%AD%E0%B8%AD%E0%B8%99%E0%B9%84%E0%B8%A5%E0%B8%99%E0%B9%8C%E0%B9%83%E0%B8%AB%E0%B8%A1%E0%B9%88%20%E0%B9%80%E0%B8%81%E0%B8%A1%E0%B8%A1%E0%B8%B7%E0%B8%AD%E0%B8%96%E0%B8%B7&async=1&fmt=3&is_vtc=1&random=4164614296&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/game/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 31 Aug 2021 07:28:45 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/408516141/ 		42 B
154 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-user-list/408516141/?random=1630394925473&cv=9&fst=1630393200000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg8u0&sendb=1&frm=0&url=https%3A%2F%2Fwww.sanook.com%2Fgame%2F&tiba=%E0%B9%80%E0%B8%81%E0%B8%A1%E0%B8%AA%E0%B9%8C%20%E0%B9%80%E0%B8%81%E0%B8%A1%E0%B8%AD%E0%B8%AD%E0%B8%99%E0%B9%84%E0%B8%A5%E0%B8%99%E0%B9%8C%E0%B9%83%E0%B8%AB%E0%B8%A1%E0%B9%88%20%E0%B9%80%E0%B8%81%E0%B8%A1%E0%B8%A1%E0%B8%B7%E0%B8%AD%E0%B8%96%E0%B8%B7&async=1&fmt=3&is_vtc=1&random=4164614296&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/game/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 31 Aug 2021 07:28:45 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
goggen.php
lvs2.truehits.in.th/ 		91 B
441 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lvs2.truehits.in.th/goggen.php?hc=d0004449&bv=0&rf=bookmark&web=RVcOPx1%2bs4uCUeHU8%2bSudQ%3D%3D&bn=Netscape&ss=1600*1200&sc=24&sv=1.3&ck=y&ja=n&vt=937DCB60.1&fp=d&fv=-&truehitspage=sanook.game.index&truehitsurl=https%3a//www.sanook.com/game/&async=1
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/game/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
101.33.11.45 Frankfurt am Main, Germany, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
44a8550a5891e70e072fe307ff01f77c94c89a120117c7aaa82e5e9ac2860436

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Tue, 31 Aug 2021 07:28:45 GMT
Server
nginx/1.14.0 (Ubuntu)
Transfer-Encoding
chunked
P3P
CP=NOI DSP COR NID ADMa OUR IND NAV; policyref="/w3c/p3p.xml"
Cache-Control
no-cache
X-Daa-Tunnel
hop_count=2
X-NWS-LOG-UUID
1aef5218-0a3b-42f7-892c-8c0925aab885
Connection
keep-alive
Content-Type
image/jpeg
collect
stats.g.doubleclick.net/j/ 		4 B
87 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j93&tid=UA-8147095-6&cid=1403641444.1630394925&jid=784783882&gjid=779757122&_gid=420394952.1630394925&_u=aGDAAEACQAAAAC~&z=71353098
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/game/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c06::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Tue, 31 Aug 2021 07:28:45 GMT
content-type
text/plain
access-control-allow-origin
https://www.sanook.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-conversion/1007499765/
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1007499765/?random=1039236082&cv=9&fst=1630394925466&num=1&value=0&label=JxFSCKqXqfMBEPXztOAD&guid=ON&resp=GooglemKTybQhCsO&u_h=1200...
  • https://www.google.com/pagead/1p-conversion/1007499765/?random=1039236082&cv=9&fst=1630394925466&num=1&value=0&label=JxFSCKqXqfMBEPXztOAD&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u...
  • https://www.google.de/pagead/1p-conversion/1007499765/?random=1039236082&cv=9&fst=1630394925466&num=1&value=0&label=JxFSCKqXqfMBEPXztOAD&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_...
42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-conversion/1007499765/?random=1039236082&cv=9&fst=1630394925466&num=1&value=0&label=JxFSCKqXqfMBEPXztOAD&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg8u0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.sanook.com%2Fgame%2F&tiba=%E0%B9%80%E0%B8%81%E0%B8%A1%E0%B8%AA%E0%B9%8C%20%E0%B9%80%E0%B8%81%E0%B8%A1%E0%B8%AD%E0%B8%AD%E0%B8%99%E0%B9%84%E0%B8%A5%E0%B8%99%E0%B9%8C%E0%B9%83%E0%B8%AB%E0%B8%A1%E0%B9%88%20%E0%B9%80%E0%B8%81%E0%B8%A1%E0%B8%A1%E0%B8%B7%E0%B8%AD%E0%B8%96%E0%B8%B7&auid=2065361516.1630394925&capi=1&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=LdotYebRHtqEgAfnzY7oAw&cid=CAQSKQCNIrLMhYx5niV-7qE2auLnukYpmXPg4FbI2g5c52M2xiV9XwiqFepz&eitems=ChAI8Ka3iQYQ-JiYhYKX484xEh0A7I6xo9gDJIKBJR0rEfkQgRw22Lk3DMT-0m1eGg&random=3473885834&resp=GooglemKTybQhCsO&ipr=y
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/game/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 31 Aug 2021 07:28:45 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 31 Aug 2021 07:28:45 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/gif
location
https://www.google.de/pagead/1p-conversion/1007499765/?random=1039236082&cv=9&fst=1630394925466&num=1&value=0&label=JxFSCKqXqfMBEPXztOAD&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg8u0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.sanook.com%2Fgame%2F&tiba=%E0%B9%80%E0%B8%81%E0%B8%A1%E0%B8%AA%E0%B9%8C%20%E0%B9%80%E0%B8%81%E0%B8%A1%E0%B8%AD%E0%B8%AD%E0%B8%99%E0%B9%84%E0%B8%A5%E0%B8%99%E0%B9%8C%E0%B9%83%E0%B8%AB%E0%B8%A1%E0%B9%88%20%E0%B9%80%E0%B8%81%E0%B8%A1%E0%B8%A1%E0%B8%B7%E0%B8%AD%E0%B8%96%E0%B8%B7&auid=2065361516.1630394925&capi=1&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=LdotYebRHtqEgAfnzY7oAw&cid=CAQSKQCNIrLMhYx5niV-7qE2auLnukYpmXPg4FbI2g5c52M2xiV9XwiqFepz&eitems=ChAI8Ka3iQYQ-JiYhYKX484xEh0A7I6xo9gDJIKBJR0rEfkQgRw22Lk3DMT-0m1eGg&random=3473885834&resp=GooglemKTybQhCsO&ipr=y
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.com/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j93&tid=UA-8147095-6&cid=1403641444.1630394925&jid=784783882&_u=aGDAAEACQAAAAC~&z=1913852335
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/game/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 31 Aug 2021 07:28:45 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j93&tid=UA-8147095-6&cid=1403641444.1630394925&jid=784783882&_u=aGDAAEACQAAAAC~&z=1913852335
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/game/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 31 Aug 2021 07:28:45 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.facebook.com/tr/ 		44 B
91 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1489944661112333&ev=PageView&dl=https%3A%2F%2Fwww.sanook.com%2Fgame%2F&rl=&if=false&ts=1630394925572&sw=1600&sh=1200&v=2.9.45&r=stable&ec=0&o=30&fbp=fb.1.1630394925571.1354007602&it=1630394925389&coo=false&rqm=GET
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/game/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 31 Aug 2021 07:28:45 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
content-length
44
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority
u=3,i
expires
Tue, 31 Aug 2021 07:28:45 GMT
json
gum.criteo.com/sid/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.sanook.com%2F&domain=www.sanook.com&cw=1&pbt=1
Protocol
H2
Server
2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
content-type
Origin
https://www.sanook.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
content-type
application/json; charset=utf-8
expires
0
strict-transport-security
max-age=31536000
access-control-allow-origin
https://www.sanook.com
access-control-allow-headers
content-type
access-control-allow-credentials
true
access-control-allow-methods
GET
server-processing-duration-in-ticks
1421
date
Tue, 31 Aug 2021 07:28:45 GMT
content-encoding
gzip
vary
Accept-Encoding
sid
mug.criteo.com/
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.sanook.com%2F&domain=www.sanook.com&cw=1&pbt=1
  • https://mug.criteo.com/sid?cpp=OnSZInx3VElMbFVrb3BveVo4L2orNXFRV01xYlNDYmZFUzVYREpPNFBMZ0RVSkZFOUtmaHh3STE4aGFtcTdRRkFvS1ZycW1sL3ArbHBLL0dzN2xML3M1UmNGVGJnTnpaK1NTdnJ0clFQMXlNZTMzWXlzZEFNOHM2aC9yM2...
353 B
608 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=OnSZInx3VElMbFVrb3BveVo4L2orNXFRV01xYlNDYmZFUzVYREpPNFBMZ0RVSkZFOUtmaHh3STE4aGFtcTdRRkFvS1ZycW1sL3ArbHBLL0dzN2xML3M1UmNGVGJnTnpaK1NTdnJ0clFQMXlNZTMzWXlzZEFNOHM2aC9yM25OQlpkRkFtTC9DWXNhNzZ3dUhTbXZpY05MRS9adlFDYXZtbzQ5V1J5VGRLcUNlZ0dUTkVQYmlIMjkzaFFhZ0dPd1VlVFlRZGxsMjFUdWVKdzF0c2FxNmVKeUVQMVhsQnVNcGZaajIrQUlYU09oMGxyekh3PXw&cppv=2
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/game/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
307bcec99391e8ae011980d1ebc3a2d1063ff7bf10c348617fad971a3c40c164
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
content-encoding
gzip
date
Tue, 31 Aug 2021 07:28:45 GMT
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
2591
expires
0

Redirect headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Tue, 31 Aug 2021 07:28:45 GMT
location
https://mug.criteo.com/sid?cpp=OnSZInx3VElMbFVrb3BveVo4L2orNXFRV01xYlNDYmZFUzVYREpPNFBMZ0RVSkZFOUtmaHh3STE4aGFtcTdRRkFvS1ZycW1sL3ArbHBLL0dzN2xML3M1UmNGVGJnTnpaK1NTdnJ0clFQMXlNZTMzWXlzZEFNOHM2aC9yM25OQlpkRkFtTC9DWXNhNzZ3dUhTbXZpY05MRS9adlFDYXZtbzQ5V1J5VGRLcUNlZ0dUTkVQYmlIMjkzaFFhZ0dPd1VlVFlRZGxsMjFUdWVKdzF0c2FxNmVKeUVQMVhsQnVNcGZaajIrQUlYU09oMGxyekh3PXw&cppv=2
access-control-allow-methods
GET
content-type
text/html; charset=utf-8
access-control-allow-origin
https://www.sanook.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
1848
content-length
482
expires
0
gpt.js
www.googletagservices.com/tag/js/ 		71 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: s.isanook.com
URL: https://s.isanook.com/sh/0/js/pubmatic_desktop.1.0.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e37935d70a2254d7f33b54cbe97195869f47b20840809b2674c2ff0909da75e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 31 Aug 2021 07:28:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"974 / 49 of 1000 / last-modified: 1630361685"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
25229
x-xss-protection
0
expires
Tue, 31 Aug 2021 07:28:45 GMT
pubads_impl_2021082301.js
securepubads.g.doubleclick.net/gpt/ 		331 KB
116 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021082301.js
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
sffe /
Resource Hash
8d37f23647537d48ee4f0c05b8acdf093cb828fe3c5703653aedfdd5f88cde2d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 31 Aug 2021 07:28:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 23 Aug 2021 08:38:25 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, immutable, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
118555
x-xss-protection
0
expires
Tue, 31 Aug 2021 07:28:45 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		561 B
866 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.sanook.com
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/game/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
4b9e2d9cb3a553b04a4f89fa2b40485c31e04dcc0516589f7c1fb9f87a3435c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 31 Aug 2021 07:28:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
209
x-xss-protection
0
expires
Tue, 31 Aug 2021 07:28:45 GMT
sid
mug.criteo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=OnSZInx3VElMbFVrb3BveVo4L2orNXFRV01xYlNDYmZFUzVYREpPNFBMZ0RVSkZFOUtmaHh3STE4aGFtcTdRRkFvS1ZycW1sL3ArbHBLL0dzN2xML3M1UmNGVGJnTnpaK1NTdnJ0clFQMXlNZTMzWXlzZEFNOHM2aC9yM25OQlpkRkFtTC9DWXNhNzZ3dUhTbXZpY05MRS9adlFDYXZtbzQ5V1J5VGRLcUNlZ0dUTkVQYmlIMjkzaFFhZ0dPd1VlVFlRZGxsMjFUdWVKdzF0c2FxNmVKeUVQMVhsQnVNcGZaajIrQUlYU09oMGxyekh3PXw&cppv=2
Protocol
H2
Server
178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
content-type
Origin
null
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
content-type
application/json; charset=utf-8
expires
0
strict-transport-security
max-age=31536000
access-control-allow-origin
null
access-control-allow-headers
content-type
access-control-allow-credentials
true
access-control-allow-methods
GET
server-processing-duration-in-ticks
1172
date
Tue, 31 Aug 2021 07:28:45 GMT
content-encoding
gzip
vary
Accept-Encoding
/
www.facebook.com/tr/ 		0
15 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/tr/
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
multipart/form-data; boundary=----WebKitFormBoundaryb6Wl2QRnqXVXXcyR

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
server
proxygen-bolt
date
Tue, 31 Aug 2021 07:28:46 GMT
content-type
text/plain
access-control-allow-origin
https://www.sanook.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
content-length
0
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority
u=3,i
beacon.js
sb.scorecardresearch.com/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sb.scorecardresearch.com/beacon.js
Requested by
Host: p3.isanook.com
URL: https://p3.isanook.com/sh/0/js/beacon.v1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.93.85 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-93-85.zrh50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-amz-server-side-encryption
AES256
date
Mon, 30 Aug 2021 13:22:42 GMT
content-encoding
gzip
last-modified
Fri, 26 Feb 2021 14:35:05 GMT
server
AmazonS3
age
65164
etag
W/"1827f116c73f319409b97f10b8a58ade"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 3a17ea4b3f6bdbc694c3ec0645d21b5e.cloudfront.net (CloudFront)
x-amz-cf-pop
ZRH50-C1
x-amz-cf-id
AdNCPDoQSAVSUJt0G-BOBA94h9IX8Fi6fYETrzDMbSfe1G6F3jLMTw==
container_57b51f2f1c51b15b6d1e8553.js
avd.innity.net/225/ 		8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://avd.innity.net/225/container_57b51f2f1c51b15b6d1e8553.js
Requested by
Host: p3.isanook.com
URL: https://p3.isanook.com/sh/0/js/oppa.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
104.92.102.247 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-92-102-247.deploy.static.akamaitechnologies.com
Software
nginx/1.18.0 /
Resource Hash
79e294a7071dc71eebe41f088919fd137441a80f5ba5bd2765b978726ec5ee9d

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Tue, 31 Aug 2021 07:28:46 GMT
Content-Encoding
gzip
Last-Modified
Fri, 28 Aug 2020 08:27:45 GMT
Server
nginx/1.18.0
ETag
"5f48c001-20eb-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
public, max-age=769831
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3217
Expires
Thu, 09 Sep 2021 05:19:17 GMT
b2
sb.scorecardresearch.com/
Redirect Chain
  • https://sb.scorecardresearch.com/b?c1=2&c2=14617386&ns__t=1630394926485&ns_c=UTF-8&cv=3.5&c8=%E0%B9%80%E0%B8%81%E0%B8%A1%E0%B8%AA%E0%B9%8C%20%E0%B9%80%E0%B8%81%E0%B8%A1%E0%B8%AD%E0%B8%AD%E0%B8%99%E...
  • https://sb.scorecardresearch.com/b2?c1=2&c2=14617386&ns__t=1630394926485&ns_c=UTF-8&cv=3.5&c8=%E0%B9%80%E0%B8%81%E0%B8%A1%E0%B8%AA%E0%B9%8C%20%E0%B9%80%E0%B8%81%E0%B8%A1%E0%B8%AD%E0%B8%AD%E0%B8%99%...
64 B
330 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/b2?c1=2&c2=14617386&ns__t=1630394926485&ns_c=UTF-8&cv=3.5&c8=%E0%B9%80%E0%B8%81%E0%B8%A1%E0%B8%AA%E0%B9%8C%20%E0%B9%80%E0%B8%81%E0%B8%A1%E0%B8%AD%E0%B8%AD%E0%B8%99%E0%B9%84%E0%B8%A5%E0%B8%99%E0%B9%8C%E0%B9%83%E0%B8%AB%E0%B8%A1%E0%B9%88%20%E0%B9%80%E0%B8%81%E0%B8%A1%E0%B8%A1%E0%B8%B7%E0%B8%AD%E0%B8%96%E0%B8%B7%E0%B8%AD%20%E0%B9%80%E0%B8%A5%E0%B9%88%E0%B8%99%E0%B9%80%E0%B8%81%E0%B8%A1%E0%B8%9F%E0%B8%A3%E0%B8%B5&c7=https%3A%2F%2Fwww.sanook.com%2Fgame%2F&c9=
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/game/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.93.85 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-93-85.zrh50.r.cloudfront.net
Software
/
Resource Hash
831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 31 Aug 2021 07:28:47 GMT
via
1.1 3a17ea4b3f6bdbc694c3ec0645d21b5e.cloudfront.net (CloudFront)
x-amz-cf-pop
ZRH50-C1
etag
W/"40-jHLN3x5dWpBzaQm4lkBmDWvrjrg"
x-cache
Miss from cloudfront
content-type
image/gif; charset=utf-8
content-length
64
x-amz-cf-id
mkq81Pgo6e1VjvLA0euYgBFERRzsQlaNtzw-Bk_7V3ZaHaOqHwmRhA==

Redirect headers

date
Tue, 31 Aug 2021 07:28:46 GMT
via
1.1 3a17ea4b3f6bdbc694c3ec0645d21b5e.cloudfront.net (CloudFront)
x-amz-cf-pop
ZRH50-C1
vary
Accept
x-cache
Miss from cloudfront
content-type
text/plain; charset=utf-8
location
https://sb.scorecardresearch.com/b2?c1=2&c2=14617386&ns__t=1630394926485&ns_c=UTF-8&cv=3.5&c8=%E0%B9%80%E0%B8%81%E0%B8%A1%E0%B8%AA%E0%B9%8C%20%E0%B9%80%E0%B8%81%E0%B8%A1%E0%B8%AD%E0%B8%AD%E0%B8%99%E0%B9%84%E0%B8%A5%E0%B8%99%E0%B9%8C%E0%B9%83%E0%B8%AB%E0%B8%A1%E0%B9%88%20%E0%B9%80%E0%B8%81%E0%B8%A1%E0%B8%A1%E0%B8%B7%E0%B8%AD%E0%B8%96%E0%B8%B7%E0%B8%AD%20%E0%B9%80%E0%B8%A5%E0%B9%88%E0%B8%99%E0%B9%80%E0%B8%81%E0%B8%A1%E0%B8%9F%E0%B8%A3%E0%B8%B5&c7=https%3A%2F%2Fwww.sanook.com%2Fgame%2F&c9=
content-length
513
x-amz-cf-id
PDNc7yxT0ItGfHGQeB3pmW7hhf0O91G9QKmb6Z2CUi_DcqN5NviHrA==
dc.js
avd.innity.net/lib/ 		20 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://avd.innity.net/lib/dc.js
Requested by
Host: avd.innity.net
URL: https://avd.innity.net/225/container_57b51f2f1c51b15b6d1e8553.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
104.92.102.247 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-92-102-247.deploy.static.akamaitechnologies.com
Software
nginx/1.18.0 /
Resource Hash
62d8d67fa30964811cfbe1465848a0b0a0436e43d90ff3c330a3ce998d521cc6

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Tue, 31 Aug 2021 07:28:46 GMT
Content-Encoding
gzip
Last-Modified
Wed, 04 Nov 2020 01:29:24 GMT
Server
nginx/1.18.0
ETag
"5fa203f4-51a4-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
public, max-age=766326
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
6437
Expires
Thu, 09 Sep 2021 04:20:52 GMT
container_5f47736a47e7049801000002.js
avd.innity.net/261/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://avd.innity.net/261/container_5f47736a47e7049801000002.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/game/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
104.92.102.247 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-92-102-247.deploy.static.akamaitechnologies.com
Software
nginx/1.18.0 /
Resource Hash
2c3282f6361e85f669bc3d248b8693c53dd22f8f06488c99beb57258e6e00f87

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Tue, 31 Aug 2021 07:28:46 GMT
Content-Encoding
gzip
Last-Modified
Wed, 30 Sep 2020 01:58:26 GMT
Server
nginx/1.18.0
ETag
"5f73e642-1eac-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
public, max-age=2332584
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
2870
Expires
Mon, 27 Sep 2021 07:25:10 GMT
123e19f2.8e7e22347c3c27645b2d.js
s.isanook.com/sr/0/_next/static/chunks/ 		376 KB
106 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sr/0/_next/static/chunks/123e19f2.8e7e22347c3c27645b2d.js
Requested by
Host: s.isanook.com
URL: https://s.isanook.com/sr/0/_next/static/runtime/webpack-bf727a6e86cd493ae7aa.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
61.91.221.41 Bangkok, Thailand, ASN38082 (IIT-TIG-AS-AP True International Gateway Co., Ltd., TH),
Reverse DNS
61-91-221-41.static.asianet.co.th
Software
Lego Server /
Resource Hash
b73c6549f2066359e6be3ca77d90aa87d00522d6b4f31565b2541fa3a799703b

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 30 Aug 2021 02:21:31 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit, Hit From Inner Cluster
last-modified
Thu, 26 Aug 2021 10:57:02 GMT
server
Lego Server
age
17868
etag
W/"6127737e-5e0f3"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000, s-maxage=10
x-nws-log-uuid
2731961499175884403
accept-ranges
bytes
content-length
108222
expires
Wed, 29 Sep 2021 02:21:31 GMT
a7e7d9dd.55546d0227557c116e7d.js
s.isanook.com/sr/0/_next/static/chunks/ 		276 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sr/0/_next/static/chunks/a7e7d9dd.55546d0227557c116e7d.js
Requested by
Host: s.isanook.com
URL: https://s.isanook.com/sr/0/_next/static/runtime/webpack-bf727a6e86cd493ae7aa.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
61.91.221.41 Bangkok, Thailand, ASN38082 (IIT-TIG-AS-AP True International Gateway Co., Ltd., TH),
Reverse DNS
61-91-221-41.static.asianet.co.th
Software
Lego Server /
Resource Hash
73852526b4a43c4eaca5dd41bd2fdd0e76592b81d3a0d0d4b1260b3738285f43

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sat, 28 Aug 2021 13:49:37 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit
last-modified
Thu, 26 Aug 2021 10:57:02 GMT
server
Lego Server
age
0
etag
W/"6127737e-451df"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000, s-maxage=10
x-nws-log-uuid
12440613242970141784
accept-ranges
bytes
content-length
65813
expires
Mon, 27 Sep 2021 13:49:37 GMT
JooxPlayer.562c6a7a7301e93ec96a.js
s.isanook.com/sr/0/_next/static/chunks/ 		259 KB
86 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sr/0/_next/static/chunks/JooxPlayer.562c6a7a7301e93ec96a.js
Requested by
Host: s.isanook.com
URL: https://s.isanook.com/sr/0/_next/static/runtime/webpack-bf727a6e86cd493ae7aa.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
61.91.221.41 Bangkok, Thailand, ASN38082 (IIT-TIG-AS-AP True International Gateway Co., Ltd., TH),
Reverse DNS
61-91-221-41.static.asianet.co.th
Software
Lego Server /
Resource Hash
5a44bb0da76356746f2a4720dbdcb4c385e865b5a009f76fb252960532ccad17

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sat, 28 Aug 2021 08:00:40 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit
last-modified
Thu, 26 Aug 2021 10:57:02 GMT
server
Lego Server
age
0
etag
W/"6127737e-40bc3"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000, s-maxage=10
x-nws-log-uuid
15878027348935170415
accept-ranges
bytes
content-length
87444
expires
Mon, 27 Sep 2021 08:00:40 GMT
hub.html
p3.isanook.com/jo/0/mu/evt/_cross_storage/ex/ Frame CFA6 		236 B
385 B 		Document
General
Check archive.org
Download Go to
Full URL
https://p3.isanook.com/jo/0/mu/evt/_cross_storage/ex/hub.html
Requested by
Host: s.isanook.com
URL: https://s.isanook.com/sr/0/_next/static/San4Xsdy9aLUgv4S5czLl/pages/_app.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
150.109.90.96 Singapore, Singapore, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
Lego Server /
Resource Hash
076d24cbdcf9e0597833fef55d3dca79e6b5fd281e45d85957bea5925473bc6c

Request headers

:method
GET
:authority
p3.isanook.com
:scheme
https
:path
/jo/0/mu/evt/_cross_storage/ex/hub.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.sanook.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer
https://www.sanook.com/

Response headers

content-type
text/html
vary
Accept-Encoding
date
Tue, 31 Aug 2021 07:21:58 GMT
x-page-speed
1.13.35.2-0
age
408
accept-ranges
bytes
content-encoding
gzip
cache-control
no-cache, max-age=0
content-length
192
x-nws-log-uuid
2118770038131142468
server
Lego Server
x-cache-lookup
Cache Miss
/
api.u1sf.com/geoip2/code/ 		160 B
430 B 		Script
General
Check archive.org
Download Go to
Full URL
https://api.u1sf.com/geoip2/code/?callback=jsonp_1630394926879_19627
Requested by
Host: s.isanook.com
URL: https://s.isanook.com/sr/0/_next/static/chunks/059f517648083c4cc99dfdde6159ac5517e5e50d.80c231de7f2569350341.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
203.151.133.5 Bangkok, Thailand, ASN4618 (INET-TH-AS Internet Thailand Company Limited, TH),
Reverse DNS
5.134.151.203.sta.inet.co.th
Software
/
Resource Hash
245bdaa482e105217dbc2119af1ada35e517bccf8ebfcc1f3794aa88f9a2cad3

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma
public
Date
Tue, 31 Aug 2021 07:28:48 GMT
Age
0
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
Cache-Control
public, max-age=900, must-revalidate
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
160
translator
hbopenbid.pubmatic.com/ 		0
115 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=ow-client
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/game/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.sanook.com
date
Tue, 31 Aug 2021 07:28:46 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
ads.json
s.isanook.com/sh/0/ad/ 		142 B
355 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sh/0/ad/ads.json?v=13586624
Requested by
Host: s.isanook.com
URL: https://s.isanook.com/sr/0/_next/static/chunks/8ab386d58aa3a665f05cabdf9944d29ddc817c3f.0dad4ce0315027f9003e.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
61.91.221.41 Bangkok, Thailand, ASN38082 (IIT-TIG-AS-AP True International Gateway Co., Ltd., TH),
Reverse DNS
61-91-221-41.static.asianet.co.th
Software
Lego Server /
Resource Hash
19dd274fc2f8319a727f0c14e7a80d27c5f9eeec3bd06169be4155fa9d6ae377

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 31 Aug 2021 07:07:14 GMT
x-cache-lookup
Cache Hit, Hit From Inner Cluster
last-modified
Mon, 02 Nov 2020 03:55:07 GMT
server
Lego Server
age
0
etag
"5f9f831b-8e"
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=2592000, s-maxage=10
x-nws-log-uuid
10119562169129639185
accept-ranges
bytes
content-length
142
expires
Thu, 30 Sep 2021 07:07:14 GMT
cdb
bidder.criteo.com/ 		0
187 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?ptv=112&profileId=184&cb=74318447327
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/game/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
https://www.sanook.com
date
Tue, 31 Aug 2021 07:28:46 GMT
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Finatra
timing-allow-origin
*
vary
Origin
translator
hbopenbid.pubmatic.com/ 		0
59 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=ow-client
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/game/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.sanook.com
date
Tue, 31 Aug 2021 07:28:46 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
ico-policy-2.svg
s.isanook.com/sr/0/images/icon/ 		994 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.isanook.com/sr/0/images/icon/ico-policy-2.svg
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/game/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
61.91.221.41 Bangkok, Thailand, ASN38082 (IIT-TIG-AS-AP True International Gateway Co., Ltd., TH),
Reverse DNS
61-91-221-41.static.asianet.co.th
Software
Lego Server /
Resource Hash
43c706b57a501d766c69324658fffe4a4a5ed84bdadb1fecc639ee2892cbc4f7

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 27 Aug 2021 13:42:52 GMT
x-cache-lookup
Cache Hit
last-modified
Thu, 26 Aug 2021 10:57:08 GMT
server
Lego Server
age
0
etag
"61277384-3e2"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=2592000
x-nws-log-uuid
11575994537773269638
accept-ranges
bytes
content-length
994
expires
Sun, 26 Sep 2021 13:42:52 GMT
/
graph.sanook.com/ 		8 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://graph.sanook.com/?operationName=getCategoryHilightEntries&variables=%7B%22channels%22%3A%5B%22game%22%5D%2C%22types%22%3A%5B%22content%22%5D%2C%22orderBy%22%3A%7B%22field%22%3A%22STICKY%22%2C%22direction%22%3A%22DESC%22%7D%2C%22first%22%3A7%2C%22categoryIds%22%3A%5B%7B%22channel%22%3A%22game%22%2C%22ids%22%3A%5B6049%5D%7D%5D%2C%22categorySlugs%22%3A%5B%5D%2C%22notInCategoryIds%22%3A%5B%7B%22channel%22%3A%22game%22%2C%22ids%22%3A%5B6217%2C6473%2C6097%2C6057%2C6065%2C6073%2C6081%2C6089%2C6105%2C6113%2C6121%2C6129%2C21%2C22%2C23%2C24%5D%7D%5D%2C%22oppaChannel%22%3A%22game%22%2C%22oppaCategorySlugs%22%3A%5B%5D%7D&extensions=%7B%22persistedQuery%22%3A%7B%22version%22%3A1%2C%22sha256Hash%22%3A%222a5d70f13acdb1804f5e544dcb35d0cc0c350738%22%7D%7D
Requested by
Host: s.isanook.com
URL: https://s.isanook.com/sr/0/_next/static/San4Xsdy9aLUgv4S5czLl/pages/_app.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
61.91.93.188 , Thailand, ASN7470 (TRUEINTERNET-AS-AP TRUE INTERNET Co.,Ltd., TH),
Reverse DNS
61-91-93-188.static.asianet.co.th
Software
nginx /
Resource Hash
ca2394bf101d854bc77970200b67c017f4e05d4949bbf806b4a509e36a4f8c69
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains;

Request headers

accept
*/*
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
content-type
application/json

Response headers

Date
Tue, 31 Aug 2021 07:28:48 GMT
Content-Encoding
gzip
Vary
Accept-Encoding, Origin
Server
nginx
Strict-Transport-Security
max-age=15724800; includeSubDomains;
Access-Control-Allow-Methods
GET, POST, OPTIONS, HEAD
Content-Type
application/json
Access-Control-Allow-Origin
https://www.sanook.com
Transfer-Encoding
chunked
X-Cache
HIT
Connection
keep-alive
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range,XPURGE,Authorization
/
graph.sanook.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://graph.sanook.com/?operationName=getCategoryHilightEntries&variables=%7B%22channels%22%3A%5B%22game%22%5D%2C%22types%22%3A%5B%22content%22%5D%2C%22orderBy%22%3A%7B%22field%22%3A%22STICKY%22%2C%22direction%22%3A%22DESC%22%7D%2C%22first%22%3A7%2C%22categoryIds%22%3A%5B%7B%22channel%22%3A%22game%22%2C%22ids%22%3A%5B6049%5D%7D%5D%2C%22categorySlugs%22%3A%5B%5D%2C%22notInCategoryIds%22%3A%5B%7B%22channel%22%3A%22game%22%2C%22ids%22%3A%5B6217%2C6473%2C6097%2C6057%2C6065%2C6073%2C6081%2C6089%2C6105%2C6113%2C6121%2C6129%2C21%2C22%2C23%2C24%5D%7D%5D%2C%22oppaChannel%22%3A%22game%22%2C%22oppaCategorySlugs%22%3A%5B%5D%7D&extensions=%7B%22persistedQuery%22%3A%7B%22version%22%3A1%2C%22sha256Hash%22%3A%222a5d70f13acdb1804f5e544dcb35d0cc0c350738%22%7D%7D
Protocol
HTTP/1.1
Server
61.91.93.188 , Thailand, ASN7470 (TRUEINTERNET-AS-AP TRUE INTERNET Co.,Ltd., TH),
Reverse DNS
61-91-93-188.static.asianet.co.th
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains;

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
content-type
Origin
https://www.sanook.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

Server
nginx
Date
Tue, 31 Aug 2021 07:28:48 GMT
Connection
keep-alive
Access-Control-Max-Age
300
X-Cache
BYPASS
Vary
Origin
Access-Control-Allow-Origin
https://www.sanook.com
Access-Control-Allow-Credentials
true
Access-Control-Allow-Methods
GET, POST, OPTIONS, HEAD
Access-Control-Allow-Headers
DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range,XPURGE,Authorization
Strict-Transport-Security
max-age=15724800; includeSubDomains;
cdb
bidder.criteo.com/ 		0
187 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?ptv=112&profileId=184&cb=33546395144
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/game/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
https://www.sanook.com
date
Tue, 31 Aug 2021 07:28:46 GMT
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Finatra
timing-allow-origin
*
vary
Origin
prebid
ib.adnxs.com/ut/v3/ 		138 B
816 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/game/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.223.38 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
400.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
10a205fc2cc3517404f43d3bde877484d39d933452cbb8307d84f2a690a48600
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Tue, 31 Aug 2021 07:28:47 GMT
X-Proxy-Origin
91.132.136.86; 91.132.136.86; 400.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
c8a45288-4eb4-493e-a892-81d5c7338ec9
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.sanook.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
138
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
translator
hbopenbid.pubmatic.com/ 		0
59 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=ow-client
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/game/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.sanook.com
date
Tue, 31 Aug 2021 07:28:46 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
bid-request
a.teads.tv/hb/ 		16 B
362 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://a.teads.tv/hb/bid-request
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/game/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.232.7 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-232-7.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 31 Aug 2021 07:28:47 GMT
content-encoding
gzip
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.sanook.com
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
42
expires
Tue, 31 Aug 2021 07:28:47 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		388 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17864&site_id=385176&zone_id=2142876&size_id=57&alt_size_ids=221&rf=https%3A%2F%2Fwww.sanook.com%2Fgame%2F&tg_i.dfp_ad_unit_code=4899711%2Fgame.sanook%2Fdesktop%2Fall%2Findexpage%2Fbillboard&tg_i.pbadslot=4899711%2Fgame.sanook%2Fdesktop%2Fall%2Findexpage%2Fbillboard&tk_flint=pbjs_lite_v4.33.0&x_source.tid=e6453afb-48dd-40e3-bac4-8006135c5973&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.1672706531244792
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/game/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
69.173.144.140 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.16.0 /
Resource Hash
1c953111e5f3c41e7146657e60741aba6824e5fed81633fa538273ea08978dfb

