www.sanook.com Open in urlscan Pro
203.151.130.56 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://www.sanook.com/home/25321/
Effective URL:
https://www.sanook.com/women/220941/
Submission: On June 28 via manual (June 28th 2023, 5:03:36 am UTC) from TH — Scanned from GE

Summary HTTP 673 Redirects Links 29 Behaviour Indicators

Summary

This website contacted 100 IPs in 16 countries across 102 domains to perform 673 HTTP transactions. The main IP is 203.151.130.56, located in Mueang Samut Prakan, Thailand and belongs to INET-TH-AS Internet Thailand Company Limited, TH. The main domain is www.sanook.com. The Cisco Umbrella rank of the primary domain is 57693.
TLS certificate: Issued by DigiCert Global G2 TLS RSA SHA256 202... on June 16th 2023. Valid for: a year.

This is the only time www.sanook.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 11	203.151.130.56 203.151.130.56	4618 (INET-TH-A...) (INET-TH-AS Internet Thailand Company Limited)
4	142.250.185.168 142.250.185.168	15169 (GOOGLE) (GOOGLE)
2	203.154.58.214 203.154.58.214	4618 (INET-TH-A...) (INET-TH-AS Internet Thailand Company Limited)
6	61.91.94.165 61.91.94.165	7470 (TRUEINTER...) (TRUEINTERNET-AS-AP TRUE INTERNET Co.)
129	43.152.44.81 43.152.44.81	139341 (ACE-AS-AP...) (ACE-AS-AP ACE)
5	178.250.7.2 178.250.7.2	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
8	157.240.251.9 157.240.251.9	32934 (FACEBOOK) (FACEBOOK)
2	172.217.16.206 172.217.16.206	15169 (GOOGLE) (GOOGLE)
2	142.250.185.194 142.250.185.194	15169 (GOOGLE) (GOOGLE)
2 10	172.217.16.130 172.217.16.130	15169 (GOOGLE) (GOOGLE)
5	157.240.251.35 157.240.251.35	32934 (FACEBOOK) (FACEBOOK)
2 9	142.250.186.132 142.250.186.132	15169 (GOOGLE) (GOOGLE)
6	142.250.181.227 142.250.181.227	15169 (GOOGLE) (GOOGLE)
4	142.250.185.174 142.250.185.174	15169 (GOOGLE) (GOOGLE)
9	23.32.184.192 23.32.184.192	16625 (AKAMAI-AS) (AKAMAI-AS)
31	151.101.1.44 151.101.1.44	54113 (FASTLY) (FASTLY)
1	203.151.128.177 203.151.128.177	4618 (INET-TH-A...) (INET-TH-AS Internet Thailand Company Limited)
5	178.250.1.11 178.250.1.11	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
3	216.239.38.181 216.239.38.181	15169 (GOOGLE) (GOOGLE)
2	173.194.76.155 173.194.76.155	15169 (GOOGLE) (GOOGLE)
1 5	13.32.99.90 13.32.99.90	16509 (AMAZON-02) (AMAZON-02)
6	184.28.181.176 184.28.181.176	16625 (AKAMAI-AS) (AKAMAI-AS)
1	104.18.216.65 104.18.216.65	13335 (CLOUDFLAR...) (CLOUDFLARENET)
9	142.250.186.162 142.250.186.162	15169 (GOOGLE) (GOOGLE)
2 22	141.226.228.48 141.226.228.48	200478 (TABOOLA-AS) (TABOOLA-AS)
21	142.250.184.194 142.250.184.194	15169 (GOOGLE) (GOOGLE)
4	119.81.216.16 119.81.216.16	36351 (SOFTLAYER) (SOFTLAYER)
8	178.250.1.8 178.250.1.8	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
7	185.64.189.112 185.64.189.112	62713 (AS-PUBMATIC) (AS-PUBMATIC)
13	142.250.181.238 142.250.181.238	15169 (GOOGLE) (GOOGLE)
6	142.250.184.202 142.250.184.202	15169 (GOOGLE) (GOOGLE)
12	185.106.33.48 185.106.33.48	200478 (TABOOLA-AS) (TABOOLA-AS)
3	95.101.149.35 95.101.149.35	16625 (AKAMAI-AS) (AKAMAI-AS)
2	142.250.186.66 142.250.186.66	15169 (GOOGLE) (GOOGLE)
1	34.102.146.192 34.102.146.192	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	108.138.36.28 108.138.36.28	16509 (AMAZON-02) (AMAZON-02)
1	108.138.39.216 108.138.39.216	16509 (AMAZON-02) (AMAZON-02)
1	151.101.65.229 151.101.65.229	54113 (FASTLY) (FASTLY)
2	104.22.53.86 104.22.53.86	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	34.96.70.87 34.96.70.87	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
24	142.250.186.161 142.250.186.161	15169 (GOOGLE) (GOOGLE)
1	61.91.93.45 61.91.93.45	7470 (TRUEINTER...) (TRUEINTERNET-AS-AP TRUE INTERNET Co.)
1	207.120.36.69 207.120.36.69	3356 (LEVEL3) (LEVEL3)
2	142.250.185.106 142.250.185.106	15169 (GOOGLE) (GOOGLE)
5 9	185.64.190.78 185.64.190.78	62713 (AS-PUBMATIC) (AS-PUBMATIC)
6 11	141.95.98.65 141.95.98.65	16276 (OVH) (OVH)
2	35.190.39.111 35.190.39.111	15169 (GOOGLE) (GOOGLE)
1 2	34.120.107.143 34.120.107.143	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	52.30.150.15 52.30.150.15	16509 (AMAZON-02) (AMAZON-02)
12 13	15.197.193.217 15.197.193.217	16509 (AMAZON-02) (AMAZON-02)
4 5	34.247.153.61 34.247.153.61	16509 (AMAZON-02) (AMAZON-02)
5 5	3.71.149.231 3.71.149.231	16509 (AMAZON-02) (AMAZON-02)
1	43.152.26.154 43.152.26.154	139341 (ACE-AS-AP...) (ACE-AS-AP ACE)
35	142.250.185.130 142.250.185.130	15169 (GOOGLE) (GOOGLE)
1 1	185.29.134.244 185.29.134.244	30419 (MEDIAMATH...) (MEDIAMATH-INC)
29	185.64.190.80 185.64.190.80	62713 (AS-PUBMATIC) (AS-PUBMATIC)
4 6	178.250.1.9 178.250.1.9	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2 4	67.220.228.203 67.220.228.203	16509 (AMAZON-02) (AMAZON-02)
1 2	91.228.74.159 91.228.74.159	16509 (AMAZON-02) (AMAZON-02)
7 8	37.252.171.149 37.252.171.149	29990 (ASN-APPNEX) (ASN-APPNEX)
1 1	85.114.159.118 85.114.159.118	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
2 2	54.156.56.88 54.156.56.88	14618 (AMAZON-AES) (AMAZON-AES)
18 51	142.250.74.194 142.250.74.194	15169 (GOOGLE) (GOOGLE)
5 7	52.211.103.124 52.211.103.124	16509 (AMAZON-02) (AMAZON-02)
11	198.47.127.205 198.47.127.205	3257 (GTT-BACKB...) (GTT-BACKBONE GTT)
3 4	35.204.158.49 35.204.158.49	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
8 11	37.157.6.243 37.157.6.243	198622 (ADFORM) (ADFORM)
5	198.47.127.20 198.47.127.20	62713 (AS-PUBMATIC) (AS-PUBMATIC)
8 8	3.120.73.159 3.120.73.159	16509 (AMAZON-02) (AMAZON-02)
1 1	141.95.32.72 141.95.32.72	16276 (OVH) (OVH)
2 2	63.215.202.137 63.215.202.137	41041 (VCLK-EU-SE) (VCLK-EU-SE)
4 4	46.228.164.11 46.228.164.11	56396 (AMOBEE) (AMOBEE)
2	151.101.129.44 151.101.129.44	54113 (FASTLY) (FASTLY)
5	142.250.185.166 142.250.185.166	15169 (GOOGLE) (GOOGLE)
5 7	185.80.39.216 185.80.39.216	27381 (CASALE-MEDIA) (CASALE-MEDIA)
3 6	35.244.159.8 35.244.159.8	15169 (GOOGLE) (GOOGLE)
3 6	104.75.89.75 104.75.89.75	16625 (AKAMAI-AS) (AKAMAI-AS)
1	142.250.185.234 142.250.185.234	15169 (GOOGLE) (GOOGLE)
1 1	124.146.215.43 124.146.215.43	2514 (INFOSPHER...) (INFOSPHERE NTT PC Communications)
1 2	185.86.139.94 185.86.139.94	201081 (SMARTADSE...) (SMARTADSERVER)
5 8	69.173.144.139 69.173.144.139	26667 (RUBICONPR...) (RUBICONPROJECT)
1 1	35.208.249.213 35.208.249.213	() ()
1	208.93.169.131 208.93.169.131	46244 (WEBMD-IDC...) (WEBMD-IDC1-AS)
6 6	18.158.79.166 18.158.79.166	16509 (AMAZON-02) (AMAZON-02)
1 6	34.98.64.218 34.98.64.218	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 2	13.248.245.213 13.248.245.213	16509 (AMAZON-02) (AMAZON-02)
1	82.145.213.8 82.145.213.8	39832 (NO-OPERA) (NO-OPERA)
8 8	98.98.134.243 98.98.134.243	21859 (ZEN-ECN) (ZEN-ECN)
7	185.64.189.226 185.64.189.226	62713 (AS-PUBMATIC) (AS-PUBMATIC)
4	216.239.32.3 216.239.32.3	15169 (GOOGLE) (GOOGLE)
2	172.217.16.195 172.217.16.195	15169 (GOOGLE) (GOOGLE)
1	92.62.130.178 92.62.130.178	15440 (BALTNETA ...) (BALTNETA Customers AS)
2	162.19.138.83 162.19.138.83	16276 (OVH) (OVH)
27	104.21.234.8 104.21.234.8	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	23.37.42.132 23.37.42.132	16625 (AKAMAI-AS) (AKAMAI-AS)
1	141.226.224.32 141.226.224.32	200478 (TABOOLA-AS) (TABOOLA-AS)
2 2	63.251.14.3 63.251.14.3	32475 (SINGLEHOP...) (SINGLEHOP-LLC)
4 4	20.127.253.7 20.127.253.7	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 1	35.190.0.66 35.190.0.66	15169 (GOOGLE) (GOOGLE)
2 2	35.186.253.211 35.186.253.211	() ()
2 2	52.213.96.27 52.213.96.27	16509 (AMAZON-02) (AMAZON-02)
1 1	23.212.88.20 23.212.88.20	() ()
2 2	64.74.236.255 64.74.236.255	22075 (AS-OUTBRAIN) (AS-OUTBRAIN)
1 1	108.138.36.111 108.138.36.111	() ()
1	69.16.175.10 69.16.175.10	20446 (STACKPATH...) (STACKPATH-CDN)
3	108.138.1.25 108.138.1.25	16509 (AMAZON-02) (AMAZON-02)
1	34.107.231.31 34.107.231.31	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
4	169.150.247.37 169.150.247.37	60068 (CDN77 ^_^) (CDN77 ^_^)
1 1	8.43.72.97 8.43.72.97	26667 (RUBICONPR...) (RUBICONPROJECT)
3 6	151.101.2.49 151.101.2.49	54113 (FASTLY) (FASTLY)
3	72.251.241.204 72.251.241.204	32475 (SINGLEHOP...) (SINGLEHOP-LLC)
3 3	52.220.229.2 52.220.229.2	16509 (AMAZON-02) (AMAZON-02)
3	35.186.193.173 35.186.193.173	15169 (GOOGLE) (GOOGLE)
3 3	35.214.209.176 35.214.209.176	15169 (GOOGLE) (GOOGLE)
3 3	34.102.163.6 34.102.163.6	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	195.5.165.20 195.5.165.20	44968 (IPROM-AS) (IPROM-AS)
3 3	141.94.240.143 141.94.240.143	16276 (OVH) (OVH)
6 6	141.94.170.77 141.94.170.77	16276 (OVH) (OVH)
12 12	46.228.174.117 46.228.174.117	56396 (AMOBEE) (AMOBEE)
3	23.88.86.2 23.88.86.2	24940 (HETZNER-AS) (HETZNER-AS)
1 5	104.22.25.87 104.22.25.87	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3 6	77.243.51.121 77.243.51.121	42697 (NETIC-AS) (NETIC-AS)
5 6	141.94.171.216 141.94.171.216	16276 (OVH) (OVH)
3 3	134.122.57.34 134.122.57.34	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
3 3	34.102.253.54 34.102.253.54	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	2.18.160.221 2.18.160.221	16625 (AKAMAI-AS) (AKAMAI-AS)
1 2	52.46.155.104 52.46.155.104	16509 (AMAZON-02) (AMAZON-02)
4 4	69.173.144.138 69.173.144.138	26667 (RUBICONPR...) (RUBICONPROJECT)
1	13.107.42.14 13.107.42.14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
673	100

11 203.151.130.56 (Mueang Samut Prakan, Thailand) 1 redirects

ASN4618 (INET-TH-AS Internet Thailand Company Limited, TH)
PTR: 56.130.151.203.sta.inet.co.th

www.sanook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
graph.sanook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
apiu.sanook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.185.168 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f8.1e100.net

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 203.154.58.214 (Thailand)

ASN4618 (INET-TH-AS Internet Thailand Company Limited, TH)
PTR: 203-154-58-214.northern.inet.co.th

lvs2.truehits.in.th	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 61.91.94.165 (Bangkok, Thailand)

ASN7470 (TRUEINTERNET-AS-AP TRUE INTERNET Co.,Ltd., TH)
PTR: 61-91-94-165.static.asianet.co.th

sal.isanook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

129 43.152.44.81 (Frankfurt am Main, Germany)

ASN139341 (ACE-AS-AP ACE, SG)

s.isanook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
p3.isanook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 178.250.7.2 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 157.240.251.9 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-01-fra5.fbcdn.net

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
static.xx.fbcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.217.16.206 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s65-in-f14.1e100.net

www.googleoptimize.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 172.217.16.130 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: zrh04s06-in-f130.1e100.net

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 157.240.251.35 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: edge-star-mini-shv-01-fra5.facebook.com

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 142.250.186.132 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f4.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 142.250.181.227 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f3.1e100.net

www.google.ge	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.185.174 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f14.1e100.net

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 23.32.184.192 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-32-184-192.deploy.static.akamaitechnologies.com

ads.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

31 151.101.1.44 (United States)

ASN54113 (FASTLY, US)

cdn.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pm-widget.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
trc.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
vidstat.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
imprammp.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
wf.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
match.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
vidstatb.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 203.151.128.177 (Mueang Samut Prakan, Thailand)

ASN4618 (INET-TH-AS Internet Thailand Company Limited, TH)
PTR: 177.128.151.203.sta.inet.co.th

sloth-api.sanook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 178.250.1.11 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 216.239.38.181 (United States)

ASN15169 (GOOGLE, US)

analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 173.194.76.155 (United States)

ASN15169 (GOOGLE, US)
PTR: ws-in-f155.1e100.net

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 13.32.99.90 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-13-32-99-90.fra60.r.cloudfront.net

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 184.28.181.176 (Berlin, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-28-181-176.deploy.static.akamaitechnologies.com

avd.innity.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.216.65 (None, )

ASN13335 (CLOUDFLARENET, US)

cdn.izooto.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 142.250.186.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f2.1e100.net

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

22 141.226.228.48 (Netherlands) 2 redirects

ASN200478 (TABOOLA-AS, IL)

trc-events.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
am-match.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
am-vid-events.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync-t1.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
am-wf.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 142.250.184.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 119.81.216.16 (Singapore)

ASN36351 (SOFTLAYER, US)
PTR: 10.d8.5177.ip4.static.sl-reverse.com

avd.innity.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 178.250.1.8 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

bidder.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 185.64.189.112 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

hbopenbid.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 142.250.181.238 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f14.1e100.net

fundingchoicesmessages.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 142.250.184.202 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f10.1e100.net

imasdk.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 185.106.33.48 (Israel)

ASN200478 (TABOOLA-AS, IL)

il-trc-events.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 95.101.149.35 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a95-101-149-35.deploy.static.akamaitechnologies.com

a.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f2.1e100.net

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.102.146.192 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 192.146.102.34.bc.googleusercontent.com

oa.openxcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.138.36.28 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-36-28.muc50.r.cloudfront.net

tags.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.138.39.216 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-39-216.muc50.r.cloudfront.net

cdn.prod.uidapi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.65.229 (United States)

ASN54113 (FASTLY, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.22.53.86 (None, )

ASN13335 (CLOUDFLARENET, US)

cdn.id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.96.70.87 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 87.70.96.34.bc.googleusercontent.com

invstatic101.creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

24 142.250.186.161 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f1.1e100.net

7b396d131b51a631f1f56b13a95d7996.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
5594b4fd3b464788e361638398c3f62b.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 61.91.93.45 (Bangkok, Thailand)

ASN7470 (TRUEINTERNET-AS-AP TRUE INTERNET Co.,Ltd., TH)
PTR: 61-91-93-45.static.asianet.co.th

dc.sanook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 207.120.36.69 (United States)

ASN3356 (LEVEL3, US)

cdn.streamroot.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.106 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f10.1e100.net

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 185.64.190.78 (United Kingdom) 5 redirects

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 141.95.98.65 (France) 6 redirects

ASN16276 (OVH, FR)
PTR: ns3216659.ip-141-95-98.eu

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.190.39.111 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 111.39.190.35.bc.googleusercontent.com

esp.rtbhouse.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.120.107.143 (Kansas City, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 143.107.120.34.bc.googleusercontent.com

oajs.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.30.150.15 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-30-150-15.eu-west-1.compute.amazonaws.com

bcp.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 15.197.193.217 (Seattle, United States) 12 redirects

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 34.247.153.61 (Dublin, Ireland) 4 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-34-247-153-61.eu-west-1.compute.amazonaws.com

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 3.71.149.231 (Frankfurt am Main, Germany) 5 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-71-149-231.eu-central-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 43.152.26.154 (Frankfurt am Main, Germany)

ASN139341 (ACE-AS-AP ACE, SG)

img-as.fsanook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

35 142.250.185.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f2.1e100.net

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.29.134.244 (United Kingdom) 1 redirects

ASN30419 (MEDIAMATH-INC, US)

sync.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

29 185.64.190.80 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

simage2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 178.250.1.9 (France) 4 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

dis.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 67.220.228.203 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)

aax-eu.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 91.228.74.159 (United Kingdom) 1 redirects

ASN16509 (AMAZON-02, US)

cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 37.252.171.149 (Frankfurt am Main, Germany) 7 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 85.114.159.118 (Bad Durrheim, Germany) 1 redirects

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com

dsp.adfarm1.adition.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.156.56.88 (Ashburn, United States) 2 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-156-56-88.compute-1.amazonaws.com

sync.srv.stackadapt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

51 142.250.74.194 (Staten Island, United States) 18 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s02-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 52.211.103.124 (Dublin, Ireland) 5 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-211-103-124.eu-west-1.compute.amazonaws.com

sync.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
id.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 198.47.127.205 (United States)

ASN3257 (GTT-BACKBONE GTT, US)

image2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 35.204.158.49 (Groningen, Netherlands) 3 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 49.158.204.35.bc.googleusercontent.com

um.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 37.157.6.243 (Denmark) 8 redirects

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 198.47.127.20 (United States)

ASN62713 (AS-PUBMATIC, US)

image4.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
simage4.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 3.120.73.159 (Frankfurt am Main, Germany) 8 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-120-73-159.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.95.32.72 (Frankfurt am Main, Germany) 1 redirects

ASN16276 (OVH, FR)
PTR: haproxy-eu-005.roqad.pl

ws.rqtrk.eu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 63.215.202.137 (Amsterdam, Netherlands) 2 redirects

ASN41041 (VCLK-EU-SE, US)
PTR: ams01-nessy-float1.dotomi.com

pubmatic-match.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 46.228.164.11 (United Kingdom) 4 redirects

ASN56396 (AMOBEE, GB)

ad.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.129.44 (United States)

ASN54113 (FASTLY, US)

vidstat.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pips.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 142.250.185.166 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f6.1e100.net

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 185.80.39.216 (Canada) 5 redirects

ASN27381 (CASALE-MEDIA, CA)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 35.244.159.8 (Kansas City, United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com

us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
google-bidout-d.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 104.75.89.75 (Frankfurt am Main, Germany) 3 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a104-75-89-75.deploy.static.akamaitechnologies.com

sync.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.234 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f10.1e100.net

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 124.146.215.43 (Japan) 1 redirects

ASN2514 (INFOSPHERE NTT PC Communications, Inc., JP)

tg.socdm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.86.139.94 (France) 1 redirects

ASN201081 (SMARTADSERVER, FR)

ssbsync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 69.173.144.139 (Frankfurt am Main, Germany) 5 redirects

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.208.249.213 (None, ) 1 redirects

ASN- ()

trace.mediago.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 208.93.169.131 (United States)

ASN46244 (WEBMD-IDC1-AS, US)

bh.contextweb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 18.158.79.166 (Frankfurt am Main, Germany) 6 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-158-79-166.eu-central-1.compute.amazonaws.com

rtb.mfadsrvr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 34.98.64.218 (Kansas City, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 218.64.98.34.bc.googleusercontent.com

u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
eu-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.248.245.213 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 82.145.213.8 (Norway)

ASN39832 (NO-OPERA, NO)
PTR: n-sysadmin-jumpbox-03.feednews.opera.technology

t.adx.opera.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 98.98.134.243 (United States) 8 redirects

ASN21859 (ZEN-ECN, US)

pixel-sync.sitescout.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 185.64.189.226 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

t.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 216.239.32.3 (United States)

ASN15169 (GOOGLE, US)

csi.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.217.16.195 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s08-in-f3.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 92.62.130.178 (Kaunas, Lithuania)

ASN15440 (BALTNETA Customers AS, LT)

dspmedia.eskimi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 162.19.138.83 (Frankfurt am Main, Germany)

ASN16276 (OVH, FR)
PTR: ns31532338.ip-162-19-138.eu

lb.eu-1-id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

27 104.21.234.8 (None, )

ASN13335 (CLOUDFLARENET, US)

dsp.adviad.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.adviad.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.37.42.132 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-37-42-132.deploy.static.akamaitechnologies.com

eus.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.226.224.32 (United States)

ASN200478 (TABOOLA-AS, IL)

cds.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 63.251.14.3 (United States) 2 redirects

ASN32475 (SINGLEHOP-LLC, US)
PTR: 3.14.251.63.unassigned.ord.singlehop.net

ap.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 20.127.253.7 (Tappahannock, United States) 4 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

sync.inmobi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.190.0.66 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 66.0.190.35.bc.googleusercontent.com

ads.travelaudience.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.186.253.211 (None, ) 2 redirects

ASN- ()

rtb.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.213.96.27 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-213-96-27.eu-west-1.compute.amazonaws.com

match.360yield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.212.88.20 (None, ) 1 redirects

ASN- ()

cs.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 64.74.236.255 (United States) 2 redirects

ASN22075 (AS-OUTBRAIN, US)
PTR: chi.outbrain.com

b1sync.zemanta.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.138.36.111 (None, ) 1 redirects

ASN- ()

s.ad.smaato.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.16.175.10 (United States)

ASN20446 (STACKPATH-CDN, US)
PTR: tlb.hwcdn.net

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 108.138.1.25 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-1-25.fra56.r.cloudfront.net

c.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.107.231.31 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 31.231.107.34.bc.googleusercontent.com

p.adlooxtracking.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 169.150.247.37 (United States)

ASN60068 (CDN77 ^_^, GB)
PTR: unn-169-150-247-37.datapacket.com

dsp-media.eskimi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 8.43.72.97 (United States) 1 redirects

ASN26667 (RUBICONPROJECT, US)

pixel-us-east.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 151.101.2.49 (United States) 3 redirects

ASN54113 (FASTLY, US)

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 72.251.241.204 (Amsterdam, Netherlands)

ASN32475 (SINGLEHOP-LLC, US)

cm.adgrx.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.220.229.2 (Singapore) 3 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-220-229-2.ap-southeast-1.compute.amazonaws.com

cm-supply-web.gammaplatform.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.186.193.173 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 173.193.186.35.bc.googleusercontent.com

ipac.ctnsnet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.214.209.176 (Groningen, Netherlands) 3 redirects

ASN15169 (GOOGLE, US)
PTR: 176.209.214.35.bc.googleusercontent.com

csync.loopme.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 34.102.163.6 (Kansas City, United States) 3 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 6.163.102.34.bc.googleusercontent.com

ad.mrtnsvr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 195.5.165.20 (Slovenia)

ASN44968 (IPROM-AS, SI)

core.iprom.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 141.94.240.143 (France) 3 redirects

ASN16276 (OVH, FR)
PTR: bixel-9.cloudy.ovh

green.erne.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 141.94.170.77 (France) 6 redirects

ASN16276 (OVH, FR)
PTR: pikafka-eu-6.cloudy.ovh

pixel-eu.onaudience.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 46.228.174.117 (United Kingdom) 12 redirects

ASN56396 (AMOBEE, GB)

sync.1rx.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync.targeting.unrulymedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 23.88.86.2 (Gunzenhausen, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.2.86.88.23.clients.your-server.de

matching.truffle.bid	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 104.22.25.87 (None, ) 1 redirects

ASN13335 (CLOUDFLARENET, US)

mwzeom.zeotap.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
spl.zeotap.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 77.243.51.121 (Denmark) 3 redirects

ASN42697 (NETIC-AS, DK)

uipglob.semasio.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 141.94.171.216 (France) 5 redirects

ASN16276 (OVH, FR)
PTR: pikafka-eu-10.cloudy.ovh

pixel.onaudience.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 134.122.57.34 (Amsterdam, Netherlands) 3 redirects

ASN14061 (DIGITALOCEAN-ASN, US)

match.adsby.bidtheatre.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 34.102.253.54 (Kansas City, United States) 3 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 54.253.102.34.bc.googleusercontent.com

ads.playground.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.18.160.221 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-160-221.deploy.static.akamaitechnologies.com

stags.bluekai.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.46.155.104 (Ashburn, United States) 1 redirects

ASN16509 (AMAZON-02, US)

s.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 69.173.144.138 (Frankfurt am Main, Germany) 4 redirects

ASN26667 (RUBICONPROJECT, US)