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Tue, 31 Aug 2021 07:28:47 GMT
Server
nginx/1.16.0
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://www.sanook.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Keep-Alive
timeout=5
Content-Length
388
Expires
Wed, 17 Sep 1975 21:32:10 GMT
cygnus
htlb.casalemedia.com/ 		25 B
682 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=575405&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%221555b952fde451f%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.sanook.com%2Fgame%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%224.33.0%22%2C%22msd%22%3A0%2C%22msi%22%3A0%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%22167afc7759fc479%22%2C%22ext%22%3A%7B%22siteID%22%3A%22575405%22%2C%22sid%22%3A%221130x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A1130%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%2217caa171cbc887a%22%2C%22ext%22%3A%7B%22siteID%22%3A%22575405%22%2C%22sid%22%3A%221090x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A1090%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%221821bcb323c3db5%22%2C%22ext%22%3A%7B%22siteID%22%3A%22575405%22%2C%22sid%22%3A%22970x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A970%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%22198685d4db30c76%22%2C%22ext%22%3A%7B%22siteID%22%3A%22575405%22%2C%22sid%22%3A%221x1%22%7D%2C%22banner%22%3A%7B%22w%22%3A1%2C%22h%22%3A1%2C%22topframe%22%3A1%7D%7D%5D%7D
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/game/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.21.111.28 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-21-111-28.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
a4cd46d6d58a9c59805394080824f2af203edf507550c43ca550c03fe2ec160b

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 31 Aug 2021 07:28:47 GMT
content-encoding
gzip
x-ak-initial-geo
CC:[CH], RC:[ZH], CN:[EU], CIP:[91.132.136.86], XFF:[]
server
Apache
vary
Is-Traffic-Invalid,Accept-Encoding
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
access-control-allow-origin
https://www.sanook.com
x-cs-client-geo
12
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-type
application/json
content-length
45
x-ak-client-geo
12
expires
Tue, 31 Aug 2021 07:28:47 GMT
hb
rtb-eu.andbeyond.media/ 		32 B
300 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://rtb-eu.andbeyond.media/hb?zone=136923&v=1.5
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/game/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
77.245.57.78 , United States, ASN36057 (WEBAIR-INTERNET-MTL, US),
Reverse DNS
Software
nginx /
Resource Hash
64f55f3c746a8be7700cefa5766b912e686840b8d58b8c5f31b01fbbb861ff52

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Tue, 31 Aug 2021 07:28:47 GMT
Server
nginx
Age
0
Access-Control-Allow-Origin
https://www.sanook.com
Cache-Control
no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
32
arj
tencentth-d.openx.net/w/1.0/ 		173 B
705 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tencentth-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.sanook.com%2Fgame%2F&ch=UTF-8&res=1600x1200x24&ifr=false&tz=-120&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=e6453afb-48dd-40e3-bac4-8006135c5973&nocache=1630394927246&aus=1130x250%2C1090x250%2C970x250%2C1x1&divIds=rgpt-billboard-3&auid=542511408
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/game/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/16.214.0 /
Resource Hash
1b11dad4e190b9d91e1dce97d4cf40e7417c6c2875c29fa5b611fa9e25d4fde5

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 31 Aug 2021 07:28:47 GMT
content-encoding
gzip
server
OXGW/16.214.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.sanook.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
164
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT
events
bidder.criteo.com/csm/ 		0
187 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/csm/events
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://www.sanook.com
date
Tue, 31 Aug 2021 07:28:46 GMT
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Finatra
timing-allow-origin
*
vary
Origin
pixel.gif
static.criteo.net/images/ 		43 B
337 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/images/pixel.gif?ch=1
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/game/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 31 Aug 2021 07:28:47 GMT
last-modified
Tue, 09 Dec 2008 16:52:36 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"493ea254-2b"
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
43
expires
Fri, 26 Aug 2022 07:28:47 GMT
pixel.gif
static.criteo.net/images/ 		43 B
337 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/images/pixel.gif?ch=2
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/game/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 31 Aug 2021 07:28:47 GMT
last-modified
Tue, 09 Dec 2008 16:52:36 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"493ea254-2b"
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
43
expires
Fri, 26 Aug 2022 07:28:47 GMT
entry.js
s.isanook.com/sr/0/_next/static/San4Xsdy9aLUgv4S5czLl/pages/common/ 		0
12 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sr/0/_next/static/San4Xsdy9aLUgv4S5czLl/pages/common/entry.js
Requested by
Host: s.isanook.com
URL: https://s.isanook.com/sr/0/_next/static/runtime/main-c4548a6c5259798ceb68.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
61.91.221.41 Bangkok, Thailand, ASN38082 (IIT-TIG-AS-AP True International Gateway Co., Ltd., TH),
Reverse DNS
61-91-221-41.static.asianet.co.th
Software
Lego Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 26 Aug 2021 11:13:34 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit
x-original-content-length
59071
server
Lego Server
age
568
etag
W/"6127737d-e6bf"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-nws-log-uuid
1064690948844568917
accept-ranges
bytes
content-length
12437
expires
Sat, 25 Sep 2021 11:00:55 GMT
dc9a8663c1eefa251dd550396c9e16229a3b5fba.827f1a69452106b0f878.js
s.isanook.com/sr/0/_next/static/chunks/ 		0
20 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sr/0/_next/static/chunks/dc9a8663c1eefa251dd550396c9e16229a3b5fba.827f1a69452106b0f878.js
Requested by
Host: s.isanook.com
URL: https://s.isanook.com/sr/0/_next/static/runtime/main-c4548a6c5259798ceb68.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
61.91.221.41 Bangkok, Thailand, ASN38082 (IIT-TIG-AS-AP True International Gateway Co., Ltd., TH),
Reverse DNS
61-91-221-41.static.asianet.co.th
Software
Lego Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 26 Aug 2021 11:00:53 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit
x-original-content-length
256628
server
Lego Server
age
0
etag
W/"6127737e-3ea74"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-nws-log-uuid
12010552316650001763
accept-ranges
bytes
content-length
19861
expires
Sat, 25 Sep 2021 11:00:53 GMT
ab3892aacfceb4ef2a725033e958c965fa67f28e.02e73207f7dab7fbde40.js
s.isanook.com/sr/0/_next/static/chunks/ 		0
5 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sr/0/_next/static/chunks/ab3892aacfceb4ef2a725033e958c965fa67f28e.02e73207f7dab7fbde40.js
Requested by
Host: s.isanook.com
URL: https://s.isanook.com/sr/0/_next/static/runtime/main-c4548a6c5259798ceb68.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
61.91.221.41 Bangkok, Thailand, ASN38082 (IIT-TIG-AS-AP True International Gateway Co., Ltd., TH),
Reverse DNS
61-91-221-41.static.asianet.co.th
Software
Lego Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sat, 28 Aug 2021 15:41:48 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit
x-original-content-length
18354
server
Lego Server
age
0
etag
W/"6127737e-47b2"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-nws-log-uuid
11976477896616352534
accept-ranges
bytes
content-length
5292
expires
Mon, 27 Sep 2021 15:41:48 GMT
fb98b1ff8c843897229594d0871fe7639edf6d86.fe5608beb7219774760b.js
s.isanook.com/sr/0/_next/static/chunks/ 		0
5 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sr/0/_next/static/chunks/fb98b1ff8c843897229594d0871fe7639edf6d86.fe5608beb7219774760b.js
Requested by
Host: s.isanook.com
URL: https://s.isanook.com/sr/0/_next/static/runtime/main-c4548a6c5259798ceb68.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
61.91.221.41 Bangkok, Thailand, ASN38082 (IIT-TIG-AS-AP True International Gateway Co., Ltd., TH),
Reverse DNS
61-91-221-41.static.asianet.co.th
Software
Lego Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 27 Aug 2021 08:03:14 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit
x-original-content-length
13459
server
Lego Server
age
47641
etag
W/"6127737e-3493"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-nws-log-uuid
1354815016688990488
accept-ranges
bytes
content-length
4584
expires
Sun, 26 Sep 2021 08:03:14 GMT
36f18939174bdec1174e6e4232aca37f2ac87597.8c7201dca81875cd9bba.js
s.isanook.com/sr/0/_next/static/chunks/ 		0
4 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sr/0/_next/static/chunks/36f18939174bdec1174e6e4232aca37f2ac87597.8c7201dca81875cd9bba.js
Requested by
Host: s.isanook.com
URL: https://s.isanook.com/sr/0/_next/static/runtime/main-c4548a6c5259798ceb68.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
61.91.221.41 Bangkok, Thailand, ASN38082 (IIT-TIG-AS-AP True International Gateway Co., Ltd., TH),
Reverse DNS
61-91-221-41.static.asianet.co.th
Software
Lego Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 26 Aug 2021 11:00:53 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit, Hit From Inner Cluster
x-original-content-length
11819
server
Lego Server
age
0
etag
W/"6127737e-2e2b"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-nws-log-uuid
6416763922407041899
accept-ranges
bytes
content-length
3870
expires
Sat, 25 Sep 2021 11:00:53 GMT
8ab386d58aa3a665f05cabdf9944d29ddc817c3f.0dad4ce0315027f9003e.js
s.isanook.com/sr/0/_next/static/chunks/ 		0
44 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sr/0/_next/static/chunks/8ab386d58aa3a665f05cabdf9944d29ddc817c3f.0dad4ce0315027f9003e.js
Requested by
Host: s.isanook.com
URL: https://s.isanook.com/sr/0/_next/static/runtime/main-c4548a6c5259798ceb68.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
61.91.221.41 Bangkok, Thailand, ASN38082 (IIT-TIG-AS-AP True International Gateway Co., Ltd., TH),
Reverse DNS
61-91-221-41.static.asianet.co.th
Software
Lego Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 29 Aug 2021 08:06:35 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit, Hit From Inner Cluster
x-original-content-length
210380
server
Lego Server
age
161185
etag
W/"6127737e-335cc"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-nws-log-uuid
18074775487501472133
accept-ranges
bytes
content-length
44835
expires
Tue, 28 Sep 2021 08:06:35 GMT
0015fcc910c18fad36b943eeeb66e44dbf6e9ef9.e873317aa70e511fdce3.js
s.isanook.com/sr/0/_next/static/chunks/ 		0
4 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sr/0/_next/static/chunks/0015fcc910c18fad36b943eeeb66e44dbf6e9ef9.e873317aa70e511fdce3.js
Requested by
Host: s.isanook.com
URL: https://s.isanook.com/sr/0/_next/static/runtime/main-c4548a6c5259798ceb68.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
61.91.221.41 Bangkok, Thailand, ASN38082 (IIT-TIG-AS-AP True International Gateway Co., Ltd., TH),
Reverse DNS
61-91-221-41.static.asianet.co.th
Software
Lego Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 27 Aug 2021 18:09:07 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit, Hit From Inner Cluster
last-modified
Thu, 26 Aug 2021 10:57:02 GMT
server
Lego Server
age
0
etag
W/"6127737e-4114"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000, s-maxage=10
x-nws-log-uuid
2133969913524607059
accept-ranges
bytes
content-length
4035
expires
Sun, 26 Sep 2021 18:09:07 GMT
ed625dc825875053e87b8bdde60bbaaa766bbef4.1c26ec41cba2d9195163.js
s.isanook.com/sr/0/_next/static/chunks/ 		0
3 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sr/0/_next/static/chunks/ed625dc825875053e87b8bdde60bbaaa766bbef4.1c26ec41cba2d9195163.js
Requested by
Host: s.isanook.com
URL: https://s.isanook.com/sr/0/_next/static/runtime/main-c4548a6c5259798ceb68.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
61.91.221.41 Bangkok, Thailand, ASN38082 (IIT-TIG-AS-AP True International Gateway Co., Ltd., TH),
Reverse DNS
61-91-221-41.static.asianet.co.th
Software
Lego Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 26 Aug 2021 11:00:53 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit
x-original-content-length
5823
server
Lego Server
age
335
etag
W/"6127737e-16bf"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-nws-log-uuid
6858785392265214586
accept-ranges
bytes
content-length
2659
expires
Sat, 25 Sep 2021 11:00:53 GMT
integrator.js
adservice.google.de/adsid/ 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.sanook.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021082301.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 31 Aug 2021 07:28:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.sanook.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021082301.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 31 Aug 2021 07:28:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		479 B
443 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=477062591678860&correlator=2598543170223770&output=ldjh&impl=fif&eid=31062297&vrg=2021082301&ptt=17&sc=1&sfv=1-0-38&ecs=20210831&iu_parts=4899711%2Cgame.sanook%2Cdesktop%2Call%2Cindexpage%2Cnative&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4%2F5&prev_iu_szs=257x240&prev_scp=category%3Dall&eri=1&cookie_enabled=1&bc=31&abxe=1&lmt=1630394927&dt=1630394927329&dlt=1630394924390&idt=1434&frm=20&biw=1600&bih=1200&oid=3&adxs=1088&adys=2174&adks=1601971357&ucis=1&ifi=1&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&u_java=false&flash=0&url=https%3A%2F%2Fwww.sanook.com%2Fgame%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=257x0&msz=257x0&ga_vid=1403641444.1630394925&ga_sid=1630394927&ga_hid=1154431772&ga_fc=false&fws=0&ohw=0&btvi=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/game/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
eb162b137d8badb83335f9190480be37b0db679164cd87b6ca89ea38c4edaf06
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 31 Aug 2021 07:28:47 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
257
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.sanook.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
b4e02b29aa7af6553704a9949471b1cb.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 1B83 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://b4e02b29aa7af6553704a9949471b1cb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021082301.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
b4e02b29aa7af6553704a9949471b1cb.safeframe.googlesyndication.com
:scheme
https
:path
/safeframe/1-0-38/html/container.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.sanook.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer
https://www.sanook.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
3108
date
Tue, 31 Aug 2021 07:28:47 GMT
expires
Wed, 31 Aug 2022 07:28:47 GMT
cache-control
public, immutable, max-age=31536000
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
c
sal.isanook.com/sa/ 		35 B
355 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sal.isanook.com/sa/c?v=1&_v=j41&a=123688522&t=pageview&_s=1&dl=https%3A%2F%2Fwww.sanook.com%2Fgame%2F&dp=%2Fgame%2F&ul=en-us&de=UTF-8&dt=%E0%B9%80%E0%B8%81%E0%B8%A1%E0%B8%AA%E0%B9%8C%20%E0%B9%80%E0%B8%81%E0%B8%A1%E0%B8%AD%E0%B8%AD%E0%B8%99%E0%B9%84%E0%B8%A5%E0%B8%99%E0%B9%8C%E0%B9%83%E0%B8%AB%E0%B8%A1%E0%B9%88%20%E0%B9%80%E0%B8%81%E0%B8%A1%E0%B8%A1%E0%B8%B7%E0%B8%AD%E0%B8%96%E0%B8%B7%E0%B8%AD%20%E0%B9%80%E0%B8%A5%E0%B9%88%E0%B8%99%E0%B9%80%E0%B8%81%E0%B8%A1%E0%B8%9F%E0%B8%A3%E0%B8%B5&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=QAAAAAABC~&cid=838284366.1630394927&tid=SA-8147095-6&cd4=0&cd8=b&z=1947854363
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/game/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
203.151.133.6 Bangkok, Thailand, ASN4618 (INET-TH-AS Internet Thailand Company Limited, TH),
Reverse DNS
6.134.151.203.sta.inet.co.th
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
Date
Tue, 31 Aug 2021 07:28:47 GMT
Server
nginx
Vary
Accept-Encoding
Content-Type
image/gif
Cache-Control
no-cache, no-cache, no-store, must-revalidate
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
35
Expires
Thu, 01 Jan 1970 00:00:01 GMT
bid-request
a.teads.tv/hb/ 		16 B
362 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://a.teads.tv/hb/bid-request
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/game/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.232.7 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-232-7.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 31 Aug 2021 07:28:47 GMT
content-encoding
gzip
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.sanook.com
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
42
expires
Tue, 31 Aug 2021 07:28:47 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		378 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17864&site_id=385176&zone_id=2142876&size_id=15&rf=https%3A%2F%2Fwww.sanook.com%2Fgame%2F&tg_i.dfp_ad_unit_code=4899711%2Fgame.sanook%2Fdesktop%2Fall%2Findexpage%2Freca&tg_i.pbadslot=4899711%2Fgame.sanook%2Fdesktop%2Fall%2Findexpage%2Freca&tk_flint=pbjs_lite_v4.33.0&x_source.tid=888508a6-504b-42fd-8033-1601c050635c&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.2582030799702488
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/game/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
69.173.144.140 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.16.0 /
Resource Hash
a7022d5aa51d9fc1d053f4c4bb63dd1a620440cd385bb5b15831c884d7cfb7cf

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Tue, 31 Aug 2021 07:28:47 GMT
Server
nginx/1.16.0
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://www.sanook.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Keep-Alive
timeout=5
Content-Length
378
Expires
Wed, 17 Sep 1975 21:32:10 GMT
arj
tencentth-d.openx.net/w/1.0/ 		173 B
362 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tencentth-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.sanook.com%2Fgame%2F&ch=UTF-8&res=1600x1200x24&ifr=false&tz=-120&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=888508a6-504b-42fd-8033-1601c050635c&nocache=1630394927356&aus=300x250%2C257x240%2C300x125&divIds=rgpt-reca-5&auid=542511420
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/game/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/16.214.0 /
Resource Hash
81cf5f8d96808385b5f59e64afefec2c4851f1a15d4a0cc3f2df74a03e4f2bfb

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 31 Aug 2021 07:28:47 GMT
content-encoding
gzip
server
OXGW/16.214.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.sanook.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
165
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT
prebid
ib.adnxs.com/ut/v3/ 		138 B
816 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/game/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.223.38 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
400.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
517630dc375658566bf734be65822f89d54b3c531bc62b2dac8f4177c38a4417
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Tue, 31 Aug 2021 07:28:47 GMT
X-Proxy-Origin
91.132.136.86; 91.132.136.86; 400.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
ae683332-cb32-4569-8804-662b327a5e87
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.sanook.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
138
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
cygnus
htlb.casalemedia.com/ 		25 B
683 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=575406&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%223291468389cc16f%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.sanook.com%2Fgame%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%224.33.0%22%2C%22msd%22%3A0%2C%22msi%22%3A0%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2233fe68de352e8e4%22%2C%22ext%22%3A%7B%22siteID%22%3A%22575406%22%2C%22sid%22%3A%22300x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%22342194b89d75a51%22%2C%22ext%22%3A%7B%22siteID%22%3A%22575406%22%2C%22sid%22%3A%22257x240%22%7D%2C%22banner%22%3A%7B%22w%22%3A257%2C%22h%22%3A240%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%2235ea3b5c6b8eaa6%22%2C%22ext%22%3A%7B%22siteID%22%3A%22575406%22%2C%22sid%22%3A%22300x125%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A125%2C%22topframe%22%3A1%7D%7D%5D%7D
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/game/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.21.111.28 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-21-111-28.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
2dd917b13eae2629059c6eb1930546cdfb38ed46b0226db55e0503c4a472ae80

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 31 Aug 2021 07:28:47 GMT
content-encoding
gzip
x-ak-initial-geo
CC:[CH], RC:[ZH], CN:[EU], CIP:[91.132.136.86], XFF:[]
server
Apache
vary
Is-Traffic-Invalid,Accept-Encoding
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
access-control-allow-origin
https://www.sanook.com
x-cs-client-geo
12
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-type
application/json
content-length
45
x-ak-client-geo
12
expires
Tue, 31 Aug 2021 07:28:47 GMT
translator
hbopenbid.pubmatic.com/ 		0
59 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=ow-client
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/game/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.sanook.com
date
Tue, 31 Aug 2021 07:28:46 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
hb
rtb-eu.andbeyond.media/ 		0
266 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://rtb-eu.andbeyond.media/hb?zone=136922&v=1.5
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/game/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
77.245.57.78 , United States, ASN36057 (WEBAIR-INTERNET-MTL, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Tue, 31 Aug 2021 07:28:47 GMT
Server
nginx
Age
0
Access-Control-Allow-Origin
https://www.sanook.com
Cache-Control
no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
events
bidder.criteo.com/csm/ 		0
187 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/csm/events
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://www.sanook.com
date
Tue, 31 Aug 2021 07:28:46 GMT
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Finatra
timing-allow-origin
*
vary
Origin
ads
securepubads.g.doubleclick.net/gampad/ 		16 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=477062591678860&correlator=2516487302567539&output=ldjh&impl=fif&eid=31062297&vrg=2021082301&ptt=17&sc=1&sfv=1-0-38&ecs=20210831&iu_parts=4899711%2Cgame.sanook%2Cdesktop%2Call%2Cindexpage%2Cuniversalb&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4%2F5&prev_iu_szs=1x1&prev_scp=category%3Dall&eri=1&cookie_enabled=1&bc=31&abxe=1&lmt=1630394927&dt=1630394927418&dlt=1630394924390&idt=1434&frm=20&biw=1600&bih=1200&oid=3&adxs=-12245933&adys=-12245933&adks=551847161&ucis=2&ifi=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&u_java=false&flash=0&url=https%3A%2F%2Fwww.sanook.com%2Fgame%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=0x0&msz=0x0&ga_vid=1403641444.1630394925&ga_sid=1630394927&ga_hid=1154431772&ga_fc=false&fws=128&ohw=0&btvi=-1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/game/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
077b53e487a4b84dd831886b28850a97e43e90d7fcd08e252997a8a74326c42e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 31 Aug 2021 07:28:47 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7957
x-xss-protection
0
google-lineitem-id
5582840632
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138336206208
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.sanook.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
showad.js
ads.pubmatic.com/AdServer/js/ Frame 013B 		38 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
9005ef18fcfb3897cd13c7ec73f90d2b0da0cc7d6153be58cdbe90ad5e2741c8

Request headers

:method
GET
:authority
ads.pubmatic.com
:scheme
https
:path
/AdServer/js/showad.js
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.sanook.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer
https://www.sanook.com/

Response headers

last-modified
Tue, 15 Jun 2021 06:07:52 GMT
etag
"13006b6-974e-5c4c7cb53d8cb"
server
Apache/2.2.15 (CentOS)
accept-ranges
bytes
content-encoding
gzip
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
13946
content-type
text/html; charset=UTF-8
cache-control
public, max-age=45088
expires
Tue, 31 Aug 2021 20:00:15 GMT
date
Tue, 31 Aug 2021 07:28:47 GMT
vary
Accept-Encoding
showad.js
ads.pubmatic.com/AdServer/js/ Frame 32D0 		38 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
9005ef18fcfb3897cd13c7ec73f90d2b0da0cc7d6153be58cdbe90ad5e2741c8

Request headers

:method
GET
:authority
ads.pubmatic.com
:scheme
https
:path
/AdServer/js/showad.js
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.sanook.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer
https://www.sanook.com/

Response headers

last-modified
Tue, 15 Jun 2021 06:07:52 GMT
etag
"13006b6-974e-5c4c7cb53d8cb"
server
Apache/2.2.15 (CentOS)
accept-ranges
bytes
content-encoding
gzip
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
13946
content-type
text/html; charset=UTF-8
cache-control
public, max-age=45088
expires
Tue, 31 Aug 2021 20:00:15 GMT
date
Tue, 31 Aug 2021 07:28:47 GMT
vary
Accept-Encoding
/
avd.innity.com/dc/cb/ 		59 B
707 B 		Script
General
Check archive.org
Download Go to
Full URL
https://avd.innity.com/dc/cb/?mt=_iampt._cbUC
Requested by
Host: avd.innity.net
URL: https://avd.innity.net/lib/dc.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
119.81.192.134 Singapore, Singapore, ASN36351 (SOFTLAYER, US),
Reverse DNS
86.c0.5177.ip4.static.sl-reverse.com
Software
Apache /
Resource Hash
a696a42b00ab5e2d245a8b742f925469fbb99bd278d6faaec6b8c443862dd19c

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 31 Aug 2021 07:28:48 GMT
Content-Encoding
gzip
Last-Modified
Tue, 31 Aug 2021 07:28:48 GMT
Server
Apache
Vary
Accept-Encoding
P3P
policyref=http://www.innity.com/p3p/p3p.xml,CP="CURa ADMa DEVa OUR BUS UNI COM NAV INT"
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Content-Type
application/javascript
Content-Length
79
Expires
Wed, 04 Aug 1985 12:59:00 GMT
d2aa4040-27c6-4811-a69b-c9b41f284a29
https://www.sanook.com/ 		31 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://www.sanook.com/d2aa4040-27c6-4811-a69b-c9b41f284a29
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/game/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7725538fe2f71147bffeba7452b434c826aef9009666cb4360c605d0b2a91d1d

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Length
31
Content-Type
application/javascript
view
securepubads.g.doubleclick.net/pcs/ Frame E576 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvyf8eNWFSVe9kqsnmFPOgkeRg3zH-km0kaEdfk_HRNvVSAJfO0T7Fzj73YFNU1JVwUVcsFOFzxQ40UsqKEnA8Xv4xOu7gYWBkvh7d9A_4GJmQYMjvgLLUUZVry7NFkvVaqxCkYukg-UFdv59-tK9aBH5gcwXIus3azyb5Wok8d9Bi-hNfKdE_CkCesM-T91i_cX0mFHqNI0pQs0squcUpG-ntRkBIozsuKkDKfSXtrUNf0hxVqrp_NmUGy1McZwlQfo70TfBAFPLVrNiRlINcxjv35tPoz7w5HOsfbTDoymWUPU5zmmhPY-q83SIq9tY1wBuigxK2asbinacZ3zYk_iINwJw&sai=AMfl-YSAg2zMahHkjN8LYlI3LSoKUEkAdVm2_83s59n_DPiFYljSnTx2qyqdkaTElwvImx64Oq6bLdMU2RarlC3wOCSPA_4G4qy66vHG56aNZQYxY8ccF1vhaQGSggzqZYU&sig=Cg0ArKJSzDTIzrLdITW2EAE&urlfix=1&adurl=
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/game/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 31 Aug 2021 07:28:47 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Tue, 31 Aug 2021 07:28:47 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ Frame E576 		71 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021082301.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
sffe /
Resource Hash
b5f7dbf1bc4360e0d5f4224b4e1cd97cfd81ce434c2a6edf565fd54b81666d09
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 31 Aug 2021 07:28:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"974 / 620 of 1000 / last-modified: 1630361685"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
25232
x-xss-protection
0
expires
Tue, 31 Aug 2021 07:28:47 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame E576 		122 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021082301.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bc737a01a72ef54ff0decd38e4ada36dad376930b764cabfad012682cdc262ae
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 31 Aug 2021 07:28:47 GMT
content-encoding
gzip
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server
sffe
etag
"1630322985459792"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
x-content-type-options
nosniff
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37796
x-xss-protection
0
expires
Tue, 31 Aug 2021 07:28:47 GMT
osd.js
www.googletagservices.com/activeview/js/current/ 		72 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/osd.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021082301.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9973d4837254463d18af1f1fa3d201f5c46270b8516e1d1fa0886e14e1c39334
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 31 Aug 2021 07:28:47 GMT
content-encoding
gzip
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server
sffe
etag
"1630322975956640"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
x-content-type-options
nosniff
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27566
x-xss-protection
0
expires
Tue, 31 Aug 2021 07:28:47 GMT
integrator.js
adservice.google.de/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.sanook.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021082301.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 31 Aug 2021 07:28:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.sanook.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021082301.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 31 Aug 2021 07:28:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		15 KB
9 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=477062591678860&correlator=637643209527287&output=ldjh&impl=fif&eid=31062297&vrg=2021082301&ptt=17&sc=1&sfv=1-0-38&ecs=20210831&iu_parts=4899711%2Cgame.sanook%2Cdesktop%2Call%2Cindexpage%2Cbillboard&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4%2F5&prev_iu_szs=1130x250%7C1090x250%7C970x250%7C1x1&prev_scp=category%3Dall&eri=1&cookie=ID%3D12fa8dc2a9593f16-22f4d2d3e4c800b9%3AT%3D1630394927%3AS%3DALNI_MZyUmaiJACCcvpYHczLqQ-V5N9BAQ&bc=31&abxe=1&lmt=1630394927&dt=1630394927559&dlt=1630394924390&idt=1434&frm=20&biw=1600&bih=1200&oid=3&adxs=255&adys=75&adks=762236202&ucis=3&ifi=3&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&u_java=false&flash=0&url=https%3A%2F%2Fwww.sanook.com%2Fgame%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1090x-1&msz=1090x-1&psts=AGkb-H8Q9AkvyRHWniTO8UdAtYgHCN4PsVxC0Jm3RqDqBDCk8plyIzhxZUsZf2Bv6ne_U79Gl4ePOfr7UPmjLm77xoJHc3xOf4thJ_dSVT6ugXToTV8MZlbJQQ8&ga_vid=1403641444.1630394925&ga_sid=1630394927&ga_hid=1154431772&ga_fc=false&fws=4&ohw=1090&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/game/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
82861623b804e5525ade1f1d4ee7cb5ebd9f7973535fed6adfae9176610bbf57
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 31 Aug 2021 07:28:47 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8758
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.sanook.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
hub.js
p3.isanook.com/jo/0/mu/evt/_cross_storage/lib/ Frame CFA6 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://p3.isanook.com/jo/0/mu/evt/_cross_storage/lib/hub.js
Requested by
Host: p3.isanook.com
URL: https://p3.isanook.com/jo/0/mu/evt/_cross_storage/ex/hub.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
150.109.90.96 Singapore, Singapore, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
Lego Server /
Resource Hash
852b86933d326a3c493f7f57ea4f3933167223b7bdfd37f3ee82523be4cd731e

Request headers

Referer
https://p3.isanook.com/jo/0/mu/evt/_cross_storage/ex/hub.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 31 Aug 2021 07:28:47 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit, Hit From Inner Cluster
last-modified
Fri, 18 Nov 2016 04:14:33 GMT
server
Lego Server
etag
"582e8029-1e6a"
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000
x-nws-log-uuid
13074009058367796946
accept-ranges
bytes
content-length
2483
ads
securepubads.g.doubleclick.net/gampad/ 		42 KB
16 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=477062591678860&correlator=2496439454553464&output=ldjh&impl=fif&eid=31062297&vrg=2021082301&ptt=17&sc=1&sfv=1-0-38&ecs=20210831&iu_parts=4899711%2Cgame.sanook%2Cdesktop%2Call%2Cindexpage%2Creca&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4%2F5&prev_iu_szs=300x250%7C257x240%7C300x125&prev_scp=category%3Dall&eri=1&cookie=ID%3D12fa8dc2a9593f16-22f4d2d3e4c800b9%3AT%3D1630394927%3AS%3DALNI_MZyUmaiJACCcvpYHczLqQ-V5N9BAQ&bc=31&abxe=1&lmt=1630394927&dt=1630394927613&dlt=1630394924390&idt=1434&frm=20&biw=1600&bih=1200&oid=3&adxs=1045&adys=957&adks=568265319&ucis=4&ifi=4&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&u_java=false&flash=0&url=https%3A%2F%2Fwww.sanook.com%2Fgame%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x250&msz=300x250&psts=AGkb-H8Q9AkvyRHWniTO8UdAtYgHCN4PsVxC0Jm3RqDqBDCk8plyIzhxZUsZf2Bv6ne_U79Gl4ePOfr7UPmjLm77xoJHc3xOf4thJ_dSVT6ugXToTV8MZlbJQQ8&ga_vid=1403641444.1630394925&ga_sid=1630394927&ga_hid=1154431772&ga_fc=false&fws=4&ohw=300&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/game/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
b5a3d85efdc1b91016a2e458e250f91ec572ccda9361ed1e71f23e616cb2e807
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 31 Aug 2021 07:28:47 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15944
x-xss-protection
0
google-lineitem-id
4408392417
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138307776629
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.sanook.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
pd
eu-u.openx.net/w/1.0/ Frame 5FAD 		668 B
732 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eu-u.openx.net/w/1.0/pd?plm=6&ph=37e95722-5599-4708-ac2b-c16016d6597d&gdpr=0
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/16.214.0 /
Resource Hash
cbe6cb22ca5d0631e91c106e88e42d207ffdf7d4eb64949abe9a602a9e1e11df

Request headers

:method
GET
:authority
eu-u.openx.net
:scheme
https
:path
/w/1.0/pd?plm=6&ph=37e95722-5599-4708-ac2b-c16016d6597d&gdpr=0
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.sanook.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
i=7f349465-7bbd-023a-0557-41739343c62f|1630394927
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer
https://www.sanook.com/

Response headers

vary
Accept, Accept-Encoding
set-cookie
i=7f349465-7bbd-023a-0557-41739343c62f|1630394927; Version=1; Expires=Wed, 31-Aug-2022 07:28:47 GMT; Max-Age=31536000; Secure; Domain=.openx.net; Path=/; SameSite=None pd=v2|1630394927|gekin0vNiygu; Version=1; Expires=Wed, 15-Sep-2021 07:28:47 GMT; Max-Age=1296000; Secure; Domain=.openx.net; Path=/; SameSite=None
server
OXGW/16.214.0
p3p
CP="CUR ADM OUR NOR STA NID"
date
Tue, 31 Aug 2021 07:28:47 GMT
content-type
text/html
content-length
420
content-encoding
gzip
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
async_usersync.html
acdn.adnxs.com/dmp/ Frame AEFA 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.232.130 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-232-130.deploy.static.akamaitechnologies.com
Software
nginx/1.13.10 /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Host
acdn.adnxs.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://www.sanook.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer
https://www.sanook.com/

Response headers

Last-Modified
Wed, 02 Dec 2020 20:56:47 GMT
ETag
"5fc7ff8f-cf34"
Server
nginx/1.13.10
Access-Control-Allow-Origin
*
Content-Type
text/html
Content-Encoding
gzip
Content-Length
17053
Cache-Control
max-age=86402
Expires
Wed, 01 Sep 2021 07:28:49 GMT
Date
Tue, 31 Aug 2021 07:28:47 GMT
Connection
keep-alive
Vary
Accept-Encoding
ixmatch.html
js-sec.indexww.com/um/ Frame AE38 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
7eca7977c6ade416c20775a7fd7cfa2291c5752cd1225d5c4342b057c37a000c

Request headers

Host
js-sec.indexww.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://www.sanook.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer
https://www.sanook.com/

Response headers

Server
Apache
Last-Modified
Thu, 11 Feb 2021 16:12:45 GMT
ETag
"e20015-90b-5bb11ca420f07"
Accept-Ranges
bytes
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
text/html; charset=UTF-8
Vary
Accept-Encoding
Content-Encoding
gzip
Content-Length
1151
Date
Tue, 31 Aug 2021 07:28:47 GMT
Connection
keep-alive
async_usersync.html
acdn.adnxs.com/dmp/ Frame 8550 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.232.130 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-232-130.deploy.static.akamaitechnologies.com
Software
nginx/1.13.10 /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Host
acdn.adnxs.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://www.sanook.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer
https://www.sanook.com/

Response headers

Last-Modified
Wed, 02 Dec 2020 20:56:47 GMT
ETag
"5fc7ff8f-cf34"
Server
nginx/1.13.10
Access-Control-Allow-Origin
*
Content-Type
text/html
Content-Encoding
gzip
Content-Length
17053
Cache-Control
max-age=86402
Expires
Wed, 01 Sep 2021 07:28:49 GMT
Date
Tue, 31 Aug 2021 07:28:47 GMT
Connection
keep-alive
Vary
Accept-Encoding
ixmatch.html
js-sec.indexww.com/um/ Frame 39F0 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
7eca7977c6ade416c20775a7fd7cfa2291c5752cd1225d5c4342b057c37a000c

Request headers

Host
js-sec.indexww.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://www.sanook.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer
https://www.sanook.com/

Response headers

Server
Apache
Last-Modified
Thu, 11 Feb 2021 16:12:45 GMT
ETag
"e20015-90b-5bb11ca420f07"
Accept-Ranges
bytes
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
text/html; charset=UTF-8
Vary
Accept-Encoding
Content-Encoding
gzip
Content-Length
1151
Date
Tue, 31 Aug 2021 07:28:47 GMT
Connection
keep-alive
pd
eu-u.openx.net/w/1.0/ Frame 4753 		668 B
721 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eu-u.openx.net/w/1.0/pd?plm=6&ph=37e95722-5599-4708-ac2b-c16016d6597d&gdpr=0
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/16.214.0 /
Resource Hash
cbe6cb22ca5d0631e91c106e88e42d207ffdf7d4eb64949abe9a602a9e1e11df

Request headers

:method
GET
:authority
eu-u.openx.net
:scheme
https
:path
/w/1.0/pd?plm=6&ph=37e95722-5599-4708-ac2b-c16016d6597d&gdpr=0
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.sanook.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
i=7f349465-7bbd-023a-0557-41739343c62f|1630394927
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer
https://www.sanook.com/

Response headers

vary
Accept, Accept-Encoding
set-cookie
i=7f349465-7bbd-023a-0557-41739343c62f|1630394927; Version=1; Expires=Wed, 31-Aug-2022 07:28:47 GMT; Max-Age=31536000; Secure; Domain=.openx.net; Path=/; SameSite=None pd=v2|1630394927|gekin0vNiygu; Version=1; Expires=Wed, 15-Sep-2021 07:28:47 GMT; Max-Age=1296000; Secure; Domain=.openx.net; Path=/; SameSite=None
server
OXGW/16.214.0
p3p
CP="CUR ADM OUR NOR STA NID"
date
Tue, 31 Aug 2021 07:28:47 GMT
content-type
text/html
content-length
420
content-encoding
gzip
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
usync.html
eus.rubiconproject.com/ Frame D755 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.117.200.100 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-117-200-100.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Host
eus.rubiconproject.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://www.sanook.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
rsid=1|AIfsdBUH+v3fWCPuzNowDE/csJlhKa2tkSNRUZWfPwl1qID5NW/kQ6qTCqCJieGkTxzCtT3GWjvGeUmnD2WgFA74oVwAuQdcukVzVZaRFRhKpwX7VvQxPcX9; ses57=; vis57=385176^1; khaos=KSZR1LDG-1Z-1B0F; ses15=; vis15=385176^1; audit=1|hLZGFuTafB1kArltbSECmNQ7TXX4J0ie7TI8f3IMDXf+VsFAZhaKLFnZjrHq0R7Zcpj76PKZXj/hk5WIOeCMzHFfTQMKoUsP
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer
https://www.sanook.com/

Response headers

Server
Apache/2.2.15 (CentOS)
Last-Modified
Tue, 23 Feb 2021 20:47:52 GMT
ETag
"40005-119-5bc0708346e00"
Accept-Ranges
bytes
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Tue, 31 Aug 2021 07:28:47 GMT
Connection
keep-alive
Vary
Accept-Encoding
617.json
id5-sync.com/g/v2/ 		213 B
532 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/g/v2/617.json
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/game/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.89.21.21 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
p13.id5-sync.com
Software
/
Resource Hash
ab01a79e8d87fea2b17b888407840330eb3f7e8c9b1d330f24dc36d0c1c18853
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://www.sanook.com
Date
Tue, 31 Aug 2021 07:28:46 GMT
Access-Control-Allow-Credentials
true
Vary
Origin
Transfer-Encoding
chunked
Strict-Transport-Security
max-age=63072000; includeSubDomains; preload
Content-Type
application/json;charset=UTF-8
id
id.crwdcntrl.net/ 		154 B
906 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id.crwdcntrl.net/id
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/game/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.209.129.133 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-209-129-133.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
19b04e0c61404ccd5b79be211d2724e2e2c0a331bcf8fc2ca1a5fd035020a1eb

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 31 Aug 2021 07:28:47 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
https://www.sanook.com
cache-control
no-cache
x-server
10.45.12.238
access-control-allow-credentials
true
content-type
application/json;charset=utf-8
content-length
154
expires
0
rid
match.adsrvr.org/track/ 		109 B
542 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/rid?ttd_pid=pubmatic&fmt=json
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/game/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.248.242.197 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a97adde81b00f2ca4.awsglobalaccelerator.com
Software
/
Resource Hash
9c6e5ce950b94fc4b2672a86abf5596102048148a4643d85b496f2edfe5f2b9b

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 31 Aug 2021 07:28:47 GMT
x-aspnet-version
4.0.30319
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.sanook.com
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length
109
expires
Thu, 30 Sep 2021 07:28:47 GMT
PugMaster
image6.pubmatic.com/AdServer/ Frame 013B 		4 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=9089514&p=155976&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.115 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
4fd1cddb2cfd5aac7b96e4e4ff67c4e8d69be9ead06c2baf985ec6c01f8b20de

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 31 Aug 2021 07:28:46 GMT
content-type
text/html; charset=UTF-8
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
pubads_impl_2021082301.js
securepubads.g.doubleclick.net/gpt/ Frame E576 		331 KB
116 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021082301.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
sffe /
Resource Hash
8d37f23647537d48ee4f0c05b8acdf093cb828fe3c5703653aedfdd5f88cde2d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 31 Aug 2021 07:28:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 23 Aug 2021 08:38:25 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, immutable, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
118555
x-xss-protection
0
expires
Tue, 31 Aug 2021 07:28:47 GMT
match
c1.adform.net/serving/cookie/ Frame 1DC0
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&cid=20EBCD15-507E-41D5-AACE-CCB0D489747B
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=20EBCD15-507E-41D5-AACE-CCB0D489747B
35 B
467 B 		Document
General
Check archive.org
Download Go to
Full URL
https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=20EBCD15-507E-41D5-AACE-CCB0D489747B
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.4.39 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

:method
GET
:authority
c1.adform.net
:scheme
https
:path
/serving/cookie/match?CC=1&party=14&cid=20EBCD15-507E-41D5-AACE-CCB0D489747B
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
C=1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Tue, 31 Aug 2021 07:28:47 GMT
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate, no-transform
pragma
no-cache
expires
-1
set-cookie
uid=1228675886115935960; expires=Sat, 30 Oct 2021 07:28:47 GMT; domain=adform.net; path=/; secure; samesite=none
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
strict-transport-security
max-age=31536000; includeSubDomains

Redirect headers

server
nginx
date
Tue, 31 Aug 2021 07:28:47 GMT
content-length
0
location
https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=20EBCD15-507E-41D5-AACE-CCB0D489747B
cache-control
no-cache, no-store, must-revalidate, no-transform
pragma
no-cache
expires
-1
set-cookie
C=1; expires=Thu, 30 Sep 2021 07:28:47 GMT; domain=adform.net; path=/; secure; samesite=none
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
strict-transport-security
max-age=31536000; includeSubDomains
Pug
image2.pubmatic.com/AdServer/ Frame 9BBB
Redirect Chain
  • https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
  • https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=687683238581355749
42 B
521 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=687683238581355749
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

:method
GET
:authority
image2.pubmatic.com
:scheme
https
:path
/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=687683238581355749
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
KADUSERCOOKIE=20EBCD15-507E-41D5-AACE-CCB0D489747B; chkChromeAb67Sec=1; DPSync3=1631577600%3A201_197_219%7C1630454400%3A174; SyncRTB3=1631664000%3A35%7C1630972800%3A223_2_15%7C1631232000%3A63%7C1632960000%3A203%7C1631577600%3A22_166_161_55_13_56_3_71_21_7_54_8_81_220
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Tue, 31 Aug 2021 07:28:48 GMT
content-type
image/gif; charset=utf-8
content-length
42
set-cookie
KRTBCOOKIE_336=5844-687683238581355749; domain=pubmatic.com; SameSite=None; secure; expires=Thu, 30-Sep-2021 07:28:48 GMT; path=/ PugT=1630394928; domain=pubmatic.com; SameSite=None; secure; expires=Thu, 30-Sep-2021 07:28:48 GMT; path=/ PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Mon, 29-Nov-2021 07:28:48 GMT; path=/
x-lat
lhrpug008:0:466
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=687683238581355749
content-length
0
p3p
CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV
usersync.aspx
dis.criteo.com/dis/ Frame 53B1 		43 B
360 B 		Document
General
Check archive.org
Download Go to
Full URL
https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.151 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

:method
GET
:authority
dis.criteo.com
:scheme
https
:path
/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

cache-control
no-cache
pragma
no-cache
content-type
image/gif
expires
Tue, 31 Aug 2021 00:00:00 GMT
server
Microsoft-IIS/10.0
x-errorlevel
0
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
1143
x-powered-by
ASP.NET
date
Tue, 31 Aug 2021 07:28:47 GMT
content-length
43
Pug
simage2.pubmatic.com/AdServer/ Frame F809
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?ssp=9
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=7002492891084617876
42 B
521 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=7002492891084617876
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

:method
GET
:authority
simage2.pubmatic.com
:scheme
https
:path
/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=7002492891084617876
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
KADUSERCOOKIE=20EBCD15-507E-41D5-AACE-CCB0D489747B; chkChromeAb67Sec=1; DPSync3=1631577600%3A201_197_219%7C1630454400%3A174; SyncRTB3=1631664000%3A35%7C1630972800%3A223_2_15%7C1631232000%3A63%7C1632960000%3A203%7C1631577600%3A22_166_161_55_13_56_3_71_21_7_54_8_81_220
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Tue, 31 Aug 2021 07:28:47 GMT
content-type
image/gif; charset=utf-8
content-length
42
set-cookie
KRTBCOOKIE_1101=23040-7002492891084617876; domain=pubmatic.com; SameSite=None; secure; expires=Thu, 30-Sep-2021 07:28:47 GMT; path=/ PugT=1630394927; domain=pubmatic.com; SameSite=None; secure; expires=Thu, 30-Sep-2021 07:28:47 GMT; path=/ PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Mon, 29-Nov-2021 07:28:47 GMT; path=/
x-lat
amspug014:0:289
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

Server
nginx
Date
Tue, 31 Aug 2021 07:28:47 GMT
Transfer-Encoding
chunked
Connection
keep-alive
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
Set-Cookie
UserID1=7002492891084617876; Max-Age=7776000; domain=.adfarm1.adition.com; Path=/; SameSite=None; Secure
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=7002492891084617876
Pug
image2.pubmatic.com/AdServer/ Frame 58D0
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=
  • https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=?_bee_ppp=1
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFEeThFN0NXN1FBQUJ1alk3c21QUQ&bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sy...
  • https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
  • https://bh.contextweb.com/bh/rtset?do=add&pid=558502&ev=AADy8E7CW7QAABujY7smPQ&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dsas%252Cpm%26bee_sync_current_partner%3Dpp%2...
  • https://match.prod.bidr.io/cookie-sync?bee_sync_partners=sas%2Cpm&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=2&ev=AADy8E7CW7QAABujY7smPQ&pid=558502&do=add
  • https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AADy8E7CW7QAABujY7smPQ&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dpm%26bee_sync_current_part...
  • https://match.prod.bidr.io/cookie-sync?bee_sync_partners=pm&bee_sync_current_partner=sas&bee_sync_initiator=adx&bee_sync_hop_count=3&userid=19684702925209638
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AADy8E7CW7QAABujY7smPQ
42 B
215 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AADy8E7CW7QAABujY7smPQ
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

:method
GET
:authority
image2.pubmatic.com
:scheme
https
:path
/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AADy8E7CW7QAABujY7smPQ
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
KADUSERCOOKIE=20EBCD15-507E-41D5-AACE-CCB0D489747B; chkChromeAb67Sec=1; DPSync3=1631577600%3A201_197_219%7C1630454400%3A174; SyncRTB3=1631664000%3A35%7C1630972800%3A223_2_15%7C1631232000%3A63%7C1632960000%3A203%7C1631577600%3A22_166_161_55_13_56_3_71_21_7_54_8_81_220; KRTBCOOKIE_1101=23040-7002492891084617876; PUBMDCID=3; KRTBCOOKIE_27=16735-uid:be5b612d-da2f-4a00-9a83-1350165ce452&KRTB&16736-uid:be5b612d-da2f-4a00-9a83-1350165ce452&KRTB&23019-uid:be5b612d-da2f-4a00-9a83-1350165ce452&KRTB&23114-uid:be5b612d-da2f-4a00-9a83-1350165ce452; KRTBCOOKIE_377=6810-4e034d5d-e3da-43f9-b3d1-b45a151413b0&KRTB&22918-4e034d5d-e3da-43f9-b3d1-b45a151413b0&KRTB&23031-4e034d5d-e3da-43f9-b3d1-b45a151413b0; KRTBCOOKIE_391=22924-1228675886115935960&KRTB&23263-1228675886115935960; KRTBCOOKIE_336=5844-687683238581355749; KRTBCOOKIE_80=22987-CAESEMvgYxzwJSJfxFEORWHnZO4&KRTB&16514-CAESEMvgYxzwJSJfxFEORWHnZO4&KRTB&23025-CAESEMvgYxzwJSJfxFEORWHnZO4; KRTBCOOKIE_153=19420-fHwqsi4sKrBnKS_ue38153opIONnKX3vLHS12tiZ&KRTB&22979-fHwqsi4sKrBnKS_ue38153opIONnKX3vLHS12tiZ; KRTBCOOKIE_57=22776-3733736052381167460; KRTBCOOKIE_22=14911-2700383727650159174; SPugT=1630394927; KRTBCOOKIE_218=22978-YS3aMAAEUE2w1gA4&KRTB&23194-YS3aMAAEUE2w1gA4&KRTB&23209-YS3aMAAEUE2w1gA4&KRTB&23244-YS3aMAAEUE2w1gA4; KRTBCOOKIE_188=3189-af0d14b0-cbc6-4f0e-b49b-4b995b63e42e-612dda31-4348; PugT=1630394929
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Tue, 31 Aug 2021 07:28:49 GMT
content-type
image/gif; charset=utf-8
content-length
42
set-cookie
KRTBCOOKIE_699=22727-AADy8E7CW7QAABujY7smPQ; domain=pubmatic.com; SameSite=None; secure; expires=Thu, 30-Sep-2021 07:28:49 GMT; path=/ PugT=1630394929; domain=pubmatic.com; SameSite=None; secure; expires=Thu, 30-Sep-2021 07:28:49 GMT; path=/ PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Mon, 29-Nov-2021 07:28:49 GMT; path=/
x-lat
lhrpug020:0:372
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

Date
Tue, 31 Aug 2021 07:28:49 GMT
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AADy8E7CW7QAABujY7smPQ
Server
nginx
strict-transport-security
max-age=2592000; includeSubDomains
Content-Length
0
Connection
keep-alive
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 013B
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=IOvNFVB-QdWqzsyw1Il0ew%3D%3D
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 31 Aug 2021 07:28:47 GMT
content-encoding
gzip
last-modified
Tue, 15 Jun 2021 06:08:03 GMT
server
Apache/2.2.15 (CentOS)
etag
"1300708-3945-5c4c7cc02bd56"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=86466
accept-ranges
bytes
content-type
text/html; charset=UTF-8
content-length
5054
expires
Wed, 01 Sep 2021 07:29:53 GMT

Redirect headers

pragma
no-cache
date
Tue, 31 Aug 2021 07:28:47 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
272
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
SPug
image4.pubmatic.com/AdServer/ Frame 013B
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=2142612d-da2f-4500-8f22-3f47f3ddea92
0
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=2142612d-da2f-4500-8f22-3f47f3ddea92
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.114 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 31 Aug 2021 07:28:48 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date
Tue, 31 Aug 2021 07:28:47 GMT
Server
MT3 3865 cc0e612 master zrh-pixel-x2
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=2142612d-da2f-4500-8f22-3f47f3ddea92
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Tue, 31 Aug 2021 07:28:46 GMT
mw
mwzeom.zeotap.com/ Frame 013B
Redirect Chain
  • https://pixel.onaudience.com/?partner=214&mapped=20EBCD15-507E-41D5-AACE-CCB0D489747B
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1
  • https://pixel.onaudience.com/?partner=147&mapped=4e034d5d-e3da-43f9-b3d1-b45a151413b0&icm
  • https://sync.crwdcntrl.net/map/c=8587/tp=CLOD?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D
  • https://pixel.onaudience.com/?partner=104&icm&cver&mapped=5570c5bd618c535b2baae1f834857089
  • https://spl.zeotap.com/?zdid=1332&zcluid=370b8aba22af6b98
  • https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=c32d13be-9e05-406d-4701-a08c813d0270&reqId=e714b161-47a0-46ee-5bcd-f4043b0abd47&zclui...
  • https://mwzeom.zeotap.com/mw?google_gid=CAESEJKntKPuIaS52_62ZcHnVKQ&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=c32d13be-9e05-406d-4701-a08c813d0270&reqId=e714b161-47a0-46ee-5bcd-f40...
95 B
164 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?google_gid=CAESEJKntKPuIaS52_62ZcHnVKQ&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=c32d13be-9e05-406d-4701-a08c813d0270&reqId=e714b161-47a0-46ee-5bcd-f4043b0abd47&zcluid=370b8aba22af6b98&zdid=1332
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 31 Aug 2021 07:28:48 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://ads.pubmatic.com
access-control-allow-credentials
true
cf-ray
68748b5098f9dfa5-FRA
access-control-allow-headers
*
content-length
95

Redirect headers

pragma
no-cache
date
Tue, 31 Aug 2021 07:28:48 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://mwzeom.zeotap.com/mw?google_gid=CAESEJKntKPuIaS52_62ZcHnVKQ&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=c32d13be-9e05-406d-4701-a08c813d0270&reqId=e714b161-47a0-46ee-5bcd-f4043b0abd47&zcluid=370b8aba22af6b98&zdid=1332
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
469
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame 013B
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=MjBFQkNEMTUtNTA3RS00MUQ1LUFBQ0UtQ0NCMEQ0ODk3NDdC&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
42 B
110 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 31 Aug 2021 07:28:48 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug006:0:629
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Tue, 31 Aug 2021 07:28:47 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame 013B
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEMvgYxzwJSJfxFEORWHnZO4&google_cver=1
42 B
286 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEMvgYxzwJSJfxFEORWHnZO4&google_cver=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 31 Aug 2021 07:28:48 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug007:0:610
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Tue, 31 Aug 2021 07:28:47 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEMvgYxzwJSJfxFEORWHnZO4&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
379
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubmatic
um.simpli.fi/ Frame 013B 		43 B
609 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
159.253.128.188 Amsterdam, Netherlands, ASN36351 (SOFTLAYER, US),
Reverse DNS
bc.80.fd9f.ip4.static.sl-reverse.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 31 Aug 2021 07:28:47 GMT
x-content-type-options
nosniff
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
43
expires
Mon, 30 Aug 2021 07:28:47 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 013B
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=1228675886115935960
42 B
234 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=1228675886115935960
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 31 Aug 2021 07:28:47 GMT
cache-control
no-store, no-cache, private
x-lat
amspug007:0:382
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Tue, 31 Aug 2021 07:28:48 GMT
server
nginx
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=1228675886115935960
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
Pug
simage2.pubmatic.com/AdServer/ Frame 013B
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA%3D%3D%26piggybackCookie%3...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:be5b612d-da2f-4a00-9a83-1350165ce452&gdpr=0&gdpr_consent=
42 B
339 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:be5b612d-da2f-4a00-9a83-1350165ce452&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 31 Aug 2021 07:28:47 GMT
cache-control
no-store, no-cache, private
x-lat
amspug001:0:436
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date
Tue, 31 Aug 2021 07:28:47 GMT
Server
MT3 3865 cc0e612 master zrh-pixel-x1
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:be5b612d-da2f-4a00-9a83-1350165ce452&gdpr=0&gdpr_consent=
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Tue, 31 Aug 2021 07:28:46 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 013B
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=4e034d5d-e3da-43f9-b3d1-b45a151413b0
42 B
294 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=4e034d5d-e3da-43f9-b3d1-b45a151413b0
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 31 Aug 2021 07:28:47 GMT
cache-control
no-store, no-cache, private
x-lat
amspug019:0:427
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Tue, 31 Aug 2021 07:28:48 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=4e034d5d-e3da-43f9-b3d1-b45a151413b0
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
313
Pug
image2.pubmatic.com/AdServer/ Frame 013B
Redirect Chain
  • https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA%3D%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=3733736052381167460&gdpr=0&gdpr_consent=
42 B
210 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=3733736052381167460&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 31 Aug 2021 07:28:48 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug015:0:550
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Pragma
no-cache
Date
Tue, 31 Aug 2021 07:28:48 GMT
X-Proxy-Origin
91.132.136.86; 91.132.136.86; 400.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
7b4b734d-7955-4c59-a40f-e93612cc311f
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=3733736052381167460&gdpr=0&gdpr_consent=
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
SPug
image4.pubmatic.com/AdServer/ Frame 013B
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=20EBCD15-507E-41D5-AACE-CCB0D489747B&redir=true&gdpr=0&gdpr_consent=
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=20EBCD15-507E-41D5-AACE-CCB0D489747B&redir=true&gdpr=0&gdpr_consent=&verify=true
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-XoBpUjZE2uVikupbMaxhfN7Pk_.w2Qk-~A&gdpr=0&gdpr_consent=
0
128 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-XoBpUjZE2uVikupbMaxhfN7Pk_.w2Qk-~A&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.114 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 31 Aug 2021 07:28:47 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date
Tue, 31 Aug 2021 07:28:48 GMT
Server
ATS/7.1.2.138
Age
0
Strict-Transport-Security
max-age=31536000
P3P
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-XoBpUjZE2uVikupbMaxhfN7Pk_.w2Qk-~A&gdpr=0&gdpr_consent=
Connection
keep-alive
Content-Length
0
20EBCD15-507E-41D5-AACE-CCB0D489747B
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame 013B 		43 B
924 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/pubmatic/20EBCD15-507E-41D5-AACE-CCB0D489747B?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1288:110:c305::8000 Dublin, Ireland, ASN34010 (YAHOO-IRD, GB),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 31 Aug 2021 07:28:48 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
content-type
image/gif
x-xss-protection
1; mode=block
content-length
43
x-content-type-options
nosniff
expires
Thu, 01 Jan 1970 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame 013B
Redirect Chain
  • https://pixel.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=fHwqsi4sKrBnKS_ue38153opIONnKX3vLHS12tiZ
42 B
270 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=fHwqsi4sKrBnKS_ue38153opIONnKX3vLHS12tiZ
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 31 Aug 2021 07:28:48 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug011:0:696
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Tue, 31 Aug 2021 07:28:48 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=fHwqsi4sKrBnKS_ue38153opIONnKX3vLHS12tiZ
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 013B
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
  • https://x.bidswitch.net/ul_cb/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
  • https://ads.avct.cloud/getuid?url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dpubmatic
  • https://ads.avct.cloud/getuid?bounce=true&url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dpubmatic
  • https://x.bidswitch.net/sync?dsp_id=59&user_id=4eb6fe09-2b78-41c7-be36-2cf03f87e0af&ssp=pubmatic
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=1bf93b4b-bb72-411d-a72c-2d428395ae7c&gdpr=&gdpr_consent=&gdpr_pd=
1 B
181 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=1bf93b4b-bb72-411d-a72c-2d428395ae7c&gdpr=&gdpr_consent=&gdpr_pd=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 31 Aug 2021 07:28:47 GMT
cache-control
no-store, no-cache, private
x-lat
amspug016:0:592
server
nginx
content-type
text/html; charset=utf-8
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
//simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=1bf93b4b-bb72-411d-a72c-2d428395ae7c&gdpr=&gdpr_consent=&gdpr_pd=
date
Tue, 31 Aug 2021 07:28:49 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
Pug
simage2.pubmatic.com/AdServer/ Frame 013B
Redirect Chain
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=2700383727650159174&gdpr=0&gdpr_consent=&us_privacy=
1 B
342 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=2700383727650159174&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 31 Aug 2021 07:28:46 GMT
cache-control
no-store, no-cache, private
x-lat
amspug003:0:427
server
nginx
content-type
text/html; charset=utf-8
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=2700383727650159174&gdpr=0&gdpr_consent=&us_privacy=
pragma
no-cache
date
Tue, 31 Aug 2021 07:28:47 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
Pug
simage2.pubmatic.com/AdServer/ Frame 013B
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%...
  • https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YS3aMAAEUE2w1gA4&gdpr=0&gdpr_consent=&_test=YS3aMAAEUE2w1gA4
1 B
314 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YS3aMAAEUE2w1gA4&gdpr=0&gdpr_consent=&_test=YS3aMAAEUE2w1gA4
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 31 Aug 2021 07:28:47 GMT
cache-control
no-store, no-cache, private
x-lat
amspug014:0:409
server
nginx
content-type
text/html; charset=utf-8
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Tue, 31 Aug 2021 07:28:48 GMT
via
1.1 varnish
server
Varnish
x-timer
S1630394929.575963,VS0,VE0
x-served-by
cache-fra19120-FRA
x-cache
HIT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YS3aMAAEUE2w1gA4&gdpr=0&gdpr_consent=&_test=YS3aMAAEUE2w1gA4
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
current
pubmatic-match.dotomi.com/match/bounce/ Frame 013B 		0
104 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=20EBCD15-507E-41D5-AACE-CCB0D489747B&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:fa8:8806:13::1370 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 31 Aug 2021 07:28:48 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
expires
0
Pug
image2.pubmatic.com/AdServer/ Frame 013B
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent=
  • https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=3&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=af0d14b0-cbc6-4f0e-b49b-4b995b63e42e-612dda31-4348&gdpr=0&gdpr_consent=
42 B
388 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=af0d14b0-cbc6-4f0e-b49b-4b995b63e42e-612dda31-4348&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 31 Aug 2021 07:28:49 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug010:0:436
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Tue, 31 Aug 2021 07:28:48 GMT
server
AC1.1
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=af0d14b0-cbc6-4f0e-b49b-4b995b63e42e-612dda31-4348&gdpr=0&gdpr_consent=
cache-control
max-age=0,no-cache,no-store
content-length
0
expires
Tue, 11 Oct 1977 12:34:56 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 013B
Redirect Chain
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:f6342970-e2c2-4f0c-aadd-00ef5702df1d&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
42 B
110 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:f6342970-e2c2-4f0c-aadd-00ef5702df1d&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 31 Aug 2021 07:28:47 GMT
cache-control
no-store, no-cache, private
x-lat
amspug020:0:399
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Location
https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:f6342970-e2c2-4f0c-aadd-00ef5702df1d&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Date
Tue, 31 Aug 2021 07:28:49 GMT
Server
Apache/2.4.41 (Ubuntu)
Connection
Keep-Alive
Keep-Alive
timeout=5, max=3000
Content-Length
0
P3P
policyref="/w3c/p3p.xml", CP="DSP NON LAW OUR CUR DEVo PSAo PSDo IND STA NAV COM INT"
sd
eu-u.openx.net/w/1.0/ Frame 5FAD
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D
  • https://eu-u.openx.net/w/1.0/sd?id=536872786&val=49c6612d-da2f-4200-9f7f-73a79d51deb1
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eu-u.openx.net/w/1.0/sd?id=536872786&val=49c6612d-da2f-4200-9f7f-73a79d51deb1
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=37e95722-5599-4708-ac2b-c16016d6597d&gdpr=0
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/16.214.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 31 Aug 2021 07:28:48 GMT
via
1.1 google
server
OXGW/16.214.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Date
Tue, 31 Aug 2021 07:28:47 GMT
Server
MT3 3865 cc0e612 master zrh-pixel-x26
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://eu-u.openx.net/w/1.0/sd?id=536872786&val=49c6612d-da2f-4200-9f7f-73a79d51deb1
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Tue, 31 Aug 2021 07:28:46 GMT
sd
us-u.openx.net/w/1.0/ Frame 5FAD
Redirect Chain
  • https://pixel.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=0
  • https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=ZHoJMjYqCTB_LwxuY3kWZ2IvA2N_L15vNHL6juZ-
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=ZHoJMjYqCTB_LwxuY3kWZ2IvA2N_L15vNHL6juZ-
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=37e95722-5599-4708-ac2b-c16016d6597d&gdpr=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/16.214.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 31 Aug 2021 07:28:47 GMT
via
1.1 google
server
OXGW/16.214.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 31 Aug 2021 07:28:47 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=ZHoJMjYqCTB_LwxuY3kWZ2IvA2N_L15vNHL6juZ-
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
sd
eu-u.openx.net/w/1.0/ Frame 5FAD
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=22
  • https://c1.adform.net/serving/cookie/match?CC=1&party=22
  • https://eu-u.openx.net/w/1.0/sd?id=537113484&val=1228675886115935960
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=1228675886115935960
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=37e95722-5599-4708-ac2b-c16016d6597d&gdpr=0
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/16.214.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 31 Aug 2021 07:28:48 GMT
via
1.1 google
server
OXGW/16.214.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 31 Aug 2021 07:28:48 GMT
server
nginx
location
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=1228675886115935960
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
openx
match.adsrvr.org/track/cmf/ Frame 5FAD 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/openx?oxid=ac98ab3c-d23a-3dcd-5f81-899bf764f5d2&gdpr=0
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=37e95722-5599-4708-ac2b-c16016d6597d&gdpr=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.248.242.197 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a97adde81b00f2ca4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 31 Aug 2021 07:28:47 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pixel
cm.g.doubleclick.net/ Frame 5FAD 		170 B
243 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=ODBmNzc4ZjYtMWI0ZC02MzY5LTRhNjEtZDMyMjNkODYzYmIy
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=37e95722-5599-4708-ac2b-c16016d6597d&gdpr=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s46-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 31 Aug 2021 07:28:47 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 5FAD
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESECFQ5Z6gZz-2tB7g36BDi6I&google_cver=1
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESECFQ5Z6gZz-2tB7g36BDi6I&google_cver=1
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=37e95722-5599-4708-ac2b-c16016d6597d&gdpr=0
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/16.214.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 31 Aug 2021 07:28:48 GMT
via
1.1 google
server
OXGW/16.214.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 31 Aug 2021 07:28:47 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESECFQ5Z6gZz-2tB7g36BDi6I&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
eu-u.openx.net/w/1.0/ Frame 4753
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D
  • https://eu-u.openx.net/w/1.0/sd?id=536872786&val=8745612d-da2f-4e00-92e9-6bcc64853ed0
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eu-u.openx.net/w/1.0/sd?id=536872786&val=8745612d-da2f-4e00-92e9-6bcc64853ed0
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=37e95722-5599-4708-ac2b-c16016d6597d&gdpr=0
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/16.214.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 31 Aug 2021 07:28:48 GMT
via
1.1 google
server
OXGW/16.214.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Date
Tue, 31 Aug 2021 07:28:47 GMT
Server
MT3 3865 cc0e612 master zrh-pixel-x27
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://eu-u.openx.net/w/1.0/sd?id=536872786&val=8745612d-da2f-4e00-92e9-6bcc64853ed0
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Tue, 31 Aug 2021 07:28:46 GMT
sd
us-u.openx.net/w/1.0/ Frame 4753
Redirect Chain
  • https://pixel.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=0
  • https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=_xM5rq1DOazkRjz8qkAmrK0RbvnkGzioqkD8MGFG
43 B
122 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=_xM5rq1DOazkRjz8qkAmrK0RbvnkGzioqkD8MGFG
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=37e95722-5599-4708-ac2b-c16016d6597d&gdpr=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/16.214.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 31 Aug 2021 07:28:47 GMT
via
1.1 google
server
OXGW/16.214.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 31 Aug 2021 07:28:47 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=_xM5rq1DOazkRjz8qkAmrK0RbvnkGzioqkD8MGFG
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
sd
eu-u.openx.net/w/1.0/ Frame 4753
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=22
  • https://c1.adform.net/serving/cookie/match?CC=1&party=22
  • https://eu-u.openx.net/w/1.0/sd?id=537113484&val=1228675886115935960
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=1228675886115935960
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=37e95722-5599-4708-ac2b-c16016d6597d&gdpr=0
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/16.214.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 31 Aug 2021 07:28:48 GMT
via
1.1 google
server
OXGW/16.214.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 31 Aug 2021 07:28:48 GMT
server
nginx
location
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=1228675886115935960
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
openx
match.adsrvr.org/track/cmf/ Frame 4753 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/openx?oxid=ac98ab3c-d23a-3dcd-5f81-899bf764f5d2&gdpr=0
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=37e95722-5599-4708-ac2b-c16016d6597d&gdpr=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.248.242.197 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a97adde81b00f2ca4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 31 Aug 2021 07:28:47 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pixel
cm.g.doubleclick.net/ Frame 4753 		170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=ODBmNzc4ZjYtMWI0ZC02MzY5LTRhNjEtZDMyMjNkODYzYmIy
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=37e95722-5599-4708-ac2b-c16016d6597d&gdpr=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s46-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 31 Aug 2021 07:28:47 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 4753
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESECFQ5Z6gZz-2tB7g36BDi6I&google_cver=1
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESECFQ5Z6gZz-2tB7g36BDi6I&google_cver=1
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=37e95722-5599-4708-ac2b-c16016d6597d&gdpr=0
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/16.214.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 31 Aug 2021 07:28:48 GMT
via
1.1 google
server
OXGW/16.214.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 31 Aug 2021 07:28:47 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESECFQ5Z6gZz-2tB7g36BDi6I&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
usync.js
eus.rubiconproject.com/ Frame D755 		31 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.117.200.100 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-117-200-100.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
20ed784d70e42f819e8c8cf2ccc365fc61d3b84a69e3053552990c7a73a10186