token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.107.42.14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
135	isanook.com sal.isanook.com — Cisco Umbrella Rank: 116373 s.isanook.com — Cisco Umbrella Rank: 40350 p3.isanook.com — Cisco Umbrella Rank: 135405	3 MB
84	doubleclick.net 20 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 57 stats.g.doubleclick.net — Cisco Umbrella Rank: 130 securepubads.g.doubleclick.net — Cisco Umbrella Rank: 216 cm.g.doubleclick.net — Cisco Umbrella Rank: 254	652 KB
77	pubmatic.com 5 redirects ads.pubmatic.com — Cisco Umbrella Rank: 553 hbopenbid.pubmatic.com — Cisco Umbrella Rank: 575 image6.pubmatic.com — Cisco Umbrella Rank: 812 simage2.pubmatic.com — Cisco Umbrella Rank: 797 image2.pubmatic.com — Cisco Umbrella Rank: 1036 image4.pubmatic.com — Cisco Umbrella Rank: 1305 t.pubmatic.com — Cisco Umbrella Rank: 3086 simage4.pubmatic.com — Cisco Umbrella Rank: 1338	542 KB
68	taboola.com 2 redirects cdn.taboola.com — Cisco Umbrella Rank: 918 pm-widget.taboola.com — Cisco Umbrella Rank: 3208 trc.taboola.com — Cisco Umbrella Rank: 634 trc-events.taboola.com — Cisco Umbrella Rank: 1860 vidstat.taboola.com — Cisco Umbrella Rank: 2607 il-trc-events.taboola.com — Cisco Umbrella Rank: 19529 imprammp.taboola.com — Cisco Umbrella Rank: 12287 am-match.taboola.com — Cisco Umbrella Rank: 12293 wf.taboola.com — Cisco Umbrella Rank: 2720 am-vid-events.taboola.com — Cisco Umbrella Rank: 11586 sync.taboola.com — Cisco Umbrella Rank: 1091 sync-t1.taboola.com — Cisco Umbrella Rank: 1321 match.taboola.com — Cisco Umbrella Rank: 5594 vidstatb.taboola.com — Cisco Umbrella Rank: 5163 pips.taboola.com — Cisco Umbrella Rank: 1578 cds.taboola.com — Cisco Umbrella Rank: 1879 am-wf.taboola.com	654 KB
59	googlesyndication.com 7b396d131b51a631f1f56b13a95d7996.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 160 pagead2.googlesyndication.com — Cisco Umbrella Rank: 135 5594b4fd3b464788e361638398c3f62b.safeframe.googlesyndication.com	303 KB
27	adviad.com dsp.adviad.com — Cisco Umbrella Rank: 212133 cdn.adviad.com — Cisco Umbrella Rank: 250341	2 MB
27	google.com 2 redirects www.google.com — Cisco Umbrella Rank: 10 analytics.google.com — Cisco Umbrella Rank: 235 fundingchoicesmessages.google.com — Cisco Umbrella Rank: 1670 adservice.google.com — Cisco Umbrella Rank: 113	62 KB
19	criteo.com 4 redirects gum.criteo.com — Cisco Umbrella Rank: 405 bidder.criteo.com — Cisco Umbrella Rank: 719 dis.criteo.com — Cisco Umbrella Rank: 608	11 KB
16	openx.net 7 redirects oajs.openx.net — Cisco Umbrella Rank: 1385 us-u.openx.net — Cisco Umbrella Rank: 496 google-bidout-d.openx.net — Cisco Umbrella Rank: 1388 u.openx.net — Cisco Umbrella Rank: 769 rtb.openx.net eu-u.openx.net — Cisco Umbrella Rank: 2766	4 KB
15	rubiconproject.com 10 redirects pixel.rubiconproject.com — Cisco Umbrella Rank: 374 eus.rubiconproject.com — Cisco Umbrella Rank: 616 pixel-us-east.rubiconproject.com — Cisco Umbrella Rank: 1199 token.rubiconproject.com — Cisco Umbrella Rank: 652	19 KB
13	adsrvr.org 12 redirects match.adsrvr.org — Cisco Umbrella Rank: 383	7 KB
13	id5-sync.com 6 redirects cdn.id5-sync.com — Cisco Umbrella Rank: 808 id5-sync.com — Cisco Umbrella Rank: 423	62 KB
13	sanook.com 1 redirects www.sanook.com — Cisco Umbrella Rank: 57693 graph.sanook.com — Cisco Umbrella Rank: 142746 sloth-api.sanook.com — Cisco Umbrella Rank: 175803 dc.sanook.com — Cisco Umbrella Rank: 125867 apiu.sanook.com — Cisco Umbrella Rank: 162778	64 KB
12	onaudience.com 11 redirects pixel-eu.onaudience.com — Cisco Umbrella Rank: 13969 pixel.onaudience.com — Cisco Umbrella Rank: 3417	6 KB
11	adform.net 8 redirects c1.adform.net — Cisco Umbrella Rank: 633	7 KB
10	yahoo.com 9 redirects pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 481 ups.analytics.yahoo.com — Cisco Umbrella Rank: 338	5 KB
9	1rx.io 9 redirects sync.1rx.io — Cisco Umbrella Rank: 613	5 KB
9	amazon-adsystem.com 3 redirects aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 1025 c.amazon-adsystem.com — Cisco Umbrella Rank: 353 s.amazon-adsystem.com — Cisco Umbrella Rank: 333	66 KB
9	crwdcntrl.net 5 redirects tags.crwdcntrl.net — Cisco Umbrella Rank: 1002 bcp.crwdcntrl.net — Cisco Umbrella Rank: 959 sync.crwdcntrl.net — Cisco Umbrella Rank: 955 id.crwdcntrl.net — Cisco Umbrella Rank: 3180	15 KB
9	teads.tv 3 redirects a.teads.tv — Cisco Umbrella Rank: 1500 sync.teads.tv — Cisco Umbrella Rank: 1425	3 KB
9	googleapis.com imasdk.googleapis.com — Cisco Umbrella Rank: 500 fonts.googleapis.com — Cisco Umbrella Rank: 88 ajax.googleapis.com — Cisco Umbrella Rank: 433	856 KB
9	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 205	445 KB
8	sitescout.com 8 redirects pixel-sync.sitescout.com — Cisco Umbrella Rank: 756	4 KB
8	bidswitch.net 8 redirects x.bidswitch.net — Cisco Umbrella Rank: 359	3 KB
8	adnxs.com 7 redirects ib.adnxs.com — Cisco Umbrella Rank: 257 secure.adnxs.com — Cisco Umbrella Rank: 469	9 KB
7	casalemedia.com 5 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 635 ssum-sec.casalemedia.com	5 KB
6	semasio.net 3 redirects uipglob.semasio.net — Cisco Umbrella Rank: 1361	4 KB
6	everesttech.net 3 redirects sync-tm.everesttech.net — Cisco Umbrella Rank: 796	2 KB
6	gstatic.com csi.gstatic.com fonts.gstatic.com	32 KB
6	mfadsrvr.com 6 redirects rtb.mfadsrvr.com — Cisco Umbrella Rank: 1197	4 KB
6	innity.net avd.innity.net — Cisco Umbrella Rank: 39788	27 KB
6	google.ge www.google.ge — Cisco Umbrella Rank: 20197	817 B
6	facebook.net connect.facebook.net — Cisco Umbrella Rank: 173	352 KB
5	zeotap.com 1 redirects mwzeom.zeotap.com — Cisco Umbrella Rank: 3219 spl.zeotap.com — Cisco Umbrella Rank: 3374	2 KB
5	eskimi.com dspmedia.eskimi.com — Cisco Umbrella Rank: 207427 dsp-media.eskimi.com — Cisco Umbrella Rank: 29702	594 KB
5	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 325	176 KB
5	scorecardresearch.com 1 redirects sb.scorecardresearch.com — Cisco Umbrella Rank: 162	6 KB
5	facebook.com www.facebook.com — Cisco Umbrella Rank: 100	18 KB
5	criteo.net static.criteo.net — Cisco Umbrella Rank: 568	96 KB
4	inmobi.com 4 redirects sync.inmobi.com — Cisco Umbrella Rank: 1419	3 KB
4	turn.com 4 redirects ad.turn.com — Cisco Umbrella Rank: 1067	2 KB
4	simpli.fi 3 redirects um.simpli.fi — Cisco Umbrella Rank: 981	2 KB
4	innity.com avd.innity.com — Cisco Umbrella Rank: 27681	2 KB
4	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 63	42 KB
4	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 79	313 KB
3	playground.xyz 3 redirects ads.playground.xyz — Cisco Umbrella Rank: 4898	895 B
3	bidtheatre.com 3 redirects match.adsby.bidtheatre.com — Cisco Umbrella Rank: 2864	2 KB
3	truffle.bid matching.truffle.bid — Cisco Umbrella Rank: 8281
3	unrulymedia.com 3 redirects sync.targeting.unrulymedia.com — Cisco Umbrella Rank: 1372	2 KB
3	erne.co 3 redirects green.erne.co — Cisco Umbrella Rank: 18525	1 KB
3	mrtnsvr.com 3 redirects ad.mrtnsvr.com — Cisco Umbrella Rank: 3199	396 B
3	loopme.me 3 redirects csync.loopme.me — Cisco Umbrella Rank: 1061	613 B
3	ctnsnet.com ipac.ctnsnet.com — Cisco Umbrella Rank: 6589	775 B
3	gammaplatform.com 3 redirects cm-supply-web.gammaplatform.com — Cisco Umbrella Rank: 3655	2 KB
3	adgrx.com cm.adgrx.com — Cisco Umbrella Rank: 1657	661 B
2	zemanta.com 2 redirects b1sync.zemanta.com — Cisco Umbrella Rank: 573	1 KB
2	360yield.com 2 redirects match.360yield.com — Cisco Umbrella Rank: 2409	811 B
2	eu-1-id5-sync.com lb.eu-1-id5-sync.com — Cisco Umbrella Rank: 1098	802 B
2	3lift.com 1 redirects eb2.3lift.com — Cisco Umbrella Rank: 422	740 B
2	lijit.com ce.lijit.com Failed ap.lijit.com — Cisco Umbrella Rank: 782	1 KB
2	smartadserver.com 1 redirects ssbsync.smartadserver.com — Cisco Umbrella Rank: 922 rtb-csync.smartadserver.com Failed	407 B
2	dotomi.com 2 redirects pubmatic-match.dotomi.com — Cisco Umbrella Rank: 4489	744 B
2	stackadapt.com 2 redirects sync.srv.stackadapt.com — Cisco Umbrella Rank: 813	2 KB
2	quantserve.com 1 redirects cms.quantserve.com — Cisco Umbrella Rank: 862	698 B
2	rtbhouse.com esp.rtbhouse.com — Cisco Umbrella Rank: 1531	315 B
2	fbcdn.net static.xx.fbcdn.net — Cisco Umbrella Rank: 660	134 KB
2	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 169	4 KB
2	googleoptimize.com www.googleoptimize.com — Cisco Umbrella Rank: 1191	97 KB
2	truehits.in.th lvs2.truehits.in.th — Cisco Umbrella Rank: 97970	9 KB
1	linkedin.com px.ads.linkedin.com — Cisco Umbrella Rank: 414	515 B
1	bluekai.com stags.bluekai.com — Cisco Umbrella Rank: 597	429 B
1	iprom.net core.iprom.net — Cisco Umbrella Rank: 7105	279 B
1	adlooxtracking.com p.adlooxtracking.com — Cisco Umbrella Rank: 23699	4 KB
1	jquery.com code.jquery.com — Cisco Umbrella Rank: 749	30 KB
1	smaato.net 1 redirects s.ad.smaato.net	674 B
1	media.net 1 redirects cs.media.net	1 KB
1	travelaudience.com 1 redirects ads.travelaudience.com — Cisco Umbrella Rank: 8041	551 B
1	opera.com t.adx.opera.com — Cisco Umbrella Rank: 2930	466 B
1	contextweb.com bh.contextweb.com — Cisco Umbrella Rank: 651	863 B
1	mediago.io 1 redirects trace.mediago.io	188 B
1	socdm.com 1 redirects tg.socdm.com — Cisco Umbrella Rank: 1109	862 B
1	rqtrk.eu 1 redirects ws.rqtrk.eu — Cisco Umbrella Rank: 3690	352 B
1	adition.com 1 redirects dsp.adfarm1.adition.com — Cisco Umbrella Rank: 1777	524 B
1	mathtag.com 1 redirects sync.mathtag.com — Cisco Umbrella Rank: 577	739 B
1	fsanook.com img-as.fsanook.com — Cisco Umbrella Rank: 191838	139 KB
1	streamroot.io cdn.streamroot.io — Cisco Umbrella Rank: 117019	71 KB
1	creativecdn.com invstatic101.creativecdn.com — Cisco Umbrella Rank: 1401	2 KB
1	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 368	878 B
1	uidapi.com cdn.prod.uidapi.com — Cisco Umbrella Rank: 1516	2 KB
1	openxcdn.net oa.openxcdn.net — Cisco Umbrella Rank: 1568	8 KB
1	izooto.com cdn.izooto.com — Cisco Umbrella Rank: 13809	1 KB
0	apiip.net Failed rtbdemand.apiip.net Failed
0	appier.net Failed a.c.appier.net Failed
0	fksnk.com Failed fksnk.com Failed
0	tribalfusion.com Failed a.tribalfusion.com Failed
0	rlcdn.com Failed api.rlcdn.com Failed
0	adscale.de Failed ih.adscale.de Failed
0	audrte.com Failed a.audrte.com Failed
0	weborama.fr Failed cr.frontend.weborama.fr Failed
0	bidr.io Failed match.prod.bidr.io Failed
0	de17a.com Failed d5p.de17a.com Failed
0	rfihub.com Failed p.rfihub.com Failed
673	102

	Domain	Requested by
119	s.isanook.com	www.sanook.com s.isanook.com securepubads.g.doubleclick.net
51	cm.g.doubleclick.net	18 redirects googleads.g.doubleclick.net www.sanook.com 7b396d131b51a631f1f56b13a95d7996.safeframe.googlesyndication.com eus.rubiconproject.com google-bidout-d.openx.net
35	pagead2.googlesyndication.com	7b396d131b51a631f1f56b13a95d7996.safeframe.googlesyndication.com securepubads.g.doubleclick.net pagead2.googlesyndication.com www.googletagservices.com tpc.googlesyndication.com www.sanook.com
29	simage2.pubmatic.com	ads.pubmatic.com www.sanook.com
24	cdn.adviad.com	dsp.adviad.com www.sanook.com cdn.adviad.com
21	securepubads.g.doubleclick.net	www.googletagservices.com www.sanook.com securepubads.g.doubleclick.net 7b396d131b51a631f1f56b13a95d7996.safeframe.googlesyndication.com
18	tpc.googlesyndication.com	securepubads.g.doubleclick.net 7b396d131b51a631f1f56b13a95d7996.safeframe.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com
15	cdn.taboola.com	s.isanook.com cdn.taboola.com www.sanook.com
13	match.adsrvr.org	12 redirects www.sanook.com
13	fundingchoicesmessages.google.com	securepubads.g.doubleclick.net www.sanook.com
12	sync.taboola.com	2 redirects am-match.taboola.com imprammp.taboola.com www.sanook.com eus.rubiconproject.com
12	il-trc-events.taboola.com	www.sanook.com
11	c1.adform.net	8 redirects ads.pubmatic.com
11	image2.pubmatic.com	www.sanook.com ads.pubmatic.com
11	id5-sync.com	6 redirects www.sanook.com
10	googleads.g.doubleclick.net	2 redirects www.googletagmanager.com 7b396d131b51a631f1f56b13a95d7996.safeframe.googlesyndication.com pagead2.googlesyndication.com
10	p3.isanook.com	www.sanook.com s.isanook.com p3.isanook.com
9	sync.1rx.io	9 redirects
9	image6.pubmatic.com	5 redirects ads.pubmatic.com
9	www.googletagservices.com	s.isanook.com securepubads.g.doubleclick.net 7b396d131b51a631f1f56b13a95d7996.safeframe.googlesyndication.com
9	ads.pubmatic.com	s.isanook.com www.sanook.com ads.pubmatic.com
9	www.google.com	2 redirects www.sanook.com securepubads.g.doubleclick.net 7b396d131b51a631f1f56b13a95d7996.safeframe.googlesyndication.com tpc.googlesyndication.com
8	pixel-sync.sitescout.com	8 redirects
8	pixel.rubiconproject.com	5 redirects eus.rubiconproject.com
8	us-u.openx.net	3 redirects googleads.g.doubleclick.net google-bidout-d.openx.net
8	x.bidswitch.net	8 redirects
8	bidder.criteo.com	www.sanook.com static.criteo.net
7	t.pubmatic.com	www.sanook.com
7	hbopenbid.pubmatic.com	www.sanook.com
6	pixel.onaudience.com	5 redirects www.sanook.com
6	uipglob.semasio.net	3 redirects www.sanook.com
6	pixel-eu.onaudience.com	6 redirects
6	sync-tm.everesttech.net	3 redirects ads.pubmatic.com
6	rtb.mfadsrvr.com	6 redirects
6	sync.teads.tv	3 redirects googleads.g.doubleclick.net www.sanook.com
6	sync.crwdcntrl.net	5 redirects www.sanook.com
6	dis.criteo.com	4 redirects www.sanook.com 7b396d131b51a631f1f56b13a95d7996.safeframe.googlesyndication.com
6	imasdk.googleapis.com	s.isanook.com securepubads.g.doubleclick.net 7b396d131b51a631f1f56b13a95d7996.safeframe.googlesyndication.com imasdk.googleapis.com
6	trc.taboola.com	www.sanook.com am-match.taboola.com imprammp.taboola.com
6	avd.innity.net	p3.isanook.com avd.innity.net www.sanook.com
6	www.google.ge	www.sanook.com
6	connect.facebook.net	www.sanook.com connect.facebook.net s.isanook.com
6	sal.isanook.com	www.sanook.com
5	sync-t1.taboola.com	www.sanook.com am-match.taboola.com
5	dsum-sec.casalemedia.com	3 redirects googleads.g.doubleclick.net
5	s0.2mdn.net	imasdk.googleapis.com cdn.adviad.com
5	ib.adnxs.com	4 redirects googleads.g.doubleclick.net
5	ups.analytics.yahoo.com	5 redirects
5	pr-bh.ybp.yahoo.com	4 redirects www.sanook.com
5	7b396d131b51a631f1f56b13a95d7996.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
5	sb.scorecardresearch.com	1 redirects p3.isanook.com www.sanook.com
5	gum.criteo.com	static.criteo.net gum.criteo.com cdn.taboola.com www.sanook.com
5	www.facebook.com	www.sanook.com connect.facebook.net
5	static.criteo.net	www.sanook.com securepubads.g.doubleclick.net
4	token.rubiconproject.com	4 redirects
4	mwzeom.zeotap.com	www.sanook.com ads.pubmatic.com
4	dsp-media.eskimi.com	www.sanook.com
4	simage4.pubmatic.com	ads.pubmatic.com
4	sync.inmobi.com	4 redirects
4	csi.gstatic.com	imasdk.googleapis.com
4	apiu.sanook.com	www.sanook.com
4	ad.turn.com	4 redirects
4	um.simpli.fi	3 redirects www.sanook.com
4	aax-eu.amazon-adsystem.com	2 redirects ads.pubmatic.com eus.rubiconproject.com
4	vidstat.taboola.com	cdn.taboola.com vidstat.taboola.com
4	avd.innity.com	avd.innity.net www.sanook.com
4	graph.sanook.com	s.isanook.com
4	www.google-analytics.com	www.googletagmanager.com www.sanook.com
4	www.googletagmanager.com	www.sanook.com www.googleoptimize.com
3	secure.adnxs.com	3 redirects
3	ads.playground.xyz	3 redirects
3	match.adsby.bidtheatre.com	3 redirects
3	matching.truffle.bid	ads.pubmatic.com
3	sync.targeting.unrulymedia.com	3 redirects
3	green.erne.co	3 redirects
3	ad.mrtnsvr.com	3 redirects
3	csync.loopme.me	3 redirects
3	ipac.ctnsnet.com	ads.pubmatic.com
3	cm-supply-web.gammaplatform.com	3 redirects
3	cm.adgrx.com	ads.pubmatic.com
3	c.amazon-adsystem.com	www.sanook.com
3	dsp.adviad.com	7b396d131b51a631f1f56b13a95d7996.safeframe.googlesyndication.com
3	a.teads.tv	www.sanook.com
3	analytics.google.com	www.googletagmanager.com
3	www.sanook.com	1 redirects s.isanook.com
2	s.amazon-adsystem.com	1 redirects eus.rubiconproject.com
2	b1sync.zemanta.com	2 redirects
2	match.360yield.com	2 redirects
2	rtb.openx.net	2 redirects
2	ap.lijit.com	2 redirects
2	ssum-sec.casalemedia.com	2 redirects
2	eus.rubiconproject.com	am-match.taboola.com eus.rubiconproject.com
2	lb.eu-1-id5-sync.com	www.sanook.com
2	fonts.gstatic.com	fonts.googleapis.com
2	eb2.3lift.com	1 redirects www.sanook.com
2	u.openx.net	1 redirects www.sanook.com
2	ssbsync.smartadserver.com	1 redirects www.sanook.com
2	pubmatic-match.dotomi.com	2 redirects
2	sync.srv.stackadapt.com	2 redirects
2	cms.quantserve.com	1 redirects ads.pubmatic.com
2	oajs.openx.net	1 redirects www.sanook.com
2	esp.rtbhouse.com	invstatic101.creativecdn.com
2	wf.taboola.com	www.sanook.com
2	am-match.taboola.com	vidstat.taboola.com
2	fonts.googleapis.com	cdn.taboola.com 7b396d131b51a631f1f56b13a95d7996.safeframe.googlesyndication.com
2	cdn.id5-sync.com	securepubads.g.doubleclick.net www.sanook.com
2	adservice.google.com	securepubads.g.doubleclick.net
2	static.xx.fbcdn.net	www.facebook.com
2	pm-widget.taboola.com	cdn.taboola.com pm-widget.taboola.com
2	stats.g.doubleclick.net	www.googletagmanager.com www.sanook.com
2	www.googleadservices.com	www.googletagmanager.com
2	www.googleoptimize.com	www.googletagmanager.com
2	lvs2.truehits.in.th	www.sanook.com
1	am-wf.taboola.com	www.sanook.com
1	eu-u.openx.net	google-bidout-d.openx.net
1	px.ads.linkedin.com	eus.rubiconproject.com
1	stags.bluekai.com	www.sanook.com
1	spl.zeotap.com	1 redirects
1	core.iprom.net	ads.pubmatic.com
1	pixel-us-east.rubiconproject.com	1 redirects
1	p.adlooxtracking.com	www.sanook.com
1	code.jquery.com	www.sanook.com
1	s.ad.smaato.net	1 redirects
1	cs.media.net	1 redirects
1	ads.travelaudience.com	1 redirects
1	cds.taboola.com	www.sanook.com
1	pips.taboola.com	www.sanook.com
1	vidstatb.taboola.com	www.sanook.com
1	dspmedia.eskimi.com	imasdk.googleapis.com
1	id.crwdcntrl.net	www.sanook.com
1	t.adx.opera.com	www.sanook.com
1	match.taboola.com	www.sanook.com
1	bh.contextweb.com	www.sanook.com
1	trace.mediago.io	1 redirects
1	tg.socdm.com	1 redirects
1	ajax.googleapis.com	securepubads.g.doubleclick.net
1	google-bidout-d.openx.net	oa.openxcdn.net
1	5594b4fd3b464788e361638398c3f62b.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	ws.rqtrk.eu	1 redirects
1	image4.pubmatic.com	www.sanook.com
1	dsp.adfarm1.adition.com	1 redirects
1	sync.mathtag.com	1 redirects
1	img-as.fsanook.com	securepubads.g.doubleclick.net
1	bcp.crwdcntrl.net	www.sanook.com
1	am-vid-events.taboola.com	www.sanook.com
1	imprammp.taboola.com	vidstat.taboola.com
1	cdn.streamroot.io	s.isanook.com
1	dc.sanook.com	www.sanook.com
1	invstatic101.creativecdn.com	securepubads.g.doubleclick.net
1	cdn.jsdelivr.net	securepubads.g.doubleclick.net
1	cdn.prod.uidapi.com	securepubads.g.doubleclick.net
1	tags.crwdcntrl.net	securepubads.g.doubleclick.net
1	oa.openxcdn.net	securepubads.g.doubleclick.net
1	trc-events.taboola.com	www.sanook.com
1	cdn.izooto.com	s.isanook.com
1	sloth-api.sanook.com	www.sanook.com
0	rtbdemand.apiip.net Failed	www.sanook.com
0	a.c.appier.net Failed	7b396d131b51a631f1f56b13a95d7996.safeframe.googlesyndication.com
0	fksnk.com Failed	7b396d131b51a631f1f56b13a95d7996.safeframe.googlesyndication.com
0	a.tribalfusion.com Failed	7b396d131b51a631f1f56b13a95d7996.safeframe.googlesyndication.com ads.pubmatic.com
0	api.rlcdn.com Failed	www.sanook.com
0	rtb-csync.smartadserver.com Failed	www.sanook.com
0	ce.lijit.com Failed	www.sanook.com
0	ih.adscale.de Failed	www.sanook.com
0	a.audrte.com Failed	www.sanook.com
0	cr.frontend.weborama.fr Failed	www.sanook.com
0	match.prod.bidr.io Failed	ads.pubmatic.com
0	d5p.de17a.com Failed	ads.pubmatic.com
0	p.rfihub.com Failed	imprammp.taboola.com ads.pubmatic.com
673	169

This site contains links to these domains. Also see Links.

Domain
truehits.net
news.sanook.com
www.joox.com
wetv.vip
www.wecomics.in.th
www.facebook.com
sso.member.sanook.com
muan.sanook.com
www.sanook77.co
comics.sanook.com
tv.sanook.com
learning.sanook.com
guru.sanook.com
www.tencent.co.th
twitter.com
instagram.com
www.youtube.com
www.linkedin.com
line.me
webboard.sanook.com
home.sanook.com
www.lazada.co.th
www.onestockhome.com
shopee.co.th
season.sanook.com

Subject Issuer	Validity	Valid
*.sanook.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-06-16` - `2024-07-16`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-05-29` - `2023-08-21`	3 months	crt.sh
lvs2.truehits.in.th Sectigo RSA Domain Validation Secure Server CA	`2023-01-29` - `2024-02-27`	a year	crt.sh
*.isanook.com DigiCert TLS RSA SHA256 2020 CA1	`2022-10-04` - `2023-10-19`	a year	crt.sh
*.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-05-27` - `2023-08-27`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-04-07` - `2023-07-06`	3 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2023-05-29` - `2023-08-21`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-05-29` - `2023-08-21`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-05-29` - `2023-08-21`	3 months	crt.sh
*.google.com.ge GTS CA 1C3	`2023-05-29` - `2023-08-21`	3 months	crt.sh
*.pubmatic.com DigiCert TLS RSA SHA256 2020 CA1	`2023-01-25` - `2024-01-24`	a year	crt.sh
*.taboola.com DigiCert TLS RSA SHA256 2020 CA1	`2022-12-08` - `2023-12-31`	a year	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-05-12` - `2023-08-10`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-05-29` - `2023-08-21`	3 months	crt.sh
*.scorecardresearch.com Sectigo RSA Domain Validation Secure Server CA	`2022-12-15` - `2023-12-28`	a year	crt.sh
*.innity.net DigiCert TLS RSA SHA256 2020 CA1	`2023-02-24` - `2024-02-26`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-05-14` - `2024-05-13`	a year	crt.sh
*.innity.com Sectigo RSA Domain Validation Secure Server CA	`2022-11-08` - `2023-12-09`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-05-29` - `2023-08-21`	3 months	crt.sh
teads.tv R3	`2023-06-26` - `2023-09-24`	3 months	crt.sh
oa.openxcdn.net GTS CA 1D4	`2023-05-28` - `2023-08-26`	3 months	crt.sh
*.crwdcntrl.net Amazon RSA 2048 M01	`2022-11-07` - `2023-12-06`	a year	crt.sh
cdn.prod.uidapi.com R3	`2023-05-18` - `2023-08-16`	3 months	crt.sh
jsdelivr.net GlobalSign Atlas R3 DV TLS CA 2022 Q4	`2022-12-23` - `2024-01-24`	a year	crt.sh
invstatic101.creativecdn.com GTS CA 1D4	`2023-06-27` - `2023-09-25`	3 months	crt.sh
*.streamroot.io AlphaSSL CA - SHA256 - G4	`2023-02-16` - `2024-03-12`	a year	crt.sh
*.id5-sync.com R3	`2023-04-18` - `2023-07-17`	3 months	crt.sh
esp.rtbhouse.com GTS CA 1D4	`2023-05-17` - `2023-08-15`	3 months	crt.sh
*.fsanook.com DigiCert TLS RSA SHA256 2020 CA1	`2022-12-06` - `2024-01-06`	a year	crt.sh
aax-eu.amazon-adsystem.com Amazon RSA 2048 M01	`2023-06-21` - `2024-03-02`	8 months	crt.sh
*.quantserve.com DigiCert TLS RSA SHA256 2020 CA1	`2022-08-09` - `2023-09-09`	a year	crt.sh
*.simpli.fi DigiCert TLS RSA SHA256 2020 CA1	`2022-11-07` - `2023-12-08`	a year	crt.sh
*.ybp.yahoo.com DigiCert SHA2 High Assurance Server CA	`2023-04-04` - `2023-09-27`	6 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-05-29` - `2023-08-21`	3 months	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2022-07-21` - `2023-08-21`	a year	crt.sh
*.smartadserver.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-01-21` - `2024-01-23`	a year	crt.sh
*.contextweb.com DigiCert TLS RSA SHA256 2020 CA1	`2023-04-10` - `2024-05-09`	a year	crt.sh
*.adx.opera.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-05-22` - `2024-06-20`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2023-04-12` - `2024-05-13`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2023-05-29` - `2023-08-21`	3 months	crt.sh
*.eskimi.com GeoTrust TLS RSA CA G1	`2023-03-20` - `2024-04-12`	a year	crt.sh
*.eu-1-id5-sync.com R3	`2023-04-18` - `2023-07-17`	3 months	crt.sh
adviad.com GTS CA 2P2	`2023-05-16` - `2023-08-14`	3 months	crt.sh
*.rubiconproject.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-03-07` - `2024-04-03`	a year	crt.sh
*.jquery.com Sectigo RSA Domain Validation Secure Server CA	`2022-08-03` - `2023-07-14`	a year	crt.sh
c.amazon-adsystem.com Amazon RSA 2048 M01	`2023-02-28` - `2024-02-17`	a year	crt.sh
p.adlooxtracking.com GTS CA 1D4	`2023-05-22` - `2023-08-20`	3 months	crt.sh
track.adform.net DigiCert TLS RSA SHA256 2020 CA1	`2022-09-20` - `2023-09-20`	a year	crt.sh
*.everesttech.net GlobalSign Atlas R3 DV TLS CA 2022 Q4	`2022-11-07` - `2023-12-09`	a year	crt.sh
public1.adgear.com Sectigo RSA Domain Validation Secure Server CA	`2023-03-03` - `2024-03-31`	a year	crt.sh
*.ctnsnet.com DigiCert TLS RSA SHA256 2020 CA1	`2023-01-04` - `2023-11-06`	10 months	crt.sh
*.iprom.net R3	`2023-05-23` - `2023-08-21`	3 months	crt.sh
truffle.bid R3	`2023-05-24` - `2023-08-22`	3 months	crt.sh

This page contains 96 frames:

Primary Page: https://www.sanook.com/women/220941/
Frame ID: AC2BE317148C0960F2AE1DF5901DA1E6
Requests: 242 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: CAA0D206D88C30BA6E9B58763F038EEB
Requests: 1 HTTP requests in this frame

Frame: https://p3.isanook.com/jo/0/mu/evt/_cross_storage/ex/hub.html
Frame ID: C49E3B438CF850373F787A56263E497A
Requests: 2 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.sanook.com
Frame ID: 62E13F2FDCCDFC770994BF7D8677C7C8
Requests: 2 HTTP requests in this frame

Frame: https://cdn.izooto.com/scripts/sak/iz_setcid.html?v=1
Frame ID: 5353F45EDF78D2CC993B385D9232E42E
Requests: 1 HTTP requests in this frame

Frame: https://www.sanook.com/video/embed/clip/1537276/?playerType=video-js
Frame ID: 6010DA6025C826C05FAC75E64AEDC998
Requests: 79 HTTP requests in this frame

Frame: https://www.facebook.com/v2.9/plugins/like.php?action=like&app_id=1675028022749749&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3fd02278eaba9%26domain%3Dwww.sanook.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.sanook.com%252Ff7ab130de26838%26relation%3Dparent.parent&color_scheme=light&container_width=270&href=https%3A%2F%2Fwww.facebook.com%2Fsanookwomen%2F&layout=standard&locale=en_US&sdk=joey&share=false&show_faces=true&size=small&width=270
Frame ID: 2EBE36D0891DB574A466DDFC9486AD0E
Requests: 3 HTTP requests in this frame

Frame: https://p3.isanook.com/jo/0/mu/evt/_cross_storage/ex/hub.html
Frame ID: FFD2AE598FDDF46292293F2B9CE1BE28
Requests: 2 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=155976
Frame ID: 56F3C0ED860195CAAD4688DA15E1107F
Requests: 17 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=155976
Frame ID: 3FF270E9DAE9F5473D1AF9576EC187B3
Requests: 9 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=155976
Frame ID: 0D28FB5A045427A4C1ADA7C7228AFAD6
Requests: 9 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=155976
Frame ID: 3DB03D9AE574F1587B9C73A20AC440A0
Requests: 9 HTTP requests in this frame

Frame: https://7b396d131b51a631f1f56b13a95d7996.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 74086DAD9A34F14879D09B70CD541350
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: 46B7A2EEC5C6E79247E496A0D1D59C5B
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjss6wyij_ILcQuncvLOHPC58qIAVaPH176jIkMZ1UoTa6nc3EJeCNC7x1ePr_wKom4dV_LBkbXHKHLceEBJZpaJusw-a430cxvPXyI4sID4RSlkw0f01OOHzOyn2jUdL6GKGesYBT6YW9nOLkRy8jtC7xABK3luKBVmjAyqY_8qPMz9JC7SQxsw1Ou264lpC-x-lD4PcgOvJPQsRpALGccCnTK9CBtDpGviZTFSz0G9_8YHnK8yQCBLrg5lFda-DJrm2g4y8O7Ofyzjw0w4Enuhpu0VcB6YmhUtOctmGTg5TocHDAAxcBuXtSZtWmGdcAIRe9HxcCXycMhDDUcT91B1RlYRX0vInOS1zBEmIpDj884bo&sai=AMfl-YSmc5G9l9PRnHFVQ5K89P96BRAd_ozhOH7mcF6DcV9XzlnrvinXlKmXndCIHvsO2KtTr0nsbX1yRgskd_AWZIajh8AiaIz9flFEMoJoV4BI6vESj_GyPtFEzZKHoIMjDNz_nbEU2f6RdKvJHjHR6wk&sig=Cg0ArKJSzAWhB9loI8giEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: F8C5DB2D00265FDE9719F613ACA1E1C2
Requests: 10 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstnN-rNkr7e82PMGuPVRypEIrTV0r6cIwaLLpL4Pw4rAUwKr3vIPR17W4Aompp90ab59gu2-AUrkKZafX0mEJp3_31o5jtBBouudCmw8yneCG2ZcniO-l8nkhUmujbM7h83ZI4ldqn5iWILAC6xNHneo89F36CP2cNhIsWRz6AC5XD3aCXR8sKO4hppCrQKAWR4NDGm9IjUALce9QLWhfo1ueLgHrKQNyASKepam8XQpN0xwG2iOX7XAWlyCxAo0UYfnlVifusJhSKO2Zf357pb7Cz5tjiD2ZsRG5RL3gWLlGIEg_qDlMtYyzN2wSqhZtPjULccwQyp8MTGvHAnsZIhcrnR1GTEv_wJCDtBQ7_F9iZu0WQdkRdHzdM&sai=AMfl-YTS_NuFSHi5CdX5EWKJROBUEYgRbkYCfNipVh732CED51P-LZ7Bnnl3nbPyUrWV0BhYOEbKk-LvN3qFfJ6jqVO63hS4-oySV2FwZ42hVA-GJU9C8ASUvzmYvpwaEnegApnosqP9YZsG5SM0X6Jl4Q&sig=Cg0ArKJSzCKRDkTVtK6UEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: 7130A77D7BB91A0257FBD113B9D175EC
Requests: 15 HTTP requests in this frame