Request headers

Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Tue, 31 Aug 2021 07:28:47 GMT
Content-Encoding
gzip
Last-Modified
Tue, 24 Aug 2021 22:28:41 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=29311
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9354
Expires
Tue, 31 Aug 2021 15:37:18 GMT
bounce
ib.adnxs.com/ Frame AEFA
Redirect Chain
  • https://ib.adnxs.com/async_usersync?cbfn=queuePixels
  • https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
0
803 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.223.38 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
400.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 31 Aug 2021 07:28:48 GMT
X-Proxy-Origin
91.132.136.86; 91.132.136.86; 400.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
ff471fd4-ca5b-4f09-a9db-8379b6b3e688
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Tue, 31 Aug 2021 07:28:48 GMT
X-Proxy-Origin
91.132.136.86; 91.132.136.86; 400.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
c22a16af-1739-4dcc-9875-ee1efef13699
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
Cookie set usermatch
ssum-sec.casalemedia.com/ Frame 4AB7 		2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?d=https://www.sanook.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
a3f9b3a1b31270c659141afad3d7971d4044c5fb5b7a122cd8d36f38729a60b3

Request headers

Host
ssum-sec.casalemedia.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://js-sec.indexww.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
CMDD=AAjC5AE*; CMST=YS3aL2Et2i8B; CMID=YS3aL-to.p60hZwz5hQ3kAAA
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer
https://js-sec.indexww.com/

Response headers

Server
Apache
Content-Type
text/html
Dropped-Udsids
230|39|45|241|31|3|190|206
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary
Is-Traffic-Usersync
Content-Length
1802
Expires
Tue, 31 Aug 2021 07:28:47 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Tue, 31 Aug 2021 07:28:47 GMT
Connection
keep-alive
Set-Cookie
CMID=YS3aL-to.p60hZwz5hQ3kAAA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Wed, 31 Aug 2022 07:28:47 GMT CMPS=5207;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Mon, 29 Nov 2021 07:28:47 GMT CMPRO=1125;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Mon, 29 Nov 2021 07:28:47 GMT CMRUM3=be612dda2f05a0&2d612dda2f05a0&1f612dda2f05a00&f1612dda2f05a0&e6612dda2f2760&ce612dda2f05a0&03612dda2f05a0&27612dda2f0b40;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Wed, 31 Aug 2022 07:28:47 GMT CMDD=AAjC5AE*;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Wed, 01 Sep 2021 07:28:47 GMT
async_usersync
ib.adnxs.com/ Frame 8550 		0
731 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.223.38 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
400.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 31 Aug 2021 07:28:48 GMT
X-Proxy-Origin
91.132.136.86; 91.132.136.86; 400.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
6f033544-c562-49ee-9f84-031c6924f9cd
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
Cookie set usermatch
ssum-sec.casalemedia.com/ Frame 4FBD 		1 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?d=https://www.sanook.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
0a0b2d30cbad3f67df5133ebd2da1e1b22894626f1ed0a520a9fce8f1201ea38

Request headers

Host
ssum-sec.casalemedia.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://js-sec.indexww.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
CMDD=AAjC5AE*; CMST=YS3aL2Et2i8B; CMID=YS3aL-to.p60hZwz5hQ3kAAA; CMPS=5207; CMPRO=1125; CMRUM3=be612dda2f05a0&2d612dda2f05a0&1f612dda2f05a00&f1612dda2f05a0&e6612dda2f2760&ce612dda2f05a0&03612dda2f05a0&27612dda2f0b40
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer
https://js-sec.indexww.com/

Response headers

Server
Apache
Content-Type
text/html
Dropped-Udsids
46|73|130|4|47|196|5|51
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary
Is-Traffic-Usersync
Content-Length
1319
Expires
Tue, 31 Aug 2021 07:28:47 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Tue, 31 Aug 2021 07:28:47 GMT
Connection
keep-alive
Set-Cookie
CMID=YS3aL-to.p60hZwz5hQ3kAAA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Wed, 31 Aug 2022 07:28:47 GMT CMPS=5207;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Mon, 29 Nov 2021 07:28:47 GMT CMPRO=1125;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Mon, 29 Nov 2021 07:28:47 GMT CMDD=AAjC5AE*;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Wed, 01 Sep 2021 07:28:47 GMT CMRUM3=2f612dda2f05a0&c4612dda2f05a0&49612dda2f05a0&04612dda2f05a0&f1612dda2f05a0&82612dda2fa8c0&e6612dda2f2760&be612dda2f05a0&33612dda2f05a0&2e612dda2f05a0&27612dda2f0b40&03612dda2f05a0&ce612dda2f05a0&1f612dda2f05a00&2d612dda2f05a0&05612dda2f05a0;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Wed, 31 Aug 2022 07:28:47 GMT
container.html
b4e02b29aa7af6553704a9949471b1cb.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 594E 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://b4e02b29aa7af6553704a9949471b1cb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021082301.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
b4e02b29aa7af6553704a9949471b1cb.safeframe.googlesyndication.com
:scheme
https
:path
/safeframe/1-0-38/html/container.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.sanook.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer
https://www.sanook.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
3108
date
Tue, 31 Aug 2021 07:28:47 GMT
expires
Wed, 31 Aug 2022 07:28:47 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, immutable, max-age=31536000
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
view
securepubads.g.doubleclick.net/pcs/ Frame 313E 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjste98cCpDCSt-bBtYvSksWvIXaYEl8_Yx3Ji2al8twATLaJmQoI6Sk4BoAAIULdHzyyjJQrEBV1_9CetiMQGlHULtuyhE2lM6b8w3aJJ309higJJZV2uCdwpgXKNir6DLs_sQMqAJcd-SOEe5Zdo-xiDFq1cvv5anVTAAMfFyqC4CKPoDLHeoA28jadtHF4cAc9ugxtsholS_9MwCBquyKBVJH3EGxz1iNFCr-754OsBC5g-PPblFIthVy0hwO-UfXfAdyotkcfu1AYWT7D4Q_J4SimjUYsEGH8rKn63Ooovk7F6qabwUkUkWaZSAIB9ZNRmXn15AMN5QzCqtJTCA&sig=Cg0ArKJSzO7knFwSXt7jEAE&adurl=
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/game/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 31 Aug 2021 07:28:48 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210826/r20110914/ Frame 313E 		18 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210826/r20110914/abg_lite_fy2019.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021082301.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
47b2e4e5ae504cbefc5c71d8bab25c4571c65321f1009411150b689dcc2901f5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 31 Aug 2021 07:25:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
205
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7645
x-xss-protection
0
server
cafe
etag
13200147268341533873
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 14 Sep 2021 07:25:23 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210826/r20110914/client/ Frame 313E 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210826/r20110914/client/window_focus_fy2019.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021082301.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 31 Aug 2021 07:05:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1390
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1339
x-xss-protection
0
server
cafe
etag
2275704724217174249
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 14 Sep 2021 07:05:38 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 313E 		122 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021082301.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bc737a01a72ef54ff0decd38e4ada36dad376930b764cabfad012682cdc262ae
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 31 Aug 2021 07:28:48 GMT
content-encoding
gzip
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server
sffe
etag
"1630322985459792"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
x-content-type-options
nosniff
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37796
x-xss-protection
0
expires
Tue, 31 Aug 2021 07:28:48 GMT
l
www.google.com/ads/measurement/ Frame 313E 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaS9KHvE0dT9nSVZk5_X3-alnM8d5pwyKhOKyBN30ovZeOpbclebB4whRgl99eLlqDwNjGrbgU2lJWTDz9Ri5a4bmVnXlw
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021082301.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers
o_1e4qbdn7s1bstpm1vdp1agt536b.jpg
img-as.fsanook.com/files/uploads/ads/dfp/20200401/ Frame 313E 		50 KB
50 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img-as.fsanook.com/files/uploads/ads/dfp/20200401/o_1e4qbdn7s1bstpm1vdp1agt536b.jpg
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021082301.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
101.33.11.88 Frankfurt am Main, Germany, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
NWS_Oversea_AP /
Resource Hash
d3df886868cef418a6ae1a933fe3342e5a15b6ec0641372da919c878e66b82bf

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 31 Aug 2021 07:28:48 GMT
x-cache-lookup
Hit From Disktank3, Hit From Inner Cluster
last-modified
Wed, 01 Apr 2020 07:48:52 GMT
server
NWS_Oversea_AP
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=2592000
x-daa-tunnel
hop_count=1
x-nws-log-uuid
06d5cb97-ef56-42ce-94c2-af9b2605be99
accept-ranges
bytes
content-length
50853
expires
Thu, 30 Sep 2021 07:28:47 GMT
integrator.js
adservice.google.ch/adsid/ Frame E576 		107 B
853 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.ch/adsid/integrator.js?domain=www.sanook.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021082301.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 31 Aug 2021 07:28:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame E576 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.sanook.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021082301.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 31 Aug 2021 07:28:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ Frame E576 		671 KB
45 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1098073186822173&correlator=3547103099798849&output=ldjh&impl=fif&eid=31061422%2C31062367%2C21068863%2C31062351%2C31062297&vrg=2021082301&ptt=17&sc=1&sfv=1-0-38&ecs=20210831&iu_parts=21863666334%2C55034_Sanook_1x1&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&cookie=ID%3D12fa8dc2a9593f16%3AT%3D1630394927%3AS%3DALNI_MZQrMnme6_-2bgdQ7UDnrElVHBUuA&cdm=www.sanook.com&bc=31&abxe=1&lmt=1630394928&dt=1630394928063&dlt=1630394927541&idt=511&ea=0&frm=23&biw=1600&bih=1200&oid=3&adxs=-12245933&adys=-12245933&adks=1033481451&ucis=j6w1vuqnx9r9&ifi=1&ifk=79163051&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&flash=0&nhd=1&url=https%3A%2F%2Fwww.sanook.com%2Fgame%2F&top=https%3A%2F%2Fwww.sanook.com%2Fgame%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=0x0&msz=0x0&ga_vid=1272340616.1630394928&ga_sid=1630394928&ga_hid=1469259060&ga_fc=false&fws=256&ohw=0&btvi=-1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021082301.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
ae7c787ef356b15422276f27e7e790dcc209a764ab7cd5657f4de705990bafb1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 31 Aug 2021 07:28:48 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
45689
x-xss-protection
0
google-lineitem-id
5546075965
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138331849821
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.sanook.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
bd32c7d69457b9a3804e3ec032720be5.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 1219 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://bd32c7d69457b9a3804e3ec032720be5.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021082301.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
bd32c7d69457b9a3804e3ec032720be5.safeframe.googlesyndication.com
:scheme
https
:path
/safeframe/1-0-38/html/container.html?n=1
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.sanook.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer
https://www.sanook.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
3108
date
Tue, 31 Aug 2021 07:28:48 GMT
expires
Wed, 31 Aug 2022 07:28:48 GMT
cache-control
public, immutable, max-age=31536000
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
usermatchredir
ssum-sec.casalemedia.com/ Frame 4AB7
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YS3aL_to-p60hZwz5hQ3kAAABGUAAAIB&gdpr_consent=&us_privacy=&gdpr=
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESECAHS8Fn3Kc2r748w-dWdCI&google_cver=1
43 B
315 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESECAHS8Fn3Kc2r748w-dWdCI&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.sanook.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 31 Aug 2021 07:28:48 GMT
Server
Apache
Vary
Is-Traffic-Usersync
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
43
Expires
Tue, 31 Aug 2021 07:28:48 GMT

Redirect headers

pragma
no-cache
date
Tue, 31 Aug 2021 07:28:48 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESECAHS8Fn3Kc2r748w-dWdCI&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
342
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
casale
match.adsrvr.org/track/cmf/ Frame 4AB7 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/casale
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.sanook.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.248.242.197 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a97adde81b00f2ca4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 31 Aug 2021 07:28:48 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
crum
dsum-sec.casalemedia.com/ Frame 4AB7
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YS3aL-to.p60hZwz5hQ3kAAA
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEKcPpMolgLzUE6sM6CNSe4g&google_cver=1&google_hm=2
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEKcPpMolgLzUE6sM6CNSe4g&google_cver=1&google_hm=2
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.sanook.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 31 Aug 2021 07:28:49 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Tue, 31 Aug 2021 07:28:49 GMT

Redirect headers

pragma
no-cache
date
Tue, 31 Aug 2021 07:28:49 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEKcPpMolgLzUE6sM6CNSe4g&google_cver=1&google_hm=2
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
330
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dcm
s.amazon-adsystem.com/ Frame 4AB7
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=YS3aL_to-p60hZwz5hQ3kAAABGUAAAIB
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=YS3aL_to-p60hZwz5hQ3kAAABGUAAAIB&dcc=t
43 B
932 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=YS3aL_to-p60hZwz5hQ3kAAABGUAAAIB&dcc=t
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.sanook.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.133.124 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 31 Aug 2021 07:28:49 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
7X8C3XNCKV3FD3BX80J2
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Tue, 31 Aug 2021 07:28:49 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
PFAEDHV3NGYBQ14E0A0K
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=YS3aL_to-p60hZwz5hQ3kAAABGUAAAIB&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
noop
px.owneriq.net/ Frame 4AB7
Redirect Chain
  • https://px.owneriq.net/eucm/p/cc?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D31%26external_user_id%3D(OIQ_UUID)
  • https://px.owneriq.net/ecc?redir=https%3a%2f%2fdsum-sec.casalemedia.com%2fcrum%3fcm_dsp_id%3d31%26external_user_id%3dQ6836813282094665405&uid=Q6836813282094665405&ref=%2Feucm%2Fp%2Fcc
  • https://px.owneriq.net/noop?ct=image%2Fgif
0
287 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.owneriq.net/noop?ct=image%2Fgif
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.sanook.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.111.242.53 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-242-53.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Tue, 31 Aug 2021 07:28:51 GMT
Server
Apache/2.2.15 (CentOS)
Connection
keep-alive
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
X-Powered-By
PHP/5.3.3
Content-Length
0
Content-Type
image/gif

Redirect headers

Location
https://px.owneriq.net/noop?ct=image%2Fgif
Date
Tue, 31 Aug 2021 07:28:51 GMT
Server
AkamaiGHost
Connection
keep-alive
Content-Length
0
crum
dsum-sec.casalemedia.com/ Frame 4AB7
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=49c6612d-da2f-4200-9f7f-73a79d51deb1
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=49c6612d-da2f-4200-9f7f-73a79d51deb1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.sanook.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 31 Aug 2021 07:28:49 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Tue, 31 Aug 2021 07:28:49 GMT

Redirect headers

Date
Tue, 31 Aug 2021 07:28:48 GMT
Server
MT3 3865 cc0e612 master zrh-pixel-x29
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=49c6612d-da2f-4200-9f7f-73a79d51deb1
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Tue, 31 Aug 2021 07:28:47 GMT
crum
dsum.casalemedia.com/ Frame 4AB7
Redirect Chain
  • https://ib.adnxs.com/getuid?https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=$UID
  • https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=3733736052381167460
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=3733736052381167460
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.sanook.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 31 Aug 2021 07:28:48 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Tue, 31 Aug 2021 07:28:48 GMT

Redirect headers

Pragma
no-cache
Date
Tue, 31 Aug 2021 07:28:48 GMT
X-Proxy-Origin
91.132.136.86; 91.132.136.86; 400.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
324883a6-c8a6-4e90-a995-17435b189251
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=3733736052381167460
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
YS3aL_to-p60hZwz5hQ3kAAABGUAAAIB
pr-bh.ybp.yahoo.com/sync/casale/ Frame 4AB7
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=YS3aL_to-p60hZwz5hQ3kAAABGUAAAIB&gdpr_consent=&us_privacy=&gdpr=
  • https://pr-bh.ybp.yahoo.com/sync/casale/YS3aL_to-p60hZwz5hQ3kAAABGUAAAIB
43 B
88 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/YS3aL_to-p60hZwz5hQ3kAAABGUAAAIB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.sanook.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1288:110:c305::8000 Dublin, Ireland, ASN34010 (YAHOO-IRD, GB),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 31 Aug 2021 07:28:48 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
content-type
image/gif
x-xss-protection
1; mode=block
content-length
43
x-content-type-options
nosniff
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Date
Tue, 31 Aug 2021 07:28:48 GMT
Server
ATS/7.1.2.138
Age
0
Strict-Transport-Security
max-age=31536000
P3P
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location
https://pr-bh.ybp.yahoo.com/sync/casale/YS3aL_to-p60hZwz5hQ3kAAABGUAAAIB
Connection
keep-alive
Content-Length
0
htw-pixel.gif
js-sec.indexww.com/ht/ Frame 4AB7 		43 B
425 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://js-sec.indexww.com/ht/htw-pixel.gif?YS3aL-to.p60hZwz5hQ3kAAA%261125
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.sanook.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Tue, 31 Aug 2021 07:28:48 GMT
Last-Modified
Tue, 24 Jan 2017 19:36:04 GMT
Server
Apache
ETag
"da1f1d-2b-546dc3a097100"
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=3337
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
image/gif
Content-Length
43
Expires
Tue, 31 Aug 2021 08:24:25 GMT
truncated
/ Frame 313E 		211 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
fa4a4a400e2bcb7e23f8e2e606efa1671d31f4de80da0c975a9ebafa0a058ad6

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type
image/png
pixel
googleads.g.doubleclick.net/xbbe/ Frame C895 		478 B
303 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CMW7lQEQ4oWWARjBg-VRMAE&v=APEucNWcjYFD1oyuGmVHHh79wOwa2r5TmTGFUZUnfwtr71atjkTJb4yNmg0pAuh5AYghf_O5ZiAWDuG53oojUNbUbOGq55YH4A
Requested by
Host: b4e02b29aa7af6553704a9949471b1cb.safeframe.googlesyndication.com
URL: https://b4e02b29aa7af6553704a9949471b1cb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0414d0221112224b4c926de91a6e316f9d9aba685aa8b05fd0654848d8fcdf55
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/xbbe/pixel?d=CMW7lQEQ4oWWARjBg-VRMAE&v=APEucNWcjYFD1oyuGmVHHh79wOwa2r5TmTGFUZUnfwtr71atjkTJb4yNmg0pAuh5AYghf_O5ZiAWDuG53oojUNbUbOGq55YH4A
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://b4e02b29aa7af6553704a9949471b1cb.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
IDE=AHWqTUklyjBR6wN0fH2KVE0iQqF1yp_fVJBL2wRjVgpiRetG3X5Lm1u3v_uRO9Fc7m0
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer
https://b4e02b29aa7af6553704a9949471b1cb.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Tue, 31 Aug 2021 07:28:48 GMT
server
cafe
cache-control
private
content-length
230
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
ad
googleads.g.doubleclick.net/dbm/ Frame 594E 		71 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Df6zD4WzKT7lFsQXaLi3FuuIN6N24gVD13ocsMCGgLwOOkuKTbx5s3bqtORUNM3znOW7N6k9J7DWd2BKf1zzSwq-LflZUN_4bEXJYTWVqhEJXT770qPtW1ktjJIX3rUT4dBHoW8wa9wqu4eFIGrUcRm0Ne8g&dbm_d=AKAmf-A2dlk6yok-T9CpRAWm51-lnQIsgx7iVo351NWjqgUq44UaXfdW30-SNvGY09CiFxQMJke53wc_pCMLiBmNekSzckfsHttJXETGY7YZ21fil4mFbo3HmcfR-XUlORathYdQ5CbObQuTDzBabzqvGSSBO4HaGcG9E_HlX2hSA-MVs6eIYzlJERbfuEY15geAAchVX2ZbeNLuYcstQ6FOpakk2BxkIdd8Ad5dRBuaJ-CtD4mQrsR5qA0CnnmJhKEg83B1bX0QNcOZgYL52VADbkDzTbviJZmXJDk30cfcRgqlvPhw8Qzchmy9urTMDrQf3zum_uWUy12lcvNzAk1bcQE65CmHSqcjxZPWTlKnKm-WaOnG5NPY9OobMFII5BCpbjocAT16tHzHG9mm_0D7hW0B2X4ebLz1ncl0VfVtp6e-8sTTJBHxqgv-Izq00XFsClvj3WVmaWJfYaVII8uNeGZPuTq3F8dKQh454GaoxT9vFwmLkAGuEikqE5a46hVC4GYGTLN6GbqKvX6j7gbg9npRnZb8dQZV4ppn8lHp0ZCRrbWLZY3dvrp8y5-zWmCm6sqcBwreKFwA3o0zMXv0zSLnV-hUu3eRqdf_bps0mBqyWk-suQR2WAljFt_pPlBa_wamQWefkVyDCNUfSDQd9aTAjV-KwxeuLEdEtQM9sCLA88C-bWdXgY2W4cUg8si2QPoQz6vJdZ7-Jn_S5old482tibjJIfHfwvbSi1qkJZx1R6XKo9aV01AsJpJhCRtg1_FTEhcd12Qf54bY8psdsoDMfjwkvWTp-jX5rmvVEcuXzKXpkqLU0VsZD4J4jFwUmtVQixV26Ir7aLnbGQz3tWHCBg47CIEuN6XtWctU9WIMluoqAsy_kw_j0gTJbd7pL40U6HMWnLj8fN0RUkjqf6fEXLF-JEIvJtEbutGlVrAM6EKd9p1aEqEMLyrPtUsNI0QoD6oaf2G9v4FivniP5S7k2EBP5h3xvnRwiBBzNHOwvBOxPEaWHFWBVd_Agzik7HdkwKR_FSUifxw5Dx-HfKcyZLCEOkvQB2zyvHBZoxwoxrE8KAd9QuejtssSV8K8EiRSV09KfcpbLQMB1yJR9O_1hYBTfV0q4bslg7siUQDJhvySssYPXq62MTp0-ftEAkF5O8WRYHbM0lYsjbVjasMheUC1gfw2fRT5vpYUHv3eL2S3gN-y9RMvlYCheib4-Fv73qkKqzwvlO7fA08LB31Mtv-YcP0uQMdyTPIdt5FX3xcrLrFDlwtWaT4XUZOhYZnsZu1ucNZLHUjvBNA_quJ5e01zi4qbzyPxug6QUGn8PEFSzTWXy6NOfvd2CbTrzpxU5mtWkkixp1P6f0lUSLdHkv39GkO7uRrECFPXMFCo0vaLPkOrsvv9twYHu-Z6AhM3IWm1rtEmWUBlfq2PzlG-_TkDhjUkItSVTbMkve6ciGVUalxB1jLUr_suj47Dxb8Cx3nWzAx8dkx3jXuCbrG_cHD3UghqfosP7zMRqLtC9liPgiNAJvsxiOp0LcDEJk-d6dhrwE8XFyMA7y_eKV1qPMiCkIAq4yK7kmPL99aI8xlSZeqLb4rghxBCflIqVXDnRE97Bv8nMfmIPGxYCyhJ1OdojoEHP6FX-SSHhfsyaD_8NFaG0wj1vIkN5dUwd9puN7Wn0b61j63bWFrtrz8VKn3JLHyH7asuvPlq0VHch5grG8CiFC08Lr2Q8z5gm8JFrAQPSzgnZRJ1M9eFb-gNsoWLYff6FDlr4v4e99Eu5MHoQOCQ4GFfp3mKz1daVMaeeMIeLfwnvE3SYjRwczL7osqKHZhSjCq_DCaL4VhbgWhe73LAfF6NYAebhNNQJXM8rQkvnrjnvj-FfhqU2IblwQD96I0hXUO4QuSZCohRLl8d3YeG5FqE1J5jg8elXGg19vfqLkBa4XdnDipIu9jAWCzzoF5RlwW2w-hnIhPLoggJ9B6YTbIMKLHeyQzebL-WrDskSCVNPPFZDRQK1qNIOSFPKuqgZfAOxmq9tUBywSxcAPXya6i5XT0celkvfOQ4-ywUKI5dwk9Aiik8CbMUM_xxXKa4jkjUFFX1xRamj92YOh1JtFGTynhvVW10rj1XFgPzSByhXHpAnmvayISEjhXWtmTIf4Vz1_BY0PCRtrTpxdzwU2BIDeTDq4cIHWJunoZiRThx3KiZBU5jGUleaZ147OcHbfRhjpKfdIKkNCc46MkB5iHXgr0u2_Q9qcQYM8yRe9HaweDevYEMSozftei5ELFsyefh6brtoIRxq3YqF0yep0tQCyW1UTxMFDxD7YgZ_Bj75uRLoBWSCAPyZu6ymrqWXAilmIQGpq9DS8HZCa1RMuLgOI4OIEun6ypeuo3rQY63InUvY5TzVC_RibI-XfIn7Rb7ps_WpyHBwgdlzCH6ZJpgrI7N9dR39FKDgALG7-jePjZUzwKB6PG5l--sbUfl5qohOVxnQxVCMKDJBADorM4A9FE3__r44lViS9GpuT7U7ZLh9QqzYYBG-SRupH_pyF7x3_uOIQV7mASepVwoplOF4jCtLtizPsxd9f-PjRWCpInHwDYdv1WW_tjEv0AwzXgJfw47vBkMcEnmot4NV1kUYrGXO8PCzJ5XU4GrhNZ9pn-GoDzuByGmoOB2PqhVTixTLbBqRskn8o6ChWRs1O-aWeu1x46ELR91mZZ_Ztca0ZEJSzfJk_nPXLmeMN7MII5IiyroXbH6QJ2v6F-lRk0REt-4ok6dc_gWia2gG3E4-MkBApUOyjCSJAJbw7QHLjrZsGlQkMHmV2yCwX9VlrxUe830p2WUpCi9F5Sc0bWj9WCag3GxcOe9-vTY3DzeL3TQB3bmA3trgQFD8GFf_MS7haBOZbfbh4D160eqNxcNjbqafrVpqloEQKuqcu8sjRB48fXo85anxpt2POglFk1X4Xxezq9jpAnyKKlJkjwK40ZWaHdLFKcSN61iuolFxpemJVT_uDzBe12FQwzzRia_9oUfLiaiXsGOHx0Sz0C1mKuHNHv_s99e9MT5K-MOD-5aKruG5Zi4Zrs0kqtu6XvbGYmO5NQoTsu6hBoARQv7P8VdFcddNzsklO7_XXHj7Lwykw1LhqVbHwsGfZKOFb2Xry0DruIp4f2Wha2SBEYrpJvU_LIxVTiZrAqMH0iTZmOSggQhVViZUo2Ya1M&cid=CAASEuRoBSkJnM1y1VSYhNv6sSdu3w&rfl=1%2Chttps%253A%252F%252Fwww.sanook.com%252F%240
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/game/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5eb92b401669c1f65054283ba711ae97095d824fb31765559b7e36ba43fc7c28
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://b4e02b29aa7af6553704a9949471b1cb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 31 Aug 2021 07:28:48 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28656
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 594E 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-CAyB8P5AiY2V2gHvq7nxLpe7yMyxAZUqs7gPEBW9iMnr9G82gvclBIB5f2lhg4y0305D_zkWJsx4Qin60Tu89yuJLB7JXWV68tBGd3pge-Mn0Qjvs
Requested by
Host: b4e02b29aa7af6553704a9949471b1cb.safeframe.googlesyndication.com
URL: https://b4e02b29aa7af6553704a9949471b1cb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://b4e02b29aa7af6553704a9949471b1cb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 31 Aug 2021 07:28:48 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210826/r20110914/client/ Frame 594E 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210826/r20110914/client/window_focus_fy2019.js
Requested by
Host: b4e02b29aa7af6553704a9949471b1cb.safeframe.googlesyndication.com
URL: https://b4e02b29aa7af6553704a9949471b1cb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://b4e02b29aa7af6553704a9949471b1cb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 31 Aug 2021 06:48:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2416
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1339
x-xss-protection
0
server
cafe
etag
2275704724217174249
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 14 Sep 2021 06:48:32 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 594E 		122 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: b4e02b29aa7af6553704a9949471b1cb.safeframe.googlesyndication.com
URL: https://b4e02b29aa7af6553704a9949471b1cb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bc737a01a72ef54ff0decd38e4ada36dad376930b764cabfad012682cdc262ae
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://b4e02b29aa7af6553704a9949471b1cb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 31 Aug 2021 07:28:48 GMT
content-encoding
gzip
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server
sffe
etag
"1630322985459792"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
x-content-type-options
nosniff
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37796
x-xss-protection
0
expires
Tue, 31 Aug 2021 07:28:48 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210826/r20110914/client/ Frame 594E 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210826/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: b4e02b29aa7af6553704a9949471b1cb.safeframe.googlesyndication.com
URL: https://b4e02b29aa7af6553704a9949471b1cb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
114dabe187311ee2e303549831223ef80d06385cb854e2aa1647ec1e0ca148f5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://b4e02b29aa7af6553704a9949471b1cb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 31 Aug 2021 07:22:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
353
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6183
x-xss-protection
0
server
cafe
etag
901432759052127119
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 14 Sep 2021 07:22:55 GMT
l
www.google.com/ads/measurement/ Frame 594E 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQalDKjniaxcu45HiSFPKh18CDMMpXLt83nfVNyYmn9W1ertnwY54dwxSFjJEFxgITdqnspZdzniNvNo2Wno9NMkhqVoQ
Requested by
Host: b4e02b29aa7af6553704a9949471b1cb.safeframe.googlesyndication.com
URL: https://b4e02b29aa7af6553704a9949471b1cb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://b4e02b29aa7af6553704a9949471b1cb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers
crum
dsum-sec.casalemedia.com/ Frame 4FBD
Redirect Chain
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=3733736052381167460
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=3733736052381167460
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.sanook.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 31 Aug 2021 07:28:49 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Tue, 31 Aug 2021 07:28:49 GMT

Redirect headers

Pragma
no-cache
Date
Tue, 31 Aug 2021 07:28:48 GMT
X-Proxy-Origin
91.132.136.86; 91.132.136.86; 400.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
f87fe4d8-3f17-46ac-96b2-61928d0188c0
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=3733736052381167460
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
YS3aL_to-p60hZwz5hQ3kAAABGUAAAIB
pr-bh.ybp.yahoo.com/sync/casale/ Frame 4FBD 		43 B
88 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/YS3aL_to-p60hZwz5hQ3kAAABGUAAAIB?gdpr_consent=&us_privacy=&gdpr=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.sanook.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1288:110:c305::8000 Dublin, Ireland, ASN34010 (YAHOO-IRD, GB),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 31 Aug 2021 07:28:48 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
content-type
image/gif
x-xss-protection
1; mode=block
content-length
43
x-content-type-options
nosniff
expires
Thu, 01 Jan 1970 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame 4FBD
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/ie
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AADy8E7CW7QAABujY7smPQ&expiration=1631604528
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AADy8E7CW7QAABujY7smPQ&expiration=1631604528
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.sanook.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 31 Aug 2021 07:28:49 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Tue, 31 Aug 2021 07:28:49 GMT

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AADy8E7CW7QAABujY7smPQ&expiration=1631604528
Date
Tue, 31 Aug 2021 07:28:48 GMT
Server
nginx
Connection
keep-alive
Content-Length
0
strict-transport-security
max-age=2592000; includeSubDomains
rum
dsum-sec.casalemedia.com/ Frame 4FBD
Redirect Chain
  • https://ad.turn.com/r/cs?pid=21
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=2700383727650159174
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=2700383727650159174
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.sanook.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 31 Aug 2021 07:28:49 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Tue, 31 Aug 2021 07:28:49 GMT

Redirect headers

location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=2700383727650159174
pragma
no-cache
date
Tue, 31 Aug 2021 07:28:47 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
crum
dsum-sec.casalemedia.com/ Frame 4FBD
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=0JTqV1a01MkYcr5
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=0JTqV1a01MkYcr5&C=1
43 B
1002 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=0JTqV1a01MkYcr5&C=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.sanook.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 31 Aug 2021 07:28:51 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Tue, 31 Aug 2021 07:28:51 GMT

Redirect headers

Pragma
no-cache
Date
Tue, 31 Aug 2021 07:28:51 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=0JTqV1a01MkYcr5&C=1
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
text/html; charset=iso-8859-1
Content-Length
279
Expires
Tue, 31 Aug 2021 07:28:51 GMT
crum
dsum-sec.casalemedia.com/ Frame 4FBD
Redirect Chain
  • https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1
  • https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1&prevuid=03030001_612dda334fe9f&knw=0
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=03030001_612dda334fe9f
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=03030001_612dda334fe9f&C=1
43 B
1009 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=03030001_612dda334fe9f&C=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.sanook.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 31 Aug 2021 07:28:51 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Tue, 31 Aug 2021 07:28:51 GMT

Redirect headers

Pragma
no-cache
Date
Tue, 31 Aug 2021 07:28:51 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=03030001_612dda334fe9f&C=1
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
text/html; charset=iso-8859-1
Content-Length
287
Expires
Tue, 31 Aug 2021 07:28:51 GMT
ix
ad4m.at/ad/sim/ Frame 4FBD 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad4m.at/ad/sim/ix
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.sanook.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3039::6815:c06a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers
rum
dsum.casalemedia.com/ Frame 4FBD
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=index
  • https://x.bidswitch.net/ul_cb/sync?ssp=index
  • https://sonata-notifications.taptapnetworks.com/web/cookie/bidswitch/sync?bidswitch_ssp_id=index&bsw_custom_parameter=1bf93b4b-bb72-411d-a72c-2d428395ae7c&gdpr=&gdpr_consent=&gdpr_pd=
  • https://x.bidswitch.net/sync?dsp_id=413&ssp=index&user_id=csonata_eb00efdb-14e2-42b6-92f1-ed2ccac8f1d5&bsw_param=1bf93b4b-bb72-411d-a72c-2d428395ae7c&expires=10
  • https://dsum.casalemedia.com/rum?cm_dsp_id=51&external_user_id=1bf93b4b-bb72-411d-a72c-2d428395ae7c
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum.casalemedia.com/rum?cm_dsp_id=51&external_user_id=1bf93b4b-bb72-411d-a72c-2d428395ae7c
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.sanook.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 31 Aug 2021 07:28:48 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Tue, 31 Aug 2021 07:28:48 GMT