Frame: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V8GoQCLAbM_EDMOI-yeBGY-YGYcR5l8SoAAABgYED8AAlZlhOHx-Zwq5Yz11q0HC7cwtVy41YMFxaLbeLZTVajISAhy3Li8NgcbtVy5lqLlsOFW7habtyK4cJisU08u8lqNAUfxnKZDGqBhGX2-w4KyunpMbsMoqLrbbE7nGbPG5Cg6XT4XPd63e931zzsfr_XrvG7_bq_22X3SyaD5WixlwMAAACAB_____8QAAAAACIAAAAASAAAAACgEFDh34LABQAAAAAM_____xoAnjgc0MVpdnqe_gAAAAAAAgAAAIAEAEHHWgkAC6yqE___________MQboM29k_P___98w6AHw4APgQQgAAIDHEISc4s36AvJ3IgWbRRgBAAAA2Hp3rj0ySSeoWFT5___vtwJwBQAgIBFA7G8ji-6gxFsYAAAAgTEL9LD4_WaHXeN3u8z_________v5n_M_9ohEyEH9MIzUSxq_kFBABY8wsIAMBG3QAAvAmAE3QIWjEYrM5ArlazAwAAAHDn____Xw_IeJyT5XAyHIwsq8XMNvIYdqvlZrFYjGYTy8jl2x5DJtxNjnbe2z4hwjL7fQcF5fT0mF0GUdH1ttgdTrPnID5oGJaTQTQ_E7YYrSaTzXI4Wy4mg-FoOBrtjwAuB2giBsvlZLKY7Faj1Wgz3I1mgwUSiMEEUbRoMFmNRpPFZLgaTVaz5WK32yCKVq1mo81guJpNZrvdajgYLkcjNGGL0Woy2SyHs-ViMhiOhqPREMHMxrJcbJaztW4wGblFG5tnrfBMZm7VcDNbDFarwWy3WYteH9PFuRqNlgsvEgzw2IvkaZFOVDbPcLgybUyb5cS42lgmu81mMlzYhpOFxTMyDiZiieZkkU5kl33H45wsh5PhYGRZLWa2kcewWy03i8ViNJtYRi7fvrOxLBeb5WytG0xGbtHG5lkrPJOZWzXczBaD1Wow223WotfHdHGuRqPlwt-YDXfLyXA2mOwbs-FuORnOBpN9h87wXX3ORs_lYO7IvOHS2We0OQ0Kl8HinapX32hndhD9pkWnTKZWFnRGv9_v9_v9fr_f7zdoPQezQeF7Hv7C6WN5Loez0YPYoFDEEsFFOtE87H6_1yKWKE0X6USv-7tddr9kMliOFhOxRHC6SCeil_F0Uf-RQy7mks1yLhnM5orhYpUAAAAAAAAAACzBJNNNAAAAAJwMZLac7VbrdBCj2Wg0WC0XwANcgC5gEAAAAAAAgF3NiNxuaXxSW8Uae8xgHna_32tlABCC2cw2-4wg1mq1rAEAAAhgAwAACOCmG28CVKG4_____3EAAABk5NADAAAQ3wcE9MSFUi_8yK8gFovBaP8AVIi1Wq1uN9ZqtQA!&cmcv=&pix=undefined&cb=1687928604229&uv=3291&tms=1687928604229&abt=esv_vB!lvlstst-in2_vB!lvlstst1_vB!nonrv_vA!t45!ufm&ft=0&unm=WIDGET_ITEM&aure=false&agl=1&cirid=d29bacfa-59f5-498a-859c-18abb6b37254&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Frame ID: F5F29845A0E5F801C4E2EE50C544F6F0
Requests: 4 HTTP requests in this frame

Frame: https://am-match.taboola.com/sync?dast=V8GoQCLAbM_EDMOI-yeBGY-YGYcR5l8SoAAABgYED8AAlZlhOHx-Zwq5Yz11q0HC7cwtVy41YMFxaLbeLZTVajISAhy3Li8NgcbtVy5lqLlsOFW7habtyK4cJisU08u8lqNAUfxnKZDGqBhGX2-w4KyunpMbsMoqLrbbE7nGbPG5Cg6XT4XPd63e931zzsfr_XrvG7_bq_22X3SyaD5WixlwMAAACAB_____8QAAAAACIAAAAASAAAAACgEFDh34LABQAAAAAM_____xoAnjgc0MVpdnqe_gAAAAAAAgAAAIAEAEHHWgkAC6yqE___________MQboM29k_P___98w6AHw4APgQQgAAIDHEISc4s36AvJ3IgWbRRgBAAAA2Hp3rj0ySSeoWFT5___vtwJwBQAgIBFA7G8ji-6gxFsYAAAAgTEL9LD4_WaHXeN3u8z_________v5n_M_9ohEyEH9MIzUSxq_kFBABY8wsIAMBG3QAAvAmAE3QIWjEYrM5ArlazAwAAAHDn____Xw_IeJyT5XAyHIwsq8XMNvIYdqvlZrFYjGYTy8jl2x5DJtxNjnbe2z4hwjL7fQcF5fT0mF0GUdH1ttgdTrPnID5oGJaTQTQ_E7YYrSaTzXI4Wy4mg-FoOBrtjwAuB2giBsvlZLKY7Faj1Wgz3I1mgwUSiMEEUbRoMFmNRpPFZLgaTVaz5WK32yCKVq1mo81guJpNZrvdajgYLkcjNGGL0Woy2SyHs-ViMhiOhqPREMHMxrJcbJaztW4wGblFG5tnrfBMZm7VcDNbDFarwWy3WYteH9PFuRqNlgsvEgzw2IvkaZFOVDbPcLgybUyb5cS42lgmu81mMlzYhpOFxTMyDiZiieZkkU5kl33H45wsh5PhYGRZLWa2kcewWy03i8ViNJtYRi7fvrOxLBeb5WytG0xGbtHG5lkrPJOZWzXczBaD1Wow223WotfHdHGuRqPlwt-YDXfLyXA2mOwbs-FuORnOBpN9h87wXX3ORs_lYO7IvOHS2We0OQ0Kl8HinapX32hndhD9pkWnTKZWFnRGv9_v9_v9fr_f7zdoPQezQeF7Hv7C6WN5Loez0YPYoFDEEsFFOtE87H6_1yKWKE0X6USv-7tddr9kMliOFhOxRHC6SCeil_F0Uf-RQy7mks1yLhnM5orhYpUAAAAAAAAAACzBJNNNAAAAAJwMZLac7VbrdBCj2Wg0WC0XwANcgC5gEAAAAAAAgF3NiNxuaXxSW8Uae8xgHna_32tlABCC2cw2-4wg1mq1rAEAAAhgAwAACOCmG28CVKG4_____3EAAABk5NADAAAQ3wcE9MSFUi_8yK8gFovBaP8AVIi1Wq1uN9ZqtQA!&excid=22&docw=0&cijs=1&nlb=false
Frame ID: FBEF8E8086D509879A2256C5089923A1
Requests: 4 HTTP requests in this frame

Frame: https://7b396d131b51a631f1f56b13a95d7996.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 96A0196E09F2F639C13FFA585E6771AA
Requests: 15 HTTP requests in this frame

Frame: https://7b396d131b51a631f1f56b13a95d7996.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 6932EA327FFF10548AE13FE988023733
Requests: 21 HTTP requests in this frame

Frame: https://7b396d131b51a631f1f56b13a95d7996.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 06420CB59785CDDADEDA504D4B43C61E
Requests: 15 HTTP requests in this frame

Frame: https://7b396d131b51a631f1f56b13a95d7996.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 7A4B5A01DC403769CBD4F2F78A8BFCD2
Requests: 16 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvOOrzqjU2Gdl9B6cs_7Qc1HyRVGyEcRnQnwFBe897uvV5nvjH7wmLeox5YRjQEXzNaVFjgyjXwJGUujB0LGwmxU-7XFG9fehxj0YOm7-lFM4g8_eja1UMYpd2FywOeBztLfZN7z5K8-ryMcsyMCl4qqOPRWlrxwTHKqJqRhmCk1qktjBLetTPYRb824dUtscs4eDwggeDruG_TaDG6KHdUjubFvgJ1dCG1jg9KMiN4m3X0C0Hmy0mGniUfPJ84UIsLnup2ZU7TE156DAb2OtaQpOplM03GY2gBeR-jDbw_vOuupZ-oMwJgVNYpbAWqyzGtVoJhg8hTqUviVvMilMIMR2mwAn9k9pOszERBXw&sai=AMfl-YSMTkKbcYYcfVA2pOwdNzleUBTqiN0yLQUns2bVvtBmuQzJAPlcd0Dq5eni5gBUsVxl6cHENgAYBiwszLwamz4p-ZUqW9XiVCYmG88fTFjIQUYJ-gAfaQXNUcTeB9Bl0tQb7YKb_9R9p_bf3wZEm4M&sig=Cg0ArKJSzCfbU7Ihq6GQEAE&uach_m=[UACH]&adurl=
Frame ID: 35E66FBE51D0A224F2A610F737CFF863
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPW01AIQlfyX1QQY68D47gEwAQ&v=APEucNVNs_yQh6ymLjfQ6GcuRUvWtH-Re9CXcbN3A6iwCbwLmt3npA0qMAeQRWy5RgBE-tmJEXZN0-IDvmyD5o7DFAzNzDZjQA
Frame ID: C3415C6D61A732536DBCB812F715A2E3
Requests: 5 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:75ea649b-bf1d-4100-8616-1c08765efb1e&gdpr=0&gdpr_consent=
Frame ID: AE09379BABC5CF313A85478D75A3E3A1
Requests: 1 HTTP requests in this frame

Frame: https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
Frame ID: BDCBDD41812B982FAF95ABAF1693E6A2
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Frame ID: E90B8C10142272F61B543C3B14638C9D
Requests: 1 HTTP requests in this frame

Frame: https://p.rfihub.com/cm?pub=224&in=1&getuid=https%3A//image2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D
Frame ID: C17B9DE344D3CB3A17FD728CFBDEE4A2
Requests: 1 HTTP requests in this frame

Frame: https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=42506BB5-4699-4248-8DC1-E5C15A48A7E9&redir=true&gdpr=0&gdpr_consent=&dcc=t
Frame ID: 0F1BC9A8E940943E9EA58A26053C52E4
Requests: 1 HTTP requests in this frame

Frame: https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
Frame ID: BB773BAA454EA4E484D291DC55707DEC
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=164765543742477328&gdpr=0&gdpr_consent=
Frame ID: 2D6E6012652492D1755522C9A8A56626
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7249598160764663957&gdpr=0&gdpr_consent=
Frame ID: 642F9926B0F92CC45D2CC10F809B3C6B
Requests: 1 HTTP requests in this frame

Frame: https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent=
Frame ID: 3AFE76E1CB289D84AB37B72AFBC5D320
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=Lty_i4_-UTl6oP4k4aSluFvvzrU&gdpr=0&gdpr_consent=
Frame ID: 11A632A6C86BC3CB13DDDE2F10B66D9C
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPW01AIQlfyX1QQY68D47gEwAQ&v=APEucNVlXj0MRJiF1ejQHTeVYjp2AUTUf0aata1OVSegLEfrr-Se96SfJ1o2L43IrnduO3DV80_5BOUoSYqEsYb4HM0HHYS4nQ
Frame ID: 221E928CE83B7BAFC8C4F208012689DA
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPW01AIQlfyX1QQY7af47gEwAQ&v=APEucNXy5X2ozdkDyztgnCuhqGDmR6DumnCDMtL63BmQXAIISMwonVKWlnE-828_kEWnvTKrILl9BlRVmJTbtma5yDQ_mGJXEg
Frame ID: 80D7573A57731B490AA3BB9A8AF8549A
Requests: 5 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.578.0_en.html
Frame ID: B487D74E6E6B2DC83CD1E773598144BE
Requests: 1 HTTP requests in this frame

Frame: https://5594b4fd3b464788e361638398c3f62b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: 861E5C96BC880204655F474ED32B59FF
Requests: 1 HTTP requests in this frame

Frame: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Frame ID: 9E4486BA57B97D8C636734FCDBC5EBAD
Requests: 6 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu9W2NjUPUK4bEo9bVZ9qJ95AwC7_Fl9CPwUwOdQzpQCwgGMKHoPlDD5FSNeaE7TU4AsJR9aiTSR16X5VqN9UoCr5bSoJGrQARwDZQV-5ugWSyC3D1TeVJC_hRGOLOGXc3P01G_sZXhZGvjEq24XW8aeOKD3_IfCmw-0HBdJyLKS34ERMWGeLZBJJyi68bJBFGRhY-W7xrHwugEz_EZYrtcO-RFT53eyokcDy5dMty7_nsuIEO6Af3CyXmeHxADG7O3_WIBLFgJQFgot88re7Y8NuzRV-wGgz9cLz6a0cBJtGr_6nj6AC3-CyICORdl2f1SM-_6dqLIXT3NDw&sai=AMfl-YQ2kk5GSRmupufhaGaVVWBnAUow4Kvl1bf51ZZ7-psYIFJA_ykF0sT9mNytS92kw39VDl8SaZ29EZOEiAdXd6nzAHdd5cvJnA4goR67VaCnku-q1BKqgw4Isl9Jgyo&sig=Cg0ArKJSzJoVCjcxrssNEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: C0E5BA44A31C89F5B2566DFE601506A4
Requests: 5 HTTP requests in this frame

Frame: https://sync.taboola.com/sg/supershiprtb-display-network/1/rtb-h?taboola_hm=ZJu-HsCo8YQAAMZjauQAAAAA
Frame ID: E1B5B8FFDA118BE56E98691593EF87CE
Requests: 23 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.578.0_en.html
Frame ID: C6D2C14DD26F6FC9F489984FBF51A034
Requests: 1 HTTP requests in this frame

Frame: https://am-match.taboola.com/sync?dast=V8GoQCLAbM_EDMOI-yeBGY-YGYcR5l8SoAAABgYED8AAlZlhOHx-Zwq5Yz11q0HC7cwtVy41YMFxaLbeLZTVajISAhy3Li8NgcbtVy5lqLlsOFW7habtyK4cJisU08u8lqNAUfxnKZDGqBhGX2-w4KyunpMbsMoqLrbbE7nGbPG5Cg6XT4XPd63e931zzsfr_XrvG7_bq_22X3SyaD5WixlwMAAACAB_____8QAAAAACIAAAAASAAAAACgEFDh34LABQAAAAAM_____xoAnjgc0MVpdnqe_gAAAAAAAgAAAIAEAEHHWgkAC6yqE___________MQboM29k_P___98w6AHw4APgQQgAAIDHEISc4s36AvJ3IgWbRRgBAAAA2Hp3rj0ySSeoWFT5___vtwJwBQAgIBFA7G8ji-6gxFsYAAAAgTEL9LD4_WaHXeN3u8z_________v5n_M_9ohEyEH9MIzUSxq_kFBABY8wsIAMBG3QAAvAmAE3QIWjEYrM5ArlazAwAAAHDn____Xw_IeJyT5XAyHIwsq8XMNvIYdqvlZrFYjGYTy8jl2x5DJtxNjnbe2z4hwjL7fQcF5fT0mF0GUdH1ttgdTrPnID5oGJaTQTQ_E7YYrSaTzXI4Wy4mg-FoOBrtjwAuB2giBsvlZLKY7Faj1Wgz3I1mgwUSiMEEUbRoMFmNRpPFZLgaTVaz5WK32yCKVq1mo81guJpNZrvdajgYLkcjNGGL0Woy2SyHs-ViMhiOhqPREMHMxrJcbJaztW4wGblFG5tnrfBMZm7VcDNbDFarwWy3WYteH9PFuRqNlgsvEgzw2IvkaZFOVDbPcLgybUyb5cS42lgmu81mMlzYhpOFxTMyDiZiieZkkU5kl33H45wsh5PhYGRZLWa2kcewWy03i8ViNJtYRi7fvrOxLBeb5WytG0xGbtHG5lkrPJOZWzXczBaD1Wow223WotfHdHGuRqPlwt-YDXfLyXA2mOwbs-FuORnOBpN9h87wXX3ORs_lYO7IvOHS2We0OQ0Kl8HinapX32hndhD9pkWnTKZWFnRGv9_v9_v9fr_f7zdoPQezQeF7Hv7C6WN5Loez0YPYoFDEEsFFOtE87H6_1yKWKE0X6USv-7tddr9kMliOFhOxRHC6SCeil_F0Uf-RQy7mks1yLhnM5orhYpUAAAAAAAAAACzBJNNNAAAAAJwMZLac7VbrdBCj2Wg0WC0XwANcgC5gEAAAAAAAgF3NiNxuaXxSW8Uae8xgHna_32tlABCC2cw2-4wg1mq1rAEAAAhgAwAACOCmG28CVKG4_____3EAAABk5NADAAAQ3wcE9MSFUi_8yK8gFovBaP8AVIi1Wq1uN9ZqtQA!&excid=22&docw=0&cijs=1&nlb=false
Frame ID: FC801C5BF2B0EE720A85FEDDF4F85B6E
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 1B0D1AA1F16BBD31B9EE6EF31DF39D04
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: CFDCE15F28972E035B93B55F84CD41EA
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 5DFA4F65596BC4E3FD2729C88DF9D5AA
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 2B21700BD611E85A5B54B86365F8F35A
Requests: 9 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=0&us_privacy=1---
Frame ID: FBEC8E85205C3201E77B4BFE7B9AD856
Requests: 11 HTTP requests in this frame

Frame: https://sync-t1.taboola.com/sg/openxrtb-network/1/rtb-h/?gdpr=0&us_privacy=1---&orig=video&taboola_hm=ab1f2b77-c980-427a-97d6-d6b81afcceed
Frame ID: 69616DECC195F1C92DEF39214F2B33A6
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: BD09278157B6DD55C8BC3F0F265A7BEE
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 104FC6830FC940184815DE7039498BE0
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 608BDFEE15253064C723832619D49EAD
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 68B41DB01FC12D02207E2B43BB7A2EF1
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 348D5176C7492DA5A69F585DC648921C
Requests: 3 HTTP requests in this frame

Frame: https://cdn.adviad.com/storage/2023/06/25/c0be70244b48e8fce79eeaa6eb1227dc/
Frame ID: D0C5981282719E157FC0487F24C2E7C1
Requests: 9 HTTP requests in this frame

Frame: https://cdn.adviad.com/storage/2023/06/25/b7b5f39eb05a1aa165484f1f53be78c1/
Frame ID: FA05EE41B801553323A18E3C600ADD96
Requests: 9 HTTP requests in this frame

Frame: https://cdn.adviad.com/storage/2023/06/25/b7b5f39eb05a1aa165484f1f53be78c1/
Frame ID: 109DE49747507D50A8145C2B3134545F
Requests: 9 HTTP requests in this frame

Frame: https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=42506BB5-4699-4248-8DC1-E5C15A48A7E9&gdpr=0&gdpr_consent=
Frame ID: 00874AA7B7A0B19F3A372BCCCD500D36
Requests: 1 HTTP requests in this frame

Frame: https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=&_test=ZJu-IQAAAOpvzgAz
Frame ID: CB67BBC907D9C8C7EC2E469FB4708E67
Requests: 1 HTTP requests in this frame

Frame: https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Frame ID: 8957A6D5F7DC9295447FBB9B0042E69B
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTkmdGw9NDMyMDA=&piggybackCookie=1vda61ii92um
Frame ID: 54A54C68F59E788B5618EE768E32C800
Requests: 1 HTTP requests in this frame

Frame: https://ipac.ctnsnet.com/int/cm?exc=14&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=[user_id]
Frame ID: 0D7F18D09EE70D2666A752603574231E
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
Frame ID: DFE7B134B209327F21A73F8EA9D78D58
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTgmdGw9MTI5NjAw&piggybackCookie=42506BB5-4699-4248-8DC1-E5C15A48A7E9&gdpr=0&gdpr_consent=
Frame ID: D7380974D437EE05DEA36D78E89B23F8
Requests: 1 HTTP requests in this frame

Frame: https://core.iprom.net/cookiesync?gdpr=0&gdpr_consent=
Frame ID: 0BFB3183276464B6272118E17ACCCF21
Requests: 1 HTTP requests in this frame

Frame: https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Frame ID: 878086F019D70CBE68D4B6A5488F26E3
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=kODCF8PznWTjaaXagQbhTSbM&gdpr=0&gdpr_consent=
Frame ID: 2592301340A1D2B110E0274612272724
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-605987e8-8e92-48ec-9109-eef3cab2fa93-003
Frame ID: 28FEC061B9D40D20C6153780C11EACF9
Requests: 1 HTTP requests in this frame

Frame: https://matching.truffle.bid/sync/pub?sid=161&suid=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NDQmdGw9MjAxNjA=&piggybackCookie=$UID
Frame ID: 5D967A55AFFAFE2DE0CA6705A9D30EF8
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:7E612F18E5434AC5AE4AC517E1E74AFD&gdpr=0&gdpr_consent=
Frame ID: CCF8B469140CFE23D2E79D681B601E14
Requests: 1 HTTP requests in this frame

Frame: https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=42506BB5-4699-4248-8DC1-E5C15A48A7E9&gdpr=0&gdpr_consent=
Frame ID: C3820F7B2D70EBFC3AC54856297F6B6D
Requests: 1 HTTP requests in this frame

Frame: https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=&_test=ZJu-IQAVD0uuqQBL
Frame ID: 759B83C5C55CAB1CE235222948EAC7A5
Requests: 1 HTTP requests in this frame

Frame: https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Frame ID: 7E8F46904E09EDF55AFEAFBDCDDFD072
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTkmdGw9NDMyMDA=&piggybackCookie=pcntjmjbmkh9
Frame ID: ACB2C87BF9C7B1444E973315C65EBC62
Requests: 1 HTTP requests in this frame

Frame: https://ipac.ctnsnet.com/int/cm?exc=14&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=[user_id]
Frame ID: 40D551ADB73B88193222750B962BBC49
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
Frame ID: C62D41D597375B38C881E9F4C05E5E6D
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTgmdGw9MTI5NjAw&piggybackCookie=42506BB5-4699-4248-8DC1-E5C15A48A7E9&gdpr=0&gdpr_consent=
Frame ID: 4D190EDA1639B9E33E031A09BA57A799
Requests: 1 HTTP requests in this frame

Frame: https://core.iprom.net/cookiesync?gdpr=0&gdpr_consent=
Frame ID: 91A5D0F5934D0796866B1A3B1810ED16
Requests: 1 HTTP requests in this frame

Frame: https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Frame ID: 6F29910483F1E04E282DA72B17EA9B11
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=H1I2i050USTajbWMSaXjMRgQ&gdpr=0&gdpr_consent=
Frame ID: B5FF96F6CBF8EE53DC790377BB48BC95
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-605987e8-8e92-48ec-9109-eef3cab2fa93-003
Frame ID: 360F26D99492C726A8BC32A38DF28B13
Requests: 1 HTTP requests in this frame

Frame: https://matching.truffle.bid/sync/pub?sid=161&suid=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NDQmdGw9MjAxNjA=&piggybackCookie=$UID
Frame ID: 64ACDE2CD0863E63FEA56522701A883F
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:7E612F18E5434AC5AE4AC517E1E74AFD&gdpr=0&gdpr_consent=
Frame ID: 0ED144D00E18C2A2F98C7D008D32E0D0
Requests: 1 HTTP requests in this frame

Frame: https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=42506BB5-4699-4248-8DC1-E5C15A48A7E9&gdpr=0&gdpr_consent=
Frame ID: CF4F08B0E6C822B2715139803D6A1EE5
Requests: 1 HTTP requests in this frame

Frame: https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=&_test=ZJu-IQADG4Fv3AAz
Frame ID: BCAF53E845AD9E317E1DC17A771B1474
Requests: 1 HTTP requests in this frame

Frame: https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Frame ID: 5FBB1042061733C6BB4FB253A12BE43C
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTkmdGw9NDMyMDA=&piggybackCookie=6jn4bzc6a1r8
Frame ID: CE7BB24981941A561570410A4718BD3E
Requests: 1 HTTP requests in this frame

Frame: https://ipac.ctnsnet.com/int/cm?exc=14&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=[user_id]
Frame ID: 46606FEB6E1733A35C6E07A13D7CBD6C
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
Frame ID: C63B03F0AAB99D64640167BD490D48C6
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTgmdGw9MTI5NjAw&piggybackCookie=42506BB5-4699-4248-8DC1-E5C15A48A7E9&gdpr=0&gdpr_consent=
Frame ID: A5AE3C7866E635FD06E65C2798EF511D
Requests: 1 HTTP requests in this frame

Frame: https://core.iprom.net/cookiesync?gdpr=0&gdpr_consent=
Frame ID: CA547E470DDB5E2E6483D846A94AE7A2
Requests: 1 HTTP requests in this frame

Frame: https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Frame ID: DBBDB6ACB9CFAD4E193AC29B039456D8
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=kODCF8PznTTbMbWahMRRWjSR&gdpr=0&gdpr_consent=
Frame ID: 6C34BA792A1B365DC10B1178F3019AD9
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-605987e8-8e92-48ec-9109-eef3cab2fa93-003
Frame ID: A7D57DD605E37B37A674380B3C908554
Requests: 1 HTTP requests in this frame

Frame: https://matching.truffle.bid/sync/pub?sid=161&suid=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NDQmdGw9MjAxNjA=&piggybackCookie=$UID
Frame ID: 564E411A6AB82B72E74A16CD372CD91E
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:7E612F18E5434AC5AE4AC517E1E74AFD&gdpr=0&gdpr_consent=
Frame ID: 33ACF7FD38E75DB9438E8A14F88077D4
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

“ฉากกั้นโควิด-19” อยากได้ ทำเอง หรือที่ไหนมีขายบ้าง Group 3Group 3Group 3Group 3

Page URL History Show full URLs

https://www.sanook.com/home/25321/ HTTP 302
https://www.sanook.com/women/220941/ Page URL

Detected technologies

React (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

<[^>]+data-react

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Ad Exchange (AdX) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

tpc\.googlesyndication\.com/safeframe

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

DoubleClick for Publishers (DFP) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googletagservices\.com/tag/js/gpt(?:_mobile)?\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Optimize (A/B Testing) Expand

Overall confidence: 100%
Detected patterns

googleoptimize\.com/optimize\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Izooto (Marketing automation) Expand

Overall confidence: 100%
Detected patterns

cdn\.izooto\.\w+

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

comScore (Analytics) Expand

Overall confidence: 100%
Detected patterns

<iframe[^>]* (?:id="comscore"|scr=[^>]+comscore)|\.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon
\.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

673
Requests

82 %
HTTPS

0 %
IPv6

102
Domains

169
Subdomains

100
IPs

16
Countries

10852 kB
Transfer

30024 kB
Size

153
Cookies

29 Outgoing links

These are links going to different origins than the main page.

URL: https://truehits.net/stat.php?login=sanook

Search URL Search Domain Scan URL

URL: https://news.sanook.com/lotto
Title: ตรวจหวย

Search URL Search Domain Scan URL

URL: https://www.joox.com/th
Title: ฟังเพลง

Search URL Search Domain Scan URL

URL: https://wetv.vip/th?language=th
Title: ดูหนัง

Search URL Search Domain Scan URL

URL: https://www.wecomics.in.th/
Title: อ่านการ์ตูน

Search URL Search Domain Scan URL

URL: https://www.facebook.com/PUBGMOBILE.TH.OFFICIAL
Title: เล่นเกมส์

Search URL Search Domain Scan URL

URL: https://sso.member.sanook.com/member/login.php?psnid=000001-000030-000030-000001&autologin=1&option=&surl=https://www.sanook.com/women/220941/&registerUrl=http%3A%2F%2Fsso.member.sanook.com%2Fregister%2Fmini.php
Title: เข้าสู่ระบบ

Search URL Search Domain Scan URL

URL: https://sso.member.sanook.com/member/signup.php?psnid=000001-000030-000030-000001&surl=https://www.sanook.com/women/220941/&autologin=1&eventID=&option=&mail=
Title: สมัครสมาชิก

Search URL Search Domain Scan URL

URL: https://muan.sanook.com/
Title: ข่าวลาว

Search URL Search Domain Scan URL

URL: https://www.sanook77.co/
Title: ข่าว 77 จังหวัด

Search URL Search Domain Scan URL

URL: https://news.sanook.com/lotto/
Title: หวยไทย

Search URL Search Domain Scan URL

URL: https://news.sanook.com/lotto/lotto-stats/
Title: สถิติหวยไทย

Search URL Search Domain Scan URL

URL: https://comics.sanook.com/
Title: อ่านการ์ตูน

Search URL Search Domain Scan URL

URL: https://tv.sanook.com/
Title: ดูทีวี

Search URL Search Domain Scan URL

URL: https://learning.sanook.com/
Title: เรียนออนไลน์

Search URL Search Domain Scan URL

URL: https://guru.sanook.com/
Title: กูรู-รอบรู้

Search URL Search Domain Scan URL

URL: https://www.tencent.co.th/th/jobs/
Title: ร่วมงานกับเรา

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sanookeveryday

Search URL Search Domain Scan URL

URL: https://twitter.com/sanook

Search URL Search Domain Scan URL

URL: https://instagram.com/sanook.com

Search URL Search Domain Scan URL

URL: https://www.youtube.com/user/SanookTV

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/1013623?trk=tyah&trkInfo=clickedVertical%3Acompany%2CclickedEntityId%3A1013623%2Cidx%3A2-1-2%2CtarId%3A1465882069006%2Ctas%3ASanook

Search URL Search Domain Scan URL

URL: https://line.me/ti/p/@sanook.com

Search URL Search Domain Scan URL

URL: https://webboard.sanook.com/forum/?board=75
Title: เว็บบอร์ด

Search URL Search Domain Scan URL

URL: https://home.sanook.com/tips/diy/
Title: DIY

Search URL Search Domain Scan URL

URL: https://www.lazada.co.th/
Title: lazada

Search URL Search Domain Scan URL

URL: https://www.onestockhome.com/
Title: onestockhome

Search URL Search Domain Scan URL

URL: https://shopee.co.th/%E0%B8%89%E0%B8%B2%E0%B8%81%E0%B8%81%E0%B8%B1%E0%B9%89%E0%B8%99%E0%B8%9E%E0%B8%A5%E0%B8%B2%E0%B8%AA%E0%B8%95%E0%B8%B4%E0%B8%81-DIY-%E0%B8%96%E0%B8%AD%E0%B8%94%E0%B8%9B%E0%B8%A3%E0%B8%B0%E0%B8%81%E0%B8%AD%E0%B8%9A-%E0%B8%AA%E0%B8%B3%E0%B8%AB%E0%B8%A3%E0%B8%B1%E0%B8%9A%E0%B8%95%E0%B8%B4%E0%B8%94%E0%B8%95%E0%B8%B1%E0%B9%89%E0%B8%87%E0%B8%97%E0%B8%B5%E0%B9%88%E0%B9%80%E0%B8%84%E0%B8%B2%E0%B8%99%E0%B9%8C%E0%B9%80%E0%B8%95%E0%B8%AD%E0%B8%A3%E0%B9%8C-%E0%B8%AA%E0%B8%B3%E0%B8%99%E0%B8%B1%E0%B8%81%E0%B8%87%E0%B8%B2%E0%B8%99-i.70626269.7823937325
Title: shopee

Search URL Search Domain Scan URL

URL: https://season.sanook.com/hbdproject/july/winner/

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://www.sanook.com/home/25321/ HTTP 302
https://www.sanook.com/women/220941/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 85