Redirect headers

location
//dsum.casalemedia.com/rum?cm_dsp_id=51&external_user_id=1bf93b4b-bb72-411d-a72c-2d428395ae7c
date
Tue, 31 Aug 2021 07:28:48 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
htw-pixel.gif
js-sec.indexww.com/ht/ Frame 4FBD 		43 B
425 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://js-sec.indexww.com/ht/htw-pixel.gif?YS3aL-to.p60hZwz5hQ3kAAA%261125
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.sanook.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Tue, 31 Aug 2021 07:28:48 GMT
Last-Modified
Tue, 24 Jan 2017 19:36:04 GMT
Server
Apache
ETag
"da1f1d-2b-546dc3a097100"
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=3337
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
image/gif
Content-Length
43
Expires
Tue, 31 Aug 2021 08:24:25 GMT
pixel
cm.g.doubleclick.net/ Frame D755
Redirect Chain
  • https://token.rubiconproject.com/token?pid=25470
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1NaUjFMREctMVotMUIwRg==
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1NaUjFMREctMVotMUIwRg==
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/game/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s46-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 31 Aug 2021 07:28:51 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1NaUjFMREctMVotMUIwRg==
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
8f052d4f888ae4e0626c5f819879cacd
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
rubicon
match.adsrvr.org/track/cmf/ Frame D755 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/rubicon
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/game/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.248.242.197 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a97adde81b00f2ca4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 31 Aug 2021 07:28:48 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pixel
cm.g.doubleclick.net/ Frame D755
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2249&pt=n
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ZGZjOTg4OGUwZWM4MThmNjlkODY0ZDU5OWUwMGEyODg3M2RlYTZmMA
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ZGZjOTg4OGUwZWM4MThmNjlkODY0ZDU5OWUwMGEyODg3M2RlYTZmMA
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/game/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s46-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 31 Aug 2021 07:28:51 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ZGZjOTg4OGUwZWM4MThmNjlkODY0ZDU5OWUwMGEyODg3M2RlYTZmMA
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
8f052d4f888ae4e0626c5f819879cacd
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame D755
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEJkzkrITHwX1Ky5cWcAeidM&google_cver=1
42 B
691 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEJkzkrITHwX1Ky5cWcAeidM&google_cver=1
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/game/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
42
X-RPHost
8f052d4f888ae4e0626c5f819879cacd
Content-Type
image/gif

Redirect headers

pragma
no-cache
date
Tue, 31 Aug 2021 07:28:48 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEJkzkrITHwX1Ky5cWcAeidM&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
326
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
v1
ads.yahoo.com/cms/ Frame D755
Redirect Chain
  • https://token.rubiconproject.com/token?pid=26594
  • https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=KSZR1LDG-1Z-1B0F&sigv=1&esig=2~f4f4687531bfeb26bd58f8053c7b8fc16c7589d7
0
445 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=KSZR1LDG-1Z-1B0F&sigv=1&esig=2~f4f4687531bfeb26bd58f8053c7b8fc16c7589d7
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/game/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1288:80:800::7001 Frankfurt am Main, Germany, ASN203220 (YAHOO-DEB, GB),
Reverse DNS
Software
ATS /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 31 Aug 2021 07:28:51 GMT
cache-control
no-store
x-content-type-options
nosniff
server
ATS
strict-transport-security
max-age=15552000
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection
1; mode=block

Redirect headers

Location
https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=KSZR1LDG-1Z-1B0F&sigv=1&esig=2~f4f4687531bfeb26bd58f8053c7b8fc16c7589d7
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
8f052d4f888ae4e0626c5f819879cacd
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame D755
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/xwXIrLfirC5kpKjEF28u88n5EUdSAgOZEtemQ7w0kco?csrc=
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=74534533770410898
42 B
691 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=74534533770410898
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/game/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
42
X-RPHost
8f052d4f888ae4e0626c5f819879cacd
Content-Type
image/gif

Redirect headers

date
Tue, 31 Aug 2021 07:28:51 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
location
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=74534533770410898
x-xss-protection
1; mode=block
content-length
0
x-content-type-options
nosniff
expires
Thu, 01 Jan 1970 00:00:00 GMT
tap.php
pixel.rubiconproject.com/ Frame D755
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=9&redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D4222%26nid%3D1512%26put%3D%5BMM_UUID%5D
  • https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=49c6612d-da2f-4200-9f7f-73a79d51deb1
42 B
691 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=49c6612d-da2f-4200-9f7f-73a79d51deb1
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/game/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
42
X-RPHost
8f052d4f888ae4e0626c5f819879cacd
Content-Type
image/gif

Redirect headers

Date
Tue, 31 Aug 2021 07:28:48 GMT
Server
MT3 3865 cc0e612 master zrh-pixel-x27
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=49c6612d-da2f-4200-9f7f-73a79d51deb1
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Tue, 31 Aug 2021 07:28:47 GMT
709414.gif
id.rlcdn.com/ Frame D755 		0
42 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id.rlcdn.com/709414.gif
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/game/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
68.174.244.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 31 Aug 2021 07:28:48 GMT
via
1.1 google
alt-svc
clear
content-length
0
view
securepubads.g.doubleclick.net/pcs/ Frame 313E 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssWYKKbj28ORCUOLX3B9ZTiUWrpAkm3S-9hPXpQFZevg9PqutzmM_05IJCMonZiYq0mcEqoJP8ScUaAA3f4gFxDwhSUN1GxaDr_VH8FeDfET2XNunI-_Jt6ZBSKR2aOThkh6djTBdDflfeF1vxP1Tu1wlnBN4wUL4FJqdfNmRw2ER3cLGLOAwZ-dg_dnIdOe_QW8gxKUbBJjQ3jHyzzVVNaO7SfdhO4NTjisuLZ2yCXhotSZArrJrWFSY2yaXAS9f2pVMGM4lAxFRJGg_hisKuY6rU1r73ZKFZOym7c1MxcN_8larkCYyHmGHmJLSAQ0OjtAROrMbQo6pHf_VW2ZidZ&sig=Cg0ArKJSzOiU5jZUGJ2PEAE&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ%3D%3D&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 31 Aug 2021 07:28:48 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Tue, 31 Aug 2021 07:28:48 GMT
pixel
cm.g.doubleclick.net/ Frame C895 		170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=adscale&google_cm&google_dbm
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMW7lQEQ4oWWARjBg-VRMAE&v=APEucNWcjYFD1oyuGmVHHh79wOwa2r5TmTGFUZUnfwtr71atjkTJb4yNmg0pAuh5AYghf_O5ZiAWDuG53oojUNbUbOGq55YH4A
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s46-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 31 Aug 2021 07:28:48 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame C895
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKcPpMolgLzUE6sM6CNSe4g&google_cver=1
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKcPpMolgLzUE6sM6CNSe4g&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMW7lQEQ4oWWARjBg-VRMAE&v=APEucNWcjYFD1oyuGmVHHh79wOwa2r5TmTGFUZUnfwtr71atjkTJb4yNmg0pAuh5AYghf_O5ZiAWDuG53oojUNbUbOGq55YH4A
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 31 Aug 2021 07:28:49 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Tue, 31 Aug 2021 07:28:49 GMT

Redirect headers

pragma
no-cache
date
Tue, 31 Aug 2021 07:28:48 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKcPpMolgLzUE6sM6CNSe4g&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame C895
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YS3aL-to.p60hZwz5hQ3kAAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKcPpMolgLzUE6sM6CNSe4g&google_cver=1&google_hm=2
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKcPpMolgLzUE6sM6CNSe4g&google_cver=1&google_hm=2
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMW7lQEQ4oWWARjBg-VRMAE&v=APEucNWcjYFD1oyuGmVHHh79wOwa2r5TmTGFUZUnfwtr71atjkTJb4yNmg0pAuh5AYghf_O5ZiAWDuG53oojUNbUbOGq55YH4A
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 31 Aug 2021 07:28:49 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Tue, 31 Aug 2021 07:28:49 GMT

Redirect headers

pragma
no-cache
date
Tue, 31 Aug 2021 07:28:49 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKcPpMolgLzUE6sM6CNSe4g&google_cver=1&google_hm=2
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
329
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame E576 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssuBx5YFuCpGqXCoVHaTkN7IeM5W3lZQd9KxOpBRAGs38_4qgb0ckqV8QqSD-mV9o5-ogPl0dIFY3JJ7tsvENoTTcLpkDoWd1B2_v5qAFrR3R-taCiaSWPzT5EK9a6clkOW8kEwZOU7HI6E_kNMFz_Uvuc_zM82mDI2AT8POZCzevnBAdaCYVAllIFWGC5XXbeaxy7pFvhJGyQcP0Rv-SqYiMieShFcK_czAPFIpiYHRe14A0g9EddYrnLhqyznyP-uSYF94Nyi8b-gYDW7bNafeZfvll1B20siJxoDCrEG4Fbdlo7eetOVvbdJomck7VGH1fPBqloI-7y0C3o34iPdhnx893e7&sai=AMfl-YSf5aJLxquVAxAJ-LrxIHSX3w6gHt_rLtoFrqb6aWYb1cXfSht7v51HSexbkofGGI6dMjtA9CALVaDSJSa6NqzQDv7gUlKQ87_JkJcrbL8JuqjHN5MIAGFEgPVmhRI&sig=Cg0ArKJSzAB_EYm_MV1jEAE&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ%3D%3D&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 31 Aug 2021 07:28:48 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Tue, 31 Aug 2021 07:28:48 GMT
html_inpage_rendering_lib_200_273.js
s0.2mdn.net/879366/ Frame 594E 		169 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_273.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/game/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2cff7ab03cb4e476b49ea05511c6cfcc71af6d5ed20d40e9b40ee31062149e77
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://b4e02b29aa7af6553704a9949471b1cb.safeframe.googlesyndication.com
Referer
https://b4e02b29aa7af6553704a9949471b1cb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 30 Aug 2021 12:38:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
67837
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
59842
x-xss-protection
0
last-modified
Wed, 30 Jun 2021 20:54:49 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 31 Aug 2021 12:38:11 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20210826/r20110914/elements/html/ Frame 594E 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20210826/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Df6zD4WzKT7lFsQXaLi3FuuIN6N24gVD13ocsMCGgLwOOkuKTbx5s3bqtORUNM3znOW7N6k9J7DWd2BKf1zzSwq-LflZUN_4bEXJYTWVqhEJXT770qPtW1ktjJIX3rUT4dBHoW8wa9wqu4eFIGrUcRm0Ne8g&dbm_d=AKAmf-A2dlk6yok-T9CpRAWm51-lnQIsgx7iVo351NWjqgUq44UaXfdW30-SNvGY09CiFxQMJke53wc_pCMLiBmNekSzckfsHttJXETGY7YZ21fil4mFbo3HmcfR-XUlORathYdQ5CbObQuTDzBabzqvGSSBO4HaGcG9E_HlX2hSA-MVs6eIYzlJERbfuEY15geAAchVX2ZbeNLuYcstQ6FOpakk2BxkIdd8Ad5dRBuaJ-CtD4mQrsR5qA0CnnmJhKEg83B1bX0QNcOZgYL52VADbkDzTbviJZmXJDk30cfcRgqlvPhw8Qzchmy9urTMDrQf3zum_uWUy12lcvNzAk1bcQE65CmHSqcjxZPWTlKnKm-WaOnG5NPY9OobMFII5BCpbjocAT16tHzHG9mm_0D7hW0B2X4ebLz1ncl0VfVtp6e-8sTTJBHxqgv-Izq00XFsClvj3WVmaWJfYaVII8uNeGZPuTq3F8dKQh454GaoxT9vFwmLkAGuEikqE5a46hVC4GYGTLN6GbqKvX6j7gbg9npRnZb8dQZV4ppn8lHp0ZCRrbWLZY3dvrp8y5-zWmCm6sqcBwreKFwA3o0zMXv0zSLnV-hUu3eRqdf_bps0mBqyWk-suQR2WAljFt_pPlBa_wamQWefkVyDCNUfSDQd9aTAjV-KwxeuLEdEtQM9sCLA88C-bWdXgY2W4cUg8si2QPoQz6vJdZ7-Jn_S5old482tibjJIfHfwvbSi1qkJZx1R6XKo9aV01AsJpJhCRtg1_FTEhcd12Qf54bY8psdsoDMfjwkvWTp-jX5rmvVEcuXzKXpkqLU0VsZD4J4jFwUmtVQixV26Ir7aLnbGQz3tWHCBg47CIEuN6XtWctU9WIMluoqAsy_kw_j0gTJbd7pL40U6HMWnLj8fN0RUkjqf6fEXLF-JEIvJtEbutGlVrAM6EKd9p1aEqEMLyrPtUsNI0QoD6oaf2G9v4FivniP5S7k2EBP5h3xvnRwiBBzNHOwvBOxPEaWHFWBVd_Agzik7HdkwKR_FSUifxw5Dx-HfKcyZLCEOkvQB2zyvHBZoxwoxrE8KAd9QuejtssSV8K8EiRSV09KfcpbLQMB1yJR9O_1hYBTfV0q4bslg7siUQDJhvySssYPXq62MTp0-ftEAkF5O8WRYHbM0lYsjbVjasMheUC1gfw2fRT5vpYUHv3eL2S3gN-y9RMvlYCheib4-Fv73qkKqzwvlO7fA08LB31Mtv-YcP0uQMdyTPIdt5FX3xcrLrFDlwtWaT4XUZOhYZnsZu1ucNZLHUjvBNA_quJ5e01zi4qbzyPxug6QUGn8PEFSzTWXy6NOfvd2CbTrzpxU5mtWkkixp1P6f0lUSLdHkv39GkO7uRrECFPXMFCo0vaLPkOrsvv9twYHu-Z6AhM3IWm1rtEmWUBlfq2PzlG-_TkDhjUkItSVTbMkve6ciGVUalxB1jLUr_suj47Dxb8Cx3nWzAx8dkx3jXuCbrG_cHD3UghqfosP7zMRqLtC9liPgiNAJvsxiOp0LcDEJk-d6dhrwE8XFyMA7y_eKV1qPMiCkIAq4yK7kmPL99aI8xlSZeqLb4rghxBCflIqVXDnRE97Bv8nMfmIPGxYCyhJ1OdojoEHP6FX-SSHhfsyaD_8NFaG0wj1vIkN5dUwd9puN7Wn0b61j63bWFrtrz8VKn3JLHyH7asuvPlq0VHch5grG8CiFC08Lr2Q8z5gm8JFrAQPSzgnZRJ1M9eFb-gNsoWLYff6FDlr4v4e99Eu5MHoQOCQ4GFfp3mKz1daVMaeeMIeLfwnvE3SYjRwczL7osqKHZhSjCq_DCaL4VhbgWhe73LAfF6NYAebhNNQJXM8rQkvnrjnvj-FfhqU2IblwQD96I0hXUO4QuSZCohRLl8d3YeG5FqE1J5jg8elXGg19vfqLkBa4XdnDipIu9jAWCzzoF5RlwW2w-hnIhPLoggJ9B6YTbIMKLHeyQzebL-WrDskSCVNPPFZDRQK1qNIOSFPKuqgZfAOxmq9tUBywSxcAPXya6i5XT0celkvfOQ4-ywUKI5dwk9Aiik8CbMUM_xxXKa4jkjUFFX1xRamj92YOh1JtFGTynhvVW10rj1XFgPzSByhXHpAnmvayISEjhXWtmTIf4Vz1_BY0PCRtrTpxdzwU2BIDeTDq4cIHWJunoZiRThx3KiZBU5jGUleaZ147OcHbfRhjpKfdIKkNCc46MkB5iHXgr0u2_Q9qcQYM8yRe9HaweDevYEMSozftei5ELFsyefh6brtoIRxq3YqF0yep0tQCyW1UTxMFDxD7YgZ_Bj75uRLoBWSCAPyZu6ymrqWXAilmIQGpq9DS8HZCa1RMuLgOI4OIEun6ypeuo3rQY63InUvY5TzVC_RibI-XfIn7Rb7ps_WpyHBwgdlzCH6ZJpgrI7N9dR39FKDgALG7-jePjZUzwKB6PG5l--sbUfl5qohOVxnQxVCMKDJBADorM4A9FE3__r44lViS9GpuT7U7ZLh9QqzYYBG-SRupH_pyF7x3_uOIQV7mASepVwoplOF4jCtLtizPsxd9f-PjRWCpInHwDYdv1WW_tjEv0AwzXgJfw47vBkMcEnmot4NV1kUYrGXO8PCzJ5XU4GrhNZ9pn-GoDzuByGmoOB2PqhVTixTLbBqRskn8o6ChWRs1O-aWeu1x46ELR91mZZ_Ztca0ZEJSzfJk_nPXLmeMN7MII5IiyroXbH6QJ2v6F-lRk0REt-4ok6dc_gWia2gG3E4-MkBApUOyjCSJAJbw7QHLjrZsGlQkMHmV2yCwX9VlrxUe830p2WUpCi9F5Sc0bWj9WCag3GxcOe9-vTY3DzeL3TQB3bmA3trgQFD8GFf_MS7haBOZbfbh4D160eqNxcNjbqafrVpqloEQKuqcu8sjRB48fXo85anxpt2POglFk1X4Xxezq9jpAnyKKlJkjwK40ZWaHdLFKcSN61iuolFxpemJVT_uDzBe12FQwzzRia_9oUfLiaiXsGOHx0Sz0C1mKuHNHv_s99e9MT5K-MOD-5aKruG5Zi4Zrs0kqtu6XvbGYmO5NQoTsu6hBoARQv7P8VdFcddNzsklO7_XXHj7Lwykw1LhqVbHwsGfZKOFb2Xry0DruIp4f2Wha2SBEYrpJvU_LIxVTiZrAqMH0iTZmOSggQhVViZUo2Ya1M&cid=CAASEuRoBSkJnM1y1VSYhNv6sSdu3w&rfl=1%2Chttps%253A%252F%252Fwww.sanook.com%252F%240
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
966ee1486939f4b7c9815a6ce8dd42420c5859a42efdbbd5b91aff45e0b1cc38
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://b4e02b29aa7af6553704a9949471b1cb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 31 Aug 2021 07:27:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
105
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3124
x-xss-protection
0
server
cafe
etag
4537136162986801320
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 14 Sep 2021 07:27:03 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20210826/r20110914/ Frame 594E 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20210826/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Df6zD4WzKT7lFsQXaLi3FuuIN6N24gVD13ocsMCGgLwOOkuKTbx5s3bqtORUNM3znOW7N6k9J7DWd2BKf1zzSwq-LflZUN_4bEXJYTWVqhEJXT770qPtW1ktjJIX3rUT4dBHoW8wa9wqu4eFIGrUcRm0Ne8g&dbm_d=AKAmf-A2dlk6yok-T9CpRAWm51-lnQIsgx7iVo351NWjqgUq44UaXfdW30-SNvGY09CiFxQMJke53wc_pCMLiBmNekSzckfsHttJXETGY7YZ21fil4mFbo3HmcfR-XUlORathYdQ5CbObQuTDzBabzqvGSSBO4HaGcG9E_HlX2hSA-MVs6eIYzlJERbfuEY15geAAchVX2ZbeNLuYcstQ6FOpakk2BxkIdd8Ad5dRBuaJ-CtD4mQrsR5qA0CnnmJhKEg83B1bX0QNcOZgYL52VADbkDzTbviJZmXJDk30cfcRgqlvPhw8Qzchmy9urTMDrQf3zum_uWUy12lcvNzAk1bcQE65CmHSqcjxZPWTlKnKm-WaOnG5NPY9OobMFII5BCpbjocAT16tHzHG9mm_0D7hW0B2X4ebLz1ncl0VfVtp6e-8sTTJBHxqgv-Izq00XFsClvj3WVmaWJfYaVII8uNeGZPuTq3F8dKQh454GaoxT9vFwmLkAGuEikqE5a46hVC4GYGTLN6GbqKvX6j7gbg9npRnZb8dQZV4ppn8lHp0ZCRrbWLZY3dvrp8y5-zWmCm6sqcBwreKFwA3o0zMXv0zSLnV-hUu3eRqdf_bps0mBqyWk-suQR2WAljFt_pPlBa_wamQWefkVyDCNUfSDQd9aTAjV-KwxeuLEdEtQM9sCLA88C-bWdXgY2W4cUg8si2QPoQz6vJdZ7-Jn_S5old482tibjJIfHfwvbSi1qkJZx1R6XKo9aV01AsJpJhCRtg1_FTEhcd12Qf54bY8psdsoDMfjwkvWTp-jX5rmvVEcuXzKXpkqLU0VsZD4J4jFwUmtVQixV26Ir7aLnbGQz3tWHCBg47CIEuN6XtWctU9WIMluoqAsy_kw_j0gTJbd7pL40U6HMWnLj8fN0RUkjqf6fEXLF-JEIvJtEbutGlVrAM6EKd9p1aEqEMLyrPtUsNI0QoD6oaf2G9v4FivniP5S7k2EBP5h3xvnRwiBBzNHOwvBOxPEaWHFWBVd_Agzik7HdkwKR_FSUifxw5Dx-HfKcyZLCEOkvQB2zyvHBZoxwoxrE8KAd9QuejtssSV8K8EiRSV09KfcpbLQMB1yJR9O_1hYBTfV0q4bslg7siUQDJhvySssYPXq62MTp0-ftEAkF5O8WRYHbM0lYsjbVjasMheUC1gfw2fRT5vpYUHv3eL2S3gN-y9RMvlYCheib4-Fv73qkKqzwvlO7fA08LB31Mtv-YcP0uQMdyTPIdt5FX3xcrLrFDlwtWaT4XUZOhYZnsZu1ucNZLHUjvBNA_quJ5e01zi4qbzyPxug6QUGn8PEFSzTWXy6NOfvd2CbTrzpxU5mtWkkixp1P6f0lUSLdHkv39GkO7uRrECFPXMFCo0vaLPkOrsvv9twYHu-Z6AhM3IWm1rtEmWUBlfq2PzlG-_TkDhjUkItSVTbMkve6ciGVUalxB1jLUr_suj47Dxb8Cx3nWzAx8dkx3jXuCbrG_cHD3UghqfosP7zMRqLtC9liPgiNAJvsxiOp0LcDEJk-d6dhrwE8XFyMA7y_eKV1qPMiCkIAq4yK7kmPL99aI8xlSZeqLb4rghxBCflIqVXDnRE97Bv8nMfmIPGxYCyhJ1OdojoEHP6FX-SSHhfsyaD_8NFaG0wj1vIkN5dUwd9puN7Wn0b61j63bWFrtrz8VKn3JLHyH7asuvPlq0VHch5grG8CiFC08Lr2Q8z5gm8JFrAQPSzgnZRJ1M9eFb-gNsoWLYff6FDlr4v4e99Eu5MHoQOCQ4GFfp3mKz1daVMaeeMIeLfwnvE3SYjRwczL7osqKHZhSjCq_DCaL4VhbgWhe73LAfF6NYAebhNNQJXM8rQkvnrjnvj-FfhqU2IblwQD96I0hXUO4QuSZCohRLl8d3YeG5FqE1J5jg8elXGg19vfqLkBa4XdnDipIu9jAWCzzoF5RlwW2w-hnIhPLoggJ9B6YTbIMKLHeyQzebL-WrDskSCVNPPFZDRQK1qNIOSFPKuqgZfAOxmq9tUBywSxcAPXya6i5XT0celkvfOQ4-ywUKI5dwk9Aiik8CbMUM_xxXKa4jkjUFFX1xRamj92YOh1JtFGTynhvVW10rj1XFgPzSByhXHpAnmvayISEjhXWtmTIf4Vz1_BY0PCRtrTpxdzwU2BIDeTDq4cIHWJunoZiRThx3KiZBU5jGUleaZ147OcHbfRhjpKfdIKkNCc46MkB5iHXgr0u2_Q9qcQYM8yRe9HaweDevYEMSozftei5ELFsyefh6brtoIRxq3YqF0yep0tQCyW1UTxMFDxD7YgZ_Bj75uRLoBWSCAPyZu6ymrqWXAilmIQGpq9DS8HZCa1RMuLgOI4OIEun6ypeuo3rQY63InUvY5TzVC_RibI-XfIn7Rb7ps_WpyHBwgdlzCH6ZJpgrI7N9dR39FKDgALG7-jePjZUzwKB6PG5l--sbUfl5qohOVxnQxVCMKDJBADorM4A9FE3__r44lViS9GpuT7U7ZLh9QqzYYBG-SRupH_pyF7x3_uOIQV7mASepVwoplOF4jCtLtizPsxd9f-PjRWCpInHwDYdv1WW_tjEv0AwzXgJfw47vBkMcEnmot4NV1kUYrGXO8PCzJ5XU4GrhNZ9pn-GoDzuByGmoOB2PqhVTixTLbBqRskn8o6ChWRs1O-aWeu1x46ELR91mZZ_Ztca0ZEJSzfJk_nPXLmeMN7MII5IiyroXbH6QJ2v6F-lRk0REt-4ok6dc_gWia2gG3E4-MkBApUOyjCSJAJbw7QHLjrZsGlQkMHmV2yCwX9VlrxUe830p2WUpCi9F5Sc0bWj9WCag3GxcOe9-vTY3DzeL3TQB3bmA3trgQFD8GFf_MS7haBOZbfbh4D160eqNxcNjbqafrVpqloEQKuqcu8sjRB48fXo85anxpt2POglFk1X4Xxezq9jpAnyKKlJkjwK40ZWaHdLFKcSN61iuolFxpemJVT_uDzBe12FQwzzRia_9oUfLiaiXsGOHx0Sz0C1mKuHNHv_s99e9MT5K-MOD-5aKruG5Zi4Zrs0kqtu6XvbGYmO5NQoTsu6hBoARQv7P8VdFcddNzsklO7_XXHj7Lwykw1LhqVbHwsGfZKOFb2Xry0DruIp4f2Wha2SBEYrpJvU_LIxVTiZrAqMH0iTZmOSggQhVViZUo2Ya1M&cid=CAASEuRoBSkJnM1y1VSYhNv6sSdu3w&rfl=1%2Chttps%253A%252F%252Fwww.sanook.com%252F%240
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5738c733f2f7b04e67edebebb67f01a2022d611ce73cbbf9ac15aa8186c6613e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://b4e02b29aa7af6553704a9949471b1cb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 31 Aug 2021 07:26:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
124
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9263
x-xss-protection
0
server
cafe
etag
16747441857000454541
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 14 Sep 2021 07:26:44 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame CAEF 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjss-VfVQONPjquPM3395An7LNzXkIk5qW3Zj07-W5SNo38KlcLQZN7dWangL1WetZJOBTMswde4H5q4FEXzLpOFFUP4wCbPzbiVvEEswsT5gohr-o0MAiUBEL_mlVxqthpU7xHtQqgde2jHzZNkBtJxTVXiiosp7HxEUr4YgevSAIhwI1X0BOM79UwlVFpwlpr179CjY241Us_ikxkz5DG-7-VsOwoDwfbtmp35Xd32HTmITV38QNtOQfjqMJ8elcOQNg1yqOz7Lusft-OKAsjQGxdeL9Qt3tvLOxTBc3uto5vXEaUhiCzyvPdPFzKZt&sig=Cg0ArKJSzNkgzY0Ky1SfEAE&urlfix=1&adurl=
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/game/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 31 Aug 2021 07:28:48 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.3.1/ Frame CAEF 		85 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021082301.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 31 Aug 2021 06:18:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
4211
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
30399
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 31 Aug 2022 06:18:37 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame CAEF 		122 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021082301.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bc737a01a72ef54ff0decd38e4ada36dad376930b764cabfad012682cdc262ae
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 31 Aug 2021 07:28:48 GMT
content-encoding
gzip
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server
sffe
etag
"1630322985459792"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
x-content-type-options
nosniff
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37796
x-xss-protection
0
expires
Tue, 31 Aug 2021 07:28:48 GMT
osd.js
www.googletagservices.com/activeview/js/current/ Frame E576 		72 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/osd.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021082301.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9973d4837254463d18af1f1fa3d201f5c46270b8516e1d1fa0886e14e1c39334
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 31 Aug 2021 07:28:48 GMT
content-encoding
gzip
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server
sffe
etag
"1630322975956640"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
x-content-type-options
nosniff
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27566
x-xss-protection
0
expires
Tue, 31 Aug 2021 07:28:48 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame E576 		11 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021082301&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021082301.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
13b292735840b3088bad3d16cbd31ff3735b8e59c10628f56daab9c52abce0c3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 31 Aug 2021 07:28:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8419
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ Frame E576 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021082301.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 31 Aug 2021 07:28:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1624308425655142"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6467
x-xss-protection
0
expires
Tue, 31 Aug 2021 07:28:48 GMT
index.html
s0.2mdn.net/ads/richmedia/studio/pv2/61835325/20210624010034874/ Frame B9E4 		25 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/richmedia/studio/pv2/61835325/20210624010034874/index.html?e=69&leftOffset=0&topOffset=0&c=jWAGbkyAuO&t=1&renderingType=2
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_273.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
aa8e239dac0c9b6ba9976deb9ddc7a116cc9394743d47d465debec9b8dfc0f7f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
s0.2mdn.net
:scheme
https
:path
/ads/richmedia/studio/pv2/61835325/20210624010034874/index.html?e=69&leftOffset=0&topOffset=0&c=jWAGbkyAuO&t=1&renderingType=2
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://b4e02b29aa7af6553704a9949471b1cb.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer
https://b4e02b29aa7af6553704a9949471b1cb.safeframe.googlesyndication.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
access-control-allow-origin
*
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
6845
date
Tue, 31 Aug 2021 07:28:48 GMT
expires
Wed, 01 Sep 2021 07:28:48 GMT
cache-control
public, max-age=86400
last-modified
Thu, 24 Jun 2021 08:00:34 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
view
googleads4.g.doubleclick.net/pcs/ Frame 594E 		0
107 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvu_CE6rrimfcpW2SFKAYqDreCgbZgJhAqlHZu_ZSJG-8BjKqo8G724FoQ2nM3c-a_wkABBJboRAmoTHIDxrRheICIDNKCtsuVuMIDREAUw6Q4tD6Sso11kfp49g9_o21Hd986XPURD5b8Eu-8oo1XWbFW8Jlkfkxci4cBvfsv7serHuzoCguPrgvcB41hmZRHPlBklsD7BGlxZMVYFGngFmJJqgYHFJnP3oztjcGLVsLtL_25baRwi1qi_PihyAmz2zVY0-TMP-clZBsCLLCierEzyfDzjp8gIZMS2w5UucY00RL9V03SihXhiu0vvNAq8B7H-wLzAN7QYT3HUOz2jRmPzkmz1eowLd4OpnjZfmLGuUQyHw80gBhjZL96PJuWujNuQEfV9uDFAiZo-i2djeBpd-iV9umzysI32bOdRZmFyRQYuA8fJT5uAFpuLV0UOrIYJGDMtiCNCnP4akiVrw-lHUBbwJpl3vUKWa3c5Ni-4Sd5TqUJSCvXPJldH3w9MJTGKzNKO1Bj8I_23b3lz1O_gB-ccxSjzc9Z5rYzy3jheCgbRRWp0ZJ3wbaYCdPLfRWsMQqhoerwUeKIoMK672qt8GN_Iq6dHZnKwmNXc0qbw7r8-HKtRCZ7bEzSirwRAenMb-BGIbbLG0dKGgPpMZeNnUS2qrHXyySXm07eYfJ9AALuC_noqxpqMy79MkIWSr-z6o6nhXdJNNqpwYMeEIwAFP6HTk2JkNj2LhrM_tYk0-5tv0IqrgC5i3C7ViuyPqmwBMGXE8d8DnYKLzEq4Hdud14Sk1QthFQ0t8OsQiaM1WoeaQ-ufjUalIxkMx-1oLgV64qGWc4voZKD37HO86cnIMUdjT-TzfUdBFAP4aqP-ILNP9N3YkLfAQFPXPzq02w9mPMvlf5hIW4SDL8FFjbcw8VXxrON1Lf3o293r-1X94QQPKfvHNWpMpyrP2aE6nS86gdbyguTEGDXf_kxCwL_cyt3XXWp_Igrz_Pa1utoRsINFZkz7I2d52qAA6rCu64KIoq9mO_GOxztURkkfK8Fkqz_Laxm6sppzFYpWHiB-A1PA287XRWXnp5KsSpz1r7BxwV33hZIdzVDfZpSXxR4659tKLTLWwlp8b305OWe2ypgxi7Qo_GRn1E6gE3NA7SWmAmlIkmkAxKiswkb2Um0jIFwdZAdc4CXMSoeKDTC7D5cpbTVSgNd25h5v0tSzKL_oxF29G14uyxRuNdnSWRoxHqdeQXNVjD4PDg&sai=AMfl-YRd8YNVWl3KD3xl5jpPv4nXHQpXj3NjbzsnTMtwsyue6d6rJQv0vkI5BtZnIL_1IeJ6lHVWcGMAwvIDmOvwExIoTmMN2ea2PA5xyI0tgC2hbX5o9fwpAmVZuLvT-3zgur1INGuB5xNI7Ka4shPNZm9Hdz1Rsg&sig=Cg0ArKJSzNTD88Dc22AkEAE&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=113&cbvp=1&cstd=106&cisv=r20210826.42823&adurl=
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/game/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s01-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://b4e02b29aa7af6553704a9949471b1cb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
date
Tue, 31 Aug 2021 07:28:49 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 594E 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: b4e02b29aa7af6553704a9949471b1cb.safeframe.googlesyndication.com
URL: https://b4e02b29aa7af6553704a9949471b1cb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://b4e02b29aa7af6553704a9949471b1cb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 31 Aug 2021 06:31:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
3463
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 31 Aug 2022 06:31:05 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame CC56 		1 KB
749 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: b4e02b29aa7af6553704a9949471b1cb.safeframe.googlesyndication.com
URL: https://b4e02b29aa7af6553704a9949471b1cb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
pagead2.googlesyndication.com
:scheme
https
:path
/pagead/s/cookie_push_onload.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://b4e02b29aa7af6553704a9949471b1cb.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer
https://b4e02b29aa7af6553704a9949471b1cb.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Mon, 30 Aug 2021 13:41:14 GMT
expires
Tue, 31 Aug 2021 13:41:14 GMT
content-type
text/html; charset=UTF-8
etag
48472445140208031
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
724
x-xss-protection
0
age
64054
cache-control
public, max-age=86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
truncated
/ Frame 594E 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
344f68bf6d90414e71d5e2650451c06b5ca995973c0b63813ce54dbf7bfe550b

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type
image/png
/
avd.innity.com/dc/ 		43 B
585 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://avd.innity.com/dc/?cl=225&cuid=d81e67f715f9bf3b8143aeabf1dc02f7&cb=1630394928420&douid=&sess=126186328.225.1630394928419&dur=0&ref=https%3A%2F%2Fwww.sanook.com%2Fgame%2F&srf=&pk=&pt=%E0%B9%80%E0%B8%81%E0%B8%A1%E0%B8%AA%E0%B9%8C%20%E0%B9%80%E0%B8%81%E0%B8%A1%E0%B8%AD%E0%B8%AD%E0%B8%99%E0%B9%84%E0%B8%A5%E0%B8%99%E0%B9%8C%E0%B9%83%E0%B8%AB%E0%B8%A1%E0%B9%88%20%E0%B9%80%E0%B8%81%E0%B8%A1%E0%B8%A1%E0%B8%B7%E0%B8%AD%E0%B8%96%E0%B8%B7%E0%B8%AD%20%E0%B9%80%E0%B8%A5%E0%B9%88%E0%B8%99%E0%B9%80%E0%B8%81%E0%B8%A1%E0%B8%9F%E0%B8%A3%E0%B8%B5&sr=1600x1200&ul=en-US&de=UTF-8&vp=1600x1200
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/game/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
119.81.192.134 Singapore, Singapore, ASN36351 (SOFTLAYER, US),
Reverse DNS
86.c0.5177.ip4.static.sl-reverse.com
Software
Apache /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 31 Aug 2021 07:28:48 GMT
Last-Modified
Tue, 31 Aug 2021 07:28:48 GMT
Server
Apache
P3P
policyref=http://www.innity.com/p3p/p3p.xml,CP="CURa ADMa DEVa OUR BUS UNI COM NAV INT"
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Content-Type
image/gif
Content-Length
43
Expires
Wed, 04 Aug 1985 12:59:00 GMT
/
avd.innity.com/sync/
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Favd.innity.com%2Fsync%2F%3Fpartner%3Dappnexus%26token%3D%24UID%26type%3Dcookie%26itmcb%3D1630394928420
  • https://avd.innity.com/sync/?partner=appnexus&token=3733736052381167460&type=cookie&itmcb=1630394928420
43 B
452 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://avd.innity.com/sync/?partner=appnexus&token=3733736052381167460&type=cookie&itmcb=1630394928420
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/game/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
119.81.192.134 Singapore, Singapore, ASN36351 (SOFTLAYER, US),
Reverse DNS
86.c0.5177.ip4.static.sl-reverse.com
Software
Apache /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 31 Aug 2021 07:28:49 GMT
Last-Modified
Tue, 31 Aug 2021 07:28:49 GMT
Server
Apache
P3P
policyref=http://www.innity.com/p3p/p3p.xml,CP="CURa ADMa DEVa OUR BUS UNI COM NAV INT"
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Content-Type
image/gif
Content-Length
43
Expires
Wed, 04 Aug 1985 12:59:00 GMT

Redirect headers

Pragma
no-cache
Date
Tue, 31 Aug 2021 07:28:48 GMT
X-Proxy-Origin
91.132.136.86; 91.132.136.86; 400.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
c34dd07a-4dea-4586-a662-4b9ffab3fa5b
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://avd.innity.com/sync/?partner=appnexus&token=3733736052381167460&type=cookie&itmcb=1630394928420
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
/
avd.innity.com/sync/ 		43 B
452 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://avd.innity.com/sync/?partner=innity&token=d81e67f715f9bf3b8143aeabf1dc02f7&type=cookie&itmcb=1630394928420
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/game/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
119.81.192.134 Singapore, Singapore, ASN36351 (SOFTLAYER, US),
Reverse DNS
86.c0.5177.ip4.static.sl-reverse.com
Software
Apache /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 31 Aug 2021 07:28:48 GMT
Last-Modified
Tue, 31 Aug 2021 07:28:48 GMT
Server
Apache
P3P
policyref=http://www.innity.com/p3p/p3p.xml,CP="CURa ADMa DEVa OUR BUS UNI COM NAV INT"
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Content-Type
image/gif
Content-Length
43
Expires
Wed, 04 Aug 1985 12:59:00 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame CAEF 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsufzwEE-Yvt1lU1R3sAdaJwKj8QmDdJPkqrmWMzyDv3zzzEzjQWv4Og-9WHkOsX4tlY-5VHg2OH5-T7YN_55ABNRIQ7KVT7_iB2c8C6zvOfIBVZC6N60v4SdHKyez02QRd_UnOgAB0f5fjvLDoUq5GbGWgCydfmmIYjxMWGeP6opvvyV4PzK2cT0YEVcvcqCVl1Zj-duUGDX8jBePhVuYEXbh4gZ2ddTl2xVleR22SH2gh9WI2YLohXeTs3S3zm2oY2erpb1HwYqooq6P0nqTnZqAvXu3ZJWgoULoCZRGQbjQFZ27hlFQnbTaV03XtiAIQ&sig=Cg0ArKJSzPqyq1ZNRhyzEAE&urlfix=1&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 31 Aug 2021 07:28:48 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Tue, 31 Aug 2021 07:28:48 GMT
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 2893 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/Enqz_20U.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://b4e02b29aa7af6553704a9949471b1cb.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer
https://b4e02b29aa7af6553704a9949471b1cb.safeframe.googlesyndication.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
8395
date
Fri, 27 Aug 2021 09:05:30 GMT
expires
Sat, 27 Aug 2022 09:05:30 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
339798
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
createjs_2019.11.15_min.js
s0.2mdn.net/ads/studio/cached_libs/ Frame B9E4 		236 KB
63 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/studio/cached_libs/createjs_2019.11.15_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61835325/20210624010034874/index.html?e=69&leftOffset=0&topOffset=0&c=jWAGbkyAuO&t=1&renderingType=2
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bc12347103da4da2ac30f8b4defd567679284e0bad691a54fad78ad804fc9c27
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/ads/richmedia/studio/pv2/61835325/20210624010034874/index.html?e=69&leftOffset=0&topOffset=0&c=jWAGbkyAuO&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 31 Aug 2021 07:28:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
64275
x-xss-protection
0
last-modified
Fri, 15 Nov 2019 19:16:20 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=0
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 31 Aug 2021 07:28:48 GMT
Enabler_01_245.js
s0.2mdn.net/879366/ Frame B9E4 		110 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/Enabler_01_245.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61835325/20210624010034874/index.html?e=69&leftOffset=0&topOffset=0&c=jWAGbkyAuO&t=1&renderingType=2
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4642568b405b3750fb18df621889e27def95e8162c1cdd256a21b319c9a4e24b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/ads/richmedia/studio/pv2/61835325/20210624010034874/index.html?e=69&leftOffset=0&topOffset=0&c=jWAGbkyAuO&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 30 Aug 2021 12:38:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
67834
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38568
x-xss-protection
0
last-modified
Wed, 14 Oct 2020 19:32:54 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 31 Aug 2021 12:38:14 GMT
pixel
cm.g.doubleclick.net/ Frame CC56
Redirect Chain
  • https://um.simpli.fi/gp_match?google_gid=CAESENLdeC9s994iaSkcZZWyEDU&google_cver=1&google_push=AYg5qPJUP8GaP3HBcvbikG1WmUiYfYwon8qEQssZhrXzzvTPd-EhlVNA8nhDf1qT3dTP7eKCDbHCNMCbsNheoKiNFdU7Cpj6hfe2
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=7AAACC6B71414737AAEAE28FB18AB480&google_push=AYg5qPJUP8GaP3HBcvbikG1WmUiYfYwon8qEQssZhrXzzvTPd-EhlVNA8nhDf1qT3dTP7eKCDbHCNMCbsNheoKi...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=7AAACC6B71414737AAEAE28FB18AB480&google_push=AYg5qPJUP8GaP3HBcvbikG1WmUiYfYwon8qEQssZhrXzzvTPd-EhlVNA8nhDf1qT3dTP7eKCDbHCNMCbsNheoKiNFdU7Cpj6hfe2
Requested by
Host: b4e02b29aa7af6553704a9949471b1cb.safeframe.googlesyndication.com
URL: https://b4e02b29aa7af6553704a9949471b1cb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s46-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 31 Aug 2021 07:28:48 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Tue, 31 Aug 2021 07:28:48 GMT
x-content-type-options
nosniff
server
nginx
location
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=7AAACC6B71414737AAEAE28FB18AB480&google_push=AYg5qPJUP8GaP3HBcvbikG1WmUiYfYwon8qEQssZhrXzzvTPd-EhlVNA8nhDf1qT3dTP7eKCDbHCNMCbsNheoKiNFdU7Cpj6hfe2
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
154
expires
Mon, 30 Aug 2021 07:28:48 GMT
pixel
cm.g.doubleclick.net/ Frame CC56
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=154&google_gid=CAESECjAZp35RDOlCA3AvRMMaLM&google_cver=1&google_push=AYg5qPKoBy_BrJ4173lF4-OVQCtHxcFBZE8Jufg5UT2J26dEpQAqZPYLTUpgnyVCOpdPztZM09xUPxo3pw9apKV...
  • https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=jn_7gI3FTupT9idPz9dWtluEiFY&google_push=AYg5qPKoBy_BrJ4173lF4-OVQCtHxcFBZE8Jufg5UT2J26dEpQAqZPYLTUpgnyVCOpdPztZM09xUPxo3pw9apK...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=jn_7gI3FTupT9idPz9dWtluEiFY&google_push=AYg5qPKoBy_BrJ4173lF4-OVQCtHxcFBZE8Jufg5UT2J26dEpQAqZPYLTUpgnyVCOpdPztZM09xUPxo3pw9apKVRwIvsxnbr2v8T
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/game/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s46-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 31 Aug 2021 07:28:51 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=jn_7gI3FTupT9idPz9dWtluEiFY&google_push=AYg5qPKoBy_BrJ4173lF4-OVQCtHxcFBZE8Jufg5UT2J26dEpQAqZPYLTUpgnyVCOpdPztZM09xUPxo3pw9apKVRwIvsxnbr2v8T
Date
Tue, 31 Aug 2021 07:28:51 GMT
Connection
keep-alive
Content-Length
242
Content-Type
text/html; charset=utf-8
pixel
cm.g.doubleclick.net/ Frame CC56
Redirect Chain
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEMnjmX9XHayCphm1M9nolMw&google_cver=1&google_push=AYg5qPIhP_WV5McPVkYKlWG_chBMeOuP95tLfHvtQ_RSayCNXHNNxgJlL7zyUNj9nHvr90B_a0E-tP-8uGBwyRN4z...
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEMnjmX9XHayCphm1M9nolMw&google_cver=1&google_push=AYg5qPIhP_WV5McPVkYKlWG_chBMeOuP95tLfHvtQ_RSayCNXHNNxgJlL7zyUNj9nHvr90B_a0E-tP-8uGBwyRN4z...
  • https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AYg5qPIhP_WV5McPVkYKlWG_chBMeOuP95tLfHvtQ_RSayCNXHNNxgJlL7zyUNj9nHvr90B_a0E-tP-8uGBwyRN4zvajwEna2lhI&google_hm=3fc1363c1d69b38ad49208b6
  • https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AYg5qPIhP_WV5McPVkYKlWG_chBMeOuP95tLfHvtQ_RSayCNXHNNxgJlL7zyUNj9nHvr90B_a0E-tP-8uGBwyRN4zvajwEna2lhI&google_hm=3fc1363c1d69b38ad49208...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AYg5qPIhP_WV5McPVkYKlWG_chBMeOuP95tLfHvtQ_RSayCNXHNNxgJlL7zyUNj9nHvr90B_a0E-tP-8uGBwyRN4zvajwEna2lhI&google_hm=3fc1363c1d69b38ad49208b6&google_tc=
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/game/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s46-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 31 Aug 2021 07:28:50 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 31 Aug 2021 07:28:50 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AYg5qPIhP_WV5McPVkYKlWG_chBMeOuP95tLfHvtQ_RSayCNXHNNxgJlL7zyUNj9nHvr90B_a0E-tP-8uGBwyRN4zvajwEna2lhI&google_hm=3fc1363c1d69b38ad49208b6&google_tc=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
419
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame CC56
Redirect Chain
  • https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEF36DwxDE_DgPJ5R3IXzBxg&google_cver=1&google_push=AYg5qPLXDTTnQ9Szt5b_dNoD3Lu6P_BV9bDdqGYYl94Eh5aTQD0Kjk0NEyf6xYTyQ5EJBhuhkaorJNZUNUqOXjh1...
  • https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_hm=d928b2f41614c8353898&google_redir=https%3A%2F%2Fs.ad.smaato.net%2Fc%2F%3FadExInit%3Dg&google_push=AYg5qPLXDTTnQ9Szt5b_dNoD3Lu6P_BV9bDd...
  • https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_hm=d928b2f41614c8353898&google_redir=https%3A%2F%2Fs.ad.smaato.net%2Fc%2F%3FadExInit%3Dg&google_push=AYg5qPLXDTTnQ9Szt5b_dNoD3Lu6P_BV9bDd...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_hm=d928b2f41614c8353898&google_redir=https%3A%2F%2Fs.ad.smaato.net%2Fc%2F%3FadExInit%3Dg&google_push=AYg5qPLXDTTnQ9Szt5b_dNoD3Lu6P_BV9bDdqGYYl94Eh5aTQD0Kjk0NEyf6xYTyQ5EJBhuhkaorJNZUNUqOXjh12oQSYdE6FfDLfg&google_tc=
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/game/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s46-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 31 Aug 2021 07:28:50 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 31 Aug 2021 07:28:50 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_hm=d928b2f41614c8353898&google_redir=https%3A%2F%2Fs.ad.smaato.net%2Fc%2F%3FadExInit%3Dg&google_push=AYg5qPLXDTTnQ9Szt5b_dNoD3Lu6P_BV9bDdqGYYl94Eh5aTQD0Kjk0NEyf6xYTyQ5EJBhuhkaorJNZUNUqOXjh12oQSYdE6FfDLfg&google_tc=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
487
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame CC56
Redirect Chain
  • https://ads.yieldmo.com/exptsync?google_gid=CAESELHcwHh9hCNzw7GHJZaIziw&google_cver=1&google_push=AYg5qPLauWZzlCN08dIV22QPLrxjUAO5Z24VOe-6QY0oD7npleRd88bTsLF7yhMTG050f003p-Wn-Ag9rXhUgc8Wa01y8q0MTpbr2A
  • https://cm.g.doubleclick.net/pixel?google_nid=yieldmo&google_push=AYg5qPLauWZzlCN08dIV22QPLrxjUAO5Z24VOe-6QY0oD7npleRd88bTsLF7yhMTG050f003p-Wn-Ag9rXhUgc8Wa01y8q0MTpbr2A&google_hm=ZzE2OGMwYjM1MTY2MD...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=yieldmo&google_push=AYg5qPLauWZzlCN08dIV22QPLrxjUAO5Z24VOe-6QY0oD7npleRd88bTsLF7yhMTG050f003p-Wn-Ag9rXhUgc8Wa01y8q0MTpbr2A&google_hm=ZzE2OGMwYjM1MTY2MDM1MjhiYzA=
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/game/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s46-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 31 Aug 2021 07:28:51 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 31 Aug 2021 07:28:51 GMT
location
https://cm.g.doubleclick.net/pixel?google_nid=yieldmo&google_push=AYg5qPLauWZzlCN08dIV22QPLrxjUAO5Z24VOe-6QY0oD7npleRd88bTsLF7yhMTG050f003p-Wn-Ag9rXhUgc8Wa01y8q0MTpbr2A&google_hm=ZzE2OGMwYjM1MTY2MDM1MjhiYzA=
access-control-allow-methods
POST, GET, OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
*
access-control-allow-headers
Cache-Control, Pragma, *
content-length
0
pixel
cm.g.doubleclick.net/ Frame CC56
Redirect Chain
  • https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEDMbfdQwbNTvNatGVbdZcg0&google_cver=1&google_push=AYg5qPITWAF_rfy-ZKcmeGVukUZIqr_d-m-92HXT95orVqmfSPaBdjldKqeSDNsktqoqrdUYCCszNNqvttczcOiaKrFWPgZ2ok...
  • https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&cmp_cs=&us_privacy=&sync=1&google_push=AYg5qPITWAF_rfy-ZKcmeGVukUZIqr_d-m-92HXT95orVqmfSPaBdjldKqeSDNsktqoqrdUYCCszNNqvttczcOiaKrFWPgZ2okgPiA&go...
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTc0NjQ0NzQ5MDg0OTc0MDg5MTE%3D&google_push=AYg5qPITWAF_rfy-ZKcmeGVukUZIqr_d-m-92HXT95orVqmfSPaBdjldKqeSDN...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTc0NjQ0NzQ5MDg0OTc0MDg5MTE%3D&google_push=AYg5qPITWAF_rfy-ZKcmeGVukUZIqr_d-m-92HXT95orVqmfSPaBdjldKqeSDNsktqoqrdUYCCszNNqvttczcOiaKrFWPgZ2okgPiA
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/game/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s46-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 31 Aug 2021 07:28:51 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTc0NjQ0NzQ5MDg0OTc0MDg5MTE%3D&google_push=AYg5qPITWAF_rfy-ZKcmeGVukUZIqr_d-m-92HXT95orVqmfSPaBdjldKqeSDNsktqoqrdUYCCszNNqvttczcOiaKrFWPgZ2okgPiA
date
Tue, 31 Aug 2021 07:28:51 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
pixel
cm.g.doubleclick.net/ Frame CC56
Redirect Chain
  • https://cs.chocolateplatform.com/pub?pid=ebda&google_gid=CAESEJmUw7PiYCg4ZPk2eXGf-ug&google_cver=1&google_push=AYg5qPKTbEd5r8AfUvt5DlEwhwo-2cQF-OjI3VZRG1K_yo1VU3x_YVRevJukI5525UcRejidzcSvqtEUL4SFpR...
  • https://cm.g.doubleclick.net/pixel?google_nid=chocolateplatform&google_hm=Y3AtOWI2ZjdlNjZmOWFmNDFlODQ1NGYwNDMzNWUzYjA1MWI=&google_push=AYg5qPKTbEd5r8AfUvt5DlEwhwo-2cQF-OjI3VZRG1K_yo1VU3x_YVRevJukI5...
  • https://cm.g.doubleclick.net/pixel?google_nid=chocolateplatform&google_hm=Y3AtOWI2ZjdlNjZmOWFmNDFlODQ1NGYwNDMzNWUzYjA1MWI=&google_push=AYg5qPKTbEd5r8AfUvt5DlEwhwo-2cQF-OjI3VZRG1K_yo1VU3x_YVRevJukI5...
  • https://cm.g.doubleclick.net/pixel?google_nid=chocolateplatform&google_hm=Y3AtOWI2ZjdlNjZmOWFmNDFlODQ1NGYwNDMzNWUzYjA1MWI=&google_push=AYg5qPKTbEd5r8AfUvt5DlEwhwo-2cQF-OjI3VZRG1K_yo1VU3x_YVRevJukI5...
  • https://cm.g.doubleclick.net/pixel?google_nid=chocolateplatform&google_hm=Y3AtOWI2ZjdlNjZmOWFmNDFlODQ1NGYwNDMzNWUzYjA1MWI=&google_push=AYg5qPKTbEd5r8AfUvt5DlEwhwo-2cQF-OjI3VZRG1K_yo1VU3x_YVRevJukI5...
  • https://cm.g.doubleclick.net/pixel?google_nid=chocolateplatform&google_hm=Y3AtOWI2ZjdlNjZmOWFmNDFlODQ1NGYwNDMzNWUzYjA1MWI=&google_push=AYg5qPKTbEd5r8AfUvt5DlEwhwo-2cQF-OjI3VZRG1K_yo1VU3x_YVRevJukI5...
  • https://cm.g.doubleclick.net/pixel?google_nid=chocolateplatform&google_hm=Y3AtOWI2ZjdlNjZmOWFmNDFlODQ1NGYwNDMzNWUzYjA1MWI=&google_push=AYg5qPKTbEd5r8AfUvt5DlEwhwo-2cQF-OjI3VZRG1K_yo1VU3x_YVRevJukI5...
  • https://cm.g.doubleclick.net/pixel?google_nid=chocolateplatform&google_hm=Y3AtOWI2ZjdlNjZmOWFmNDFlODQ1NGYwNDMzNWUzYjA1MWI=&google_push=AYg5qPKTbEd5r8AfUvt5DlEwhwo-2cQF-OjI3VZRG1K_yo1VU3x_YVRevJukI5...
  • https://cm.g.doubleclick.net/pixel?google_nid=chocolateplatform&google_hm=Y3AtOWI2ZjdlNjZmOWFmNDFlODQ1NGYwNDMzNWUzYjA1MWI=&google_push=AYg5qPKTbEd5r8AfUvt5DlEwhwo-2cQF-OjI3VZRG1K_yo1VU3x_YVRevJukI5...
  • https://cm.g.doubleclick.net/pixel?google_nid=chocolateplatform&google_hm=Y3AtOWI2ZjdlNjZmOWFmNDFlODQ1NGYwNDMzNWUzYjA1MWI=&google_push=AYg5qPKTbEd5r8AfUvt5DlEwhwo-2cQF-OjI3VZRG1K_yo1VU3x_YVRevJukI5...
  • https://cm.g.doubleclick.net/pixel?google_nid=chocolateplatform&google_hm=Y3AtOWI2ZjdlNjZmOWFmNDFlODQ1NGYwNDMzNWUzYjA1MWI=&google_push=AYg5qPKTbEd5r8AfUvt5DlEwhwo-2cQF-OjI3VZRG1K_yo1VU3x_YVRevJukI5...
  • https://cm.g.doubleclick.net/pixel?google_nid=chocolateplatform&google_hm=Y3AtOWI2ZjdlNjZmOWFmNDFlODQ1NGYwNDMzNWUzYjA1MWI=&google_push=AYg5qPKTbEd5r8AfUvt5DlEwhwo-2cQF-OjI3VZRG1K_yo1VU3x_YVRevJukI5...
  • https://cm.g.doubleclick.net/pixel?google_nid=chocolateplatform&google_hm=Y3AtOWI2ZjdlNjZmOWFmNDFlODQ1NGYwNDMzNWUzYjA1MWI=&google_push=AYg5qPKTbEd5r8AfUvt5DlEwhwo-2cQF-OjI3VZRG1K_yo1VU3x_YVRevJukI5...
  • https://cm.g.doubleclick.net/pixel?google_nid=chocolateplatform&google_hm=Y3AtOWI2ZjdlNjZmOWFmNDFlODQ1NGYwNDMzNWUzYjA1MWI=&google_push=AYg5qPKTbEd5r8AfUvt5DlEwhwo-2cQF-OjI3VZRG1K_yo1VU3x_YVRevJukI5...
  • https://cm.g.doubleclick.net/pixel?google_nid=chocolateplatform&google_hm=Y3AtOWI2ZjdlNjZmOWFmNDFlODQ1NGYwNDMzNWUzYjA1MWI=&google_push=AYg5qPKTbEd5r8AfUvt5DlEwhwo-2cQF-OjI3VZRG1K_yo1VU3x_YVRevJukI5...
  • https://cm.g.doubleclick.net/pixel?google_nid=chocolateplatform&google_hm=Y3AtOWI2ZjdlNjZmOWFmNDFlODQ1NGYwNDMzNWUzYjA1MWI=&google_push=AYg5qPKTbEd5r8AfUvt5DlEwhwo-2cQF-OjI3VZRG1K_yo1VU3x_YVRevJukI5...
  • https://cm.g.doubleclick.net/pixel?google_nid=chocolateplatform&google_hm=Y3AtOWI2ZjdlNjZmOWFmNDFlODQ1NGYwNDMzNWUzYjA1MWI=&google_push=AYg5qPKTbEd5r8AfUvt5DlEwhwo-2cQF-OjI3VZRG1K_yo1VU3x_YVRevJukI5...
  • https://cm.g.doubleclick.net/pixel?google_nid=chocolateplatform&google_hm=Y3AtOWI2ZjdlNjZmOWFmNDFlODQ1NGYwNDMzNWUzYjA1MWI=&google_push=AYg5qPKTbEd5r8AfUvt5DlEwhwo-2cQF-OjI3VZRG1K_yo1VU3x_YVRevJukI5...
  • https://cm.g.doubleclick.net/pixel?google_nid=chocolateplatform&google_hm=Y3AtOWI2ZjdlNjZmOWFmNDFlODQ1NGYwNDMzNWUzYjA1MWI=&google_push=AYg5qPKTbEd5r8AfUvt5DlEwhwo-2cQF-OjI3VZRG1K_yo1VU3x_YVRevJukI5...
  • https://cm.g.doubleclick.net/pixel?google_nid=chocolateplatform&google_hm=Y3AtOWI2ZjdlNjZmOWFmNDFlODQ1NGYwNDMzNWUzYjA1MWI=&google_push=AYg5qPKTbEd5r8AfUvt5DlEwhwo-2cQF-OjI3VZRG1K_yo1VU3x_YVRevJukI5...
  • https://cm.g.doubleclick.net/pixel?google_nid=chocolateplatform&google_hm=Y3AtOWI2ZjdlNjZmOWFmNDFlODQ1NGYwNDMzNWUzYjA1MWI=&google_push=AYg5qPKTbEd5r8AfUvt5DlEwhwo-2cQF-OjI3VZRG1K_yo1VU3x_YVRevJukI5...
0
0
attr
cm.g.doubleclick.net/pixel/ Frame CC56 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LYohO_90xpJrFp2fcBqWaRWWDl8tKdJ9OFh7ynDsE2IS1pR_4fEUHsqRkBX0cfkeCe2LWR
Requested by
Host: b4e02b29aa7af6553704a9949471b1cb.safeframe.googlesyndication.com
URL: https://b4e02b29aa7af6553704a9949471b1cb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s46-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 31 Aug 2021 07:28:48 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
JSi02Q6GJynUs5OPQnU6ClbAiSGuMk75N6kjZ1kLosw.js
pagead2.googlesyndication.com/bg/ Frame 2893 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/JSi02Q6GJynUs5OPQnU6ClbAiSGuMk75N6kjZ1kLosw.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2528b4d90e862729d4b3938f42753a0a56c08921ae324ef937a92367590ba2cc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 31 Aug 2021 03:47:21 GMT
content-encoding
br
x-content-type-options
nosniff
age
13287
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13290
x-xss-protection
0
last-modified
Mon, 23 Aug 2021 08:38:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 31 Aug 2022 03:47:21 GMT
bubble1.png
s0.2mdn.net/ads/richmedia/studio/pv2/61835325/20210624010034874/images/ Frame B9E4 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/ads/richmedia/studio/pv2/61835325/20210624010034874/images/bubble1.png?1624268853274
Requested by
Host: b4e02b29aa7af6553704a9949471b1cb.safeframe.googlesyndication.com
URL: https://b4e02b29aa7af6553704a9949471b1cb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
16a2cfaddde9f8f14a15abd953b203198e26acf11b4e5c7daeafd95f58f26c10
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/ads/richmedia/studio/pv2/61835325/20210624010034874/index.html?e=69&leftOffset=0&topOffset=0&c=jWAGbkyAuO&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 30 Aug 2021 11:18:46 GMT
x-content-type-options
nosniff
last-modified
Thu, 24 Jun 2021 08:00:34 GMT
server
sffe
age
72602
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8985
x-xss-protection
0
expires
Tue, 31 Aug 2021 11:18:46 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 594E 		0
545 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvu_CE6rrimfcpW2SFKAYqDreCgbZgJhAqlHZu_ZSJG-8BjKqo8G724FoQ2nM3c-a_wkABBJboRAmoTHIDxrRheICIDNKCtsuVuMIDREAUw6Q4tD6Sso11kfp49g9_o21Hd986XPURD5b8Eu-8oo1XWbFW8Jlkfkxci4cBvfsv7serHuzoCguPrgvcB41hmZRHPlBklsD7BGlxZMVYFGngFmJJqgYHFJnP3oztjcGLVsLtL_25baRwi1qi_PihyAmz2zVY0-TMP-clZBsCLLCierEzyfDzjp8gIZMS2w5UucY00RL9V03SihXhiu0vvNAq8B7H-wLzAN7QYT3HUOz2jRmPzkmz1eowLd4OpnjZfmLGuUQyHw80gBhjZL96PJuWujNuQEfV9uDFAiZo-i2djeBpd-iV9umzysI32bOdRZmFyRQYuA8fJT5uAFpuLV0UOrIYJGDMtiCNCnP4akiVrw-lHUBbwJpl3vUKWa3c5Ni-4Sd5TqUJSCvXPJldH3w9MJTGKzNKO1Bj8I_23b3lz1O_gB-ccxSjzc9Z5rYzy3jheCgbRRWp0ZJ3wbaYCdPLfRWsMQqhoerwUeKIoMK672qt8GN_Iq6dHZnKwmNXc0qbw7r8-HKtRCZ7bEzSirwRAenMb-BGIbbLG0dKGgPpMZeNnUS2qrHXyySXm07eYfJ9AALuC_noqxpqMy79MkIWSr-z6o6nhXdJNNqpwYMeEIwAFP6HTk2JkNj2LhrM_tYk0-5tv0IqrgC5i3C7ViuyPqmwBMGXE8d8DnYKLzEq4Hdud14Sk1QthFQ0t8OsQiaM1WoeaQ-ufjUalIxkMx-1oLgV64qGWc4voZKD37HO86cnIMUdjT-TzfUdBFAP4aqP-ILNP9N3YkLfAQFPXPzq02w9mPMvlf5hIW4SDL8FFjbcw8VXxrON1Lf3o293r-1X94QQPKfvHNWpMpyrP2aE6nS86gdbyguTEGDXf_kxCwL_cyt3XXWp_Igrz_Pa1utoRsINFZkz7I2d52qAA6rCu64KIoq9mO_GOxztURkkfK8Fkqz_Laxm6sppzFYpWHiB-A1PA287XRWXnp5KsSpz1r7BxwV33hZIdzVDfZpSXxR4659tKLTLWwlp8b305OWe2ypgxi7Qo_GRn1E6gE3NA7SWmAmlIkmkAxKiswkb2Um0jIFwdZAdc4CXMSoeKDTC7D5cpbTVSgNd25h5v0tSzKL_oxF29G14uyxRuNdnSWRoxHqdeQXNVjD4PDg&sai=AMfl-YRd8YNVWl3KD3xl5jpPv4nXHQpXj3NjbzsnTMtwsyue6d6rJQv0vkI5BtZnIL_1IeJ6lHVWcGMAwvIDmOvwExIoTmMN2ea2PA5xyI0tgC2hbX5o9fwpAmVZuLvT-3zgur1INGuB5xNI7Ka4shPNZm9Hdz1Rsg&sig=Cg0ArKJSzNTD88Dc22AkEAE&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=259&vt=11&dtpt=146&dett=3&cstd=106&cisv=r20210826.42823&adurl=
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/game/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s01-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://b4e02b29aa7af6553704a9949471b1cb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