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1007499765/?random=1905098557&cv=11&fst=1687928598769&bg=ffffff&guid=ON&async=1&gtm=45He36q0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.sanook.com%2Fwomen%2F220941%2F&label=JxFSCKqXqfMBEPXztOAD&hn=www.googleadservices.com&frm=0&tiba=%E2%80%9C%E0%B8%89%E0%B8%B2%E0%B8%81%E0%B8%81%E0%B8%B1%E0%B9%89%E0%B8%99%E0%B9%82%E0%B8%84%E0%B8%A7%E0%B8%B4%E0%B8%94-19%E2%80%9D%20%E0%B8%AD%E0%B8%A2%E0%B8%B2%E0%B8%81%E0%B9%84%E0%B8%94%E0%B9%89%20%E0%B8%97%E0%B8%B3%E0%B9%80%E0%B8%AD%E0%B8%87%20%E0%B8%AB&value=0&auid=710439222.1687928599&uamb=0&uaw=0&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=F7-bZNeUG6WA7_UPwY-QoAs&sscte=1&crd=&eitems=ChEI8JHqpAYQ-u6G6J3B5NfdARIdANK3YqNj-6zyByMgb65X4_iuWOWc7-qQjdFze00&pscrd=Ek5DaEVJOEpIcXBBWVExZkt5bDcyRi1MYnRBUklsQU45ZlFycFhodUNPdlRZeWpnYmpvMzhjNUZyRDJRUDMxQkx6bVoxRlh2RFlVb0FiUlEaWENoRUk4SkhxcEFZUXByaW9rYVBna3BEWkFSSXRBR0pnSjRBRFh5S0JxemVtdFlBcElXbGVqU0tmbFVmeEZvUHVZbEJrNGdmc29OZ2h1VzFSdmFaLVVVQXEiEwiX_M2EmOX_AhUlwLsIHcEHBLQ HTTP 302
https://www.google.com/pagead/1p-conversion/1007499765/?random=1905098557&cv=11&fst=1687928598769&bg=ffffff&guid=ON&async=1&gtm=45He36q0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.sanook.com%2Fwomen%2F220941%2F&label=JxFSCKqXqfMBEPXztOAD&hn=www.googleadservices.com&frm=0&tiba=%E2%80%9C%E0%B8%89%E0%B8%B2%E0%B8%81%E0%B8%81%E0%B8%B1%E0%B9%89%E0%B8%99%E0%B9%82%E0%B8%84%E0%B8%A7%E0%B8%B4%E0%B8%94-19%E2%80%9D%20%E0%B8%AD%E0%B8%A2%E0%B8%B2%E0%B8%81%E0%B9%84%E0%B8%94%E0%B9%89%20%E0%B8%97%E0%B8%B3%E0%B9%80%E0%B8%AD%E0%B8%87%20%E0%B8%AB&value=0&auid=710439222.1687928599&uamb=0&uaw=0&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek5DaEVJOEpIcXBBWVExZkt5bDcyRi1MYnRBUklsQU45ZlFycFhodUNPdlRZeWpnYmpvMzhjNUZyRDJRUDMxQkx6bVoxRlh2RFlVb0FiUlEaWENoRUk4SkhxcEFZUXByaW9rYVBna3BEWkFSSXRBR0pnSjRBRFh5S0JxemVtdFlBcElXbGVqU0tmbFVmeEZvUHVZbEJrNGdmc29OZ2h1VzFSdmFaLVVVQXEiEwiX_M2EmOX_AhUlwLsIHcEHBLQ&is_vtc=1&ocp_id=F7-bZNeUG6WA7_UPwY-QoAs&cid=CAQSKQBygQiDb4yvavwXCS_kJGM93V3Sr-Lfm-jhByXtvLxZNlVQHWzklpkN&eitems=ChEI8JHqpAYQ-u6G6J3B5NfdARIdANK3YqNWh2lQtAsvN60IxzYHuseQmf1fgo_LqEI&random=1728568190 HTTP 302
https://www.google.ge/pagead/1p-conversion/1007499765/?random=1905098557&cv=11&fst=1687928598769&bg=ffffff&guid=ON&async=1&gtm=45He36q0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.sanook.com%2Fwomen%2F220941%2F&label=JxFSCKqXqfMBEPXztOAD&hn=www.googleadservices.com&frm=0&tiba=%E2%80%9C%E0%B8%89%E0%B8%B2%E0%B8%81%E0%B8%81%E0%B8%B1%E0%B9%89%E0%B8%99%E0%B9%82%E0%B8%84%E0%B8%A7%E0%B8%B4%E0%B8%94-19%E2%80%9D%20%E0%B8%AD%E0%B8%A2%E0%B8%B2%E0%B8%81%E0%B9%84%E0%B8%94%E0%B9%89%20%E0%B8%97%E0%B8%B3%E0%B9%80%E0%B8%AD%E0%B8%87%20%E0%B8%AB&value=0&auid=710439222.1687928599&uamb=0&uaw=0&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek5DaEVJOEpIcXBBWVExZkt5bDcyRi1MYnRBUklsQU45ZlFycFhodUNPdlRZeWpnYmpvMzhjNUZyRDJRUDMxQkx6bVoxRlh2RFlVb0FiUlEaWENoRUk4SkhxcEFZUXByaW9rYVBna3BEWkFSSXRBR0pnSjRBRFh5S0JxemVtdFlBcElXbGVqU0tmbFVmeEZvUHVZbEJrNGdmc29OZ2h1VzFSdmFaLVVVQXEiEwiX_M2EmOX_AhUlwLsIHcEHBLQ&is_vtc=1&ocp_id=F7-bZNeUG6WA7_UPwY-QoAs&cid=CAQSKQBygQiDb4yvavwXCS_kJGM93V3Sr-Lfm-jhByXtvLxZNlVQHWzklpkN&eitems=ChEI8JHqpAYQ-u6G6J3B5NfdARIdANK3YqNWh2lQtAsvN60IxzYHuseQmf1fgo_LqEI&random=1728568190&ipr=y

Request Chain 122

https://sb.scorecardresearch.com/b?c1=2&c2=14617386&cs_it=b9&cv=4.0.0%2B2301240627&ns__t=1687928601602&ns_c=UTF-8&c7=https%3A%2F%2Fwww.sanook.com%2Fwomen%2F220941%2F&c8=%E2%80%9C%E0%B8%89%E0%B8%B2%E0%B8%81%E0%B8%81%E0%B8%B1%E0%B9%89%E0%B8%99%E0%B9%82%E0%B8%84%E0%B8%A7%E0%B8%B4%E0%B8%94-19%E2%80%9D%20%E0%B8%AD%E0%B8%A2%E0%B8%B2%E0%B8%81%E0%B9%84%E0%B8%94%E0%B9%89%20%E0%B8%97%E0%B8%B3%E0%B9%80%E0%B8%AD%E0%B8%87%20%E0%B8%AB%E0%B8%A3%E0%B8%B7%E0%B8%AD%E0%B8%97%E0%B8%B5%E0%B9%88%E0%B9%84%E0%B8%AB%E0%B8%99%E0%B8%A1%E0%B8%B5%E0%B8%82%E0%B8%B2%E0%B8%A2%E0%B8%9A%E0%B9%89%E0%B8%B2%E0%B8%87&c9= HTTP 302
https://sb.scorecardresearch.com/b2?c1=2&c2=14617386&cs_it=b9&cv=4.0.0%2B2301240627&ns__t=1687928601602&ns_c=UTF-8&c7=https%3A%2F%2Fwww.sanook.com%2Fwomen%2F220941%2F&c8=%E2%80%9C%E0%B8%89%E0%B8%B2%E0%B8%81%E0%B8%81%E0%B8%B1%E0%B9%89%E0%B8%99%E0%B9%82%E0%B8%84%E0%B8%A7%E0%B8%B4%E0%B8%94-19%E2%80%9D%20%E0%B8%AD%E0%B8%A2%E0%B8%B2%E0%B8%81%E0%B9%84%E0%B8%94%E0%B9%89%20%E0%B8%97%E0%B8%B3%E0%B9%80%E0%B8%AD%E0%B8%87%20%E0%B8%AB%E0%B8%A3%E0%B8%B7%E0%B8%AD%E0%B8%97%E0%B8%B5%E0%B9%88%E0%B9%84%E0%B8%AB%E0%B8%99%E0%B8%A1%E0%B8%B5%E0%B8%82%E0%B8%B2%E0%B8%A2%E0%B8%9A%E0%B9%89%E0%B8%B2%E0%B8%87&c9=

Request Chain 200

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1007499765/?random=1936137015&cv=11&fst=1687928603017&bg=ffffff&guid=ON&async=1&gtm=45He36q0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.sanook.com%2Fwomen%2F220941%2F&ref=https%3A%2F%2Fwww.sanook.com%2Fwomen%2F220941%2F&label=JxFSCKqXqfMBEPXztOAD&hn=www.googleadservices.com&frm=1&tiba=%E0%B8%94%E0%B8%B9%E0%B8%94%E0%B8%A7%E0%B8%87%E0%B8%9B%E0%B8%A3%E0%B8%B0%E0%B8%88%E0%B8%B3%E0%B8%AA%E0%B8%B1%E0%B8%9B%E0%B8%94%E0%B8%B2%E0%B8%AB%E0%B9%8C%2016-30%20%E0%B8%A1%E0%B8%B4%E0%B8%96%E0%B8%B8%E0%B8%99%E0%B8%B2%E0%B8%A2%E0%B8%99%202566%20%3AEmbed&value=0&auid=710439222.1687928599&uamb=0&uaw=0&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=G7-bZJCyBZWj7_UPqNqc4A4&sscte=1&crd=&eitems=ChEI8JHqpAYQ-u6G6J3B5NfdARIdANK3YqNY63SHZSM-sRhWtEmH0biLOmYXsh8l40Q&pscrd=Ek5DaEVJOEpIcXBBWVExZkt5bDcyRi1MYnRBUklsQU45ZlFycFhodUNPdlRZeWpnYmpvMzhjNUZyRDJRUDMxQkx6bVoxRlh2RFlVb0FiUlEaWENoRUk4SkhxcEFZUXByaW9rYVBna3BEWkFSSXRBR0pnSjREWXVOS3BfUFdUYmRyNTc0Mm0zS3BiN1g0MHJNQ21IdW9ncllvN2U4aC1vTkJ2V2ZqVDhWMm4iEwjQq6yGmOX_AhWV0bsIHSgtB-w HTTP 302
https://www.google.com/pagead/1p-conversion/1007499765/?random=1936137015&cv=11&fst=1687928603017&bg=ffffff&guid=ON&async=1&gtm=45He36q0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.sanook.com%2Fwomen%2F220941%2F&ref=https%3A%2F%2Fwww.sanook.com%2Fwomen%2F220941%2F&label=JxFSCKqXqfMBEPXztOAD&hn=www.googleadservices.com&frm=1&tiba=%E0%B8%94%E0%B8%B9%E0%B8%94%E0%B8%A7%E0%B8%87%E0%B8%9B%E0%B8%A3%E0%B8%B0%E0%B8%88%E0%B8%B3%E0%B8%AA%E0%B8%B1%E0%B8%9B%E0%B8%94%E0%B8%B2%E0%B8%AB%E0%B9%8C%2016-30%20%E0%B8%A1%E0%B8%B4%E0%B8%96%E0%B8%B8%E0%B8%99%E0%B8%B2%E0%B8%A2%E0%B8%99%202566%20%3AEmbed&value=0&auid=710439222.1687928599&uamb=0&uaw=0&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek5DaEVJOEpIcXBBWVExZkt5bDcyRi1MYnRBUklsQU45ZlFycFhodUNPdlRZeWpnYmpvMzhjNUZyRDJRUDMxQkx6bVoxRlh2RFlVb0FiUlEaWENoRUk4SkhxcEFZUXByaW9rYVBna3BEWkFSSXRBR0pnSjREWXVOS3BfUFdUYmRyNTc0Mm0zS3BiN1g0MHJNQ21IdW9ncllvN2U4aC1vTkJ2V2ZqVDhWMm4iEwjQq6yGmOX_AhWV0bsIHSgtB-w&is_vtc=1&ocp_id=G7-bZJCyBZWj7_UPqNqc4A4&cid=CAQSKQBygQiDbcVWndpgpTNHFAkDMFzSQG0Icx6csGy8XLm78SBZTVtWK7AL&eitems=ChEI8JHqpAYQ-u6G6J3B5NfdARIdANK3YqOQIeqkB9HyKIKkaDIYtZgPKh4ykeHBQQ0&random=2055897092 HTTP 302
https://www.google.ge/pagead/1p-conversion/1007499765/?random=1936137015&cv=11&fst=1687928603017&bg=ffffff&guid=ON&async=1&gtm=45He36q0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.sanook.com%2Fwomen%2F220941%2F&ref=https%3A%2F%2Fwww.sanook.com%2Fwomen%2F220941%2F&label=JxFSCKqXqfMBEPXztOAD&hn=www.googleadservices.com&frm=1&tiba=%E0%B8%94%E0%B8%B9%E0%B8%94%E0%B8%A7%E0%B8%87%E0%B8%9B%E0%B8%A3%E0%B8%B0%E0%B8%88%E0%B8%B3%E0%B8%AA%E0%B8%B1%E0%B8%9B%E0%B8%94%E0%B8%B2%E0%B8%AB%E0%B9%8C%2016-30%20%E0%B8%A1%E0%B8%B4%E0%B8%96%E0%B8%B8%E0%B8%99%E0%B8%B2%E0%B8%A2%E0%B8%99%202566%20%3AEmbed&value=0&auid=710439222.1687928599&uamb=0&uaw=0&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek5DaEVJOEpIcXBBWVExZkt5bDcyRi1MYnRBUklsQU45ZlFycFhodUNPdlRZeWpnYmpvMzhjNUZyRDJRUDMxQkx6bVoxRlh2RFlVb0FiUlEaWENoRUk4SkhxcEFZUXByaW9rYVBna3BEWkFSSXRBR0pnSjREWXVOS3BfUFdUYmRyNTc0Mm0zS3BiN1g0MHJNQ21IdW9ncllvN2U4aC1vTkJ2V2ZqVDhWMm4iEwjQq6yGmOX_AhWV0bsIHSgtB-w&is_vtc=1&ocp_id=G7-bZJCyBZWj7_UPqNqc4A4&cid=CAQSKQBygQiDbcVWndpgpTNHFAkDMFzSQG0Icx6csGy8XLm78SBZTVtWK7AL&eitems=ChEI8JHqpAYQ-u6G6J3B5NfdARIdANK3YqOQIeqkB9HyKIKkaDIYtZgPKh4ykeHBQQ0&random=2055897092&ipr=y

Request Chain 299

https://oajs.openx.net/esp?url=https%3A%2F%2Fwww.sanook.com%2Fwomen%2F220941%2F&rid=esp HTTP 302
https://oajs.openx.net/esp?url=https%3A%2F%2Fwww.sanook.com%2Fwomen%2F220941%2F&rid=esp&cc=1

Request Chain 304

https://match.adsrvr.org/track/cmf/generic?gdpr=0&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1 HTTP 302
https://match.adsrvr.org/track/cmb/generic?gdpr=0&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1 HTTP 302
https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=afa44a28-be32-4884-b7e2-2e84609cee3b

Request Chain 305

https://pr-bh.ybp.yahoo.com/sync/taboola/3c291396-702d-4cf3-a32f-583610550673-tuctb95449a?gdpr=0&us_privacy=1--- HTTP 302
https://sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/?taboola_hm=y-ZPs47xtE2oSaqVi71d.lNp.kVPzigeHZAskgGA--~A

Request Chain 306

https://ups.analytics.yahoo.com/ups/58785/sync?redir=true&gdpr=0&us_privacy=1--- HTTP 302
https://ups.analytics.yahoo.com/ups/58785/sync?redir=true&gdpr=0&us_privacy=1---&verify=true HTTP 302
https://sync.taboola.com/sg/yahoosspus-network/1/rtb-h/?taboola_hm=y-nm.H0RdE2uEDd7hWm0WgW0uTGpizmj17~A&gdpr_in_effect=0

Request Chain 317

https://match.adsrvr.org/track/cmf/generic?gdpr=0&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1 HTTP 302
https://match.adsrvr.org/track/cmb/generic?gdpr=0&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1 HTTP 302
https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=afa44a28-be32-4884-b7e2-2e84609cee3b

Request Chain 318

https://pr-bh.ybp.yahoo.com/sync/taboola/3c291396-702d-4cf3-a32f-583610550673-tuctb95449a?gdpr=0&us_privacy=1--- HTTP 302
https://sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/?taboola_hm=y-tK481uZE2oSi1QguVlokP.G6qlN8n1C2E6q6HA--~A

Request Chain 319

https://x.bidswitch.net/sync?gdpr=0&us_privacy=1---&ssp=taboola HTTP 302
https://x.bidswitch.net/ul_cb/sync?gdpr=0&us_privacy=1---&ssp=taboola HTTP 302
https://p.rfihub.com/cm?in=1&pub=20513&ssp=taboola&gdpr=0&gdpr_consent=

Request Chain 336

https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:75ea649b-bf1d-4100-8616-1c08765efb1e&gdpr=0&gdpr_consent=

Request Chain 338

https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@ HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=

Request Chain 340

https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=42506BB5-4699-4248-8DC1-E5C15A48A7E9&redir=true&gdpr=0&gdpr_consent= HTTP 302
https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=42506BB5-4699-4248-8DC1-E5C15A48A7E9&redir=true&gdpr=0&gdpr_consent=&dcc=t

Request Chain 342

https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA%3D%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=164765543742477328&gdpr=0&gdpr_consent=

Request Chain 343

https://dsp.adfarm1.adition.com/cookie/?ssp=9&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7249598160764663957&gdpr=0&gdpr_consent=

Request Chain 345

https://sync.srv.stackadapt.com/sync?nid=11&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=Lty_i4_-UTl6oP4k4aSluFvvzrU&gdpr=0&gdpr_consent=

Request Chain 346

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=QlBrtUaZQkiNweXBWkin6Q%3D%3D&gdpr=0&gdpr_consent= HTTP 302
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=

Request Chain 347

https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=42506BB5-4699-4248-8DC1-E5C15A48A7E9&gdpr=0&gdpr_consent= HTTP 302
https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=42506BB5-4699-4248-8DC1-E5C15A48A7E9&gdpr=0&gdpr_consent=&ct=y

Request Chain 350

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=NDI1MDZCQjUtNDY5OS00MjQ4LThEQzEtRTVDMTVBNDhBN0U5&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=

Request Chain 351

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEPPeSxlv60YU1Rnr-T4FKlY&google_cver=1

Request Chain 353

https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=4494080886801228774

Request Chain 354

https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=afa44a28-be32-4884-b7e2-2e84609cee3b&gdpr=0&gdpr_consent=

Request Chain 355

https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=42506BB5-4699-4248-8DC1-E5C15A48A7E9&redir=true&gdpr=0&gdpr_consent= HTTP 302
https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=42506BB5-4699-4248-8DC1-E5C15A48A7E9&redir=true&gdpr=0&gdpr_consent=&verify=true HTTP 302
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-WXQcBiBE2uWpjD30b.PizN0g2KbER5o-~A&gdpr=0

Request Chain 357

https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
https://ws.rqtrk.eu/pull?pid=6298098f-c92c-4c68-bdfc-f454f26a86ac&redirect=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D193%26user_id%3D%24BROWSER_ID%26gdpr%3D%24GDPR%26gdpr_consent%3D%24GDPR_CONSENT%26expires%3D1%26ssp%3D%24bidswitch_ssp_id&return-unstable=true&eb=&bidswitch_ssp_id=pubmatic&g=1&gdpr_pd=&gdpr=0&gdpr_consent= HTTP 302
https://x.bidswitch.net/sync?dsp_id=193&user_id=&gdpr=0&gdpr_consent=&expires=1&ssp=pubmatic HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=da905178-8959-4a60-8e7c-b68c63e97565&gdpr=0&gdpr_consent=&gdpr_pd=

Request Chain 358

https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=42506BB5-4699-4248-8DC1-E5C15A48A7E9&gdpr=0&gdpr_consent= HTTP 302
https://pubmatic-match.dotomi.com/match/bounce/current?DotomiTest=706ecc9f3c241f5f&is_secure=true&networkId=17100&version=1&nuid=42506BB5-4699-4248-8DC1-E5C15A48A7E9&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAALVYbJouvsjQNZUo4gAAAAAAA&expiration=1688015006&nuid=42506BB5-4699-4248-8DC1-E5C15A48A7E9&is_secure=true&gdpr_consent=&gdpr=0

Request Chain 359

https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=8328107424253339475&gdpr=0&gdpr_consent=&us_privacy=

Request Chain 385

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJfmF2DbR1hs1Zjno37yVV8&google_cver=1 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJfmF2DbR1hs1Zjno37yVV8&google_cver=1&C=1

Request Chain 386

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZJu-HshRkwND67zR.rCKogAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJfmF2DbR1hs1Zjno37yVV8&google_cver=1&google_hm=2

Request Chain 387

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEE4i8cBvM27fkXoDRKiTBMQ&google_cver=1

Request Chain 388

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTc2NTIwMDg3MjI3ODkyMjc4NQ%3D%3D

Request Chain 391

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEN2_CPu3xg6JeABO2fdypvY&google_cver=1

Request Chain 392

https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=MDA0YTFiOWUtZWFmNi0yZDg5LWYwOTgtOGQ4NzcxNjNhNDM5

Request Chain 393

https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm HTTP 302
https://sync.teads.tv/um?eid=3&uid=CAESEOXkEtgBGc6zIzI__68KnZk&google_cver=1

Request Chain 394

https://sync.teads.tv/um?eid=3&uid=&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_hm=ZTE1YzBlZTctNjU4MC00Mzk5LTlmN2YtZTM2NDBiZWYwMmU0

Request Chain 395

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEN2_CPu3xg6JeABO2fdypvY&google_cver=1

Request Chain 396

https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=MDA0YTFiOWUtZWFmNi0yZDg5LWYwOTgtOGQ4NzcxNjNhNDM5

Request Chain 397

https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm HTTP 302
https://sync.teads.tv/um?eid=3&uid=CAESEOXkEtgBGc6zIzI__68KnZk&google_cver=1

Request Chain 398

https://sync.teads.tv/um?eid=3&uid=&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_hm=ZTE1YzBlZTctNjU4MC00Mzk5LTlmN2YtZTM2NDBiZWYwMmU0

Request Chain 413

https://tg.socdm.com/aux/idsync?proto=taboola HTTP 302
https://sync.taboola.com/sg/supershiprtb-display-network/1/rtb-h?taboola_hm=ZJu-HsCo8YQAAMZjauQAAAAA

Request Chain 416

https://pixel.rubiconproject.com/exchange/sync.php?p=16698 HTTP 302
https://sync.taboola.com/sg/rubiconvideo-network/1/rtb-h/?taboola_hm=LJF93ZXG-28-F2IS

Request Chain 417

https://pr-bh.ybp.yahoo.com/sync/taboola/3c291396-702d-4cf3-a32f-583610550673-tuctb95449a?gdpr=0&gdpr_consent=&us_privacy= HTTP 302
https://sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/?taboola_hm=y-R6TEUxJE2oTkXuPfhssW4UChCASbL_HyiEpDVw--~A

Request Chain 418

https://trace.mediago.io/ju/cs/taboola HTTP 302
https://sync.taboola.com/sg/baidurtb-network/1/rtb-h/?taboola_hm=de70c12a0de8c81bf5bd620daa879a2b

Request Chain 419

https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_cm&google_sc HTTP 302
https://trc.taboola.com/sg/google-network/1/rtb-h/?taboola_hm=CAESEGuw0xANak14z7Ctifu_Ouk&google_cver=1

Request Chain 421

https://sync.taboola.com/sg/google-network/1/rtb/?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dtaboola_dbm%26google_sc%26gdpr%3D0%26gdpr_consent%3D&orig=trc HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_sc&gdpr=0&gdpr_consent=&google_hm=3c291396-702d-4cf3-a32f-583610550673-tuctb95449a

Request Chain 422

https://match.adsrvr.org/track/cmf/generic?ttd_pid=054f32o&ttd_tpi=1 HTTP 302
https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=afa44a28-be32-4884-b7e2-2e84609cee3b

Request Chain 426

https://dis.criteo.com/dis/usersync.aspx?r=29&p=282&cp=taboolaortb&cu=1&url=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fcriteortb-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%40%40CRITEO_USERID%40%40 HTTP 302
https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=68e2a8ac-8599-4772-855c-0e91b71cefbb

Request Chain 427

https://id5-sync.com/s/464/9.gif?puid=3c291396-702d-4cf3-a32f-583610550673-tuctb95449a&gdpr=0&gdpr_consent=&callback=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fid5-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%7BID5UID%7D HTTP 302
https://id5-sync.com/c/464/464/7/1.gif?puid=3c291396-702d-4cf3-a32f-583610550673-tuctb95449a&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=8h9u11h&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
https://id5-sync.com/k/264.gif?puid=afa44a28-be32-4884-b7e2-2e84609cee3b&ttl=%%TTL%%

Request Chain 428

https://x.bidswitch.net/sync?ssp=taboola&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
https://rtb.mfadsrvr.com/sync?ssp=bidswitch&bidswitch_ssp_id=taboola&bsw_user_id=da905178-8959-4a60-8e7c-b68c63e97565&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
https://rtb.mfadsrvr.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=taboola&bsw_user_id=da905178-8959-4a60-8e7c-b68c63e97565&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
https://x.bidswitch.net/sync?dsp_id=250&expires=14&user_id=4b9190a7-07b6-4cfc-a942-c8cb27729ca1&ssp=taboola&gdpr=0 HTTP 302
https://sync-t1.taboola.com/sg/bidswitch-network/1/rtb-h?taboola_hm=da905178-8959-4a60-8e7c-b68c63e97565&gdpr=0&gdpr_consent=&gdpr_pd=&us_privacy=

Request Chain 429

https://rtb.mfadsrvr.com/sync?ssp=taboola HTTP 302
https://rtb.mfadsrvr.com/ul_cb/sync?ssp=taboola HTTP 302
https://sync.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=54fe82f7-829a-48e9-86d9-b0203c7762b3 HTTP 302
https://match.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=54fe82f7-829a-48e9-86d9-b0203c7762b3&tbid=3c291396-702d-4cf3-a32f-583610550673-tuctb95449a&query=taboola_hm%3D54fe82f7-829a-48e9-86d9-b0203c7762b3&isDirect=0

Request Chain 431

https://eb2.3lift.com/xuid?mid=7772&xuid=3c291396-702d-4cf3-a32f-583610550673-tuctb95449a&dongle=tbla&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
https://eb2.3lift.com/xuid?ld=1&mid=7772&xuid=3c291396-702d-4cf3-a32f-583610550673-tuctb95449a&dongle=tbla&gdpr=0&cmp_cs=&us_privacy=

Request Chain 432

https://sync.srv.stackadapt.com/sync?nid=140 HTTP 302
https://sync.taboola.com/sg/stackadaptrtb-network/1/rtb-h?taboola_hm=Lty_i4_-UTl6oP4k4aSluFvvzrU

Request Chain 434

https://u.openx.net/w/1.0/cm?gdpr=0&gdpr_consent=&ph=295bf259-a378-4089-aae8-a2a995ba8627&id=37f45540-fa88-4005-bf73-8a7ac39467e3&r=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fopenxrtb-network%2F1%2Frtb-h%2F%3Fgdpr%3D0%26us_privacy%3D1---%26orig%3Dvideo%26taboola_hm%3D HTTP 302
https://sync-t1.taboola.com/sg/openxrtb-network/1/rtb-h/?gdpr=0&us_privacy=1---&orig=video&taboola_hm=ab1f2b77-c980-427a-97d6-d6b81afcceed

Request Chain 435

https://pixel-sync.sitescout.com/dmp/pixelSync?nid=121&0&&us_privacy=&redir= HTTP 302
https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=121&0&&us_privacy=&redir= HTTP 302
https://sync.taboola.com/sg/centrortb-network/1/rtb-h/?taboola_hm=eaf7987f-1ab0-414f-a31f-66e7537a6763-649bbf24-4745

Request Chain 490

https://x.bidswitch.net/sync?gdpr=0&us_privacy=1---&ssp=taboola HTTP 302
https://rtb.mfadsrvr.com/sync?ssp=bidswitch&bidswitch_ssp_id=taboola&bsw_user_id=da905178-8959-4a60-8e7c-b68c63e97565&gdpr=0&gdpr_consent=&us_privacy=1--- HTTP 302
https://rtb.mfadsrvr.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=taboola&bsw_user_id=da905178-8959-4a60-8e7c-b68c63e97565&gdpr=0&gdpr_consent=&us_privacy=1--- HTTP 302
https://x.bidswitch.net/sync?dsp_id=250&expires=14&user_id=54fe82f7-829a-48e9-86d9-b0203c7762b3&ssp=taboola&gdpr=0&us_privacy=1--- HTTP 302
https://sync-t1.taboola.com/sg/bidswitch-network/1/rtb-h?taboola_hm=da905178-8959-4a60-8e7c-b68c63e97565&gdpr=0&gdpr_consent=&gdpr_pd=&us_privacy=1---

Request Chain 492

https://us-u.openx.net/w/1.0/cm?gdpr=0&us_privacy=1---&id=37f45540-fa88-4005-bf73-8a7ac39467e3&r=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fopenxrtb-network%2F1%2Frtb-h%2F%3Fgdpr%3D0%26us_privacy%3D1---%26orig%3Dvideo%26taboola_hm%3D HTTP 302
https://sync-t1.taboola.com/sg/openxrtb-network/1/rtb-h/?gdpr=0&us_privacy=1---&orig=video&taboola_hm=ab1f2b77-c980-427a-97d6-d6b81afcceed

Request Chain 496

https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DPUSH_DATA&google_gid=CAESEDOL6ExR7diJYyZG6XegTkY&google_cver=1&google_push=ATf1kGMGDHUWHvd9SVtYs9665Hj4WLGS5JRIapULdAiialJfNz-gU9aSQHb37sm7MgSRQ04AM7q-QQfAjHGyJ8NtJhFZQkKKtUc HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_hm=k-cchr4a_0rk5yiGPqAc9r8zvk5GwL4OA4biPfCw&google_push=PUSH_DATA HTTP 302
https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&google_error=5

Request Chain 497

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEN-Wvz70I8Y0JaBzvdTX2DY&google_cver=1&google_push=ATf1kGMxD8xBH5Dw0iK3TBdaXUGZ7fGdqbMRTmCyOHNfEX8JYsL255icEKQx9TW_BYebBlUAFV825mB3avGFAnMXtjdgFfGCef4 HTTP 302
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEN-Wvz70I8Y0JaBzvdTX2DY&google_hm=ZJu_HshRkwND67zR-rCKogAAFIoAAAAB&google_nid=index&google_push=ATf1kGMxD8xBH5Dw0iK3TBdaXUGZ7fGdqbMRTmCyOHNfEX8JYsL255icEKQx9TW_BYebBlUAFV825mB3avGFAnMXtjdgFfGCef4

Request Chain 498

https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEBPJuZzO3UKncI_IFmY2_G4&google_cver=1&google_push=ATf1kGPkxe6mGyIGsGKpjQbf_sh6QofDCnIqyCisFCOy5wyFGrlbt6o1oddgGUBpH9gzIrBU-3-ScYQJX_PnL7mJuoFSLtCOV80 HTTP 307
https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEBPJuZzO3UKncI_IFmY2_G4&google_cver=1&google_push=ATf1kGPkxe6mGyIGsGKpjQbf_sh6QofDCnIqyCisFCOy5wyFGrlbt6o1oddgGUBpH9gzIrBU-3-ScYQJX_PnL7mJuoFSLtCOV80&sovrn_retry=true HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=ATf1kGPkxe6mGyIGsGKpjQbf_sh6QofDCnIqyCisFCOy5wyFGrlbt6o1oddgGUBpH9gzIrBU-3-ScYQJX_PnL7mJuoFSLtCOV80&google_hm=G47vKGZHoca7oem-QF2XJZ-F

Request Chain 499

https://sync.inmobi.com/gob?google_gid=CAESEFVyuJY76B3goxKtlc6lO-w&google_cver=1&google_push=ATf1kGP-s_-AFfjSHulEeHiLLmbiZZyFLNApjak2SGY8aAQ9of0XTg7Wf0Xit-0BiuIuWU4qotb_vi3vTiZ1AsLv5Xx_GfILRAul HTTP 302
https://id5-sync.com/i/495/0.gif?gdpr_consent=&gdpr=&callback=https%3A%2F%2Fsync.inmobi.com%2FgobRedirectFromId5%3Fid%3D%7BID5UID%7D%26google_push%3DATf1kGP-s_-AFfjSHulEeHiLLmbiZZyFLNApjak2SGY8aAQ9of0XTg7Wf0Xit-0BiuIuWU4qotb_vi3vTiZ1AsLv5Xx_GfILRAul HTTP 302
https://id5-sync.com/c/495/0/0/1.gif?gdpr=0&gdpr_consent=&us_privacy= HTTP 302
https://sync.inmobi.com/gobRedirectFromId5?id=ID5-c9eaRG2HIFb_vMBPmNDz_fi5ONP2kEcm0Tp00OBseQ&google_push=ATf1kGP-s_-AFfjSHulEeHiLLmbiZZyFLNApjak2SGY8aAQ9of0XTg7Wf0Xit-0BiuIuWU4qotb_vi3vTiZ1AsLv5Xx_GfILRAul HTTP 302
https://cm.g.doubleclick.net/pixel?google_hm=tfx-S_-2ieF2h5YqGTcM&google_push=ATf1kGP-s_-AFfjSHulEeHiLLmbiZZyFLNApjak2SGY8aAQ9of0XTg7Wf0Xit-0BiuIuWU4qotb_vi3vTiZ1AsLv5Xx_GfILRAul&google_nid=inmobi_new_eb

Request Chain 500

https://sync.teads.tv/um?ssb_provider_id=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEJeq6EEtL6dNVbMzLrnIl6c&google_cver=1&google_push=ATf1kGN1LylHjwKWDiYwcj-7qjAJtJlW-lfMKzumrWsYo2PlW0DLcFcKomyT9duOo5MvyWL14101fAltRGTwEGZD9Tl3kh-9Wt9r HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=ZTE1YzBlZTctNjU4MC00Mzk5LTlmN2YtZTM2NDBiZWYwMmU0&google_push=ATf1kGN1LylHjwKWDiYwcj-7qjAJtJlW-lfMKzumrWsYo2PlW0DLcFcKomyT9duOo5MvyWL14101fAltRGTwEGZD9Tl3kh-9Wt9r HTTP 302
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab

Request Chain 506

https://ads.travelaudience.com/google_pixel?google_gid=CAESEMHJYT-1yHYj3jWg-G5TtFs&google_cver=1&google_push=ATf1kGPWuTINlczGAvOSADTAvte2E5cSXqAy-vojQ5t2LcYpVE40fa5e0XoHzoguTabvGsVKQviv2AFBpDO892gJspk4vORH8-8 HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=Uhq26dEVRQmQHYaVag6XZQ2&google_push=ATf1kGPWuTINlczGAvOSADTAvte2E5cSXqAy-vojQ5t2LcYpVE40fa5e0XoHzoguTabvGsVKQviv2AFBpDO892gJspk4vORH8-8

Request Chain 508

https://rtb.openx.net/sync/dds?google_gid=CAESENs9Kx_VOLKWta7v-Eprn98&google_cver=1&google_push=ATf1kGNWBoJH9L3rLb-IQ1ts0WDrnhTXOQXIRBOAd6w3D2p1ZGokmc-2IRsFFZCLgtuw3wN9AAp9SUCvgR_kff3KDPCAbes--frH HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=ATf1kGNWBoJH9L3rLb-IQ1ts0WDrnhTXOQXIRBOAd6w3D2p1ZGokmc-2IRsFFZCLgtuw3wN9AAp9SUCvgR_kff3KDPCAbes--frH&google_hm=83NCaIoHygMDDJuJaJhQ4w==

Request Chain 509

https://match.360yield.com/match/ebda?google_gid=CAESECHM-OGmB7h8dfNyGRdX0P4&google_cver=1&google_push=ATf1kGN2kiaoWUwwILW1DHEQprIW4iIxHktZqGF6U1B3XXCHDmjVcZ2KnMlDuaHCopKlpoGf5QEt9WySbg67kt2CJ39JL9SYua8B HTTP 302
https://match.360yield.com/ul_cb/match/ebda?google_gid=CAESECHM-OGmB7h8dfNyGRdX0P4&google_cver=1&google_push=ATf1kGN2kiaoWUwwILW1DHEQprIW4iIxHktZqGF6U1B3XXCHDmjVcZ2KnMlDuaHCopKlpoGf5QEt9WySbg67kt2CJ39JL9SYua8B HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=0haToNo0TNmBjJ0D2W0ofg&google_push=ATf1kGN2kiaoWUwwILW1DHEQprIW4iIxHktZqGF6U1B3XXCHDmjVcZ2KnMlDuaHCopKlpoGf5QEt9WySbg67kt2CJ39JL9SYua8B

Request Chain 510

https://cs.media.net/cksync?type=g&google_gid=CAESEF9KdXJpojQbNJ3ZXZWaxXI&google_cver=1&google_push=ATf1kGPrRz8m6CmnbpdA4MKahqNx__TzCS5tixudjux-hXXp1BmBIgARKzUVYvsw-8GgXAtFegT2oMZqHTAxBIjDRZnf4lgCQM7i HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=MzMwOTMwMjE0NDI2NzcwNzAwMFYxMA%3d%3d&mn_hm=MzMwOTMwMjE0NDI2NzcwNzAwMFYxMA%3d%3d&google_sc=1&google_push=ATf1kGPrRz8m6CmnbpdA4MKahqNx__TzCS5tixudjux-hXXp1BmBIgARKzUVYvsw-8GgXAtFegT2oMZqHTAxBIjDRZnf4lgCQM7i&gdpr=&gdpr_consent=

Request Chain 511

https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEA3LWyN0lS8qRh7EnQYOwe4&google_cver=1&google_push=ATf1kGMxBos3PJQfQoEHR8HcPm3apThog8hb5TGnVo7IfpwnbvtjKYxnnZI6AeqxgtMfTXa8jfdCQ89xkIneMVjG60N2wewfHtZXkA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS0uYXZrRFUxRTJ1SEZWNkJFZkF6S1RUUU9WUl9wYXdSTH5B&google_push=ATf1kGMxBos3PJQfQoEHR8HcPm3apThog8hb5TGnVo7IfpwnbvtjKYxnnZI6AeqxgtMfTXa8jfdCQ89xkIneMVjG60N2wewfHtZXkA

Request Chain 516

https://match.adsrvr.org/track/cmf/google?google_gid=CAESEEWZhh8e_r67qEhNOzyiQtc&google_cver=1&google_push=ATf1kGMyNtCLAs7X5Rq-Avyjhn9652xZYEdy7dB-UHkMjKq5ZqdTsJs39jKr-WQySNYi1wzCvZv2feeiuILp6aLF9MRkwJl6fsA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_hm=YWZhNDRhMjgtYmUzMi00ODg0LWI3ZTItMmU4NDYwOWNlZTNi&google_push&gdpr=0&gdpr_consent=&ttd_tdid=afa44a28-be32-4884-b7e2-2e84609cee3b

Request Chain 517

https://rtb.openx.net/sync/dds?google_gid=CAESENs9Kx_VOLKWta7v-Eprn98&google_cver=1&google_push=ATf1kGMZsyFf7orKw5OwvVNV8syANHvQxrwwGH3XcfD1219_XSlVzojIsPveT73ZN9zcpjNt9qNsyomT-jXx-wZkPHSEruqhNvU HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=ATf1kGMZsyFf7orKw5OwvVNV8syANHvQxrwwGH3XcfD1219_XSlVzojIsPveT73ZN9zcpjNt9qNsyomT-jXx-wZkPHSEruqhNvU&google_hm=83NCaIoHygMDDJuJaJhQ4w==

Request Chain 518

https://b1sync.zemanta.com/usersync/googleadx/?google_gid=CAESEETeUTUOg5zAFOYBwv7F5TA&google_cver=1&google_push=ATf1kGMIQylbf34xYxmb738KsJ2Y4IdrtY75IXPdWoTHVywx1OPuu9zcs-nh6ATrmoSZC-n8M41mx5dA5di4d8FmYI7DsNzvn6A HTTP 302
https://b1sync.zemanta.com/usersync/googleadx/?google_cver=1&google_gid=CAESEETeUTUOg5zAFOYBwv7F5TA&google_push=ATf1kGMIQylbf34xYxmb738KsJ2Y4IdrtY75IXPdWoTHVywx1OPuu9zcs-nh6ATrmoSZC-n8M41mx5dA5di4d8FmYI7DsNzvn6A&s=2 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=ATf1kGMIQylbf34xYxmb738KsJ2Y4IdrtY75IXPdWoTHVywx1OPuu9zcs-nh6ATrmoSZC-n8M41mx5dA5di4d8FmYI7DsNzvn6A&google_hm=M3k5X0IzYU1jNGlhdnJrbm9fYzc=

Request Chain 519

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEP09_xMxLuEy1QOYkHkW8iY&google_cver=1&google_push=ATf1kGPBD02FzotrWpkhSsvao3iN5xJjs5IPim-OSRxMzrxfuwg5xRrCDHb-a4K728qW9zn8pligpfLlj5nj9SkRht-jqoiQLN4 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=QlBrtUaZQkiNweXBWkin6Q%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=ATf1kGPBD02FzotrWpkhSsvao3iN5xJjs5IPim-OSRxMzrxfuwg5xRrCDHb-a4K728qW9zn8pligpfLlj5nj9SkRht-jqoiQLN4

Request Chain 520

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEPij_7ps0vEWwEWFMPWvTCA&google_cver=1&google_push=ATf1kGMnXOHI_qbqIZL0UEZvqxlTj3BhJjZaOjUmkHlTIIIirwd8Ry_nhwSWu4jVW7wDlvn_C9_BQyiWiT92f_MXNX1IyNwGuoQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEpGOTNaWEctMjgtRjJJUw==&google_push=ATf1kGMnXOHI_qbqIZL0UEZvqxlTj3BhJjZaOjUmkHlTIIIirwd8Ry_nhwSWu4jVW7wDlvn_C9_BQyiWiT92f_MXNX1IyNwGuoQ

Request Chain 521

https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEH2qkCMRF7BASqbua03ble8&google_cver=1&google_push=ATf1kGOSjDK7TrLd2fl7vWzUT_N20Ir2jv7IF3qLa-4T3kyCAadpA3mB4cwC02Kx-di4j_jqfXsj6QGaZd_fWZtBIsq3kK6OoA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_hm=fe54e09d&google_redir=https%3A%2F%2Fs.ad.smaato.net%2Fc%2F%3FadExInit%3Dg&google_push=ATf1kGOSjDK7TrLd2fl7vWzUT_N20Ir2jv7IF3qLa-4T3kyCAadpA3mB4cwC02Kx-di4j_jqfXsj6QGaZd_fWZtBIsq3kK6OoA

Request Chain 523

https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEH5fTVsKzEGfyazRfbKwB_Y&google_cver=1&google_push=ATf1kGOfKqNMDcIRtJLbywd3Ch3Vo9myUv4CEdDMqmNt46O7I9dEr2XEOLCP_mZFWHgcAF75rcNZUZDh98Ip-C2ToBIYzVIxXHi8 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=ATf1kGOfKqNMDcIRtJLbywd3Ch3Vo9myUv4CEdDMqmNt46O7I9dEr2XEOLCP_mZFWHgcAF75rcNZUZDh98Ip-C2ToBIYzVIxXHi8&google_hm=2pBReIlZSmCOfLaMY-l1ZQ==

Request Chain 524

https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DPUSH_DATA&google_gid=CAESEDOL6ExR7diJYyZG6XegTkY&google_cver=1&google_push=ATf1kGMwRJOfOu2P4PtN3t7WI8sEYl3GDyYnQEAr4WC3iyZ0IFJJU9oqy3Uq4D0-S4XWOktbGKsyBtcwy-a2r-f3kRp7PE04JZ36 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_hm=k-cchr4a_0rk5yiGPqAc9r8zvk5GwL4OA4biPfCw&google_push=PUSH_DATA HTTP 302
https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&google_error=5

Request Chain 525

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEAmyonzz7eUJ0I7v-uTlRyE&google_cver=1&google_push=ATf1kGPzW1aIpwdzrLTkP56ptZByufTEkTL2MtcXkD70TDxBzZK6YZjinrjJo0b9lyTsY831dErktY9iZrAYjtQfERJaEcUNmu4 HTTP 302
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEAmyonzz7eUJ0I7v-uTlRyE&google_cver=1&google_push=ATf1kGPzW1aIpwdzrLTkP56ptZByufTEkTL2MtcXkD70TDxBzZK6YZjinrjJo0b9lyTsY831dErktY9iZrAYjtQfERJaEcUNmu4 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MzA3NzI4NDMzODgyNTA4MjgzMw&google_push=ATf1kGPzW1aIpwdzrLTkP56ptZByufTEkTL2MtcXkD70TDxBzZK6YZjinrjJo0b9lyTsY831dErktY9iZrAYjtQfERJaEcUNmu4

Request Chain 526

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEP09_xMxLuEy1QOYkHkW8iY&google_cver=1&google_push=ATf1kGMHxZwuZJG6-LK3WmGjTfRLOFEJjWcOEAT7Smsw0BMZaKkYUZa07xt2McLqaDUQHRmALoWI-Jhfh5g0Hu6Mg-zAtCkEapB5 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=QlBrtUaZQkiNweXBWkin6Q%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=ATf1kGMHxZwuZJG6-LK3WmGjTfRLOFEJjWcOEAT7Smsw0BMZaKkYUZa07xt2McLqaDUQHRmALoWI-Jhfh5g0Hu6Mg-zAtCkEapB5

Request Chain 527

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEN-Wvz70I8Y0JaBzvdTX2DY&google_cver=1&google_push=ATf1kGMUlyj1tAfslcJa30ZUz3DLKSqzlGSbdqHlXPwNC7GQqpoJv_OzdB58UD3IQpNppLjP8eOY7q0sA1I_m_ZJccAX7j540kT2 HTTP 302
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEN-Wvz70I8Y0JaBzvdTX2DY&google_hm=ZJu_HshRkwND67zR-rCKowAAFIoAAAIB&google_nid=index&google_push=ATf1kGMUlyj1tAfslcJa30ZUz3DLKSqzlGSbdqHlXPwNC7GQqpoJv_OzdB58UD3IQpNppLjP8eOY7q0sA1I_m_ZJccAX7j540kT2

Request Chain 528

https://ssbsync.smartadserver.com/api/sync?callerId=3&google_gid=CAESEKLsNc9JukXBPQp3gleGcfc&google_cver=1&google_push=ATf1kGNuikBSKCZZVW9uehL4Nsh62P-m-3pzdN7Slpv-W-L8WJ3IJ_3F9LOx6irjOHo8QIcQrjykIfo4JUXX0ZX9ZX23pqkJZfo HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_push=ATf1kGNuikBSKCZZVW9uehL4Nsh62P-m-3pzdN7Slpv-W-L8WJ3IJ_3F9LOx6irjOHo8QIcQrjykIfo4JUXX0ZX9ZX23pqkJZfo&google_hm=NDg1MTk3MDUxOTc3NzM3NDE4Nw%3D%3D

Request Chain 529

https://sync.inmobi.com/gob?google_gid=CAESEFVyuJY76B3goxKtlc6lO-w&google_cver=1&google_push=ATf1kGNHJqqF9nO9HCcwIjR4rdk0ccy4uirVPtJdeTHEIm5fHtRNT8Qo5m78ceGLCAbMYaNLhxhJFQ3YuDZqsgh_fVd-ovId-Z9f HTTP 302
https://id5-sync.com/i/495/0.gif?gdpr_consent=&gdpr=&callback=https%3A%2F%2Fsync.inmobi.com%2FgobRedirectFromId5%3Fid%3D%7BID5UID%7D%26google_push%3DATf1kGNHJqqF9nO9HCcwIjR4rdk0ccy4uirVPtJdeTHEIm5fHtRNT8Qo5m78ceGLCAbMYaNLhxhJFQ3YuDZqsgh_fVd-ovId-Z9f HTTP 302
https://id5-sync.com/c/495/0/0/1.gif?gdpr=0&gdpr_consent=&us_privacy= HTTP 302
https://sync.inmobi.com/gobRedirectFromId5?id=ID5-aafebufalghcuT5kWcNiCzLwjK8N9c83vzcs-uCDSw&google_push=ATf1kGNHJqqF9nO9HCcwIjR4rdk0ccy4uirVPtJdeTHEIm5fHtRNT8Qo5m78ceGLCAbMYaNLhxhJFQ3YuDZqsgh_fVd-ovId-Z9f HTTP 302
https://cm.g.doubleclick.net/pixel?google_hm=GLZkNWykUmBBtjzWoHXD&google_push=ATf1kGNHJqqF9nO9HCcwIjR4rdk0ccy4uirVPtJdeTHEIm5fHtRNT8Qo5m78ceGLCAbMYaNLhxhJFQ3YuDZqsgh_fVd-ovId-Z9f&google_nid=inmobi_new_eb

Request Chain 563

https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=16698&gdpr=0&us_privacy=1---&gdpr=0&us_privacy=1---&khaos=LJF93ZXG-28-F2IS HTTP 302
https://sync.taboola.com/sg/rubiconvideo-network/1/rtb-h/?taboola_hm=LJF93ZXG-28-F2IS&gdpr=0&us_privacy=1---

Request Chain 566

https://c1.adform.net/serving/cookie/match?party=14&cid=42506BB5-4699-4248-8DC1-E5C15A48A7E9&gdpr=0&gdpr_consent= HTTP 302
https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=42506BB5-4699-4248-8DC1-E5C15A48A7E9&gdpr=0&gdpr_consent=

Request Chain 567

https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent= HTTP 302
https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=&_test=ZJu-IQAAAOpvzgAz

Request Chain 569

https://cm-supply-web.gammaplatform.com/adx/usersyncsupply?pid=7&t=pixel HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTkmdGw9NDMyMDA=&piggybackCookie=1vda61ii92um

Request Chain 571

https://csync.loopme.me/?pubid=11331&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={viewer_token} HTTP 307
https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}

Request Chain 572

https://ad.mrtnsvr.com/sync/pubmatic?gdpr=0&gdpr_consent= HTTP 302
https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0NTgmdGw9MTI5NjAw%26piggybackCookie%3D%23PM_USER_ID%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTgmdGw9MTI5NjAw&piggybackCookie=42506BB5-4699-4248-8DC1-E5C15A48A7E9&gdpr=0&gdpr_consent=

Request Chain 575

https://green.erne.co/pubmatic/cm?gdpr=0&gdpr_consent= HTTP 302
https://pixel-eu.onaudience.com/?partner=270&smartmap=1&gdpr=0&gdpr_consent=&redirect=image2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%26piggybackCookie%3D%25_rid%26gdpr%3D0%26gdpr_consent%3D%25_gdpr_consent HTTP 302
https://sync.crwdcntrl.net/map/c=14544/tp=BIDB/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel-eu.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%24%7Bgdpr%7D%26redirect%3Dhttps%253A%252F%252Fimage2.pubmatic.com%252FAdServer%252FPug%253Fvcode%253Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%2526piggybackCookie%253DkODCF8PznWTjaaXagQbhTSbM%2526gdpr%253D0%2526gdpr_consent%253D HTTP 302
https://pixel-eu.onaudience.com/?partner=104&icm&cver&mapped=7b6ef12cee5319d15451f11f38c32124&gdpr=0&redirect=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%26piggybackCookie%3DkODCF8PznWTjaaXagQbhTSbM%26gdpr%3D0%26gdpr_consent%3D HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=kODCF8PznWTjaaXagQbhTSbM&gdpr=0&gdpr_consent=

Request Chain 576

https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent= HTTP 302
https://sync.1rx.io/usersync2/pubmatic?zcc=1&cb=1687928611380 HTTP 302
https://ad.turn.com/r/cs?pid=45&rndcb=2215955616 HTTP 302
https://sync.1rx.io/usersync/turn/8328107424253339475?dspret=1&gdpr=&gdpr_consent=&us_privacy= HTTP 302
https://sync.targeting.unrulymedia.com/csync/RX-605987e8-8e92-48ec-9109-eef3cab2fa93-003?redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA%3D%26piggybackCookie%3DRX-605987e8-8e92-48ec-9109-eef3cab2fa93-003 HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-605987e8-8e92-48ec-9109-eef3cab2fa93-003

Request Chain 578

https://um.simpli.fi/pm_match?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:7E612F18E5434AC5AE4AC517E1E74AFD&gdpr=0&gdpr_consent=

Request Chain 580

https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=42506BB5-4699-4248-8DC1-E5C15A48A7E9&sInitiator=external&gdpr=0&gdpr_consent= HTTP 302
https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=42506BB5-4699-4248-8DC1-E5C15A48A7E9&sInitiator=external&gdpr=0&gdpr_consent=

Request Chain 581

https://pixel.onaudience.com/?partner=214&mapped=42506BB5-4699-4248-8DC1-E5C15A48A7E9&gdpr=0&gdpr_consent= HTTP 302
https://spl.zeotap.com/?zdid=1332&zcluid=e771f140bf994c89 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=c52fb549-65d1-45c5-7fa5-4f344063ed70&reqId=e7fe82a3-59f9-4db7-50a6-c965b693822a&zcluid=e771f140bf994c89&zdid=1332 HTTP 302
https://mwzeom.zeotap.com/mw?google_gid=CAESEGhLOFf2sfMf27h94KX0hpY&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=c52fb549-65d1-45c5-7fa5-4f344063ed70&reqId=e7fe82a3-59f9-4db7-50a6-c965b693822a&zcluid=e771f140bf994c89&zdid=1332

Request Chain 582

https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent= HTTP 302
https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=3&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=eaf7987f-1ab0-414f-a31f-66e7537a6763-649bbf24-4745&gdpr=0&gdpr_consent=

Request Chain 583

https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:7fef221a-1c7d-4195-9178-8820603dd4c1&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw

Request Chain 584

https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=5765200872278922785

Request Chain 589

https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=42506BB5-4699-4248-8DC1-E5C15A48A7E9&sInitiator=external&gdpr=0&gdpr_consent= HTTP 302
https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=42506BB5-4699-4248-8DC1-E5C15A48A7E9&sInitiator=external&gdpr=0&gdpr_consent=

Request Chain 590

https://pixel.onaudience.com/?partner=214&mapped=42506BB5-4699-4248-8DC1-E5C15A48A7E9&gdpr=0&gdpr_consent= HTTP 302
https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=33487fbd3a089494/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%24%7Bgdpr%7D HTTP 302
https://pixel.onaudience.com/?partner=104&icm&cver&mapped=7b6ef12cee5319d15451f11f38c32124&gdpr=0 HTTP 302
https://pixel.onaudience.com/?partner=282&icm&cver&gdpr=0&smartmap=1&redirect=stags.bluekai.com%2Fsite%2F52799%3Fid%3D%25m HTTP 302
https://stags.bluekai.com/site/52799?id=8accbb1a521eef32

Request Chain 591

https://c1.adform.net/serving/cookie/match?party=14&cid=42506BB5-4699-4248-8DC1-E5C15A48A7E9&gdpr=0&gdpr_consent= HTTP 302
https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=42506BB5-4699-4248-8DC1-E5C15A48A7E9&gdpr=0&gdpr_consent=

Request Chain 592

https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent= HTTP 302
https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=3&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=eaf7987f-1ab0-414f-a31f-66e7537a6763-649bbf24-4745&gdpr=0&gdpr_consent=

Request Chain 593

https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent= HTTP 302
https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=&_test=ZJu-IQAVD0uuqQBL

Request Chain 595

https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:4c257309-1168-4e9c-a40b-942a7ed9cc59&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw

Request Chain 596

https://cm-supply-web.gammaplatform.com/adx/usersyncsupply?pid=7&t=pixel HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTkmdGw9NDMyMDA=&piggybackCookie=pcntjmjbmkh9

Request Chain 598

https://csync.loopme.me/?pubid=11331&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={viewer_token} HTTP 307
https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}

Request Chain 599

https://ad.mrtnsvr.com/sync/pubmatic?gdpr=0&gdpr_consent= HTTP 302
https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0NTgmdGw9MTI5NjAw%26piggybackCookie%3D%23PM_USER_ID%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTgmdGw9MTI5NjAw&piggybackCookie=42506BB5-4699-4248-8DC1-E5C15A48A7E9&gdpr=0&gdpr_consent=

Request Chain 602

https://green.erne.co/pubmatic/cm?gdpr=0&gdpr_consent= HTTP 302
https://pixel-eu.onaudience.com/?partner=270&smartmap=1&gdpr=0&gdpr_consent=&redirect=image2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%26piggybackCookie%3D%25_rid%26gdpr%3D0%26gdpr_consent%3D%25_gdpr_consent HTTP 302
https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=6870c14f802cf9ad/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel-eu.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%24%7Bgdpr%7D%26redirect%3Dhttps%253A%252F%252Fimage2.pubmatic.com%252FAdServer%252FPug%253Fvcode%253Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%2526piggybackCookie%253DH1I2i050USTajbWMSaXjMRgQ%2526gdpr%253D0%2526gdpr_consent%253D HTTP 302
https://pixel-eu.onaudience.com/?partner=104&icm&cver&mapped=7b6ef12cee5319d15451f11f38c32124&gdpr=0&redirect=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%26piggybackCookie%3DH1I2i050USTajbWMSaXjMRgQ%26gdpr%3D0%26gdpr_consent%3D HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=H1I2i050USTajbWMSaXjMRgQ&gdpr=0&gdpr_consent=

Request Chain 603

https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent= HTTP 302
https://sync.1rx.io/usersync2/pubmatic?zcc=1&cb=1687928611381 HTTP 302
https://ad.turn.com/r/cs?pid=45&rndcb=3494956149 HTTP 302
https://sync.1rx.io/usersync/turn/8328107424253339475?dspret=1&gdpr=&gdpr_consent=&us_privacy= HTTP 302
https://sync.targeting.unrulymedia.com/csync/RX-605987e8-8e92-48ec-9109-eef3cab2fa93-003?redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA%3D%26piggybackCookie%3DRX-605987e8-8e92-48ec-9109-eef3cab2fa93-003 HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-605987e8-8e92-48ec-9109-eef3cab2fa93-003

Request Chain 605

https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=5765200872278922785

Request Chain 606

https://um.simpli.fi/pm_match?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:7E612F18E5434AC5AE4AC517E1E74AFD&gdpr=0&gdpr_consent=

Request Chain 608

https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=42506BB5-4699-4248-8DC1-E5C15A48A7E9&sInitiator=external&gdpr=0&gdpr_consent= HTTP 302
https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=42506BB5-4699-4248-8DC1-E5C15A48A7E9&sInitiator=external&gdpr=0&gdpr_consent=

Request Chain 609

https://pixel.onaudience.com/?partner=214&mapped=42506BB5-4699-4248-8DC1-E5C15A48A7E9&gdpr=0&gdpr_consent= HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=0 HTTP 302
https://pixel.onaudience.com/?partner=147&mapped=afa44a28-be32-4884-b7e2-2e84609cee3b&icm&gdpr=0&gdpr_consent=&cver

Request Chain 610

https://c1.adform.net/serving/cookie/match?party=14&cid=42506BB5-4699-4248-8DC1-E5C15A48A7E9&gdpr=0&gdpr_consent= HTTP 302
https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=42506BB5-4699-4248-8DC1-E5C15A48A7E9&gdpr=0&gdpr_consent=

Request Chain 611

https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent= HTTP 302
https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=3&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=eaf7987f-1ab0-414f-a31f-66e7537a6763-649bbf24-4745&gdpr=0&gdpr_consent=

Request Chain 612

https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent= HTTP 302
https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=&_test=ZJu-IQADG4Fv3AAz

Request Chain 614

https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:945e7e9f-6780-4798-a233-349853bec454&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw

Request Chain 615

https://cm-supply-web.gammaplatform.com/adx/usersyncsupply?pid=7&t=pixel HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTkmdGw9NDMyMDA=&piggybackCookie=6jn4bzc6a1r8

Request Chain 617

https://csync.loopme.me/?pubid=11331&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={viewer_token} HTTP 307
https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}

Request Chain 618

https://ad.mrtnsvr.com/sync/pubmatic?gdpr=0&gdpr_consent= HTTP 302
https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0NTgmdGw9MTI5NjAw%26piggybackCookie%3D%23PM_USER_ID%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTgmdGw9MTI5NjAw&piggybackCookie=42506BB5-4699-4248-8DC1-E5C15A48A7E9&gdpr=0&gdpr_consent=

Request Chain 621

https://green.erne.co/pubmatic/cm?gdpr=0&gdpr_consent= HTTP 302
https://pixel-eu.onaudience.com/?partner=270&smartmap=1&gdpr=0&gdpr_consent=&redirect=image2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%26piggybackCookie%3D%25_rid%26gdpr%3D0%26gdpr_consent%3D%25_gdpr_consent HTTP 302
https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=e771f140bf994c89/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel-eu.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%24%7Bgdpr%7D%26redirect%3Dhttps%253A%252F%252Fimage2.pubmatic.com%252FAdServer%252FPug%253Fvcode%253Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%2526piggybackCookie%253DkODCF8PznTTbMbWahMRRWjSR%2526gdpr%253D0%2526gdpr_consent%253D HTTP 302
https://pixel-eu.onaudience.com/?partner=104&icm&cver&mapped=7b6ef12cee5319d15451f11f38c32124&gdpr=0&redirect=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%26piggybackCookie%3DkODCF8PznTTbMbWahMRRWjSR%26gdpr%3D0%26gdpr_consent%3D HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=kODCF8PznTTbMbWahMRRWjSR&gdpr=0&gdpr_consent=

Request Chain 622

https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent= HTTP 302
https://sync.1rx.io/usersync2/pubmatic?zcc=1&cb=1687928611383 HTTP 302
https://ad.turn.com/r/cs?pid=45&rndcb=6574296872 HTTP 302
https://sync.1rx.io/usersync/turn/8328107424253339475?dspret=1&gdpr=&gdpr_consent=&us_privacy= HTTP 302
https://sync.targeting.unrulymedia.com/csync/RX-605987e8-8e92-48ec-9109-eef3cab2fa93-003?redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA%3D%26piggybackCookie%3DRX-605987e8-8e92-48ec-9109-eef3cab2fa93-003 HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-605987e8-8e92-48ec-9109-eef3cab2fa93-003

Request Chain 624

https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=5765200872278922785

Request Chain 625

https://um.simpli.fi/pm_match?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:7E612F18E5434AC5AE4AC517E1E74AFD&gdpr=0&gdpr_consent=

Request Chain 626

https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&gdpr=0&us_privacy=1--- HTTP 302
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=IxIjEy7_Q8WHcu4LTs9efA&rk=usync-na&gdpr=0 HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=IxIjEy7_Q8WHcu4LTs9efA&gdpr=0

Request Chain 627

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc&gdpr=0&us_privacy=1--- HTTP 302
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&gdpr=0&put=CAESEPPRg9EuE1JnBKjtGTCB51U&google_cver=1

Request Chain 628

https://match.adsrvr.org/track/cmf/rubicon?gdpr=0&us_privacy=1--- HTTP 302
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=afa44a28-be32-4884-b7e2-2e84609cee3b&gdpr=0&gdpr_consent=&expires=30

Request Chain 629

https://token.rubiconproject.com/token?pid=25470&gdpr=0&us_privacy=1--- HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TEpGOTNaWEctMjgtRjJJUw==&gdpr=0&us_privacy=1--- HTTP 302
https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&gdpr=0&google_gid=CAESEPij_7ps0vEWwEWFMPWvTCA&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEpGOTNaWEctMjgtRjJJUw==&google_push=&gdpr=0

Request Chain 630

https://token.rubiconproject.com/token?pid=2974&pt=n&a=1&gdpr=0&us_privacy=1--- HTTP 302
https://pr-bh.ybp.yahoo.com/sync/rubicon/WqkqBYON2K9GtHsAnkoCHMn5EUdSAgOZEtemQ7w0kco?csrc=&gdpr=0&us_privacy=1--- HTTP 302
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-N09JKepE2oLznC4QI8ACEJEMuajDuY.Pujzjyw--~A

Request Chain 631

https://token.rubiconproject.com/token?pid=2249&pt=n&gdpr=0&us_privacy=1--- HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NWI2YjkxNGRmYTBlMjI0ZmU4MGY1OWYwYmYzMGRlMGM4NTNlYTg1OA&gdpr=0&us_privacy=1---

Request Chain 632

https://token.rubiconproject.com/token?pid=36584&gdpr=0&us_privacy=1--- HTTP 302
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LJF93ZXG-28-F2IS&gdpr=0&us_privacy=1---

Request Chain 633

https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&gdpr=0&us_privacy=1--- HTTP 302
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=eBbUyhMLRyucVzYCTzwr3w&rk=usync-other&gdpr=0 HTTP 302
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=eBbUyhMLRyucVzYCTzwr3w&gdpr=0

Request Chain 671

https://cms.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=0 HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=Z0JnNzMQbzF8QztkZkRzNjBPamN8RmgxZhJSkwxs

Request Chain 672

https://c1.adform.net/serving/cookie/match?party=22 HTTP 302
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=3077284338825082833

Request Chain 673

https://match.adsrvr.org/track/cmf/openx?oxid=2c25c854-2381-732d-e578-d73ebb816a59&gdpr=0 HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072971&val=afa44a28-be32-4884-b7e2-2e84609cee3b&ttd_puid=2c25c854-2381-732d-e578-d73ebb816a59&gdpr=0&gdpr_consent=

Request Chain 675

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEN2_CPu3xg6JeABO2fdypvY&google_cver=1

673 HTTP transactions
7 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request / Show response
www.sanook.com/women/220941/
Redirect Chain

https://www.sanook.com/home/25321/
https://www.sanook.com/women/220941/

273 KB
47 KB

488ms
488ms

Document
text/html

203.151.130.56
INET-TH-AS Intern...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.sanook.com/women/220941/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

203.151.130.56 Mueang Samut Prakan, Thailand, ASN4618 (INET-TH-AS Internet Thailand Company Limited, TH),

Reverse DNS

56.130.151.203.sta.inet.co.th

Software

nginx /

Resource Hash

b3ca470a6724c90a285f54fb02ef9b78ea730ef4fc5f7bad035f10ccf0c43faf

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains;

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: ka-GE,ka;q=0.9

Response headers

Cache-Control: public, s-maxage=15, max-age=5, must-revalidate
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html; charset=utf-8
Date: Wed, 28 Jun 2023 05:03:17 GMT
Proxy-Cache-Status: MISS
SN-Cache-Status: HIT
Server: nginx
Strict-Transport-Security: max-age=15724800; includeSubDomains;
Transfer-Encoding: chunked
Vary: Accept-Encoding User-Agent
X-Cache-Status: MISS
X-Ua-Device: desktop
X-Ua-Exp: notset
X-Ua-Key: cover_display
X-Ua-Type: human

Redirect headers

Cache-Control: public, s-maxage=15, max-age=5, must-revalidate
Connection: keep-alive
Content-Length: 58
Content-Type: text/plain; charset=utf-8
Date: Wed, 28 Jun 2023 05:03:17 GMT
Location: https://www.sanook.com/women/220941/
Proxy-Cache-Status: MISS
SN-Cache-Status: HIT
Server: nginx
Strict-Transport-Security: max-age=15724800; includeSubDomains;
Vary: User-Agent, Accept-Encoding
X-Cache-Status: MISS
X-Ua-Device: desktop
X-Ua-Exp: notset
X-Ua-Key: cover_display
X-Ua-Type: human

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 225 KB
73 KB 417ms
148ms Script
application/javascript 142.250.185.168
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-PNXLXRS

Requested by

Host: www.sanook.com
URL: https://www.sanook.com/women/220941/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.168 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

4da184569357566a9c9ed2eb6c8e143f4bef95e9ac567d72df5e31ee47d2b351

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 05:03:18 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 74580
x-xss-protection: 0
last-modified: Wed, 28 Jun 2023 03:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 28 Jun 2023 05:03:18 GMT

GET
H2 200 d0004449.js Show response
lvs2.truehits.in.th/dataa/ 9 KB
9 KB 954ms
326ms Script
application/x-javascript 203.154.58.214
INET-TH-AS Intern...