timing-allow-origin
*
date
Tue, 31 Aug 2021 07:28:49 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
CTA.png
s0.2mdn.net/ads/richmedia/studio/pv2/61835325/20210624010034874/images/ Frame B9E4 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/ads/richmedia/studio/pv2/61835325/20210624010034874/images/CTA.png?1624268853274
Requested by
Host: b4e02b29aa7af6553704a9949471b1cb.safeframe.googlesyndication.com
URL: https://b4e02b29aa7af6553704a9949471b1cb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
daf69220aa625855c7299655fdcd09651baf7f05a90ac2d410680d06a106976c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/ads/richmedia/studio/pv2/61835325/20210624010034874/index.html?e=69&leftOffset=0&topOffset=0&c=jWAGbkyAuO&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 30 Aug 2021 11:18:46 GMT
x-content-type-options
nosniff
last-modified
Thu, 24 Jun 2021 08:00:34 GMT
server
sffe
age
72602
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2403
x-xss-protection
0
expires
Tue, 31 Aug 2021 11:18:46 GMT
degradado.png
s0.2mdn.net/ads/richmedia/studio/pv2/61835325/20210624010034874/images/ Frame B9E4 		25 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/ads/richmedia/studio/pv2/61835325/20210624010034874/images/degradado.png?1624268853274
Requested by
Host: b4e02b29aa7af6553704a9949471b1cb.safeframe.googlesyndication.com
URL: https://b4e02b29aa7af6553704a9949471b1cb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ca841561da391cb18e369140cc5fc54cd73e787c56aa5d552dbb051532b4d929
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/ads/richmedia/studio/pv2/61835325/20210624010034874/index.html?e=69&leftOffset=0&topOffset=0&c=jWAGbkyAuO&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 30 Aug 2021 09:04:28 GMT
x-content-type-options
nosniff
last-modified
Thu, 24 Jun 2021 08:00:34 GMT
server
sffe
age
80660
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
25922
x-xss-protection
0
expires
Tue, 31 Aug 2021 09:04:28 GMT
filtros.png
s0.2mdn.net/ads/richmedia/studio/pv2/61835325/20210624010034874/images/ Frame B9E4 		43 KB
43 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/ads/richmedia/studio/pv2/61835325/20210624010034874/images/filtros.png?1624268853274
Requested by
Host: b4e02b29aa7af6553704a9949471b1cb.safeframe.googlesyndication.com
URL: https://b4e02b29aa7af6553704a9949471b1cb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9b97e3503da0f3a4d4a5c57a6df7daa8ac507872261de3df2176877ec3ac1c5d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/ads/richmedia/studio/pv2/61835325/20210624010034874/index.html?e=69&leftOffset=0&topOffset=0&c=jWAGbkyAuO&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 30 Aug 2021 09:04:28 GMT
x-content-type-options
nosniff
last-modified
Thu, 24 Jun 2021 08:00:34 GMT
server
sffe
age
80660
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44035
x-xss-protection
0
expires
Tue, 31 Aug 2021 09:04:28 GMT
fondo1.jpg
s0.2mdn.net/ads/richmedia/studio/pv2/61835325/20210624010034874/images/ Frame B9E4 		155 KB
155 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/ads/richmedia/studio/pv2/61835325/20210624010034874/images/fondo1.jpg?1624268853274
Requested by
Host: b4e02b29aa7af6553704a9949471b1cb.safeframe.googlesyndication.com
URL: https://b4e02b29aa7af6553704a9949471b1cb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8228e5e75f9f527503d03bfa910fdcdce41a4e4ebc671d3a73daa04e9cdf42f3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/ads/richmedia/studio/pv2/61835325/20210624010034874/index.html?e=69&leftOffset=0&topOffset=0&c=jWAGbkyAuO&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 30 Aug 2021 09:04:28 GMT
x-content-type-options
nosniff
last-modified
Thu, 24 Jun 2021 08:00:34 GMT
server
sffe
age
80660
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
158572
x-xss-protection
0
expires
Tue, 31 Aug 2021 09:04:28 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame B9E4 		6 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_245&st=int
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_245.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8493549a606b523d607af09db07cb4190dbfe490fdbf0491eb518bece8bfca69
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 31 Aug 2021 07:28:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4453
x-xss-protection
0
header.png
s0.2mdn.net/ads/richmedia/studio/pv2/61835325/20210624010034874/images/ Frame B9E4 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/ads/richmedia/studio/pv2/61835325/20210624010034874/images/header.png?1624268853274
Requested by
Host: b4e02b29aa7af6553704a9949471b1cb.safeframe.googlesyndication.com
URL: https://b4e02b29aa7af6553704a9949471b1cb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
56da2b31c152c9b90e40b36a7bc624a6ca0280aaf79b61810fd542bf9d8e8c80
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/ads/richmedia/studio/pv2/61835325/20210624010034874/index.html?e=69&leftOffset=0&topOffset=0&c=jWAGbkyAuO&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 30 Aug 2021 11:18:47 GMT
x-content-type-options
nosniff
last-modified
Thu, 24 Jun 2021 08:00:34 GMT
server
sffe
age
72601
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9511
x-xss-protection
0
expires
Tue, 31 Aug 2021 11:18:47 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame B9E4 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_245.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 31 Aug 2021 07:28:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1624308425655142"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6467
x-xss-protection
0
expires
Tue, 31 Aug 2021 07:28:48 GMT
Producto.png
s0.2mdn.net/ads/richmedia/studio/pv2/61835325/20210624010034874/images/ Frame B9E4 		45 KB
45 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/ads/richmedia/studio/pv2/61835325/20210624010034874/images/Producto.png?1624268853274
Requested by
Host: b4e02b29aa7af6553704a9949471b1cb.safeframe.googlesyndication.com
URL: https://b4e02b29aa7af6553704a9949471b1cb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b561f08d85afa446c9aa25af32befe89bab535d5c74d7a30a91dc30a6131e365
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/ads/richmedia/studio/pv2/61835325/20210624010034874/index.html?e=69&leftOffset=0&topOffset=0&c=jWAGbkyAuO&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 30 Aug 2021 09:04:28 GMT
x-content-type-options
nosniff
last-modified
Thu, 24 Jun 2021 08:00:34 GMT
server
sffe
age
80660
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
45712
x-xss-protection
0
expires
Tue, 31 Aug 2021 09:04:28 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 2893 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BnROZMNotYfvcDdmGjuwPq-masAwAAAAAOAHgBAI&bg=!UVKlUhbNAAZOkH6FTpA7ACkAdvg8WncdmskMMUdAddwwfkOqh4YdqPuurgTtN6fiW7T2qe4ZzHPn0QIAAACmUgAAAA1oAQeZAtnA3iPAEZ_rtJpfhY8uwoi4KNthrdAqa89H8qkW3LhzxQAOnzasLWgMvaR1t2ZWZ1FPDym5ksO5xu70bXf50dliyk1dVK5_3DRXONPmOIDcoEeSBaB9g2ODdMWPysxITvXaAe_siSzFn_x_7dE3RLEkhEXuf_DhCFka6sF4fYnIZKVCPNFkx5c3O9NSSf_mCygMTCLS4mz1h-tRYDXZCTLdoIXZoMIlX1X3YL_lvhf2-Ijnxx3lIrv-Ib_4GyFSvqaTT9bugRTiFIeBsd4EVIQV79qO6kXjUxCxId4DEg-nnTMFbmHwh1zEYcODJ4h0wpbmitxWQ4_soyU2YyPwed2MuO95BfjvLa04N8DMBhETOWzIzJR0owjtswXAJTV6hx8Gr5fVK8uvIUfV40kr9INdKXidGMSEZSwMHooeP79pn_2rgYwS9TFsEWYiJYjxoTzDo8UoGNBQ8IWc-J5pcjHybvtJDD2qa2JpMLjzWeHVkjagwcg0JAuCQ1Wors5Q7OqeD2EUM19FgbcOcwMZo849yk7Q44kYZDyg50wiOTzm9z9p7Liy4dBYK1YC-M9ayCea7QMIw_dkyB4sYkoymsE2Krj22svUstq47xPLyT9Ouc_E2IFD_xuqQ6uKs_s303hve7W1rGGguChpMV19zav_SwzvihC8p6K_czsNdU1l8-GF1Xcu8C_WLVT3o5kyZ5eV6JyPkiJvz6ZU_xJ1pukBHps66m_lVTK-nRIKhxuHLJQNSxawpkJmKTL0McmU7CkaEnfZAtuOOz47pABjeUGjEv1hdr7i3KBSBoHklTk_miIgn2Mrw6tX4iqUqvB-mp3wxi19vKGKAGVGEOdhXZrlkySsm3R2_3JUXkzg9kjVbDFKTgTsWSv7D1fa6l-7vsDxin1BRfFmZzmtKpuoHhN2mRYU_Fdj16rlW2sz7lf5fEUxf8lxQM4UpMe2xh9PfLBGaXihDpdlInY
Requested by
Host: b4e02b29aa7af6553704a9949471b1cb.safeframe.googlesyndication.com
URL: https://b4e02b29aa7af6553704a9949471b1cb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 31 Aug 2021 07:28:48 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/224/ Frame 2CA3 		12 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/sodar2/224/runner.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.sanook.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer
https://www.sanook.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
content-length
5029
date
Tue, 31 Aug 2021 07:07:02 GMT
expires
Wed, 31 Aug 2022 07:07:02 GMT
last-modified
Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
1306
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
aframe
www.google.com/recaptcha/api2/ Frame 8705 		783 B
533 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
50f4317a2ed6c468b023cc53bc0871a6b9120358cd45453db9796a31b36f11f0
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-9WyyXw8+Rhg+xKZY3uJ8BA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
www.google.com
:scheme
https
:path
/recaptcha/api2/aframe
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.sanook.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer
https://www.sanook.com/

Response headers

expires
Tue, 31 Aug 2021 07:28:48 GMT
date
Tue, 31 Aug 2021 07:28:48 GMT
cache-control
private, max-age=300
content-type
text/html; charset=utf-8
content-security-policy
script-src 'report-sample' 'nonce-9WyyXw8+Rhg+xKZY3uJ8BA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
514
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
JSi02Q6GJynUs5OPQnU6ClbAiSGuMk75N6kjZ1kLosw.js
pagead2.googlesyndication.com/bg/ Frame A0C1 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/JSi02Q6GJynUs5OPQnU6ClbAiSGuMk75N6kjZ1kLosw.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2528b4d90e862729d4b3938f42753a0a56c08921ae324ef937a92367590ba2cc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 31 Aug 2021 03:47:21 GMT
content-encoding
br
x-content-type-options
nosniff
age
13287
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13290
x-xss-protection
0
last-modified
Mon, 23 Aug 2021 08:38:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 31 Aug 2022 03:47:21 GMT
JSi02Q6GJynUs5OPQnU6ClbAiSGuMk75N6kjZ1kLosw.js
pagead2.googlesyndication.com/bg/ Frame 2CA3 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/JSi02Q6GJynUs5OPQnU6ClbAiSGuMk75N6kjZ1kLosw.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2528b4d90e862729d4b3938f42753a0a56c08921ae324ef937a92367590ba2cc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 31 Aug 2021 03:47:21 GMT
content-encoding
br
x-content-type-options
nosniff
age
13287
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13290
x-xss-protection
0
last-modified
Mon, 23 Aug 2021 08:38:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 31 Aug 2022 03:47:21 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame E576 		0
0
activeview
pagead2.googlesyndication.com/pcs/ Frame CAEF 		0
0
jquery-3.2.1.min.js
code.jquery.com/ 		85 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-3.2.1.min.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/game/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4de0:ac18::1:a:2a , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
nginx /
Resource Hash
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 31 Aug 2021 07:28:48 GMT
content-encoding
gzip
last-modified
Mon, 20 Mar 2017 19:01:15 GMT
server
nginx
etag
W/"58d026fb-15283"
vary
Accept-Encoding
x-hw
1630394928.dop007.fr8.t,1630394928.cds288.fr8.hc,1630394928.cds133.fr8.c
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
30125
async_usersync
ib.adnxs.com/ Frame AEFA 		0
731 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.223.38 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
400.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 31 Aug 2021 07:28:48 GMT
X-Proxy-Origin
91.132.136.86; 91.132.136.86; 400.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
757921ce-dd6a-49f7-9798-5e28242ff64f
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame 8550 		0
731 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.223.38 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
400.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 31 Aug 2021 07:28:48 GMT
X-Proxy-Origin
91.132.136.86; 91.132.136.86; 400.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
37e3673e-6732-4543-b03b-979cc441365a
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 313E 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuQJhJjbxTyUyOnFZBarL70T3kiYnhP-6HqnaqYpVFzOVWaYDzncDAX_US-OJbVXukPE9qSbf_8KxcLrWUMXvumpjQ926yyHlwap6JyVE4pH798FH5Q&sig=Cg0ArKJSzGWSE9aAEq2BEAE&id=lidar2&mcvt=1000&p=957,1045,1207,1345&asp=957,1045,1207,1345&mtos=0,1000,1000,1000,1000&tos=0,1000,0,0,0&v=20210830&bin=7&avms=nio&bs=1600,1200&mc=0.97&app=0&itpl=3&adk=568265319&rs=4&met=mue&la=0&cr=0&osd=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ%3D%3D&vs=4&eosm=0&rst=1630394928020&rpt=210&isd=0&lsd=0&r=v
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 31 Aug 2021 07:28:49 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dc-script-v2.min.js
sal.isanook.com/dc/ 		25 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sal.isanook.com/dc/dc-script-v2.min.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/game/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
203.151.133.6 Bangkok, Thailand, ASN4618 (INET-TH-AS Internet Thailand Company Limited, TH),
Reverse DNS
6.134.151.203.sta.inet.co.th
Software
nginx /
Resource Hash
3742d5b28f7d0667a9e788a9a6867410194c116b62d93bcd6d256dad386189ad

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Tue, 31 Aug 2021 07:28:49 GMT
Last-Modified
Mon, 16 Nov 2020 11:46:30 GMT
Server
nginx
Content-Type
application/javascript
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
25278
Expires
Thu, 30 Sep 2021 07:28:49 GMT
wl
t.pubmatic.com/ 		17 B
181 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.pubmatic.com/wl?pubid=155976
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/game/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.82 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
0d111d61901004eafd87c672f12f6cd54b3c376513aa672bf58100506dfe76f5

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

pragma
no-cache
date
Tue, 31 Aug 2021 07:28:50 GMT
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://www.sanook.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
17
expires
0
wl
t.pubmatic.com/ 		17 B
93 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.pubmatic.com/wl?pubid=155976
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/game/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.82 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
0d111d61901004eafd87c672f12f6cd54b3c376513aa672bf58100506dfe76f5

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

pragma
no-cache
date
Tue, 31 Aug 2021 07:28:50 GMT
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://www.sanook.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
17
expires
0
wl
t.pubmatic.com/ 		17 B
93 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.pubmatic.com/wl?pubid=155976
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/game/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.82 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
0d111d61901004eafd87c672f12f6cd54b3c376513aa672bf58100506dfe76f5

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

pragma
no-cache
date
Tue, 31 Aug 2021 07:28:50 GMT
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://www.sanook.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
17
expires
0
wl
t.pubmatic.com/ 		17 B
93 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.pubmatic.com/wl?pubid=155976
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/game/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.82 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
0d111d61901004eafd87c672f12f6cd54b3c376513aa672bf58100506dfe76f5

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

pragma
no-cache
date
Tue, 31 Aug 2021 07:28:50 GMT
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://www.sanook.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
17
expires
0
activeview
pagead2.googlesyndication.com/pcs/ Frame 594E 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstN7rpLfqZjJKDeDfuRSGZMueRKFtGuKYUF-fifeQMHFWJJ5SM0TOfjCrwvTQQBhuZaMajvczC3noPVzjY-ITRIUQuKRizERW1NClKBosJfK8ssmwSRe1QNwQc&sai=AMfl-YT2KiPVPKrZjD_zQYWc9mdjYJzxK5Tv_hcbY9Urqguv-7LeFC_xtj8d4WOlsLHcunayrEE5YZwQ_LLgwonFojVVNIZBc6XhjIiGpYfOSoSdkrX6uQEPa-MX4Ro&sig=Cg0ArKJSzP1GWp2Mtgn4EAE&cid=CAASEuRoBSkJnM1y1VSYhNv6sSdu3w&id=lidar2&mcvt=1000&p=75,315,325,1285&asp=75,315,325,1285&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20210830&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=20&adk=762236202&rs=4&met=mue&la=1&cr=0&osd=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ%3D%3D&vs=4&eosm=0&rst=1630394927946&rpt=467&isd=0&lsd=0&r=v
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://b4e02b29aa7af6553704a9949471b1cb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 31 Aug 2021 07:28:49 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
query
global.cloud.netacuity.com/webservice/ 		563 B
435 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://global.cloud.netacuity.com/webservice/query?u=04842bc1-ecc8-4db1-aeec-6a7708559ff2&json=true
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/game/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.249.175.116 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-249-175-116.eu-west-1.compute.amazonaws.com
Software
Apache/2.4.46 (Amazon) OpenSSL/1.0.2k-fips /
Resource Hash
65fdced0757d8953ce5c7bbd3b7c2cc4475e6a5b7808b0843ca24ee92b545627

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

access-control-allow-origin
*
date
Tue, 31 Aug 2021 07:28:50 GMT
content-encoding
gzip
server
Apache/2.4.46 (Amazon) OpenSSL/1.0.2k-fips
content-length
255
vary
Accept-Encoding
content-type
application/json;charset=UTF-8
SPug
simage4.pubmatic.com/AdServer/ Frame 013B 		0
128 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=155976&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.114 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 31 Aug 2021 07:28:49 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
a.js
p.adlooxtracking.com/gpt/ 		8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://p.adlooxtracking.com/gpt/a.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/game/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.231.31 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
31.231.107.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
9a59c5e5bf506c979d9baf8521375edc46c510007ea428f877717bdf90a81528
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 31 Aug 2021 07:05:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Sun, 11 Jul 2021 15:29:14 GMT
server
nginx
age
1383
etag
W/"91f36cb612bb5287d05f3c7044927cbe"
vary
Accept-Encoding
content-type
application/javascript
via
1.1 google
cache-control
public, max-age=3600
timing-allow-origin
*
alt-svc
clear
content-length
3532
nr-1071.min.js
js-agent.newrelic.com/ 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js-agent.newrelic.com/nr-1071.min.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/game/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.13.27 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
56097e8b7ceb27db42a5e102af6d11dfdcaee13d8716477a8e242b4957d7a280

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-amz-version-id
null
content-encoding
gzip
etag
"a1a545c95f313a230157b47dca555c25"
x-amz-request-id
DM30SWKKVC6S9RTW
x-cache
HIT
content-length
9086
x-amz-id-2
PB2dZdkBAg3MOl6rQOIJs4rDAwkQxHHgoudypaqkid0YQ+oThDmxYru0sr4ENZXjvzCv3wU/M1w=
x-served-by
cache-fra19178-FRA
last-modified
Wed, 28 Feb 2018 23:33:31 GMT
server
AmazonS3
x-timer
S1630394932.229895,VS0,VE0
date
Tue, 31 Aug 2021 07:28:52 GMT
vary
Accept-Encoding
content-type
application/javascript
via
1.1 varnish
cache-control
public, max-age=7200, stale-if-error=604800
accept-ranges
bytes
x-cache-hits
76
syncframe
gum.criteo.com/ Frame A11D 		11 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.sanook.com
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
58da6480fc50a14bd6f73842552e9bfbd623d883c9a81d68b7d27b52d0afe71c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

:method
GET
:authority
gum.criteo.com
:scheme
https
:path
/syncframe?origin=publishertag&topUrl=www.sanook.com
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.sanook.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer
https://www.sanook.com/

Response headers

cache-control
private, max-age=3600
content-type
text/html; charset=utf-8
content-encoding
gzip
vary
Accept-Encoding
strict-transport-security
max-age=31536000
cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy
require-corp
server-processing-duration-in-ticks
2453
set-cookie
uid=219acbc9-95b2-40de-847b-8ea058800d8b; expires=Sun, 25 Sep 2022 07:28:50 GMT; domain=.criteo.com; path=/; secure; samesite=none
date
Tue, 31 Aug 2021 07:28:51 GMT
content-length
4666
sodar
pagead2.googlesyndication.com/getconfig/ 		11 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021082301&st=env
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/game/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
46cf42cc0f22d22564115453db581ee20e5244c978aca83f11c7ab8d81d0d99d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 31 Aug 2021 07:28:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8490
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021082301.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 31 Aug 2021 07:28:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1624308425655142"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6467
x-xss-protection
0
expires
Tue, 31 Aug 2021 07:28:51 GMT
sid
mug.criteo.com/ Frame A11D
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=sanook.com&sn=ChromeSyncframe&so=0&topUrl=www.sanook.com&cw=1
  • https://mug.criteo.com/sid?cpp=g5zBgXxoWlErbFhyNXptNnMwMnkwdStleEUzdE5oeTJDSkNZSXE5QzhXV1FIQ2w5ckhyTlk2QU9EQnlGQjgrV3BhYnRXbUpGY3JOc0w2SHBJRElnekFYemFkMFhQenRRNlBDUWpSOVlBazFsakpFcThMZFBobm9jYkZVZX...
428 B
620 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=g5zBgXxoWlErbFhyNXptNnMwMnkwdStleEUzdE5oeTJDSkNZSXE5QzhXV1FIQ2w5ckhyTlk2QU9EQnlGQjgrV3BhYnRXbUpGY3JOc0w2SHBJRElnekFYemFkMFhQenRRNlBDUWpSOVlBazFsakpFcThMZFBobm9jYkZVZXVzTWRLekF5Q253Uk5QN2FYVEVKbkRzZHBEY1p4WUx5bmtnM3RwQUJSMFFodkhxcHVmTTNVTGE3ODdyNFgrZ1JkV3JUSloyUWNSUkJLWGdWSktXeVFuR2FPcUM1aWsyRHBOL3U5NGpyMjhjc2lDbER1L1VNKzczcnVQSWhpZ1FrL2YrSXhGdURXWU5hekhPa2ZjdEZRak9CZCtqQjMrZz09fA&cppv=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
c42e2b295ff16ed8ef65679e7549a5be0aa3d4ad469c432f8c40cbd96479383c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
content-encoding
gzip
date
Tue, 31 Aug 2021 07:28:51 GMT
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
2206
expires
0

Redirect headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Tue, 31 Aug 2021 07:28:50 GMT
content-type
text/html; charset=utf-8
location
https://mug.criteo.com/sid?cpp=g5zBgXxoWlErbFhyNXptNnMwMnkwdStleEUzdE5oeTJDSkNZSXE5QzhXV1FIQ2w5ckhyTlk2QU9EQnlGQjgrV3BhYnRXbUpGY3JOc0w2SHBJRElnekFYemFkMFhQenRRNlBDUWpSOVlBazFsakpFcThMZFBobm9jYkZVZXVzTWRLekF5Q253Uk5QN2FYVEVKbkRzZHBEY1p4WUx5bmtnM3RwQUJSMFFodkhxcHVmTTNVTGE3ODdyNFgrZ1JkV3JUSloyUWNSUkJLWGdWSktXeVFuR2FPcUM1aWsyRHBOL3U5NGpyMjhjc2lDbER1L1VNKzczcnVQSWhpZ1FrL2YrSXhGdURXWU5hekhPa2ZjdEZRak9CZCtqQjMrZz09fA&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
1822
content-length
541
expires
0
runner.html
tpc.googlesyndication.com/sodar/sodar2/224/ Frame 8ACE 		12 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/sodar2/224/runner.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.sanook.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer
https://www.sanook.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
content-length
5029
date
Tue, 31 Aug 2021 07:07:02 GMT
expires
Wed, 31 Aug 2022 07:07:02 GMT
last-modified
Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
1309
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
aframe
www.google.com/recaptcha/api2/ Frame 2498 		783 B
783 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
0309fccd5dbd9c4b4a5e58e7fa50cc54d5da67e4634873969807c90b56477cf8
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-1G62Ium+RwSNfZ0mULSZNA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
www.google.com
:scheme
https
:path
/recaptcha/api2/aframe
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.sanook.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer
https://www.sanook.com/

Response headers

expires
Tue, 31 Aug 2021 07:28:51 GMT
date
Tue, 31 Aug 2021 07:28:51 GMT
cache-control
private, max-age=300
content-type
text/html; charset=utf-8
content-security-policy
script-src 'report-sample' 'nonce-1G62Ium+RwSNfZ0mULSZNA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
514
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
JSi02Q6GJynUs5OPQnU6ClbAiSGuMk75N6kjZ1kLosw.js
pagead2.googlesyndication.com/bg/ Frame 8ACE 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/JSi02Q6GJynUs5OPQnU6ClbAiSGuMk75N6kjZ1kLosw.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2528b4d90e862729d4b3938f42753a0a56c08921ae324ef937a92367590ba2cc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 31 Aug 2021 03:47:21 GMT
content-encoding
br
x-content-type-options
nosniff
age
13290
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13290
x-xss-protection
0
last-modified
Mon, 23 Aug 2021 08:38:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 31 Aug 2022 03:47:21 GMT
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=224&t=2&li=gpt_2021082301&jk=477062591678860&bg=!8vGl8bXNAAZOkH6FTpA7ACkAdvg8WpxbMBCBvzhd-Dfvyse1HJwa8YHRg8Ux7-lP3RkSECnF3Jf18QIAAAB4UgAAAA5oAQcKAGXsdjmK1lQ1Fm-W-gq8tnGEhFw9oQcDKR7ef-_CEXT07Sq3aEdi0F-KgEOd1uFyYlmyY4tVmwNg1bUKotmH3ugI6SiouefAxmkyjiYXVXm5-IWEFb3QgWsk6E-CXaT64ty_pYIGMJkCdvSHtC7Ds50LMqzdI7nLo8OyYwo9oBBBb2kXo0GV9gYBHjLlWTmxgzlRV3D5o2L7uTfBgW53k2ktpFcvuZs4yO-E6Db73V8jd3M-Pnqb-rWS1_rX_vWI1zPvHKSg7ccIXo9JRa0-sbXj-DkjZg9vapIS7_5nwnZ6jdRBwiz6oM3FjEyo4REGYyQG6yfpgG74XDD8OzFnvoCoNM8rM1EH2caFvztbOgrONF9Bp7pwSYtZyuELUKUPXfpxwVUkDWHPwivBDDo999t2rG4nweGcDp0T3AocJw0tQy_BN8QQ_qBu5d0gF_N6VyisI1dEYR-JKfyu8Oa-bRAFHD3d8e0JKQsav7b6Km9srvsrB95RJp20i2j8Bz5AfbIptiacgvrAZopDwEtS0aymj1VJHgWC9hYBPOxG4yspvFUJIc6lEn5SO25DlX5nvLSxep-tHdEbpCEJYYa28NhkYj5c2W3DraWTSqJPmfwUF-EQE_OIIAhIkgesTaRE-tXntkWwjCnLAk893jBulJXzdBnEJywY_as5efqrjKvxWoiVokDdeFtAZegaipL1BGKTf0M0HsssV74AAkrTIUiUBpAchbBOvgYkZMLqW311eFx1YVf4zzuwa5G52dZOUWCvPEFuLOvN19v-ZMmI7_R69liQhREpRAK4AI3XizWBFx3DNp8WzS7WwgVsAp9Fz9FN_VuWNUCKkyDGYXFcuZF-elpSpiFPBlohYtP-zq_o391fMKRFwQWeCK8vuI-46eRJGasPsFozph0SPJLOYRlIBVGNQITOailaAzrpK7pJEWQY49nUm68dU3rmPHvKo9PeJKed-MEFhgDYFPYXBg
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers
8f062114d3
bam.nr-data.net/1/ 		57 B
278 B 		Script
General
Check archive.org
Download Go to
Full URL
https://bam.nr-data.net/1/8f062114d3?a=50891400&sa=1&v=1071.385e752&t=Unnamed%20Transaction&rst=11824&ref=https://www.sanook.com/game/&be=4771&fe=11016&dc=4933&af=err,xhr,stn,ins&perf=%7B%22timing%22:%7B%22of%22:1630394920412,%22n%22:0,%22f%22:2195,%22dn%22:2196,%22dne%22:3014,%22c%22:3014,%22s%22:3024,%22ce%22:3674,%22rq%22:3674,%22rp%22:3976,%22rpe%22:4188,%22dl%22:3978,%22di%22:4934,%22ds%22:4934,%22de%22:4934,%22dc%22:11016,%22l%22:11016,%22le%22:11021%7D,%22navigation%22:%7B%7D%7D&jsonp=NREUM.setToken
Requested by
Host: js-agent.newrelic.com
URL: https://js-agent.newrelic.com/nr-1071.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
162.247.242.18 , United States, ASN23467 (NEWRELIC-AS-1, US),
Reverse DNS
bam-6.nr-data.net
Software
/
Resource Hash
f69a13217482dc43f25e74cfcb9391d0f06d22501f10f5cb5e413d2d98a5cd23

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Expires
Thu, 01 Jan 1970 00:00:00 GMT
Content-Length
57
Content-Type
text/javascript;charset=iso-8859-1
jquery-1.8.3.min.js
s.isanook.com/sh/0/js/ 		91 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sh/0/js/jquery-1.8.3.min.js
Requested by
Host: s.isanook.com
URL: https://s.isanook.com/sr/0/_next/static/chunks/296c2f46e05a3698b69e11aff904f199bbae8293.917adce89b0ea44db467.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
61.91.221.41 Bangkok, Thailand, ASN38082 (IIT-TIG-AS-AP True International Gateway Co., Ltd., TH),
Reverse DNS
61-91-221-41.static.asianet.co.th
Software
Lego Server /
Resource Hash
61c6caebd23921741fb5ffe6603f16634fca9840c2bf56ac8201e9264d6daccf

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 24 Aug 2021 04:02:48 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit, Hit From Inner Cluster
last-modified
Wed, 18 Sep 2013 06:11:51 GMT
server
Lego Server
age
301
etag
"52394427-16dc4"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000, s-maxage=10
x-nws-log-uuid
17225297049600340312
accept-ranges
bytes
content-length
33479
expires
Thu, 23 Sep 2021 04:02:48 GMT
sanook-notification.1.0.3.min.js
s.isanook.com/no/1/js/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/no/1/js/sanook-notification.1.0.3.min.js
Requested by
Host: s.isanook.com
URL: https://s.isanook.com/sr/0/_next/static/chunks/296c2f46e05a3698b69e11aff904f199bbae8293.917adce89b0ea44db467.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
61.91.221.41 Bangkok, Thailand, ASN38082 (IIT-TIG-AS-AP True International Gateway Co., Ltd., TH),
Reverse DNS
61-91-221-41.static.asianet.co.th
Software
Lego Server /
Resource Hash
d282b4b30237c9c12f3dfdc0eb87274bcc7c140ac33733c663301d54a57e70bd

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 25 Aug 2021 00:33:12 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit
last-modified
Tue, 08 Oct 2019 09:05:20 GMT
server
Lego Server
age
0
etag
W/"5d9c5150-842"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000, s-maxage=10
x-nws-log-uuid
6056079920005411961
accept-ranges
bytes
content-length
1054
expires
Fri, 24 Sep 2021 00:33:12 GMT
sanook-notification-v1.017b.css
s.isanook.com/sh/0/cs/ 		3 KB
1004 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sh/0/cs/sanook-notification-v1.017b.css
Requested by
Host: s.isanook.com
URL: https://s.isanook.com/sh/0/js/jquery-1.8.3.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
61.91.221.41 Bangkok, Thailand, ASN38082 (IIT-TIG-AS-AP True International Gateway Co., Ltd., TH),
Reverse DNS
61-91-221-41.static.asianet.co.th
Software
Lego Server /
Resource Hash
cda8e751c232a6ad5c61a5ea42846abf027f3bf7155b91655a6994837f06467f

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 29 Aug 2021 01:07:25 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit, Hit From Inner Cluster
x-original-content-length
3433
server
Lego Server
age
0
etag
W/"5d9c5105-d69"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
x-nws-log-uuid
10117528150502814071
accept-ranges
bytes
content-length
825
expires
Tue, 28 Sep 2021 01:07:25 GMT
socket.io.min.1.0.js
s.isanook.com/no/1/js/ 		42 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/no/1/js/socket.io.min.1.0.js
Requested by
Host: s.isanook.com
URL: https://s.isanook.com/no/1/js/sanook-notification.1.0.3.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
61.91.221.41 Bangkok, Thailand, ASN38082 (IIT-TIG-AS-AP True International Gateway Co., Ltd., TH),
Reverse DNS
61-91-221-41.static.asianet.co.th
Software
Lego Server /
Resource Hash
7d1e4a5c70c6d44d81ffdcda7e780e82b161181b9bf77345021ccbf3039b0e0c

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sat, 28 Aug 2021 16:34:30 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit, Hit From Inner Cluster
x-original-content-length
43330
server
Lego Server
age
0
etag
W/"52393b2d-a942"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000, s-maxage=10
x-nws-log-uuid
6029144384719028378
accept-ranges
bytes
content-length
13513
expires
Mon, 27 Sep 2021 16:34:30 GMT
dc_oe=ChMI-7SptN7a8gIVWYODBx2rtAbGEAAYACCk04tJQhMI4oCHtN7a8gIV0657Ch28TQqM;met=1;&timestamp=1630394938636;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;
ade.googlesyndication.com/ddm/activity/ Frame 594E 		42 B
254 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMI-7SptN7a8gIVWYODBx2rtAbGEAAYACCk04tJQhMI4oCHtN7a8gIV0657Ch28TQqM;met=1;&timestamp=1630394938636;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s01-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://b4e02b29aa7af6553704a9949471b1cb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 31 Aug 2021 07:28:58 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
notification.sanook.com/socket.io/1/ 		71 B
309 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://notification.sanook.com:9402/socket.io/1/?t=1630394942479
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/game/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
203.151.133.55 Bangkok, Thailand, ASN4618 (INET-TH-AS Internet Thailand Company Limited, TH),
Reverse DNS
55.134.151.203.sta.inet.co.th
Software
/
Resource Hash
f5bb99939067a496cd789f559cacd8ce49f0141e5367eb9cbc359afe852c38bb

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Access-Control-Allow-Origin
https://www.sanook.com
Date
Tue, 31 Aug 2021 07:29:03 GMT
Access-Control-Allow-Credentials
true
Connection
keep-alive
Transfer-Encoding
chunked
Content-Type
text/plain

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
p3.isanook.com
URL
https://p3.isanook.com/sh/0/di/ac/vl/spacer.gif
Domain
cm.g.doubleclick.net
URL
https://cm.g.doubleclick.net/pixel?google_nid=chocolateplatform&google_hm=Y3AtOWI2ZjdlNjZmOWFmNDFlODQ1NGYwNDMzNWUzYjA1MWI=&google_push=AYg5qPKTbEd5r8AfUvt5DlEwhwo-2cQF-OjI3VZRG1K_yo1VU3x_YVRevJukI5525UcRejidzcSvqtEUL4SFpRelOx4Nu5vS4-_bhA&google_tc=
Domain
pagead2.googlesyndication.com
URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsv5cQulU2YsBSM94HXNAzeAPUrlVCWGvEz-_jVyalVOmHTcfxM5EZeXd7v1Ey6K_wYAnepXY93tagOD4S3DvGRfn4G8ljnuz3DhEMMSu6V6xEqKbGpO&sig=Cg0ArKJSzAXmcMX_LiyTEAE&id=lidartos&mcvt=0&p=0,0,0,0&asp=0,0,0,0&mtos=0,0,0,0,0&tos=0,0,0,0,0&v=20210830&bin=7&avms=nio&bs=1600,1200&mc=0&app=0&itpl=19&adk=551847161&rs=4&met=ce&la=0&cr=0&osd=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ%3D%3D&vs=3&eosm=0&rst=1630394927541&rpt=720&isd=0&lsd=0&r=u&ec=0
Domain
pagead2.googlesyndication.com
URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsslN85MriKO3pNtYu6Oxb2mkxI5tbI-h1ZY-K09caTFUFNag50bnuvW7HFMECvhyPMFbgAsS_hXjE-lSOyLtBP6bjSOMgtln11QrXn_bJp5w91H3NgZ&sig=Cg0ArKJSzKHomfY2RRM5EAE&id=lidartos&mcvt=0&p=0,0,0,0&asp=0,0,0,0&mtos=0,0,0,0,0&tos=0,0,0,0,0&v=20210830&bin=7&avms=nio&bs=1600,1200&mc=0&app=0&itpl=19&adk=1033481451&rs=4&met=ce&la=0&cr=0&osd=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ%3D%3D&vs=3&eosm=0&rst=1630394928314&rpt=131&isd=0&lsd=0&r=u&ec=0

Verdicts & Comments Add Verdict or Comment

469 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated object| objGTMInitialValue object| smiData boolean| GTMFirstLoad object| dataLayer function| getPage boolean| THFirstLoad string| page string| SanookAnalyticsObject function| snSAL object| m function| fbq function| _fbq object| NREUM object| newrelic function| __nr_require string| deviceOS object| _izq object| criteo_pubtag object| criteo_pubtag_112 object| Criteo object| Criteo_112 object| google_tag_manager object| PWT object| googletag object| google_tag_data string| GoogleAnalyticsObject function| ga object| gaplugins object| gaGlobal object| gaData function| onYouTubeIframeAPIReady function| GooglemKTybQhCsO function| google_trackConversion object| GooglebQhCsO object| google_optimize function| _UA-8147095-6_sendHitTask string| hash string| turlnameindex string| _hsv string| _ht string| _ctg string| _hc number| __thflag undefined| stat_frm string| truehitsurl object| tga number| VisitorT number| onSeconds string| p_cookie function| getLogonTime function| getLogoffTime function| path_cookie function| logon_getcookie function| Tracker function| _rdId function| _toHex function| _gsc function| _Flv function| _Hash function| _ref function| collector function| th_ajax_tracker function| domain_cmp string| __th_page string| udf string| arg string| _narg string| rf string| truehitsurl_top object| th_img object| th_link function| owpbjsChunk object| owpbjs object| _pbjsGlobals object| ucTag object| OWT string| partnerName string| key object| ggeac object| google_js_reporting_queue function| Goog_AdSense_getAdAdapterInstance function| Goog_AdSense_OsdAdapter undefined| google_measure_js_timing object| _comscore object| innityDataLayer object| webpackJsonp object| __BUILD_MANIFEST object| regeneratorRuntime object| __NEXT_DATA__ object| __NEXT_P object| next function| __NEXT_PRELOADREADY object| container undefined| _izAlt object| izConfig function| _izooto function| udm_ object| ns_p object| COMSCORE object| innitytagmgr boolean| bG57b51f2f1c51b15b6d1e8553 object| _innityq boolean| isLottoContent object| __consolidated_events_handlers__ boolean| snBillboardPlaceholder object| _taboola object| googleToken object| googleIMState function| processGoogleToken number| __google_ad_urls_id number| google_unique_id string| Oe string| Ce string| Ae string| Te string| Ee string| Le string| Ie string| Pe string| Ve string| Me string| Ne string| De string| Re string| He string| Be function| Fe function| $e object| qe function| ze function| Ge function| Xe function| We function| Ue function| Ke boolean| Ze function| Je function| Ye function| Qe function| tn function| en function| nn function| rn function| an function| on object| sn object| cn function| un object| saplugins object| saGlobal object| _innity_wtl object| _innityoq object| V object| _iampt number| dz boolean| bG5f47736a47e7049801000002 object| scCGSHMRCache object| vttjs function| WebVTT object| Base64 object| billboardRefreshList object| __google_ad_urls boolean| google_osd_loaded boolean| google_onload_fired function| Goog_Osd_UnloadAdBlock function| Goog_Osd_UpdateElementToMeasure function| google_osd_amcb object| ampInaboxIframes object| ampInaboxPendingMessages object| msgData number| time_interval number| min_view_andbeyond number| min_view number| timebased_refresh_andbeyond number| residual number| refresh_andbeyond number| number number| refresh number| iframes object| observ object| slot_vis object| start_time object| total_vis string| country_rtb1 string| city_rtb string| city_ip string| city_region string| Countrytimezone number| timedate1 number| andstatus300 number| andstatus3001 number| prebid_active number| newtestunitcount number| adlooksstatus number| adlooksstatus1 number| adloox_fraud number| andbeyondadult function| calcTime undefined| width undefined| height object| block_url number| size3001status number| size3002status number| size3003status number| size3004status number| size3005status number| size3006status number| size3007status number| size3008status number| size3009status number| size30010status number| size30011status number| size30012status number| size30013status number| size30014status number| size30015status number| size30016status number| size30017status number| size30018status number| size30019status number| size30020status number| size30021status number| size30022status number| size30023status number| size30024status number| size30025status number| size30026status number| size30027status number| size30028status number| size30029status number| size30030status number| size30031status number| size30032status number| size30033status number| size30034status number| size30035status number| size30036status number| size30037status number| size30038status number| size30039status number| size30040status number| size30041status number| size30042status number| size30043status number| size30044status number| size30045status number| size6001status number| size6002status number| size6003status number| size6004status number| size6005status number| size6006status number| size6007status number| size6008status number| size60010status number| size7281status number| size7282status number| size7283status number| size7284status number| size7285status number| size7286status number| size7287status number| size7288status number| size7289status number| size72810status number| size72811status number| size72812status number| size72813status number| size72814status number| size72815status number| size72816status number| size72817status number| size72818status number| size72819status number| size72820status number| size72821status number| size72822status number| size72823status number| size72824status number| size72825status number| size9701status number| size9702status number| size9703status number| size9704status number| size9705status number| size9706status number| size9707status number| size9708status number| size9709status number| size97010status number| size9702501status number| size9702502status number| size9702503status number| size9702504status number| size9702505status number| size9702506status number| size9702507status number| size9702508status number| size9702509status number| size97025010status number| size1201status number| size1202status number| size1203status number| size1204status number| size1205status number| size1206status number| size1601status number| size1602status number| size1603status number| size1604status number| size1605status number| size1606status number| size1607status number| size1608status number| size1609status number| size3201status number| size3202status number| size3203status number| size3204status number| size3205status number| size3206status number| size3207status number| size3208status number| size3209status number| size32010status number| size32011status number| size32012status number| size32013status number| size32014status number| size32015status number| size32016status number| size32017status number| size32018status number| size32019status number| size32020status number| size32021status number| size1001status number| size1002status number| size1003status number| size1004status number| size1005status number| size1006status number| size1007status number| size1008status number| size1009status number| size10010status number| size4681status number| size4682status number| size4683status number| size4684status object| label_adapter object| machine_rules function| isInteger number| tier2 number| tier3 number| globalandbeyond number| factor_internal number| timebased number| timebased_refresh number| timer_refresh number| factor_visible number| factor_tier1 number| factor_tier2 string| factor_tier1_text string| factor_tier2_text string| no_refresh boolean| detectPartial number| highcpm number| highcpm1 number| windowwandtest number| strategy function| myTimer number| myVar function| isVisible number| randomval1 number| network1 number| network2 number| percent1 number| namemc function| bidadjust1 number| windowwidth2 number| PREBID_TIMEOUT_NEW number| floor number| ref object| pbjs object| activeadunit object| divandbeyond number| andbeyondtotalSeconds number| andbeyondtotalSeconds1 undefined| andbeyondtimestop function| andbeyonddisps function| addListenerMulti boolean| idleStates object| idleTimers object| block_domain_creative string| pathurl12 number| geoindiablock function| callbackand0 function| $ function| jQuery string| DataCollectionObject function| datCol string| Ct string| At string| cd35 string| cd36 object| adloox_pubint object| ignore object| GoogleGcLKhOms object| google_image_requests number| refreshval number| number5 number| success number| timeflag string| idnew2 number| knew number| j number| newidflag string| vs3 number| nextactive number| nextpassive number| time_refreshunit number| nextnumber number| pos number| passivergptuniversalb2 number| activergptuniversalb2 number| time_refreshunitrgptuniversalb2 number| nextnumberrgptuniversalb2 number| newflag number| diff number| flagnewone number| passivergptbillboard3 number| activergptbillboard3 number| time_refreshunitrgptbillboard3 number| nextnumberrgptbillboard3 number| passivergptreca5 number| activergptreca5 number| time_refreshunitrgptreca5 number| nextnumberrgptreca5 object| SanookNotification object| io boolean| WEB_SOCKET_DISABLE_AUTO_INITIALIZATION

8 Cookies

Domain/Path Name / Value
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission
.casalemedia.com/ Name: CMRUM3
Value: c4612dda33276003030001_612dda334fe9f
.casalemedia.com/ Name: CMPRO
Value: 1219
.casalemedia.com/ Name: CMID
Value: YS3aM6kzpELAiYAdSeSpTwAA
.casalemedia.com/ Name: CMST
Value: YS3aM2Et2jMA
.rubiconproject.com/ Name: khaos
Value: KSZR1LDG-1Z-1B0F
.rubiconproject.com/ Name: audit
Value: 1|hLZGFuTafB1kArltbSECmNQ7TXX4J0ie7TI8f3IMDXedihL3iLa749t8aoucH7kfntxYt10kpOMmGweUluV0Nyh+1swAsNNxpmvllXEtYN4=
.casalemedia.com/ Name: CMPS
Value: 5207

29 Console Messages

Source Level URL
Text
console-api warning URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js(Line 1)
Message:
fun-hooks: referenced 'registerAdserver' but it was never created
console-api log URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js(Line 1)
Message:
Calling handler function
console-api log URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js(Line 1)
Message:
Calling handler function
console-api warning URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021082301.js(Line 6)
Message:
[GPT] Cannot find targeting attribute "crt_pb" for "/4899711/game.sanook/desktop/all/indexpage/reca".
console-api warning URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021082301.js(Line 6)
Message:
[GPT] Cannot find targeting attribute "crt_bidid" for "/4899711/game.sanook/desktop/all/indexpage/reca".
console-api log URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js(Line 1)
Message:
Calling handler function
console-api log URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js(Line 1)
Message:
Calling handler function
console-api log URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js(Line 1)
Message:
Calling handler function
console-api log URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js(Line 1)
Message:
Calling handler function
console-api log URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js(Line 1)
Message:
Calling handler function
console-api log URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js(Line 1)
Message:
Calling handler function
console-api log URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js(Line 1)
Message:
Calling handler function
console-api log URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js(Line 1)
Message:
Calling handler function
console-api log URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js(Line 1)
Message:
Calling handler function
console-api log URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js(Line 1)
Message:
Calling handler function
console-api log URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js(Line 1)
Message:
Calling handler function
console-api warning URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021082301.js(Line 6)
Message:
[GPT] Cannot find targeting attribute "crt_pb" for "/4899711/game.sanook/desktop/all/indexpage/reca".
console-api warning URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021082301.js(Line 6)
Message:
[GPT] Cannot find targeting attribute "crt_bidid" for "/4899711/game.sanook/desktop/all/indexpage/reca".
console-api log URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js(Line 1)
Message:
Calling handler function
console-api log URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js(Line 1)
Message:
Calling handler function
console-api log URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js(Line 1)
Message:
Calling handler function
console-api log URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js(Line 1)
Message:
Calling handler function
console-api log URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js(Line 1)
Message:
Calling handler function
console-api log URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js(Line 1)
Message:
Calling handler function
console-api log URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js(Line 1)
Message:
Calling handler function
console-api log URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js(Line 1)
Message:
Calling handler function
console-api log URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js(Line 1)
Message:
Calling handler function
console-api log (Line 18710)
Message:
Country1CH
console-api log URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61835325/20210624010034874/index.html?e=69&leftOffset=0&topOffset=0&c=jWAGbkyAuO&t=1&renderingType=2(Line 250)
Message:
1

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=15724800; includeSubDomains;

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.teads.tv
acdn.adnxs.com
ad.turn.com
ad4m.at
ade.googlesyndication.com
ads.avct.cloud
ads.pubmatic.com
ads.yahoo.com
ads.yieldmo.com
adservice.google.ch
adservice.google.com
adservice.google.de
ajax.googleapis.com
ap.lijit.com
api.u1sf.com
avd.innity.com
avd.innity.net
b4e02b29aa7af6553704a9949471b1cb.safeframe.googlesyndication.com
bam.nr-data.net
bd32c7d69457b9a3804e3ec032720be5.safeframe.googlesyndication.com
bh.contextweb.com
bidder.criteo.com
c1.adform.net
cm.g.doubleclick.net
code.jquery.com
connect.facebook.net
d5p.de17a.com
dis.criteo.com
dsp.adfarm1.adition.com
dsum-sec.casalemedia.com
dsum.casalemedia.com
eb2.3lift.com
eu-u.openx.net
eus.rubiconproject.com
fastlane.rubiconproject.com
game.sanook.com
global.cloud.netacuity.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
graph.sanook.com
gu.dyntrk.com
gum.criteo.com
hbopenbid.pubmatic.com
htlb.casalemedia.com
ib.adnxs.com
id.crwdcntrl.net
id.rlcdn.com
id5-sync.com
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
img-as.fsanook.com
js-agent.newrelic.com
js-sec.indexww.com
lvs2.truehits.in.th
match.adsby.bidtheatre.com
match.adsrvr.org
match.prod.bidr.io
mug.criteo.com
mwzeom.zeotap.com
notification.sanook.com
p.adlooxtracking.com
p3.isanook.com
pagead2.googlesyndication.com
pixel-sync.sitescout.com
pixel.onaudience.com
pixel.quantserve.com
pixel.rubiconproject.com
pm.w55c.net
pr-bh.ybp.yahoo.com
pubmatic-match.dotomi.com
px.owneriq.net
rtb-csync.smartadserver.com
rtb-eu.andbeyond.media
s.ad.smaato.net
s.amazon-adsystem.com
s.isanook.com
s0.2mdn.net
sal.isanook.com
sb.scorecardresearch.com
secure.adnxs.com
securepubads.g.doubleclick.net
simage2.pubmatic.com
simage4.pubmatic.com
sonata-notifications.taptapnetworks.com
spl.zeotap.com
ssum-sec.casalemedia.com
static.criteo.net
stats.g.doubleclick.net
sync-tm.everesttech.net
sync.crwdcntrl.net
sync.mathtag.com
sync.srv.stackadapt.com
t.pubmatic.com
tencentth-d.openx.net
token.rubiconproject.com
tpc.googlesyndication.com
um.simpli.fi
ups.analytics.yahoo.com
us-u.openx.net
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
www.sanook.com
x.bidswitch.net
cm.g.doubleclick.net
p3.isanook.com
pagead2.googlesyndication.com
101.33.11.45
101.33.11.88
104.111.242.53
104.117.200.100
104.92.102.247
119.81.192.134
13.224.93.120
13.224.93.85
13.248.242.197
13.248.245.213
142.250.184.226
150.109.90.96
151.101.13.27
151.101.14.49
159.253.128.188
162.247.242.18
172.217.16.130
178.250.0.157
178.250.2.131
178.250.2.151
178.62.202.251
18.158.226.176
185.29.132.245
185.33.223.38
185.64.189.110
185.64.189.112
185.64.189.114
185.64.189.115
185.64.190.80
185.64.190.82
185.86.139.113
198.148.27.140
2.18.232.130
2.18.232.7
2.18.233.180
2.18.234.21
2.21.111.28
2001:4de0:ac18::1:a:2a
2001:678:cb4:bbbb::11
203.151.128.134
203.151.133.5
203.151.133.55
203.151.133.6
213.155.156.169
216.52.2.39
216.58.212.162
2606:4700:10::6816:1857
2606:4700:3039::6815:c06a
2620:116:800d:21:5a23:9c4e:e774:96c1
2a00:1288:110:c305::8000
2a00:1288:80:800::7001
2a00:1450:4001:800::2002
2a00:1450:4001:801::200e
2a00:1450:4001:803::2002
2a00:1450:4001:808::2002
2a00:1450:4001:809::2002
2a00:1450:4001:80e::2003
2a00:1450:4001:80e::2008
2a00:1450:4001:80f::2002
2a00:1450:4001:810::2002
2a00:1450:4001:811::2006
2a00:1450:4001:812::2001
2a00:1450:4001:813::2001
2a00:1450:4001:829::2001
2a00:1450:4001:829::2003
2a00:1450:4001:82a::2004
2a00:1450:4001:82b::2002
2a00:1450:4001:82b::200a
2a00:1450:4001:82f::2001
2a00:1450:4001:82f::2002
2a00:1450:4001:830::2002
2a00:1450:400c:c06::9a
2a02:2638::1c
2a02:2638::3
2a02:fa8:8806:13::1370
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f12d:181:face:b00c:0:25de
3.126.56.137
34.107.231.31
34.204.22.100
34.249.175.116
34.251.138.107
34.98.64.218
35.156.165.31
35.244.174.68
37.157.4.39
51.178.20.140
51.222.80.231
51.89.21.21
52.17.151.21
52.209.129.133
52.30.222.33
52.46.133.124
54.93.122.90
61.91.221.41
61.91.93.188
66.155.71.25
69.173.144.140
69.173.144.165
77.245.57.78
85.114.159.93
02729899e910c0a0a5fe129ddf1906312da5be7e415b1b2272d216385759b0a8
0309fccd5dbd9c4b4a5e58e7fa50cc54d5da67e4634873969807c90b56477cf8
0414d0221112224b4c926de91a6e316f9d9aba685aa8b05fd0654848d8fcdf55
0464387ee82b37e9d2fe2be926c1e42e5a05acf1bf319cbed950509071f16e8f
066c45e1a68e732e622fd2b52e4404cb40e994495e4e7f7f2dbde18fd6f7d9f3
071f98fff473edd419315173162dd731e898925cfa6abc98b871167a24c36e62
076d24cbdcf9e0597833fef55d3dca79e6b5fd281e45d85957bea5925473bc6c
077b53e487a4b84dd831886b28850a97e43e90d7fcd08e252997a8a74326c42e
0a0b2d30cbad3f67df5133ebd2da1e1b22894626f1ed0a520a9fce8f1201ea38
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0d111d61901004eafd87c672f12f6cd54b3c376513aa672bf58100506dfe76f5
10a205fc2cc3517404f43d3bde877484d39d933452cbb8307d84f2a690a48600
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
114dabe187311ee2e303549831223ef80d06385cb854e2aa1647ec1e0ca148f5
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
13b292735840b3088bad3d16cbd31ff3735b8e59c10628f56daab9c52abce0c3
140582e47785a6324e4440adcd51bc14005892d083eff72f66265b568db5933b
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
16a2cfaddde9f8f14a15abd953b203198e26acf11b4e5c7daeafd95f58f26c10
16ab2b0ef702fcf0ebda607376f9d1bf01c16ed05e922526ae8ef68902259068
17420b908e18f0ad3553f39101d9e7330c9d593732eb5fed1a557f365f1a7dca
180425af28d98940d88774e896fe688dcb33b41df94ac547989b4d41d6925f5c
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
19b04e0c61404ccd5b79be211d2724e2e2c0a331bcf8fc2ca1a5fd035020a1eb
19dd274fc2f8319a727f0c14e7a80d27c5f9eeec3bd06169be4155fa9d6ae377
1b11dad4e190b9d91e1dce97d4cf40e7417c6c2875c29fa5b611fa9e25d4fde5
1c953111e5f3c41e7146657e60741aba6824e5fed81633fa538273ea08978dfb
1f3a1c6c709557abdb6d89dab8b86d8f9a5db9961647ec29dbce164c127031db
202c62154b85f60edb1b14a28a22e83e5a87f97f2c5f8567590cedea75a0cd78
206e35109f6c8f608a2cb02c05a8845c02b77e47d94e351c159c804c473e35f4
20ed784d70e42f819e8c8cf2ccc365fc61d3b84a69e3053552990c7a73a10186
245bdaa482e105217dbc2119af1ada35e517bccf8ebfcc1f3794aa88f9a2cad3
2469e4381d00e9a81777063691b88155b98cfa3a1fbf2e8477e9bd243b60f6a7
2528b4d90e862729d4b3938f42753a0a56c08921ae324ef937a92367590ba2cc
2901c0b5e928bee80cf26f45344fb8a07d09a8cda1c1cb3c3b76a21740fc6673
2c3140b46d7335d89224e60f1e12d6257851eb8b99bf4d9e72adbbd564ffb797
2c3282f6361e85f669bc3d248b8693c53dd22f8f06488c99beb57258e6e00f87
2c5306a77509c297d3639e90a840f4fa8cb467c628aed90870545690a2cd081d
2cff7ab03cb4e476b49ea05511c6cfcc71af6d5ed20d40e9b40ee31062149e77
2dd917b13eae2629059c6eb1930546cdfb38ed46b0226db55e0503c4a472ae80
307bcec99391e8ae011980d1ebc3a2d1063ff7bf10c348617fad971a3c40c164
31bd8f1d5a0f3fce868b971c7f52603de284a7efe3693a5fdc2f019ab20d965a
33b9cc419dd62c857550f8db512c0a5a92cb9ba44ec863fea9aca56cc3228596
344f68bf6d90414e71d5e2650451c06b5ca995973c0b63813ce54dbf7bfe550b
3742d5b28f7d0667a9e788a9a6867410194c116b62d93bcd6d256dad386189ad
37fd66605d10849eadec44c2589c61a334651945df2abaa85dd43d9955a76d32
382e66a75259c4eaba292747c6954260b2cdc883728e1854a3949ab79b49e0d7
3982c942590876cf5a57ea212976927e47b081f65ead1a24e8d0c563e97e89b7
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
421e3578f08c01061afc739ea1cf15ddf647a890f1975f16122034bf3e4af466
42263e66369cdc509762b46fd294f80004cede097214c284b770341763c07398
4328776afecc1afe66cbb1982b7e0b51e7412dfa2015381278cdcdbfde7475f5
43c706b57a501d766c69324658fffe4a4a5ed84bdadb1fecc639ee2892cbc4f7
44a8550a5891e70e072fe307ff01f77c94c89a120117c7aaa82e5e9ac2860436
4642568b405b3750fb18df621889e27def95e8162c1cdd256a21b319c9a4e24b
46cf42cc0f22d22564115453db581ee20e5244c978aca83f11c7ab8d81d0d99d
47b2e4e5ae504cbefc5c71d8bab25c4571c65321f1009411150b689dcc2901f5
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
4b9e2d9cb3a553b04a4f89fa2b40485c31e04dcc0516589f7c1fb9f87a3435c1
4dc18ad6c14207ddeb9db2e1bd9aab51195a6debb981427304a44a05571e28cd
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
4fd1cddb2cfd5aac7b96e4e4ff67c4e8d69be9ead06c2baf985ec6c01f8b20de
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
50f4317a2ed6c468b023cc53bc0871a6b9120358cd45453db9796a31b36f11f0
517630dc375658566bf734be65822f89d54b3c531bc62b2dac8f4177c38a4417
556b54759c6cef79505607ce76cb1b45c1ea663582f337599d7c602b46e70a0c
56097e8b7ceb27db42a5e102af6d11dfdcaee13d8716477a8e242b4957d7a280
56da2b31c152c9b90e40b36a7bc624a6ca0280aaf79b61810fd542bf9d8e8c80
56f36534c63fc42b782437937dd71f47ee3fdcdfaa70f1483533ff44c5fde84a
5738c733f2f7b04e67edebebb67f01a2022d611ce73cbbf9ac15aa8186c6613e
58da6480fc50a14bd6f73842552e9bfbd623d883c9a81d68b7d27b52d0afe71c
5a44bb0da76356746f2a4720dbdcb4c385e865b5a009f76fb252960532ccad17
5c43a84d5a79b665eef85053d697dffb0ebbdacda7c3bf7b0ecdcde13146d6e4
5eb92b401669c1f65054283ba711ae97095d824fb31765559b7e36ba43fc7c28
616d170a503f4e7a668bb4b6ccd21cb926059c5c2d0bac657ffbc09f25c0cdb5
61c6caebd23921741fb5ffe6603f16634fca9840c2bf56ac8201e9264d6daccf
62618b3f5ed4533dff39f5a8bbcaace4f9efc311b058c2a49e082ed8235576d8
62d8d67fa30964811cfbe1465848a0b0a0436e43d90ff3c330a3ce998d521cc6
635664c62c16fe2ab1476757c43e3018ca1a14e8f83dbad2ca843c08a0ec8898
64f55f3c746a8be7700cefa5766b912e686840b8d58b8c5f31b01fbbb861ff52
65a2c51a124c9c70ba2658a101e28c00535c64651897577b2ed90693e9aeabd4
65d92e36ac9a058f660398ed713dda9b407854b01e659fe29508f8548f9eb479
65fdced0757d8953ce5c7bbd3b7c2cc4475e6a5b7808b0843ca24ee92b545627
6970c548045e9fde9a1b4f04418a8efbdd39bbb53040b099fb804c1441098339
6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c
6eea49df2bf15a48d708dcc8ecc0229c7ace2b757f1baf8b9a6ba5490c288b38
7039a31cabdf37972bc95cdd885b69560a1a9353d063d1372d7c8407e846452d
7094ae9018082af0d5f47028bfc1ff340cde399054f0720a6c4b119fa70afeca
70c43dce4a0660213c91932e6b1b2c2a4370402bdbf51206a877d0b8d92312e2
71aa393c3d32875d2072f63859ee09962d50ab2d7b2afa60a7e6b869badabf22
73852526b4a43c4eaca5dd41bd2fdd0e76592b81d3a0d0d4b1260b3738285f43
74122d6bed0fd8d76af426f4643a54866d666807a69255ac875e5303b6742fed
7636c8970de30bee306638c784834092e13180849662eff159c1e338abc828c1
7725538fe2f71147bffeba7452b434c826aef9009666cb4360c605d0b2a91d1d
77c4b68719f5a26bff56c04d0931fbe41b71ac43a4bae8f1c125bfbfb910a98e
7884ea512c3977a6c9bfa2835b3fd5200d2760b691d0ed3adf02adf271808359
79e294a7071dc71eebe41f088919fd137441a80f5ba5bd2765b978726ec5ee9d
7b8bc42aece1fd529939627806e54eac636c07bf1ac77a02bcd42559aba9a834
7c97733cfcb2cf9c407d64412fa84f3204bd2f7148b0c9dac79153e00e0d808f
7d1e4a5c70c6d44d81ffdcda7e780e82b161181b9bf77345021ccbf3039b0e0c
7eca7977c6ade416c20775a7fd7cfa2291c5752cd1225d5c4342b057c37a000c
7f11f9581d3ef4bc76798877a4d8023220314c45351ed1a582f3a0626135a0b3
80f862ec4c4b986aee2340a416952f9747cdc6d245e6694e1a015ccdc337ac31
81cf5f8d96808385b5f59e64afefec2c4851f1a15d4a0cc3f2df74a03e4f2bfb
8228e5e75f9f527503d03bfa910fdcdce41a4e4ebc671d3a73daa04e9cdf42f3
82861623b804e5525ade1f1d4ee7cb5ebd9f7973535fed6adfae9176610bbf57
831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8493549a606b523d607af09db07cb4190dbfe490fdbf0491eb518bece8bfca69
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
852b86933d326a3c493f7f57ea4f3933167223b7bdfd37f3ee82523be4cd731e
86128b9ba700cc30d262ef818d0b1abbf894cac03dc67b1cd5b191363ba9c265
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de
889f512c16e8de291c2e9453fa060f4aa809d658f1a022e58372cbd4ea9bbfd4
8ca84095025b024952aee1f4000a3ffa5dd0321987688526f57d926d90d179ba
8d37f23647537d48ee4f0c05b8acdf093cb828fe3c5703653aedfdd5f88cde2d
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8d9ca9a070463bcbe29e90af7f3b2aff78adce09eb1481d5b261af72ef998f28
9005ef18fcfb3897cd13c7ec73f90d2b0da0cc7d6153be58cdbe90ad5e2741c8
937aa5159a245454c7273d8922ca7689c6f083721c2db0a98a7d033efb534eaa
966ee1486939f4b7c9815a6ce8dd42420c5859a42efdbbd5b91aff45e0b1cc38
97085f45209a496fd7645a55059fdfcb28b8fb6d275335b3b2ace3f7ae4c845b
9973d4837254463d18af1f1fa3d201f5c46270b8516e1d1fa0886e14e1c39334
9a59c5e5bf506c979d9baf8521375edc46c510007ea428f877717bdf90a81528
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9b1871a52c377b6ff44b2c86e0e0a7620654212ee38f10bbd1364b80a7ed34b7
9b97e3503da0f3a4d4a5c57a6df7daa8ac507872261de3df2176877ec3ac1c5d
9c6e5ce950b94fc4b2672a86abf5596102048148a4643d85b496f2edfe5f2b9b
9e39a43bfe9e12f2ff8a278214d4c72c16f972d6c3080eee9cc01eb6b1fb1901
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79
a3f9b3a1b31270c659141afad3d7971d4044c5fb5b7a122cd8d36f38729a60b3
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a4cd46d6d58a9c59805394080824f2af203edf507550c43ca550c03fe2ec160b
a4dd6d1a338ee6666d4479f8a436bca06fb273c809c21e94f1da92cc0ca4ce06
a531318f14411b60f76e9f1ff557a0624d3d4ae4fabca14fdde110389dcfbcad
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
a696a42b00ab5e2d245a8b742f925469fbb99bd278d6faaec6b8c443862dd19c
a7022d5aa51d9fc1d053f4c4bb63dd1a620440cd385bb5b15831c884d7cfb7cf
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
aa8e239dac0c9b6ba9976deb9ddc7a116cc9394743d47d465debec9b8dfc0f7f
ab01a79e8d87fea2b17b888407840330eb3f7e8c9b1d330f24dc36d0c1c18853
ab7a9e1dd7e6c7d5e3fa41ef5ff9c1fd12e0067c2b2875e6eb79a7bc6433658b
ac0d14d8b4a66299b3a84068fc5447d86121c033e665a51bbd3fb23938e00d3f
add959e269a4562dd13010ed646398d5a6156e11db1886292b5eee313b4fb373
ae7c787ef356b15422276f27e7e790dcc209a764ab7cd5657f4de705990bafb1
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b19ee291304641b8c6ba634ee2a097937d8e4dfe3cbf5c625fa82c56ac56b81e
b561f08d85afa446c9aa25af32befe89bab535d5c74d7a30a91dc30a6131e365
b5a3d85efdc1b91016a2e458e250f91ec572ccda9361ed1e71f23e616cb2e807
b5f7dbf1bc4360e0d5f4224b4e1cd97cfd81ce434c2a6edf565fd54b81666d09
b666d84f40157beb87568560827c6d0aaa0ebe272125cef5e82567b5d7134e4e
b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11
b73c6549f2066359e6be3ca77d90aa87d00522d6b4f31565b2541fa3a799703b
b954d75fe18fc4f434d917c09c8074086ccd126e5af3b9103ab2724a0afe9d30
bc12347103da4da2ac30f8b4defd567679284e0bad691a54fad78ad804fc9c27
bc737a01a72ef54ff0decd38e4ada36dad376930b764cabfad012682cdc262ae
c09778e8a6f52094885727d8c19f5ebad50b297fe9bc09431f2b04505b6c47b3
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c2e3f3990f44cffc382e9a8e8131a77163c2dff6c355d96bd482c7697dcfcbb5
c42e2b295ff16ed8ef65679e7549a5be0aa3d4ad469c432f8c40cbd96479383c
c8c555832866fc44c6671f90cf1b7789d180cece706459e225fd64036124ebe1
c90cba902c8334480af919bab3782813e040f24375b9d079f95bdb253ca452b6
ca2394bf101d854bc77970200b67c017f4e05d4949bbf806b4a509e36a4f8c69
ca841561da391cb18e369140cc5fc54cd73e787c56aa5d552dbb051532b4d929
cbe6cb22ca5d0631e91c106e88e42d207ffdf7d4eb64949abe9a602a9e1e11df
cda8e751c232a6ad5c61a5ea42846abf027f3bf7155b91655a6994837f06467f
cdf7f5d9b079628fecc5e3303c19baaf2561510bcff0cc3d195379cf696f3a22
ce11179ccf594346d325caa4819473a0145b816d50e6312478ef59c836033275
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d1d3f52372b240c7d567c84796b02f25ae93bb190a0d726120dd1f8dc88523b2
d282b4b30237c9c12f3dfdc0eb87274bcc7c140ac33733c663301d54a57e70bd
d2eb15f0f1379c3d22d015e90d1fa575462d6b385dc6be0db12dd7aa396f5f41
d3d234c662434057ebd6fe55270a6c0e7b935a5719344e8e71ebe625afd7222a
d3df886868cef418a6ae1a933fe3342e5a15b6ec0641372da919c878e66b82bf
d6e5d9c71c6bf3188a3d664bef49445399a0153d890c9d71c3b3e38cf2bd650c
d8405abefbd33ff333e343802dcc12751bd42a8f1b6524846420d09176d348ad
daf1ca14f92f1e1f0d2567626adc75c8c42c1fac7121baa1051ca0173ea8ee1f
daf69220aa625855c7299655fdcd09651baf7f05a90ac2d410680d06a106976c
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e2c1c46b95e76e5aa6f3568f5632db433ed8ff053dddb6698f46c6483413a586
e37935d70a2254d7f33b54cbe97195869f47b20840809b2674c2ff0909da75e7
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e490cc088dfd48a8187f4ad854c73a8210a283b0953b033d16206519a331705f
e85c484f6c89adb2fa384c6a37acb03f6f9f50bd512cf2701c11922de364aef9
e90840ba8e99975dc53b26b16c56c117f267379efe7207981ec3c63fe991efba
e9a7f88990e25e0fd3d4cc931050b9e17f4ac792808d3fcb35babb4a41a9275d
ea72489e4dedb4e925a111a877cfbf6ab169d4b29b9d037bec637c670b32df1d
eb162b137d8badb83335f9190480be37b0db679164cd87b6ca89ea38c4edaf06
ec661b5d4dc72d264f577068c594b27ce38d5fe584110dbb4ef92c163e755a69
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f5bb99939067a496cd789f559cacd8ce49f0141e5367eb9cbc359afe852c38bb
f5c2cea9fb4541a86979fdf18bb69f11555678d14a9d0b9be1758b65d180553b
f69a13217482dc43f25e74cfcb9391d0f06d22501f10f5cb5e413d2d98a5cd23
f7499ace47711e1d551810c1f8125288e98509a74f22065442f9c901ca8b18d5
f76ba127a1d68a303774ec473e346f2c66b932b3c884f403e784658ed9f4978b
fa4a4a400e2bcb7e23f8e2e606efa1671d31f4de80da0c975a9ebafa0a058ad6
fc11c4b0a709faf866afca7038605816b1ef771453695eba9b964217d2c41609
fc29b5106b5b25458f3d8b90c4613be97c66a641ef62017e02691398d5742d3e
fc5d359705d84854b9d91a3e590b31e8202b5930684d90cf46316c996055c947
fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62
fdea2bda12017447e43df9ef7b12060f3bee71b5ffdbb530644c80de25be9498
fdebd9e66a987b2c6f5edcbf8419624574a0c49d74c5a30e2ce484a76290988e