General

Check archive.org

Show headers Download Go to

Full URL: https://lvs2.truehits.in.th/dataa/d0004449.js
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/women/220941/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 203.154.58.214 , Thailand, ASN4618 (INET-TH-AS Internet Thailand Company Limited, TH),
Reverse DNS: 203-154-58-214.northern.inet.co.th
Software: nginx/1.23.3 /
Resource Hash: 383e7de5472fa0805511cb92ecfed5a182c010d7fc2d4c8da059ba0426194d33

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 05:03:18 GMT
last-modified: Thu, 22 Jun 2023 07:02:00 GMT
server: nginx/1.23.3
p3p: CP=NOI DSP COR NID ADMa OUR IND NAV; policyref="/w3c/p3p.xml"
content-type: application/x-javascript
cache-control: max-age=604800
content-length: 8719
expires: Wed, 5 Jul 2023 5:03:18 GMT

GET
H/1.1 200
OK a102.js Show response
sal.isanook.com/js/ 23 KB
24 KB 1877ms
328ms Script
application/javascript 61.91.94.165
TRUEINTERNET-AS-A...

General

Check archive.org

Show headers Download Go to

Full URL: https://sal.isanook.com/js/a102.js
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/women/220941/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 61.91.94.165 Bangkok, Thailand, ASN7470 (TRUEINTERNET-AS-AP TRUE INTERNET Co.,Ltd., TH),
Reverse DNS: 61-91-94-165.static.asianet.co.th
Software: nginx /
Resource Hash: 65a2c51a124c9c70ba2658a101e28c00535c64651897577b2ed90693e9aeabd4

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 28 Jun 2023 05:03:20 GMT
Last-Modified: Mon, 10 Aug 2020 09:23:14 GMT
Server: nginx
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 24035
Expires: Fri, 28 Jul 2023 05:03:20 GMT

GET
H2 200 pubmatic_desktop.1.0.0.js Show response
s.isanook.com/sh/0/js/ 1 KB
747 B 1114ms
280ms Script
application/javascript 43.152.44.81
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to

Full URL: https://s.isanook.com/sh/0/js/pubmatic_desktop.1.0.0.js
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/women/220941/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 43.152.44.81 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: Lego Server /
Resource Hash: f5c2cea9fb4541a86979fdf18bb69f11555678d14a9d0b9be1758b65d180553b

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 08 Apr 2023 12:24:14 GMT
content-encoding: gzip
x-cache-lookup: Cache Hit
x-original-content-length: 1087
server: Lego Server
age: 22075
etag: W/"5afbec11-43f"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000, s-maxage=10
x-nws-log-uuid: 1225809181094425307
accept-ranges: bytes
content-length: 550
expires: Mon, 08 May 2023 12:24:14 GMT

GET
H2 200 publishertag.js Show response
static.criteo.net/js/ld/ 126 KB
41 KB 484ms
205ms Script
text/javascript 178.250.7.2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.js

Requested by

Host: www.sanook.com
URL: https://www.sanook.com/women/220941/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.7.2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

ce42adf01899c970e7e1791dc9c4665f8307e40bc6dc1dc7fd20041b8f5f44a6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 05:03:18 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 31 May 2023 13:09:50 GMT
server: nginx
etag: W/"6477471e-1f8af"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 29 Jun 2023 05:03:18 GMT

GET
H2 200 beacon.v1.js Show response
p3.isanook.com/sh/0/js/ 375 B
465 B 1536ms
201ms Script
application/javascript 43.152.44.81
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to

Full URL: https://p3.isanook.com/sh/0/js/beacon.v1.js
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/women/220941/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 43.152.44.81 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: Lego Server /
Resource Hash: 5b0a1c9fa55b83f6c2baabc1ff99f48a43294126d03299226c166fb461520305

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 06 Jun 2023 18:15:33 GMT
content-encoding: gzip
x-cache-lookup: Cache Hit
last-modified: Thu, 28 Nov 2013 06:56:15 GMT
server: Lego Server
age: 749732
etag: "5296e90f-177"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000, s-maxage=10
x-nws-log-uuid: 16376570560967153577
accept-ranges: bytes
content-length: 266
expires: Tue, 06 Jun 2023 18:15:34 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 170 KB
47 KB 397ms
131ms Script
application/x-javascript 157.240.251.9
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.sanook.com
URL: https://www.sanook.com/women/220941/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

157.240.251.9 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-fra5.fbcdn.net

Software

Resource Hash

ab8666c9c5f434bb652bf6ee88cb6ff9e51b120c0c38648fd3352168bcb96dae

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Wed, 28 Jun 2023 05:03:18 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 46730
x-xss-protection: 0
pragma: public
x-fb-debug: 4caDmrOzgavNYdR14V9iWPEMpLJxhE2U+AHWpFgXEhji/FLXS+pPmnJRiaEpqMfIufCzMBFVe8bRk/Y/6Z/FCg==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 bc1a5e788a33746f4adc.css
s.isanook.com/sr/0/_next/static/css/ 42 KB
9 KB 1300ms
131ms Stylesheet
text/css 43.152.44.81
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to

Full URL: https://s.isanook.com/sr/0/_next/static/css/bc1a5e788a33746f4adc.css
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/women/220941/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 43.152.44.81 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: Lego Server /
Resource Hash: 63f76efdf34dcee17d568b373f3b6616322a133cf8299dec72a3f9e74789e363

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Jun 2023 15:38:17 GMT
content-encoding: gzip
x-cache-lookup: Cache Hit
last-modified: Tue, 06 Jun 2023 09:43:57 GMT
server: Lego Server
age: 125900
etag: W/"647effdd-a6ad"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=2592000, s-maxage=10
x-nws-log-uuid: 14198767024097455096
accept-ranges: bytes
content-length: 8901
expires: Fri, 07 Jul 2023 15:38:17 GMT

GET
H2 200 1216-75cdf64a6bee3b4a0f08.js Show response
s.isanook.com/sr/0/_next/static/chunks/ 7 KB
3 KB 1115ms
281ms Script
application/javascript 43.152.44.81
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to

Full URL: https://s.isanook.com/sr/0/_next/static/chunks/1216-75cdf64a6bee3b4a0f08.js
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/women/220941/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 43.152.44.81 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: Lego Server /
Resource Hash: c874f708f5b975cd971bc4b89f3a432a46121a549273f79c0e1363ef54001157

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 12 Jun 2023 17:51:57 GMT
content-encoding: gzip
x-cache-lookup: Cache Hit
last-modified: Mon, 12 Jun 2023 09:36:44 GMT
server: Lego Server
age: 0
etag: W/"6486e72c-1ad7"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000, s-maxage=10
x-nws-log-uuid: 9531813024031119092
accept-ranges: bytes
content-length: 2537
expires: Wed, 12 Jul 2023 17:51:57 GMT

GET
H2 200 617-5cad0d06573dab8c8b0a.js Show response
s.isanook.com/sr/0/_next/static/chunks/ 16 KB
5 KB 1114ms
281ms Script
application/javascript 43.152.44.81
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to

Full URL: https://s.isanook.com/sr/0/_next/static/chunks/617-5cad0d06573dab8c8b0a.js
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/women/220941/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 43.152.44.81 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: Lego Server /
Resource Hash: 68551662722fe4ed510f4d33fd3aee3dea77c47dff7584e8c50d1dc9241f22df

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Jun 2023 16:58:11 GMT
content-encoding: gzip
x-cache-lookup: Cache Hit
last-modified: Fri, 23 Jun 2023 02:33:36 GMT
server: Lego Server
age: 0
etag: W/"64950480-3fa3"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000, s-maxage=10
x-nws-log-uuid: 13617961918211904849
accept-ranges: bytes
content-length: 4725
expires: Wed, 26 Jul 2023 16:58:11 GMT

GET
H2 200 5886-0250f3a1d32ffcdd3e37.js Show response
s.isanook.com/sr/0/_next/static/chunks/ 80 KB
26 KB 1113ms
280ms Script
application/javascript 43.152.44.81
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to

Full URL: https://s.isanook.com/sr/0/_next/static/chunks/5886-0250f3a1d32ffcdd3e37.js
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/women/220941/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 43.152.44.81 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: Lego Server /
Resource Hash: 0efc2b3150feea54abc6285d834aaea36661ffd5acb56047656748c731d12330

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Jun 2023 05:04:21 GMT
content-encoding: gzip
x-cache-lookup: Cache Hit
last-modified: Tue, 13 Jun 2023 06:22:49 GMT
server: Lego Server
age: 0
etag: W/"64880b39-14109"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000, s-maxage=10
x-nws-log-uuid: 12599163509360972319
accept-ranges: bytes
content-length: 26131
expires: Fri, 14 Jul 2023 05:04:21 GMT

GET
H2 200 5616-5f8425f3631c502b5b56.js Show response
s.isanook.com/sr/0/_next/static/chunks/ 9 KB
3 KB 891ms
281ms Script
application/javascript 43.152.44.81
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to

Full URL: https://s.isanook.com/sr/0/_next/static/chunks/5616-5f8425f3631c502b5b56.js
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/women/220941/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 43.152.44.81 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: Lego Server /
Resource Hash: be670c3d3cc9021e3e244a863bd36f5c685a09f46cffefdb930b9fefee0fec0e

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Jun 2023 07:45:52 GMT
content-encoding: gzip
x-cache-lookup: Cache Hit
last-modified: Fri, 23 Jun 2023 02:33:35 GMT
server: Lego Server
age: 0
etag: "6495047f-2370"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000, s-maxage=10
x-nws-log-uuid: 11827678868317380231
accept-ranges: bytes
content-length: 3081
expires: Wed, 26 Jul 2023 07:45:52 GMT

GET
H2 200 4883-eaa47998e430c5efe9d8.js Show response
s.isanook.com/sr/0/_next/static/chunks/ 80 KB
23 KB 222ms
215ms Script
application/javascript 43.152.44.81
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to

Full URL: https://s.isanook.com/sr/0/_next/static/chunks/4883-eaa47998e430c5efe9d8.js
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/women/220941/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 43.152.44.81 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: Lego Server /
Resource Hash: 661b4395fdf6481afb7d43aab2fb0eb3eee2a2c8efe620a6a8ccccf01bcd90c5

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Jun 2023 03:15:14 GMT
content-encoding: gzip
x-cache-lookup: Cache Hit
last-modified: Thu, 08 Jun 2023 02:37:40 GMT
server: Lego Server
age: 96315
etag: W/"64813ef4-13e58"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000, s-maxage=10
x-nws-log-uuid: 3140994641722184573
accept-ranges: bytes
content-length: 23540
expires: Sat, 08 Jul 2023 03:15:14 GMT

GET
H2 200 5884-96c7c5b8d105dc707520.js Show response
s.isanook.com/sr/0/_next/static/chunks/ 13 KB
4 KB 364ms
357ms Script
application/javascript 43.152.44.81
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to

Full URL: https://s.isanook.com/sr/0/_next/static/chunks/5884-96c7c5b8d105dc707520.js
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/women/220941/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 43.152.44.81 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: Lego Server /
Resource Hash: 5c360f4a08727f0dbb9b0452830cb058ff02f8bd09d8e775bfc267655374e186

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Jun 2023 06:43:49 GMT
content-encoding: gzip
x-cache-lookup: Cache Hit
last-modified: Tue, 13 Jun 2023 06:22:49 GMT
server: Lego Server
age: 12835
etag: W/"64880b39-35e4"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000, s-maxage=10
x-nws-log-uuid: 16214104791173593835
accept-ranges: bytes
content-length: 4354
expires: Fri, 14 Jul 2023 06:43:49 GMT

GET
H2 200 7904.67e2aa2dfa45ebf80dcc.js Show response
s.isanook.com/sr/0/_next/static/chunks/ 10 KB
4 KB 221ms
215ms Script
application/javascript 43.152.44.81
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to

Full URL: https://s.isanook.com/sr/0/_next/static/chunks/7904.67e2aa2dfa45ebf80dcc.js
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/women/220941/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 43.152.44.81 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: Lego Server /
Resource Hash: f1e3d93c70524fde72b4aa58a5581719ed2953f8fc64ec5a103bea40fc11fee5

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 23 Jun 2023 02:52:26 GMT
content-encoding: gzip
x-cache-lookup: Cache Hit
last-modified: Fri, 23 Jun 2023 02:33:35 GMT
server: Lego Server
age: 0
etag: W/"6495047f-265c"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000, s-maxage=10
x-nws-log-uuid: 10884827576550150227
accept-ranges: bytes
content-length: 3486
expires: Sun, 23 Jul 2023 02:52:26 GMT

GET
H2 200 2182-c812998b9bfd40b7bc57.js Show response
s.isanook.com/sr/0/_next/static/chunks/ 14 KB
3 KB 222ms
215ms Script
application/javascript 43.152.44.81
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to

Full URL: https://s.isanook.com/sr/0/_next/static/chunks/2182-c812998b9bfd40b7bc57.js
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/women/220941/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 43.152.44.81 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: Lego Server /
Resource Hash: 9ccdbec9e927128d190882fdc2b16952ae59a95bfe6f179416ecd98d4aeef7ea

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 09:46:15 GMT
content-encoding: gzip
x-cache-lookup: Cache Hit
last-modified: Thu, 18 May 2023 02:38:19 GMT
server: Lego Server
age: 1564327
etag: W/"64658f9b-39ae"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000
x-nws-log-uuid: 16078931909147322093
accept-ranges: bytes
content-length: 3109
expires: Sat, 17 Jun 2023 07:14:09 GMT

GET
H2 200 7634-9c48588a06a20cc2cfaa.js Show response
s.isanook.com/sr/0/_next/static/chunks/ 14 KB
3 KB 222ms
216ms Script
application/javascript 43.152.44.81
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to

Full URL: https://s.isanook.com/sr/0/_next/static/chunks/7634-9c48588a06a20cc2cfaa.js
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/women/220941/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 43.152.44.81 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: Lego Server /
Resource Hash: 696ebff2f6fb069f9f94ffe87bf3afc534a4dc68dee592c312549170a6e0e9d2

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 04 Jun 2023 15:24:39 GMT
content-encoding: gzip
x-cache-lookup: Cache Hit
last-modified: Wed, 31 May 2023 10:37:53 GMT
server: Lego Server
age: 0
etag: "64772381-371e"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000, s-maxage=10
x-nws-log-uuid: 12709569769523403631
accept-ranges: bytes
content-length: 2599
expires: Tue, 04 Jul 2023 15:24:39 GMT

GET
H2 200 1574-49fbeedfa20dd915de79.js Show response
s.isanook.com/sr/0/_next/static/chunks/ 17 KB
4 KB 222ms
216ms Script
application/javascript 43.152.44.81
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to

Full URL: https://s.isanook.com/sr/0/_next/static/chunks/1574-49fbeedfa20dd915de79.js
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/women/220941/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 43.152.44.81 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: Lego Server /
Resource Hash: 3009935cba76944c4d42291b3db5c07f521b3b4e80ffac3295ce76fb57d52d91

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 30 May 2023 02:45:41 GMT
content-encoding: gzip
x-cache-lookup: Cache Hit
x-original-content-length: 17912
server: Lego Server
age: 0
etag: W/"6475623c-45f8"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000, s-maxage=10
x-nws-log-uuid: 6975059985304920292
accept-ranges: bytes
content-length: 3881
expires: Thu, 29 Jun 2023 02:45:41 GMT

GET
H2 200 6584-447a1b16d42a2945b19a.js Show response
s.isanook.com/sr/0/_next/static/chunks/ 20 KB
5 KB 223ms
217ms Script
application/javascript 43.152.44.81
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to

Full URL: https://s.isanook.com/sr/0/_next/static/chunks/6584-447a1b16d42a2945b19a.js
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/women/220941/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 43.152.44.81 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: Lego Server /
Resource Hash: 6f51d2ba38480066c4deff4b8d84389d977c9e39d852160a3d8c21f5bf70ef58

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 03 Jun 2023 15:08:20 GMT
content-encoding: gzip
x-cache-lookup: Cache Hit
last-modified: Wed, 31 May 2023 10:37:53 GMT
server: Lego Server
age: 0
etag: W/"64772381-4e14"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000, s-maxage=10
x-nws-log-uuid: 1901018682210819532
accept-ranges: bytes
content-length: 4860
expires: Mon, 03 Jul 2023 15:08:20 GMT

GET
H2 200 930-d28b6a360e225517874b.js Show response
s.isanook.com/sr/0/_next/static/chunks/ 51 KB
9 KB 223ms
217ms Script
application/javascript 43.152.44.81
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to

Full URL: https://s.isanook.com/sr/0/_next/static/chunks/930-d28b6a360e225517874b.js
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/women/220941/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 43.152.44.81 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: Lego Server /
Resource Hash: 0dd8fc60dd2b16b2caa3910eb6e7f9f539f749e895ae41c101fa2c3d6d7106d7

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 30 May 2023 02:45:41 GMT
content-encoding: gzip
x-cache-lookup: Cache Hit
last-modified: Tue, 30 May 2023 02:41:00 GMT
server: Lego Server
age: 0
etag: W/"6475623c-cb98"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000, s-maxage=10
x-nws-log-uuid: 234968925246407912
accept-ranges: bytes
content-length: 8649
expires: Thu, 29 Jun 2023 02:45:41 GMT

GET
H2 200 7227-51d632e8e233a60727f0.js Show response
s.isanook.com/sr/0/_next/static/chunks/ 36 KB
8 KB 223ms
217ms Script
application/javascript 43.152.44.81
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to

Full URL: https://s.isanook.com/sr/0/_next/static/chunks/7227-51d632e8e233a60727f0.js
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/women/220941/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 43.152.44.81 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: Lego Server /
Resource Hash: d27a8af1af6f6d6e1e029e12eccb095a262be96563c9a42f96622593ee5a1a17

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 16:14:20 GMT
content-encoding: gzip
x-cache-lookup: Cache Hit
last-modified: Wed, 31 May 2023 10:37:53 GMT
server: Lego Server
age: 0
etag: W/"64772381-8fb8"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000
x-nws-log-uuid: 10428867647245075070
accept-ranges: bytes
content-length: 8299
expires: Mon, 05 Jun 2023 16:14:31 GMT

GET
H2 200 8513-44b99275bec71ef8fa4b.js Show response
s.isanook.com/sr/0/_next/static/chunks/ 62 KB
10 KB 246ms
240ms Script
application/javascript 43.152.44.81
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to

Full URL: https://s.isanook.com/sr/0/_next/static/chunks/8513-44b99275bec71ef8fa4b.js
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/women/220941/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 43.152.44.81 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: Lego Server /
Resource Hash: 3ed6172c57461534660b5435664ff1a82c954872daf7c3e79edd7ac8d6e78436

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 04 Jun 2023 08:08:42 GMT
content-encoding: gzip
x-cache-lookup: Cache Hit
last-modified: Wed, 31 May 2023 10:37:52 GMT
server: Lego Server
age: 0
etag: W/"64772380-f890"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000, s-maxage=10
x-nws-log-uuid: 3800605839521892020
accept-ranges: bytes
content-length: 10456
expires: Tue, 04 Jul 2023 08:08:42 GMT

GET
H2 200 1341.1edfbe3884df9fec9e57.js Show response
s.isanook.com/sr/0/_next/static/chunks/ 183 KB
35 KB 224ms
217ms Script
application/javascript 43.152.44.81
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to

Full URL: https://s.isanook.com/sr/0/_next/static/chunks/1341.1edfbe3884df9fec9e57.js
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/women/220941/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 43.152.44.81 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: Lego Server /
Resource Hash: 868acca2855c9426e8ee404b075c5748bffdf548464fa4229b46eb7ddbe6130c

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 23 Jun 2023 04:05:07 GMT
content-encoding: gzip
x-cache-lookup: Cache Hit
last-modified: Fri, 23 Jun 2023 02:33:36 GMT
server: Lego Server
age: 0
etag: W/"64950480-2db32"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000, s-maxage=10
x-nws-log-uuid: 17381090074252328284
accept-ranges: bytes
content-length: 35457
expires: Sun, 23 Jul 2023 04:05:07 GMT

GET
H2 200 2043.be10e3e5f3854c874df3.js Show response
s.isanook.com/sr/0/_next/static/chunks/ 16 KB
4 KB 224ms
218ms Script
application/javascript 43.152.44.81
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to

Full URL: https://s.isanook.com/sr/0/_next/static/chunks/2043.be10e3e5f3854c874df3.js
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/women/220941/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 43.152.44.81 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: Lego Server /
Resource Hash: 7954a0d6f2c6dd81496228d5665194d0c0aa4c33e1516c79ba8db0b37b116f5b

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Jun 2023 14:58:20 GMT
content-encoding: gzip
x-cache-lookup: Cache Hit
last-modified: Tue, 27 Jun 2023 10:15:54 GMT
server: Lego Server
age: 0
etag: W/"649ab6da-4005"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000, s-maxage=10
x-nws-log-uuid: 13615857293322229698
accept-ranges: bytes
content-length: 3918
expires: Thu, 27 Jul 2023 14:58:20 GMT

GET
H2 200 1494.ee80947318c66a85d091.js Show response
s.isanook.com/sr/0/_next/static/chunks/ 191 KB
32 KB 246ms
240ms Script
application/javascript 43.152.44.81
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to

Full URL: https://s.isanook.com/sr/0/_next/static/chunks/1494.ee80947318c66a85d091.js
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/women/220941/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 43.152.44.81 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: Lego Server /
Resource Hash: ba6196c4a159b1b4c99756302bdf508b864a53e962b4c819fd5a8b2daa5f1149

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 23 Jun 2023 03:21:40 GMT
content-encoding: gzip
x-cache-lookup: Cache Hit
x-original-content-length: 195312
server: Lego Server
age: 0
etag: W/"64950480-2faf0"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-nws-log-uuid: 4050772296768357339
accept-ranges: bytes
content-length: 32236
expires: Sun, 23 Jul 2023 03:21:40 GMT

GET
H2 200 webpack-c785922bccc4816522cc.js Show response
s.isanook.com/sr/0/_next/static/chunks/ 9 KB
5 KB 224ms
218ms Script
application/javascript 43.152.44.81
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to

Full URL: https://s.isanook.com/sr/0/_next/static/chunks/webpack-c785922bccc4816522cc.js
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/women/220941/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 43.152.44.81 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: Lego Server /
Resource Hash: a687719cfe27e33b9d4c5dbf769cb12c0981fab940fd8a9e3ca78515e98e8ada

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Jun 2023 02:33:15 GMT
content-encoding: gzip
x-cache-lookup: Cache Hit
x-original-content-length: 9093
server: Lego Server
age: 0
etag: W/"649a498f-2385"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000, s-maxage=10
x-nws-log-uuid: 9252255831450902273
accept-ranges: bytes
content-length: 4521
expires: Thu, 27 Jul 2023 02:33:15 GMT

GET
H2 200 framework-bccd505f411f10b308c7.js Show response
s.isanook.com/sr/0/_next/static/chunks/ 147 KB
47 KB 246ms
240ms Script
application/javascript 43.152.44.81
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to

Full URL: https://s.isanook.com/sr/0/_next/static/chunks/framework-bccd505f411f10b308c7.js
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/women/220941/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 43.152.44.81 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: Lego Server /
Resource Hash: e16941500a7e562826092aa4e31a907a0c6e9354e4c843391cd3fdec33602bb1

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Jun 2023 11:03:08 GMT
content-encoding: gzip
x-cache-lookup: Cache Hit
last-modified: Tue, 27 Jun 2023 10:15:54 GMT
server: Lego Server
age: 0
etag: W/"649ab6da-24b58"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000, s-maxage=10
x-nws-log-uuid: 14953440686375709604
accept-ranges: bytes
content-length: 47794
expires: Thu, 27 Jul 2023 11:03:08 GMT

GET
H2 200 main-bcf4d111f618a82e6a4e.js Show response
s.isanook.com/sr/0/_next/static/chunks/ 75 KB
24 KB 246ms
240ms Script
application/javascript 43.152.44.81
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to

Full URL: https://s.isanook.com/sr/0/_next/static/chunks/main-bcf4d111f618a82e6a4e.js
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/women/220941/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 43.152.44.81 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: Lego Server /
Resource Hash: 1c4ab2f8971959b6a8e4375092eacd41007a97c2078e14af4dd43fdfea43bb6a

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Jun 2023 18:15:23 GMT
content-encoding: gzip
x-cache-lookup: Cache Hit
last-modified: Fri, 23 Jun 2023 02:33:36 GMT
server: Lego Server
age: 60953
etag: W/"64950480-12af2"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000, s-maxage=10
x-nws-log-uuid: 13758046168632319276
accept-ranges: bytes
content-length: 24854
expires: Mon, 26 Jun 2023 18:15:24 GMT

GET
H2 200 _app-dd35ddff6c3a8a09f528.js Show response
s.isanook.com/sr/0/_next/static/chunks/pages/ 556 KB
152 KB 246ms
240ms Script
application/javascript 43.152.44.81
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to

Full URL: https://s.isanook.com/sr/0/_next/static/chunks/pages/_app-dd35ddff6c3a8a09f528.js
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/women/220941/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 43.152.44.81 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: Lego Server /
Resource Hash: 3f32099b59e873a57587a20c99cfd8d1f5c60081add4d50b9ff6ce25bd3cd0b5

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 03:23:22 GMT
content-encoding: gzip
x-cache-lookup: Cache Hit
x-original-content-length: 569192
server: Lego Server
age: 0
etag: W/"649b9b87-8af68"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-nws-log-uuid: 14974129265936337938
accept-ranges: bytes
content-length: 154922
expires: Fri, 28 Jul 2023 03:23:22 GMT

GET
H2 200 7918-3bbc8a6036bbcdb09d83.js Show response
s.isanook.com/sr/0/_next/static/chunks/ 29 KB
8 KB 246ms
240ms Script
application/javascript 43.152.44.81
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to

Full URL: https://s.isanook.com/sr/0/_next/static/chunks/7918-3bbc8a6036bbcdb09d83.js
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/women/220941/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 43.152.44.81 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: Lego Server /
Resource Hash: 8acb5c888f88d9948d9729db88e737b9dd92ae3653dd11557aa286a55eeaeb09

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 30 May 2023 02:33:54 GMT
content-encoding: gzip
x-cache-lookup: Cache Hit
last-modified: Tue, 30 May 2023 02:29:27 GMT
server: Lego Server
age: 2
etag: W/"64755f87-7567"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000
x-nws-log-uuid: 6927034948673824599
accept-ranges: bytes
content-length: 7999
expires: Thu, 29 Jun 2023 02:33:53 GMT

GET
H2 200 8229-a3ffb213d38ea4b85bad.js Show response
s.isanook.com/sr/0/_next/static/chunks/ 29 KB
7 KB 365ms
359ms Script
application/javascript 43.152.44.81
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to

Full URL: https://s.isanook.com/sr/0/_next/static/chunks/8229-a3ffb213d38ea4b85bad.js
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/women/220941/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 43.152.44.81 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: Lego Server /
Resource Hash: 0b93fcce3e4ed4086f6f2e19b753dfd7f9e48213ddba0ab5b8c9dfb2dc862ae0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 05:18:57 GMT
content-encoding: gzip
x-cache-lookup: Cache Hit
last-modified: Wed, 31 May 2023 10:37:52 GMT
server: Lego Server
age: 0
etag: W/"64772380-7506"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000, s-maxage=10
x-nws-log-uuid: 17319643799403301935
accept-ranges: bytes
content-length: 6889
expires: Wed, 05 Jul 2023 05:18:57 GMT

GET
H2 200 9669-b56602280eb9384c191d.js Show response
s.isanook.com/sr/0/_next/static/chunks/ 13 KB
5 KB 366ms
360ms Script
application/javascript 43.152.44.81
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to

Full URL: https://s.isanook.com/sr/0/_next/static/chunks/9669-b56602280eb9384c191d.js
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/women/220941/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 43.152.44.81 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: Lego Server /
Resource Hash: 9cd0cf9358f6d9ef9aecc29466faba4f8f2f5b9a79f03be60e6b220558fd4340

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Jun 2023 03:46:46 GMT
content-encoding: gzip
x-cache-lookup: Cache Hit
last-modified: Tue, 27 Jun 2023 02:29:35 GMT
server: Lego Server
age: 2287173
etag: W/"649a498f-35e2"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000, s-maxage=10
x-nws-log-uuid: 16511204351616605178
accept-ranges: bytes
content-length: 4715
expires: Tue, 27 Jun 2023 03:46:47 GMT

GET
H2 200 1354-e6e263fd45386d27bc3d.js Show response
s.isanook.com/sr/0/_next/static/chunks/ 50 KB
17 KB 366ms
360ms Script
application/javascript 43.152.44.81
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to

Full URL: https://s.isanook.com/sr/0/_next/static/chunks/1354-e6e263fd45386d27bc3d.js
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/women/220941/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 43.152.44.81 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: Lego Server /
Resource Hash: 6110bd3d72d24a65ab45401d0318208e362f323aca3c84d57a36523d34a60f0b

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Jun 2023 00:45:24 GMT
content-encoding: gzip
x-cache-lookup: Cache Hit
last-modified: Fri, 23 Jun 2023 02:33:35 GMT
server: Lego Server
age: 0
etag: W/"6495047f-c680"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000, s-maxage=10
x-nws-log-uuid: 7420651594922763746
accept-ranges: bytes
content-length: 17204
expires: Thu, 27 Jul 2023 00:45:24 GMT

GET
H2 200 2962-603a28e62dde6ed2aedb.js Show response
s.isanook.com/sr/0/_next/static/chunks/ 12 KB
3 KB 367ms
362ms Script
application/javascript 43.152.44.81
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to

Full URL: https://s.isanook.com/sr/0/_next/static/chunks/2962-603a28e62dde6ed2aedb.js
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/women/220941/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 43.152.44.81 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: Lego Server /
Resource Hash: 39a9767a33fe8b9d31f24bb9f29f98152c9f738a1bf59539cfd87285d30be231

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 11 Jun 2023 04:46:43 GMT
content-encoding: gzip
x-cache-lookup: Cache Hit
last-modified: Wed, 17 May 2023 04:20:35 GMT
server: Lego Server
age: 2137204
etag: W/"64645613-2ebe"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000
x-nws-log-uuid: 16055554795313652737
accept-ranges: bytes
content-length: 2807
expires: Fri, 16 Jun 2023 11:06:41 GMT

GET
H2 200 9047-2d652cafc35943e20d62.js Show response
s.isanook.com/sr/0/_next/static/chunks/ 14 KB
5 KB 367ms
361ms Script
application/javascript 43.152.44.81
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to

Full URL: https://s.isanook.com/sr/0/_next/static/chunks/9047-2d652cafc35943e20d62.js
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/women/220941/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 43.152.44.81 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: Lego Server /
Resource Hash: 50242617945a6f6a36fe2fd68afa582d0b765e127a17bfe46487e5cc3970bb18

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 12 Jun 2023 14:35:03 GMT
content-encoding: gzip
x-cache-lookup: Cache Hit
last-modified: Mon, 12 Jun 2023 09:36:42 GMT
server: Lego Server
age: 0
etag: W/"6486e72a-38a5"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000, s-maxage=10
x-nws-log-uuid: 14208619348556566577
accept-ranges: bytes
content-length: 4475
expires: Wed, 12 Jul 2023 14:35:03 GMT

GET
H2 200 3253-079293c535abc2a452b6.js Show response
s.isanook.com/sr/0/_next/static/chunks/ 22 KB
7 KB 369ms
363ms Script
application/javascript 43.152.44.81
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to

Full URL: https://s.isanook.com/sr/0/_next/static/chunks/3253-079293c535abc2a452b6.js
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/women/220941/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 43.152.44.81 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: Lego Server /
Resource Hash: 3c306814caff0bcd34236c2f17695012ea796e2e7d0d1506ec323773f70596b8

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 09 Jun 2023 05:57:45 GMT
content-encoding: gzip
x-cache-lookup: Cache Hit
last-modified: Fri, 19 May 2023 10:42:40 GMT
server: Lego Server
age: 1589139
etag: W/"646752a0-57ad"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000
x-nws-log-uuid: 7777310187111517765
accept-ranges: bytes
content-length: 6481
expires: Tue, 20 Jun 2023 20:32:07 GMT

GET
H2 200 1350-ccbe2b949cfdea577ff1.js Show response
s.isanook.com/sr/0/_next/static/chunks/ 14 KB
5 KB 369ms
363ms Script
application/javascript 43.152.44.81
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to

Full URL: https://s.isanook.com/sr/0/_next/static/chunks/1350-ccbe2b949cfdea577ff1.js
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/women/220941/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 43.152.44.81 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: Lego Server /
Resource Hash: 7492395fef5caac2500eb07ba8dbc30c0fa593fe2db43e89db33dc0d3af70e41

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 10 Jun 2023 09:51:08 GMT
content-encoding: gzip
x-cache-lookup: Cache Hit
last-modified: Fri, 09 Jun 2023 10:07:26 GMT
server: Lego Server
age: 0
etag: W/"6482f9de-3614"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000, s-maxage=10
x-nws-log-uuid: 14830990628468355930
accept-ranges: bytes
content-length: 4649
expires: Mon, 10 Jul 2023 09:51:08 GMT

GET
H2 200 7754-d32784ee1900caafa06f.js Show response
s.isanook.com/sr/0/_next/static/chunks/ 5 KB
2 KB 375ms
369ms Script
application/javascript 43.152.44.81
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to

Full URL: https://s.isanook.com/sr/0/_next/static/chunks/7754-d32784ee1900caafa06f.js
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/women/220941/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 43.152.44.81 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: Lego Server /
Resource Hash: 350561b966752ef570c416aa9bd649dcc3c7b903fd5ba20c9375c7a713ef0d25

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 30 May 2023 02:33:52 GMT
content-encoding: gzip
x-cache-lookup: Cache Hit
x-original-content-length: 4877
server: Lego Server
age: 0
etag: W/"64755f86-130d"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-nws-log-uuid: 13621203534493792006
accept-ranges: bytes
content-length: 2220
expires: Thu, 29 Jun 2023 02:33:52 GMT

GET
H2 200 2930-e57bfc69aee05a2179a5.js Show response
s.isanook.com/sr/0/_next/static/chunks/ 204 KB
27 KB 368ms
362ms Script
application/javascript 43.152.44.81
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to

Full URL: https://s.isanook.com/sr/0/_next/static/chunks/2930-e57bfc69aee05a2179a5.js
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/women/220941/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 43.152.44.81 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: Lego Server /
Resource Hash: 55bbfc861e7a701243f51f7e35b254b20ec854f162f6f9d37e68a75f90dfcbc8

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 07:30:52 GMT
content-encoding: gzip
x-cache-lookup: Cache Hit
x-original-content-length: 209275
server: Lego Server
age: 1
etag: W/"6492a402-3317b"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-nws-log-uuid: 10105490581038609999
accept-ranges: bytes
content-length: 27887
expires: Fri, 21 Jul 2023 07:28:20 GMT

GET
H2 200 2996-02c93ea9f8ef187330a7.js Show response
s.isanook.com/sr/0/_next/static/chunks/ 92 KB
17 KB 370ms
364ms Script
application/javascript 43.152.44.81
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to

Full URL: https://s.isanook.com/sr/0/_next/static/chunks/2996-02c93ea9f8ef187330a7.js
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/women/220941/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 43.152.44.81 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: Lego Server /
Resource Hash: 535499bf25b6a149637ce611286da6239dee803fda1191102371595c8d23d63e

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 12 Jun 2023 14:35:06 GMT
content-encoding: gzip
x-cache-lookup: Cache Hit
last-modified: Mon, 12 Jun 2023 09:36:42 GMT
server: Lego Server
age: 0
etag: "6486e72a-16f46"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000
x-nws-log-uuid: 11116107721004499006
accept-ranges: bytes
content-length: 16728
expires: Wed, 12 Jul 2023 14:35:06 GMT

GET
H2 200 7263-9483e4dd3cfab9dcfac3.js Show response
s.isanook.com/sr/0/_next/static/chunks/ 197 KB
43 KB 369ms
363ms Script
application/javascript 43.152.44.81
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to

Full URL: https://s.isanook.com/sr/0/_next/static/chunks/7263-9483e4dd3cfab9dcfac3.js
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/women/220941/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 43.152.44.81 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: Lego Server /
Resource Hash: 2d7ffcc5150251cee54325976f95f3b844dd7ac7970eee86552ee9382a1a8fa8

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 03:23:22 GMT
content-encoding: gzip
x-cache-lookup: Cache Hit
last-modified: Wed, 28 Jun 2023 02:31:33 GMT
server: Lego Server
age: 0
etag: W/"649b9b85-31365"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000, s-maxage=10
x-nws-log-uuid: 15446003237014184920
accept-ranges: bytes
content-length: 44180
expires: Wed, 28 Jun 2023 03:23:33 GMT

GET
H2 200 3316-c2db2abb0c275a7040e2.js Show response
s.isanook.com/sr/0/_next/static/chunks/ 18 KB
5 KB 369ms
364ms Script
application/javascript 43.152.44.81
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to

Full URL: https://s.isanook.com/sr/0/_next/static/chunks/3316-c2db2abb0c275a7040e2.js
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/women/220941/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 43.152.44.81 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: Lego Server /
Resource Hash: d38961bd0b1ca21df559b911d10e02450f663398373f3e6ac76eb31809b5b75e

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Jun 2023 23:04:39 GMT
content-encoding: gzip
x-cache-lookup: Cache Hit
last-modified: Fri, 23 Jun 2023 02:33:36 GMT
server: Lego Server
age: 50354
etag: W/"64950480-4663"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000, s-maxage=10
x-nws-log-uuid: 279411512026967592
accept-ranges: bytes
content-length: 4488
expires: Wed, 26 Jul 2023 23:04:39 GMT

GET
H2 200 5269-1d0561d680f1a96c6cdf.js Show response
s.isanook.com/sr/0/_next/static/chunks/ 239 KB
18 KB 370ms
365ms Script
application/javascript 43.152.44.81
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to

Full URL: https://s.isanook.com/sr/0/_next/static/chunks/5269-1d0561d680f1a96c6cdf.js
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/women/220941/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 43.152.44.81 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: Lego Server /
Resource Hash: f3d9ef2604c7f5133d7096b134f0c873884577caf93cf6bc16833050afea301d

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 17 May 2023 03:28:44 GMT
content-encoding: gzip
x-cache-lookup: Cache Hit
x-original-content-length: 244558
server: Lego Server
age: 258
etag: W/"64643edc-3bb4e"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-nws-log-uuid: 16236316523358629465
accept-ranges: bytes
content-length: 17801
expires: Fri, 16 Jun 2023 03:22:21 GMT

GET
H2 200 9063-6e02c0a21aa2efaf0666.js Show response
s.isanook.com/sr/0/_next/static/chunks/ 12 KB
4 KB 371ms
366ms Script
application/javascript 43.152.44.81
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to

Full URL: https://s.isanook.com/sr/0/_next/static/chunks/9063-6e02c0a21aa2efaf0666.js
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/women/220941/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 43.152.44.81 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: Lego Server /
Resource Hash: 75211e639a6f958dbd73ff9d849f26e9dec1f621659360882f76dbb4a50bc503

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Jun 2023 02:41:49 GMT
content-encoding: gzip
x-cache-lookup: Cache Hit
x-original-content-length: 11905
server: Lego Server
age: 0
etag: W/"64813ef4-2e81"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-nws-log-uuid: 793010567157580199
accept-ranges: bytes
content-length: 3777
expires: Sat, 08 Jul 2023 02:41:49 GMT

GET
H2 200 1145-33095e92bfe999492f55.js Show response
s.isanook.com/sr/0/_next/static/chunks/ 21 KB
6 KB 369ms
364ms Script
application/javascript 43.152.44.81
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to

Full URL: https://s.isanook.com/sr/0/_next/static/chunks/1145-33095e92bfe999492f55.js
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/women/220941/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 43.152.44.81 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: Lego Server /
Resource Hash: 69651768c0ed318d4a7feb3157ba5687433728fff0cb61f4ebd737142bcd8132

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 04 Jun 2023 08:49:57 GMT
content-encoding: gzip
x-cache-lookup: Cache Hit
last-modified: Wed, 31 May 2023 10:37:53 GMT
server: Lego Server
age: 0
etag: W/"64772381-54ed"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000, s-maxage=10
x-nws-log-uuid: 18321064794239364132
accept-ranges: bytes
content-length: 5480
expires: Tue, 04 Jul 2023 08:49:57 GMT

GET
H2 200 entry-d357a1e9362d47394e70.js Show response
s.isanook.com/sr/0/_next/static/chunks/pages/common/ 47 KB
11 KB 371ms
365ms Script
application/javascript 43.152.44.81
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to

Full URL: https://s.isanook.com/sr/0/_next/static/chunks/pages/common/entry-d357a1e9362d47394e70.js
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/women/220941/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 43.152.44.81 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: Lego Server /
Resource Hash: 4a80b29c03942c5e6681b13019cc4d4fe2ea05e12038fda0e030b680ddbfdc1a

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 23 Jun 2023 03:21:40 GMT
content-encoding: gzip
x-cache-lookup: Cache Hit
x-original-content-length: 47656
server: Lego Server
age: 0
etag: W/"64950480-ba28"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000
x-nws-log-uuid: 6179361041853139774
accept-ranges: bytes
content-length: 10835
expires: Sun, 23 Jul 2023 03:21:40 GMT

GET
H2 200 _buildManifest.js Show response
s.isanook.com/sr/0/_next/static/Fd6S4s2m299Jv9sKCK_yd/ 22 KB
6 KB 371ms
365ms Script
application/javascript 43.152.44.81
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to

Full URL: https://s.isanook.com/sr/0/_next/static/Fd6S4s2m299Jv9sKCK_yd/_buildManifest.js
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/women/220941/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 43.152.44.81 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: Lego Server /
Resource Hash: c37abd9dc04c7337013980a8b65c81aa00207cbc8197aa136263684f1ca37233

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 03:23:22 GMT
content-encoding: gzip
x-cache-lookup: Cache Hit
last-modified: Wed, 28 Jun 2023 02:31:33 GMT
server: Lego Server
age: 0
etag: W/"649b9b85-58a1"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000, s-maxage=10
x-nws-log-uuid: 1035023738231487451
accept-ranges: bytes
content-length: 6213
expires: Fri, 28 Jul 2023 03:23:22 GMT

GET
H2 200 _ssgManifest.js Show response
s.isanook.com/sr/0/_next/static/Fd6S4s2m299Jv9sKCK_yd/ 77 B
263 B 375ms
369ms Script
application/javascript 43.152.44.81
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to

Full URL: https://s.isanook.com/sr/0/_next/static/Fd6S4s2m299Jv9sKCK_yd/_ssgManifest.js
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/women/220941/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 43.152.44.81 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: Lego Server /
Resource Hash: 6f5b4aa00d2f8d6aed9935b471806bf7acef464d0c1d390260e5fe27f800c67e

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 03:23:22 GMT
x-cache-lookup: Cache Hit
last-modified: Wed, 28 Jun 2023 02:31:33 GMT
server: Lego Server
age: 0
etag: "649b9b85-4d"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000, s-maxage=10
x-nws-log-uuid: 4475004228431875124
accept-ranges: bytes
content-length: 77
expires: Fri, 28 Jul 2023 03:23:22 GMT

GET spacer.gif
p3.isanook.com/sh/0/di/ac/vl/ 0
0

GET
H2 200 ic-lotto.png
s.isanook.com/sr/0/images/firstpage/desktop/icons/ 3 KB
3 KB 697ms
147ms Image
image/png 43.152.44.81
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.isanook.com/sr/0/images/firstpage/desktop/icons/ic-lotto.png
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/women/220941/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 43.152.44.81 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: Lego Server /
Resource Hash: 99547a965f07daf7a5531abff25b655f8ca954dcd1fc1794a87e62b4f59069a7

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Jun 2023 11:42:12 GMT
x-cache-lookup: Cache Hit
last-modified: Fri, 23 Jun 2023 02:33:52 GMT
server: Lego Server
age: 0
etag: "64950490-b1f"
content-type: image/png
cache-control: s-maxage=10
x-nws-log-uuid: 18110898638435507282
accept-ranges: bytes
content-length: 2847

GET
H2 200 joox.svg
s.isanook.com/sr/0/images/firstpage/desktop/icons/ 1 KB
1 KB 696ms
146ms Image
image/svg+xml 43.152.44.81
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.isanook.com/sr/0/images/firstpage/desktop/icons/joox.svg
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/women/220941/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 43.152.44.81 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: Lego Server /
Resource Hash: 0b2e019fbe37d9642ad85f3194ef708e5510f4e580544587d3036d2c6a22809e

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Jun 2023 14:34:13 GMT
x-cache-lookup: Cache Hit
last-modified: Tue, 27 Jun 2023 10:16:08 GMT
server: Lego Server
age: 0
etag: "649ab6e8-4e7"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=2592000
x-nws-log-uuid: 5657534680877764768
accept-ranges: bytes
content-length: 1255
expires: Thu, 27 Jul 2023 14:34:13 GMT

GET
H2 200 wetv.svg
s.isanook.com/sr/0/images/firstpage/desktop/icons/ 7 KB
7 KB 742ms
192ms Image
image/svg+xml 43.152.44.81
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.isanook.com/sr/0/images/firstpage/desktop/icons/wetv.svg
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/women/220941/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 43.152.44.81 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: Lego Server /
Resource Hash: 08a8463bf15cca775e8cc01995f1d42758cbda90dee2b7019fee15daa62822c9

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Jun 2023 15:04:58 GMT
x-cache-lookup: Cache Hit
last-modified: Tue, 27 Jun 2023 10:16:08 GMT
server: Lego Server
age: 0
etag: W/"649ab6e8-1a5b"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=2592000
x-nws-log-uuid: 525727633714182643
accept-ranges: bytes
content-length: 6747
expires: Thu, 27 Jul 2023 15:04:58 GMT

GET
H2 200 wecomics-d.png
s.isanook.com/sr/0/images/firstpage/desktop/icons/ 3 KB
3 KB 697ms
147ms Image
image/png 43.152.44.81
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.isanook.com/sr/0/images/firstpage/desktop/icons/wecomics-d.png
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/women/220941/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 43.152.44.81 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: Lego Server /
Resource Hash: 72b957c8e33b77cbf556151dc0c974c59408561b4bf97828c5b400bb60663138

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Jun 2023 07:57:25 GMT
x-cache-lookup: Cache Hit
server: Lego Server
age: 0
etag: "64816246-bec"
content-type: image/png
x-nws-log-uuid: 2559884581505468282
accept-ranges: bytes
content-length: 3052
expires: Thu, 08 Jun 2023 08:02:25 GMT

GET
H2 200 pubg.png
s.isanook.com/sr/0/images/firstpage/desktop/icons/ 2 KB
2 KB 697ms
147ms Image
image/png 43.152.44.81
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.isanook.com/sr/0/images/firstpage/desktop/icons/pubg.png
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/women/220941/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 43.152.44.81 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: Lego Server /
Resource Hash: 695669eab4d353184ff9d06af8b2e1d0c0aea5af143d16b84206b05f1fa7ec3d

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 06 Jun 2023 17:23:19 GMT
x-cache-lookup: Cache Hit
last-modified: Tue, 06 Jun 2023 09:44:09 GMT
server: Lego Server
age: 0
etag: "647effe9-8c6"
content-type: image/png
x-nws-log-uuid: 7401394754402264005
accept-ranges: bytes
content-length: 2246

GET
H2 200 220941-thumbnail.jpg
s.isanook.com/wo/0/ud/44/220941/ 39 KB
39 KB 769ms
219ms Image
image/webp 43.152.44.81
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.isanook.com/wo/0/ud/44/220941/220941-thumbnail.jpg?ip/crop/w728h437/q80/webp

Requested by

Host: www.sanook.com
URL: https://www.sanook.com/women/220941/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

43.152.44.81 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),

Reverse DNS

Software

Lego Server /

Resource Hash

d1b3f666dc137b2e28d18ce5dc569c442fd005f030b8ee12134d236d8a51b61f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains;

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Jun 2023 19:32:52 GMT
strict-transport-security: max-age=15724800; includeSubDomains;
x-cache-lookup: Cache Hit
server: Lego Server
age: 0
content-type: image/webp
x-nws-log-uuid: 6106479997257665414
accept-ranges: bytes
content-length: 39764

GET
H2 200 220941-20221224013343-e73b4b2.jpg
s.isanook.com/wo/0/ud/44/220941/ 70 KB
70 KB 394ms
389ms Image
image/jpg 43.152.44.81
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.isanook.com/wo/0/ud/44/220941/220941-20221224013343-e73b4b2.jpg?ip/resize/w728/q80/jpg

Requested by

Host: www.sanook.com
URL: https://www.sanook.com/women/220941/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

43.152.44.81 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),

Reverse DNS

Software

Lego Server /

Resource Hash

1aaffaf23421624f140c74bf5abeb203fab96cf341796cd0d16fbebc2a6ee144

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains;

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Jun 2023 07:11:20 GMT
strict-transport-security: max-age=15724800; includeSubDomains;
x-cache-lookup: Cache Hit
server: Lego Server
age: 0
content-type: image/jpg
x-nws-log-uuid: 14740940476617298128
accept-ranges: bytes
content-length: 71625

GET
H2 200 220941-20221224013344-34810bb.jpg
s.isanook.com/wo/0/ud/44/220941/ 50 KB
50 KB 391ms
386ms Image
image/jpg 43.152.44.81
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.isanook.com/wo/0/ud/44/220941/220941-20221224013344-34810bb.jpg?ip/resize/w728/q80/jpg

Requested by

Host: www.sanook.com
URL: https://www.sanook.com/women/220941/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

43.152.44.81 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),

Reverse DNS

Software

Lego Server /

Resource Hash

9ec2c32588fef4f65a2f3fa36dfc2c9142e6c9cbbf26c391e9858e2592c63703

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains;

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Jun 2023 07:11:20 GMT
strict-transport-security: max-age=15724800; includeSubDomains;
x-cache-lookup: Cache Hit
server: Lego Server
age: 0
content-type: image/jpg
x-nws-log-uuid: 8134038646160628836
accept-ranges: bytes
content-length: 50982

GET
H2 200 logo-sanook-n.svg
s.isanook.com/sr/0/images/ 11 KB
5 KB 681ms
131ms Image
image/svg+xml 43.152.44.81
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.isanook.com/sr/0/images/logo-sanook-n.svg
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/women/220941/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 43.152.44.81 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: Lego Server /
Resource Hash: 412e44de7c09f2b8d76b1ad4ca25cc6915bcca5d737aaa7c5a6b44e5965d1d6d

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Jun 2023 17:31:06 GMT
content-encoding: gzip
x-cache-lookup: Cache Hit
last-modified: Tue, 27 Jun 2023 10:16:12 GMT
server: Lego Server
age: 0
etag: W/"649ab6ec-2b18"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=2592000
x-nws-log-uuid: 8311105863984311469
accept-ranges: bytes
content-length: 4394
expires: Thu, 27 Jul 2023 17:31:06 GMT

GET
H2 200 prompt-regular-webfont.woff2
s.isanook.com/sr/0/fonts/prompt/ 50 KB
51 KB 713ms
130ms Font
application/octet-stream 43.152.44.81
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to

Full URL: https://s.isanook.com/sr/0/fonts/prompt/prompt-regular-webfont.woff2
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/women/220941/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 43.152.44.81 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: Lego Server /
Resource Hash: 8756f19020bac3a40d2a403c5f5bcf3ac5034bc0da074d6a383bbe6c32561de5

Request headers

Referer: https://www.sanook.com/
Origin: https://www.sanook.com
accept-language: ka-GE,ka;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Jun 2023 19:47:44 GMT
content-encoding: gzip
x-cache-lookup: Cache Hit
last-modified: Tue, 27 Jun 2023 10:15:57 GMT
server: Lego Server
age: 0
etag: W/"649ab6dd-c8dc"
vary: Accept-Encoding
content-type: text/plain
access-control-allow-origin: *
cache-control: public, max-age=2592000
x-nws-log-uuid: 1121052678114025514
accept-ranges: bytes
content-length: 51458
expires: Thu, 27 Jul 2023 19:47:44 GMT

GET
H2 200 SukhumvitReg.woff2
s.isanook.com/sr/0/fonts/sukhumvit/ 31 KB
31 KB 857ms
276ms Font
font/woff2 43.152.44.81
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to

Full URL: https://s.isanook.com/sr/0/fonts/sukhumvit/SukhumvitReg.woff2
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/women/220941/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 43.152.44.81 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: Lego Server /
Resource Hash: 65d92e36ac9a058f660398ed713dda9b407854b01e659fe29508f8548f9eb479

Request headers

Referer: https://www.sanook.com/
Origin: https://www.sanook.com
accept-language: ka-GE,ka;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Jun 2023 05:54:06 GMT
x-cache-lookup: Cache Hit
last-modified: Fri, 23 Jun 2023 02:33:40 GMT
server: Lego Server
age: 107738
etag: "64950484-7a90"
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=2592000
x-nws-log-uuid: 2147424837028572225
accept-ranges: bytes
content-length: 31376
expires: Mon, 24 Jul 2023 05:54:06 GMT

GET
H2 200 prompt-bold-webfont.woff2
s.isanook.com/sr/0/fonts/prompt/ 52 KB
52 KB 710ms
130ms Font
application/octet-stream 43.152.44.81
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to

Full URL: https://s.isanook.com/sr/0/fonts/prompt/prompt-bold-webfont.woff2
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/women/220941/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 43.152.44.81 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: Lego Server /
Resource Hash: d68c3ead837103c502de483abfdb0167fa83abe2a3ba452df2d5f216289f6c9f

Request headers

Referer: https://www.sanook.com/
Origin: https://www.sanook.com
accept-language: ka-GE,ka;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 12 Jun 2023 16:56:40 GMT
content-encoding: gzip
x-cache-lookup: Cache Hit
last-modified: Mon, 12 Jun 2023 09:36:46 GMT
server: Lego Server
age: 0
etag: W/"6486e72e-cf40"
vary: Accept-Encoding
content-type: text/plain
access-control-allow-origin: *
cache-control: public, max-age=2592000
x-nws-log-uuid: 16473747735405721690
accept-ranges: bytes
content-length: 53090
expires: Wed, 12 Jul 2023 16:56:40 GMT

GET
H2 200 prompt-semibold-webfont.woff2
s.isanook.com/sr/0/fonts/prompt/ 50 KB
51 KB 856ms
276ms Font
font/woff2 43.152.44.81
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to

Full URL: https://s.isanook.com/sr/0/fonts/prompt/prompt-semibold-webfont.woff2
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/women/220941/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 43.152.44.81 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: Lego Server /
Resource Hash: 211ce11050c57b74d7f793232305a8ee5cea7f061366efaa6df4bff5cb7a2495

Request headers

Referer: https://www.sanook.com/
Origin: https://www.sanook.com
accept-language: ka-GE,ka;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 25 Jun 2023 18:44:20 GMT
x-cache-lookup: Cache Hit
last-modified: Fri, 23 Jun 2023 02:33:39 GMT
server: Lego Server
age: 27849
etag: "64950483-c930"
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=2592000
x-nws-log-uuid: 4385401373398995061
accept-ranges: bytes
content-length: 51504
expires: Tue, 25 Jul 2023 18:44:20 GMT

GET
H2 200 SukhumvitBold.woff2
s.isanook.com/sr/0/fonts/sukhumvit/ 31 KB
32 KB 855ms
276ms Font
font/woff2 43.152.44.81
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to

Full URL: https://s.isanook.com/sr/0/fonts/sukhumvit/SukhumvitBold.woff2
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/women/220941/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 43.152.44.81 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: Lego Server /
Resource Hash: ac0d14d8b4a66299b3a84068fc5447d86121c033e665a51bbd3fb23938e00d3f

Request headers

Referer: https://www.sanook.com/
Origin: https://www.sanook.com
accept-language: ka-GE,ka;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Jun 2023 12:57:56 GMT
x-cache-lookup: Cache Hit
last-modified: Tue, 27 Jun 2023 10:15:58 GMT
server: Lego Server
age: 0
etag: "649ab6de-7df4"
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=2592000
x-nws-log-uuid: 17306059061490809517
accept-ranges: bytes
content-length: 32244
expires: Thu, 27 Jul 2023 12:57:56 GMT

GET
H2 200 optimize.js Show response
www.googleoptimize.com/ 125 KB
49 KB 425ms
140ms Script
application/javascript 172.217.16.206
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleoptimize.com/optimize.js?id=GTM-NBRLWV4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PNXLXRS

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.206 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s65-in-f14.1e100.net

Software

Google Tag Manager /

Resource Hash

9163a6cffabb323a25f6d9ce6806368972f8f17a88ec4ba9e5aa0a92d5fa4fc2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 05:03:19 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 49346
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 28 Jun 2023 05:03:19 GMT

GET
H2 200 / Show response
www.googleadservices.com/pagead/conversion/1007499765/ 3 KB
2 KB 419ms
140ms Script
text/javascript 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion/1007499765/?random=1687928598769&cv=11&fst=1687928598769&bg=ffffff&guid=ON&async=1&gtm=45He36q0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.sanook.com%2Fwomen%2F220941%2F&label=JxFSCKqXqfMBEPXztOAD&hn=www.googleadservices.com&frm=0&tiba=%E2%80%9C%E0%B8%89%E0%B8%B2%E0%B8%81%E0%B8%81%E0%B8%B1%E0%B9%89%E0%B8%99%E0%B9%82%E0%B8%84%E0%B8%A7%E0%B8%B4%E0%B8%94-19%E2%80%9D%20%E0%B8%AD%E0%B8%A2%E0%B8%B2%E0%B8%81%E0%B9%84%E0%B8%94%E0%B9%89%20%E0%B8%97%E0%B8%B3%E0%B9%80%E0%B8%AD%E0%B8%87%20%E0%B8%AB&value=0&bttype=purchase&auid=710439222.1687928599&uamb=0&uaw=0&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PNXLXRS

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

1738581c7fbdaf8d87bf740f768fc04a0f3ba908967bb6fd12ece14b9ce38fe4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 28 Jun 2023 05:03:19 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1688
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/408516141/ 3 KB
2 KB 418ms
146ms Script
text/javascript 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/408516141/?random=1687928598778&cv=11&fst=1687928598778&bg=ffffff&guid=ON&async=1&gtm=45He36q0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.sanook.com%2Fwomen%2F220941%2F&hn=www.googleadservices.com&frm=0&tiba=%E2%80%9C%E0%B8%89%E0%B8%B2%E0%B8%81%E0%B8%81%E0%B8%B1%E0%B9%89%E0%B8%99%E0%B9%82%E0%B8%84%E0%B8%A7%E0%B8%B4%E0%B8%94-19%E2%80%9D%20%E0%B8%AD%E0%B8%A2%E0%B8%B2%E0%B8%81%E0%B9%84%E0%B8%94%E0%B9%89%20%E0%B8%97%E0%B8%B3%E0%B9%80%E0%B8%AD%E0%B8%87%20%E0%B8%AB&auid=710439222.1687928599&uamb=0&uaw=0&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PNXLXRS

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s06-in-f130.1e100.net

Software

cafe /

Resource Hash

082a175e45ea74470f7bdc24248a3b1e080c60a81bd0aa432f51dc98680b1b38

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 28 Jun 2023 05:03:19 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1377
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 220941-20221224013344-1c50750.jpg
s.isanook.com/wo/0/ud/44/220941/ 66 KB
66 KB 394ms
388ms Image
image/jpg 43.152.44.81
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.isanook.com/wo/0/ud/44/220941/220941-20221224013344-1c50750.jpg?ip/resize/w728/q80/jpg

Requested by

Host: www.sanook.com
URL: https://www.sanook.com/women/220941/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

43.152.44.81 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),

Reverse DNS

Software

Lego Server /

Resource Hash

66ee380ca9f00e51527e09a44f0fbbd2a1979f8876d05d88b307b9f4a9e14537

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains;

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Jun 2023 07:11:20 GMT
strict-transport-security: max-age=15724800; includeSubDomains;
x-cache-lookup: Cache Hit
server: Lego Server
age: 0
content-type: image/jpg
x-nws-log-uuid: 3964702051338381398
accept-ranges: bytes
content-length: 67312

GET
H2 200 220941-20221224013344-5acdfd8.jpg
s.isanook.com/wo/0/ud/44/220941/ 59 KB
59 KB 408ms
402ms Image
image/jpg 43.152.44.81
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.isanook.com/wo/0/ud/44/220941/220941-20221224013344-5acdfd8.jpg?ip/resize/w728/q80/jpg

Requested by

Host: www.sanook.com
URL: https://www.sanook.com/women/220941/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

43.152.44.81 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),

Reverse DNS

Software

Lego Server /

Resource Hash

1ea2cc1571eeea94445a1b48b53ab3df57be81ecffdf75728c8b42df8a8df284

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains;

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Jun 2023 07:11:20 GMT
strict-transport-security: max-age=15724800; includeSubDomains;
x-cache-lookup: Cache Hit
server: Lego Server
age: 0
content-type: image/jpg
x-nws-log-uuid: 3093470772806293238
accept-ranges: bytes
content-length: 60493

GET
H2 200 220941-20221224013345-1c91bb8.jpg
s.isanook.com/wo/0/ud/44/220941/ 79 KB
79 KB 408ms
403ms Image
image/jpg 43.152.44.81
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.isanook.com/wo/0/ud/44/220941/220941-20221224013345-1c91bb8.jpg?ip/resize/w728/q80/jpg

Requested by

Host: www.sanook.com
URL: https://www.sanook.com/women/220941/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

43.152.44.81 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),

Reverse DNS

Software

Lego Server /

Resource Hash

4f7d10b03c85f1a4ae2112185a6091efbd2a47974484bb13d571829550a83297

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains;

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Jun 2023 07:11:19 GMT
strict-transport-security: max-age=15724800; includeSubDomains;
x-cache-lookup: Cache Hit
server: Lego Server
age: 0
content-type: image/jpg
x-nws-log-uuid: 12668119884853672351
accept-ranges: bytes
content-length: 81117

GET
H2 200 sanook_70x200.jpg
s.isanook.com/wo/0/uc/0/1441/ 8 KB
9 KB 390ms
385ms Image
image/jpeg 43.152.44.81
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.isanook.com/wo/0/uc/0/1441/sanook_70x200.jpg
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/women/220941/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 43.152.44.81 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: Lego Server /
Resource Hash: 49df687aafbcd68fee44ebf3a5d015dbc1249dc10a6af49e4b014dbf81c69aca

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Jun 2023 01:04:09 GMT
x-cache-lookup: Cache Hit
last-modified: Wed, 16 Oct 2019 17:10:50 GMT
server: Lego Server
age: 0
etag: "5da74f1a-215a"
content-type: image/jpeg
cache-control: s-maxage=10
x-nws-log-uuid: 16701510900691712468
accept-ranges: bytes
content-length: 8538

GET
H2 200 winner_banner_read.png
s.isanook.com/sr/0/images/event-banner/2023/hbdproject/july/ 80 KB
80 KB 375ms
369ms Image
image/png 43.152.44.81
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.isanook.com/sr/0/images/event-banner/2023/hbdproject/july/winner_banner_read.png
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/women/220941/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 43.152.44.81 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: Lego Server /
Resource Hash: ed53ed7e8cca61c3ec4d4cf06ff4d87a8d6ad73479289a9dae93b16c5add4208

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Jun 2023 23:54:39 GMT
x-cache-lookup: Cache Hit
last-modified: Fri, 23 Jun 2023 02:33:57 GMT
server: Lego Server
age: 0
etag: "64950495-13ee8"
content-type: image/png
x-nws-log-uuid: 4985253091394199425
accept-ranges: bytes
content-length: 81640

GET
H2 200 221385-thumbnail.jpg
s.isanook.com/wo/0/ud/44/221385/ 11 KB
11 KB 390ms
385ms Image
image/jpg 43.152.44.81
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.isanook.com/wo/0/ud/44/221385/221385-thumbnail.jpg?ip/crop/w350h197/q80/jpg

Requested by

Host: www.sanook.com
URL: https://www.sanook.com/women/220941/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

43.152.44.81 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),

Reverse DNS

Software

Lego Server /

Resource Hash

afd19ac6383c3a445ce3e18fdda6aad74f8bd93dd0700f2442ce1de1fce7b21a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains;

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Jun 2023 19:02:56 GMT
strict-transport-security: max-age=15724800; includeSubDomains;
x-cache-lookup: Cache Hit
server: Lego Server
age: 0
content-type: image/jpg
x-nws-log-uuid: 5474178474366276042
accept-ranges: bytes
content-length: 11204

GET
H2 200 229121-thumbnail.jpg
s.isanook.com/wo/0/ud/45/229121/ 21 KB
21 KB 464ms
459ms Image
image/jpg 43.152.44.81
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.isanook.com/wo/0/ud/45/229121/229121-thumbnail.jpg?ip/crop/w350h197/q80/jpg

Requested by

Host: www.sanook.com
URL: https://www.sanook.com/women/220941/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

43.152.44.81 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),

Reverse DNS

Software

Lego Server /

Resource Hash

0ac2654f733fb50a86eb7d31e0d9c33160779cfa74b584e458448872b95219cf

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains;

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 04 Jun 2023 13:51:32 GMT
strict-transport-security: max-age=15724800; includeSubDomains;
x-cache-lookup: Cache Hit
server: Lego Server
age: 0
content-type: image/jpg
x-nws-log-uuid: 12603030661173200351
accept-ranges: bytes
content-length: 21338

GET
H2 200 214757-thumbnail.jpg
s.isanook.com/wo/0/ud/42/214757/ 22 KB
22 KB 465ms
460ms Image
image/jpg 43.152.44.81
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.isanook.com/wo/0/ud/42/214757/214757-thumbnail.jpg?ip/crop/w350h197/q80/jpg

Requested by

Host: www.sanook.com
URL: https://www.sanook.com/women/220941/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

43.152.44.81 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),

Reverse DNS

Software

Lego Server /

Resource Hash

7d66ae2517f0926f3321039a156a684edeb7debc7cc176af39749bc646691443

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains;

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Jun 2023 01:07:33 GMT
strict-transport-security: max-age=15724800; includeSubDomains;
x-cache-lookup: Cache Hit
server: Lego Server
age: 0
content-type: image/jpg
x-nws-log-uuid: 6253380072441293343
accept-ranges: bytes
content-length: 22037

GET
H2 200 218561-thumbnail.jpg
s.isanook.com/wo/0/ud/43/218561/ 12 KB
12 KB 466ms
461ms Image
image/jpg 43.152.44.81
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.isanook.com/wo/0/ud/43/218561/218561-thumbnail.jpg?ip/crop/w350h197/q80/jpg

Requested by

Host: www.sanook.com
URL: https://www.sanook.com/women/220941/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

43.152.44.81 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),

Reverse DNS

Software

Lego Server /

Resource Hash

f5beabe9074c8bc9408a13f51a663db1b47fe309d05c74cc32f960b7e353ddb6

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains;

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 08:14:02 GMT
strict-transport-security: max-age=15724800; includeSubDomains;
x-cache-lookup: Cache Hit
server: Lego Server
age: 0
content-type: image/jpg
x-nws-log-uuid: 18437620102293144779
accept-ranges: bytes
content-length: 11973

GET
H2 200 200197-thumbnail.jpg
s.isanook.com/wo/0/ud/40/200197/ 15 KB
15 KB 463ms
458ms Image
image/jpg 43.152.44.81
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.isanook.com/wo/0/ud/40/200197/200197-thumbnail.jpg?ip/crop/w350h197/q80/jpg

Requested by

Host: www.sanook.com
URL: https://www.sanook.com/women/220941/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

43.152.44.81 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),

Reverse DNS

Software

Lego Server /

Resource Hash

ff542034c21d041c9a0c20aaa35e02a9271fb89d475cfe6ce51c4216a51c2133

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains;

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 04 Jun 2023 13:51:32 GMT
strict-transport-security: max-age=15724800; includeSubDomains;
x-cache-lookup: Cache Hit
server: Lego Server
age: 0
content-type: image/jpg
x-nws-log-uuid: 5020029116043172768
accept-ranges: bytes
content-length: 15557

GET
H2 200 candyblast_3.png
s.isanook.com/sr/0/images/game/gamecenter/ 185 KB
186 KB 443ms
438ms Image
image/png 43.152.44.81
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.isanook.com/sr/0/images/game/gamecenter/candyblast_3.png
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/women/220941/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 43.152.44.81 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: Lego Server /
Resource Hash: 3eda6d9d9ce8d34aeae4ef396eee0d3a79569b5527136de05938e3ff2f470093

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Jun 2023 11:08:42 GMT
x-cache-lookup: Cache Hit
server: Lego Server
age: 0
etag: "647effe9-2e5d7"
content-type: image/png
x-nws-log-uuid: 14559246112095634446
accept-ranges: bytes
content-length: 189911
expires: Wed, 07 Jun 2023 11:13:42 GMT

GET
H2 200 1489944661112333 Show response
connect.facebook.net/signals/config/ 300 KB
86 KB 132ms
131ms Script
application/x-javascript 157.240.251.9
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1489944661112333?v=2.9.109&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

157.240.251.9 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-fra5.fbcdn.net

Software

Resource Hash

4475158a6db4d9f6acb7ff044c9ab87b433707a49404ca74e9806950bb565e3f

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Wed, 28 Jun 2023 05:03:19 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 88177
x-xss-protection: 0
pragma: public
x-fb-debug: StROaptgd+DDk/ywMS7EevZFXnj/TxSNO1FbvVBkiqHn43Jmlx1gQqF5wCwDtm588Hye/8EF94jX/x1ox+IjmA==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 goggen.php
lvs2.truehits.in.th/ 91 B
292 B 313ms
312ms Image
image/jpeg 203.154.58.214
INET-TH-AS Intern...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lvs2.truehits.in.th/goggen.php?hc=d0004449&bv=0&rf=bookmark&web=griBnIa0tD2RnyMtXpmGMA%3D%3D&bn=Netscape&ss=1600*1200&sc=24&sv=1.3&ck=y&ja=n&vt=C1C5C918.1&fp=d&fv=-&truehitspage=sanook.women.entry&truehitsurl=https%3a//www.sanook.com/women/220941/&async=1
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/women/220941/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 203.154.58.214 , Thailand, ASN4618 (INET-TH-AS Internet Thailand Company Limited, TH),
Reverse DNS: 203-154-58-214.northern.inet.co.th
Software: nginx/1.23.3 /
Resource Hash: 44a8550a5891e70e072fe307ff01f77c94c89a120117c7aaa82e5e9ac2860436

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type: image/jpeg
pragma: no-cache
date: Wed, 28 Jun 2023 05:03:19 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
server: nginx/1.23.3
p3p: CP=NOI DSP COR NID ADMa OUR IND NAV; policyref="/w3c/p3p.xml"

GET
H2 200 oppa.js Show response
p3.isanook.com/sh/0/js/ 537 B
587 B 500ms
201ms Script
application/javascript 43.152.44.81
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to

Full URL: https://p3.isanook.com/sh/0/js/oppa.js
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/women/220941/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 43.152.44.81 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: Lego Server /
Resource Hash: 8d9ca9a070463bcbe29e90af7f3b2aff78adce09eb1481d5b261af72ef998f28

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 10 Jun 2023 07:15:33 GMT
content-encoding: gzip
x-cache-lookup: Cache Hit
last-modified: Wed, 17 May 2017 08:37:40 GMT
server: Lego Server
age: 0
etag: "591c0bd4-219"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000, s-maxage=10
x-nws-log-uuid: 8721071842345852275
accept-ranges: bytes
content-length: 363
expires: Mon, 10 Jul 2023 07:15:33 GMT

GET
H2 200 spacer.gif
p3.isanook.com/sh/0/di/ac/vl/ 43 B
220 B 498ms
202ms Image
image/gif 43.152.44.81
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p3.isanook.com/sh/0/di/ac/vl/spacer.gif
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/women/220941/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 43.152.44.81 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: Lego Server /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Jun 2023 01:56:59 GMT
x-cache-lookup: Cache Hit
last-modified: Tue, 08 Feb 2011 09:07:23 GMT
server: Lego Server
age: 0
etag: "4d5107cb-2b"
vary: Accept-Encoding
content-type: image/gif
cache-control: max-age=2592000, s-maxage=10
x-nws-log-uuid: 18432038085730090184
accept-ranges: bytes
content-length: 43
expires: Sat, 08 Jul 2023 01:56:59 GMT

GET
H2 200 db04b7e80825ebbe7211052ca9638d056f74acc8-1.11.0.js Show response
s.isanook.com/sr/0/js/izooto/ 209 KB
54 KB 362ms
361ms Script
application/javascript 43.152.44.81
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to

Full URL: https://s.isanook.com/sr/0/js/izooto/db04b7e80825ebbe7211052ca9638d056f74acc8-1.11.0.js
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/women/220941/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 43.152.44.81 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: Lego Server /
Resource Hash: 04739cdd0a9f88f3ceac9851166b8376d4d10cc38cff7f92edc30d5e298d11b1

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 09 Jun 2023 04:56:35 GMT
content-encoding: gzip
x-cache-lookup: Cache Hit
x-original-content-length: 214388
server: Lego Server
age: 1965006
etag: W/"64645631-34574"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000
x-nws-log-uuid: 17266626312021660712
accept-ranges: bytes
content-length: 54927
expires: Fri, 16 Jun 2023 11:01:25 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
31 B 475ms
195ms Image
text/plain 157.240.251.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1489944661112333&ev=PageView&dl=https%3A%2F%2Fwww.sanook.com%2Fwomen%2F220941%2F&rl=&if=false&ts=1687928599268&sw=1600&sh=1200&v=2.9.109&r=stable&ec=0&o=30&fbp=fb.1.1687928599267.2034102562&it=1687928599035&coo=false&rqm=GET

Requested by

Host: www.sanook.com
URL: https://www.sanook.com/women/220941/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

157.240.251.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-01-fra5.facebook.com

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Wed, 28 Jun 2023 05:03:19 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 new.png
s.isanook.com/sr/0/images/game/ 4 KB
4 KB 387ms
387ms Image
image/png 43.152.44.81
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.isanook.com/sr/0/images/game/new.png
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/women/220941/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 43.152.44.81 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: Lego Server /
Resource Hash: 92b90e6df7c880e709cfd70ad4e659609d5a1b898674fb8dd371083f790ba404

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Jun 2023 07:20:45 GMT
x-cache-lookup: Cache Hit
last-modified: Fri, 23 Jun 2023 02:33:51 GMT
server: Lego Server
age: 0
etag: "6495048f-1052"
content-type: image/png
cache-control: s-maxage=10
x-nws-log-uuid: 9710685575914513083
accept-ranges: bytes
content-length: 4178

GET
H2 200 base-icon-v1.0.45.woff2
s.isanook.com/sr/0/fonts/icon/ 39 KB
40 KB 221ms
221ms Font
font/woff2 43.152.44.81
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to

Full URL: https://s.isanook.com/sr/0/fonts/icon/base-icon-v1.0.45.woff2
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/women/220941/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 43.152.44.81 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: Lego Server /
Resource Hash: 14642d9bda67d96a5291f33bb8c703967c8f2ac0214efe41b0c453aaa369cc6e

Request headers

Referer: https://www.sanook.com/
Origin: https://www.sanook.com
accept-language: ka-GE,ka;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Jun 2023 03:11:44 GMT
x-cache-lookup: Cache Hit
last-modified: Wed, 31 May 2023 10:37:56 GMT
server: Lego Server
age: 0
etag: "64772384-9d84"
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=2592000
x-nws-log-uuid: 6744843338552271616
accept-ranges: bytes
content-length: 40324
expires: Sun, 02 Jul 2023 03:11:44 GMT

GET
H2

200

/
www.google.ge/pagead/1p-conversion/1007499765/
Redirect Chain

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1007499765/?random=1905098557&cv=11&fst=1687928598769&bg=ffffff&guid=ON&async=1&gtm=45He36q0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww...
https://www.google.com/pagead/1p-conversion/1007499765/?random=1905098557&cv=11&fst=1687928598769&bg=ffffff&guid=ON&async=1&gtm=45He36q0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.sanook.com%2Fwomen%2...
https://www.google.ge/pagead/1p-conversion/1007499765/?random=1905098557&cv=11&fst=1687928598769&bg=ffffff&guid=ON&async=1&gtm=45He36q0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.sanook.com%2Fwomen%2F...

42 B
108 B

159ms
158ms

Image
image/gif

142.250.181.227
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.ge/pagead/1p-conversion/1007499765/?random=1905098557&cv=11&fst=1687928598769&bg=ffffff&guid=ON&async=1&gtm=45He36q0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.sanook.com%2Fwomen%2F220941%2F&label=JxFSCKqXqfMBEPXztOAD&hn=www.googleadservices.com&frm=0&tiba=%E2%80%9C%E0%B8%89%E0%B8%B2%E0%B8%81%E0%B8%81%E0%B8%B1%E0%B9%89%E0%B8%99%E0%B9%82%E0%B8%84%E0%B8%A7%E0%B8%B4%E0%B8%94-19%E2%80%9D%20%E0%B8%AD%E0%B8%A2%E0%B8%B2%E0%B8%81%E0%B9%84%E0%B8%94%E0%B9%89%20%E0%B8%97%E0%B8%B3%E0%B9%80%E0%B8%AD%E0%B8%87%20%E0%B8%AB&value=0&auid=710439222.1687928599&uamb=0&uaw=0&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek5DaEVJOEpIcXBBWVExZkt5bDcyRi1MYnRBUklsQU45ZlFycFhodUNPdlRZeWpnYmpvMzhjNUZyRDJRUDMxQkx6bVoxRlh2RFlVb0FiUlEaWENoRUk4SkhxcEFZUXByaW9rYVBna3BEWkFSSXRBR0pnSjRBRFh5S0JxemVtdFlBcElXbGVqU0tmbFVmeEZvUHVZbEJrNGdmc29OZ2h1VzFSdmFaLVVVQXEiEwiX_M2EmOX_AhUlwLsIHcEHBLQ&is_vtc=1&ocp_id=F7-bZNeUG6WA7_UPwY-QoAs&cid=CAQSKQBygQiDb4yvavwXCS_kJGM93V3Sr-Lfm-jhByXtvLxZNlVQHWzklpkN&eitems=ChEI8JHqpAYQ-u6G6J3B5NfdARIdANK3YqNWh2lQtAsvN60IxzYHuseQmf1fgo_LqEI&random=1728568190&ipr=y

Requested by

Host: www.sanook.com
URL: https://www.sanook.com/women/220941/

Protocol

Server

142.250.181.227 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f3.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 28 Jun 2023 05:03:20 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 28 Jun 2023 05:03:19 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://www.google.ge/pagead/1p-conversion/1007499765/?random=1905098557&cv=11&fst=1687928598769&bg=ffffff&guid=ON&async=1&gtm=45He36q0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.sanook.com%2Fwomen%2F220941%2F&label=JxFSCKqXqfMBEPXztOAD&hn=www.googleadservices.com&frm=0&tiba=%E2%80%9C%E0%B8%89%E0%B8%B2%E0%B8%81%E0%B8%81%E0%B8%B1%E0%B9%89%E0%B8%99%E0%B9%82%E0%B8%84%E0%B8%A7%E0%B8%B4%E0%B8%94-19%E2%80%9D%20%E0%B8%AD%E0%B8%A2%E0%B8%B2%E0%B8%81%E0%B9%84%E0%B8%94%E0%B9%89%20%E0%B8%97%E0%B8%B3%E0%B9%80%E0%B8%AD%E0%B8%87%20%E0%B8%AB&value=0&auid=710439222.1687928599&uamb=0&uaw=0&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek5DaEVJOEpIcXBBWVExZkt5bDcyRi1MYnRBUklsQU45ZlFycFhodUNPdlRZeWpnYmpvMzhjNUZyRDJRUDMxQkx6bVoxRlh2RFlVb0FiUlEaWENoRUk4SkhxcEFZUXByaW9rYVBna3BEWkFSSXRBR0pnSjRBRFh5S0JxemVtdFlBcElXbGVqU0tmbFVmeEZvUHVZbEJrNGdmc29OZ2h1VzFSdmFaLVVVQXEiEwiX_M2EmOX_AhUlwLsIHcEHBLQ&is_vtc=1&ocp_id=F7-bZNeUG6WA7_UPwY-QoAs&cid=CAQSKQBygQiDb4yvavwXCS_kJGM93V3Sr-Lfm-jhByXtvLxZNlVQHWzklpkN&eitems=ChEI8JHqpAYQ-u6G6J3B5NfdARIdANK3YqNWh2lQtAsvN60IxzYHuseQmf1fgo_LqEI&random=1728568190&ipr=y
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/408516141/ 42 B
455 B 432ms
146ms Image
image/gif 142.250.186.132
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/408516141/?random=1687928598778&cv=11&fst=1687928400000&bg=ffffff&guid=ON&async=1&gtm=45He36q0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.sanook.com%2Fwomen%2F220941%2F&frm=0&tiba=%E2%80%9C%E0%B8%89%E0%B8%B2%E0%B8%81%E0%B8%81%E0%B8%B1%E0%B9%89%E0%B8%99%E0%B9%82%E0%B8%84%E0%B8%A7%E0%B8%B4%E0%B8%94-19%E2%80%9D%20%E0%B8%AD%E0%B8%A2%E0%B8%B2%E0%B8%81%E0%B9%84%E0%B8%94%E0%B9%89%20%E0%B8%97%E0%B8%B3%E0%B9%80%E0%B8%AD%E0%B8%87%20%E0%B8%AB&fmt=3&is_vtc=1&random=2331814599&rmt_tld=0&ipr=y

Requested by

Host: www.sanook.com
URL: https://www.sanook.com/women/220941/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f4.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 28 Jun 2023 05:03:19 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.ge/pagead/1p-user-list/408516141/ 42 B
455 B 426ms
144ms Image
image/gif 142.250.181.227
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.ge/pagead/1p-user-list/408516141/?random=1687928598778&cv=11&fst=1687928400000&bg=ffffff&guid=ON&async=1&gtm=45He36q0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.sanook.com%2Fwomen%2F220941%2F&frm=0&tiba=%E2%80%9C%E0%B8%89%E0%B8%B2%E0%B8%81%E0%B8%81%E0%B8%B1%E0%B9%89%E0%B8%99%E0%B9%82%E0%B8%84%E0%B8%A7%E0%B8%B4%E0%B8%94-19%E2%80%9D%20%E0%B8%AD%E0%B8%A2%E0%B8%B2%E0%B8%81%E0%B9%84%E0%B8%94%E0%B9%89%20%E0%B8%97%E0%B8%B3%E0%B9%80%E0%B8%AD%E0%B8%87%20%E0%B8%AB&fmt=3&is_vtc=1&random=2331814599&rmt_tld=1&ipr=y

Requested by

Host: www.sanook.com
URL: https://www.sanook.com/women/220941/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.227 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f3.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 28 Jun 2023 05:03:19 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 407ms
130ms Script
text/javascript 142.250.185.174
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PNXLXRS

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.174 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 28 Jun 2023 04:35:22 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 1677
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Wed, 28 Jun 2023 06:35:22 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 241 KB
84 KB 155ms
154ms Script
application/javascript 142.250.185.168
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-M0RYDTKBFK&l=dataLayer&cx=c

Requested by

Host: www.googleoptimize.com
URL: https://www.googleoptimize.com/optimize.js?id=GTM-NBRLWV4

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.168 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

e91c5185cda7255c5e6d6b6a623e0a84ca59a48f335a237ebcb8dbac59994e18

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 05:03:19 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 85460
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 28 Jun 2023 05:03:19 GMT

GET
H2 200 pwt.js Show response
ads.pubmatic.com/AdServer/js/pwt/155976/781/ 2 MB
238 KB 403ms
129ms Script
application/javascript 23.32.184.192
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js
Requested by: Host: s.isanook.com
URL: https://s.isanook.com/sh/0/js/pubmatic_desktop.1.0.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.32.184.192 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-32-184-192.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 90dc8ea5f4689b21cfb8a0a192e3e017aa6d81ba6eaa93d00b17db3efcbd4121

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 05:03:19 GMT
content-encoding: gzip
last-modified: Tue, 30 May 2023 09:15:23 GMT
server: Apache
vary: Accept-Encoding
content-type: application/javascript
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: max-age=27587
accept-ranges: bytes
content-length: 243421
expires: Wed, 28 Jun 2023 12:43:06 GMT

POST
H2 200 / Show response
www.facebook.com/tr/ Frame CAA0 0
202 B 241ms
194ms Document
text/plain 157.240.251.35
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Host: www.sanook.com
URL: https://www.sanook.com/women/220941/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

157.240.251.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-01-fra5.facebook.com

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Content-Type: application/x-www-form-urlencoded
Origin: https://www.sanook.com
Referer: https://www.sanook.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: ka-GE,ka;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-origin: https://www.sanook.com
alt-svc: h3=":443"; ma=86400
content-length: 0
content-type: text/plain
cross-origin-resource-policy: cross-origin
date: Wed, 28 Jun 2023 05:03:19 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains

GET
H2 200 2481.dcf19fe8839f8737d536.js Show response
s.isanook.com/sr/0/_next/static/chunks/ 4 KB
2 KB 129ms
129ms Script
application/javascript 43.152.44.81
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to

Full URL: https://s.isanook.com/sr/0/_next/static/chunks/2481.dcf19fe8839f8737d536.js
Requested by: Host: s.isanook.com
URL: https://s.isanook.com/sr/0/_next/static/chunks/webpack-c785922bccc4816522cc.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 43.152.44.81 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: Lego Server /
Resource Hash: 0a55a803103fd73c135ad66d1a8b9aa2a7a7bb0054618b70a9c0d46c87a59371

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Jun 2023 16:14:20 GMT
content-encoding: gzip
x-cache-lookup: Cache Hit
last-modified: Fri, 09 Jun 2023 10:07:26 GMT
server: Lego Server
age: 1574496
etag: W/"6482f9de-ee2"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000
x-nws-log-uuid: 13555582662628666073
accept-ranges: bytes
content-length: 1444
expires: Sun, 09 Jul 2023 10:52:45 GMT

GET
H2 200 950.268be4686f34540c2906.js Show response
s.isanook.com/sr/0/_next/static/chunks/ 97 KB
19 KB 142ms
141ms Script
application/javascript 43.152.44.81
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to

Full URL: https://s.isanook.com/sr/0/_next/static/chunks/950.268be4686f34540c2906.js
Requested by: Host: s.isanook.com
URL: https://s.isanook.com/sr/0/_next/static/chunks/webpack-c785922bccc4816522cc.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 43.152.44.81 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: Lego Server /
Resource Hash: 9e06da0bcecb5c3543ff295850c81e14dc9e0b6e28cccf39dae72e88c2ae1a2d

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Jun 2023 09:10:07 GMT
content-encoding: gzip
x-cache-lookup: Cache Hit
last-modified: Thu, 08 Jun 2023 05:08:07 GMT
server: Lego Server
age: 0
etag: W/"64816237-18451"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000, s-maxage=10
x-nws-log-uuid: 5771763906702337639
accept-ranges: bytes
content-length: 18878
expires: Sat, 08 Jul 2023 09:10:07 GMT

GET
H2 200 2437.9e6c8584339c5949c677.js Show response
s.isanook.com/sr/0/_next/static/chunks/ 1 KB
982 B 150ms
130ms Script
application/javascript 43.152.44.81
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to

Full URL: https://s.isanook.com/sr/0/_next/static/chunks/2437.9e6c8584339c5949c677.js
Requested by: Host: s.isanook.com
URL: https://s.isanook.com/sr/0/_next/static/chunks/webpack-c785922bccc4816522cc.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 43.152.44.81 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: Lego Server /
Resource Hash: 8f8559a1d533e1b9f28b7904b9328abf7defe554bb3cf4328d84e21ddf5764f2

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 17:19:06 GMT
content-encoding: gzip
x-cache-lookup: Cache Hit
last-modified: Wed, 31 May 2023 10:37:53 GMT
server: Lego Server
age: 0
etag: W/"64772381-586"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000, s-maxage=10
x-nws-log-uuid: 17739833966219840728
accept-ranges: bytes
content-length: 791
expires: Wed, 05 Jul 2023 17:19:06 GMT

GET
H2 200 responsive-voice-1.0.3.min.js Show response
s.isanook.com/sr/0/js/voice/ 90 KB
22 KB 130ms
130ms Script
application/javascript 43.152.44.81
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to

Full URL: https://s.isanook.com/sr/0/js/voice/responsive-voice-1.0.3.min.js
Requested by: Host: s.isanook.com
URL: https://s.isanook.com/sr/0/_next/static/chunks/pages/_app-dd35ddff6c3a8a09f528.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 43.152.44.81 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: Lego Server /
Resource Hash: 695e3e04c7d78887cbe74d3449f5c0a5e2ef92d173e6cbf8f692d3e028f4554d

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Jun 2023 19:56:44 GMT
content-encoding: gzip
x-cache-lookup: Cache Hit
last-modified: Fri, 23 Jun 2023 02:34:07 GMT
server: Lego Server
age: 0
etag: "6495049f-16928"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000, s-maxage=10
x-nws-log-uuid: 4671464232251003563
accept-ranges: bytes
content-length: 22365
expires: Wed, 26 Jul 2023 19:56:44 GMT

GET
H3 200 sdk.js Show response
connect.facebook.net/en_US/ 3 KB
2 KB 131ms
131ms Script
application/x-javascript 157.240.251.9
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js

Requested by

Host: s.isanook.com
URL: https://s.isanook.com/sr/0/_next/static/chunks/4883-eaa47998e430c5efe9d8.js

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.251.9 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-fra5.fbcdn.net

Software

Resource Hash

747f0cfa83704d88a357ae65f66caf40838ee2b939582f2e11a05ad9e678fa9c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 28 Jun 2023 05:03:20 GMT
content-md5: /RNMUtn/Rn6NhimqSA56ng==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 1687
x-fb-debug: oDdx8x+dOnFUrkpfoe5Jytd/fELM9r3RyO3Tkx/BIYGNjrCK6itl99J66kGkX4eaa+DMDS+oXRvR8IYLtIMBqQ==
x-fb-content-md5: 6bffc93eed73d6f8710360975299657e
cross-origin-opener-policy: same-origin-allow-popups
etag: "7f9951ec3da825e6c8b52d0c16e5dd7b"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
priority: u=3,i
expires: Wed, 28 Jun 2023 05:07:55 GMT

GET
H2 200 hub.html Show response
p3.isanook.com/jo/0/mu/evt/_cross_storage/ex/ Frame C49E 236 B
364 B 1257ms
1256ms Document
text/html 43.152.44.81
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to

Full URL: https://p3.isanook.com/jo/0/mu/evt/_cross_storage/ex/hub.html
Requested by: Host: s.isanook.com
URL: https://s.isanook.com/sr/0/_next/static/chunks/pages/_app-dd35ddff6c3a8a09f528.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 43.152.44.81 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: Lego Server /
Resource Hash: 076d24cbdcf9e0597833fef55d3dca79e6b5fd281e45d85957bea5925473bc6c

Request headers

Referer: https://www.sanook.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: ka-GE,ka;q=0.9

Response headers

accept-ranges: bytes
age: 78
cache-control: no-cache, max-age=0
content-encoding: gzip
content-length: 186
content-type: text/html
date: Wed, 28 Jun 2023 05:02:02 GMT
server: Lego Server
vary: Accept-Encoding
x-cache-lookup: Cache Miss Cache Miss
x-nws-log-uuid: 14562942244998596090
x-page-speed: 1.13.35.2-0

OPTIONS
H/1.1 204
No Content /
graph.sanook.com/ Frame 0
0 1546ms
405ms Preflight 203.151.130.56
INET-TH-AS Intern...

General

Check archive.org

Show headers Download Go to

Full URL

https://graph.sanook.com/?operationName=getTrendingTags&variables=%7B%22position%22%3A%22HOROSCOPE_ENTRY_DEFAULT_VIDEO%22%7D&extensions=%7B%22persistedQuery%22%3A%7B%22version%22%3A1%2C%22sha256Hash%22%3A%22fafa2ebba388db4754b1cdb5c5ca17123842d3c2cc2f8ea2e6f1d75377e2179d%22%7D%7D

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

203.151.130.56 Mueang Samut Prakan, Thailand, ASN4618 (INET-TH-AS Internet Thailand Company Limited, TH),

Reverse DNS

56.130.151.203.sta.inet.co.th

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains;

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://www.sanook.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range,XPURGE,XNAME,Authorization
Access-Control-Allow-Methods: GET, POST, OPTIONS, HEAD
Access-Control-Allow-Origin: https://www.sanook.com
Access-Control-Max-Age: 300
Connection: keep-alive
Date: Wed, 28 Jun 2023 05:03:21 GMT
G-API-Cache-Status: BYPASS
Server: nginx
Strict-Transport-Security: max-age=15724800; includeSubDomains;
Vary: Origin

GET
H2 200 loader.js Show response
cdn.taboola.com/libtrc/sanook/ 678 KB
46 KB 651ms
367ms Script
application/javascript 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/sanook/loader.js
Requested by: Host: s.isanook.com
URL: https://s.isanook.com/sr/0/_next/static/chunks/6584-447a1b16d42a2945b19a.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b67b9241c149408c77ef950995b405fb2254058f55d0b93dafb3a9e765ee4b20

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: rVlwNZfY47rvVrboBzGAxq6O1wVOsELB
content-encoding: gzip
via: 1.1 varnish
date: Wed, 28 Jun 2023 05:03:21 GMT
x-amz-request-id: E0V4K5SFG5MP5XZ2
age: 0
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 46348
x-amz-id-2: cPEmJZ3tJfxkvWNzJd+P5hpFlIaHQDd+4hEUUPJ9q67Ecvu1QUkyQ9uNEIqDu4GP8r0VWSxZWdo=
x-served-by: cache-mxp6942-MXP
last-modified: Tue, 27 Jun 2023 10:38:37 GMT
server: AmazonS3
x-tbl-debug: bestatus=200,beresp=OK
x-timer: S1687928601.413709,VS0,VE232
etag: "bbcb174c8a3d3986c5dffabfa8a25981"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 55
access-control-allow-origin: *
cache-control: private,max-age=14401
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 abbreviationv2.min.json Show response
s.isanook.com/sr/0/textToSpeech/ 14 KB
3 KB 130ms
130ms XHR
application/json 43.152.44.81
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to

Full URL: https://s.isanook.com/sr/0/textToSpeech/abbreviationv2.min.json?t=28062023
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/women/220941/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 43.152.44.81 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: Lego Server /
Resource Hash: 964b656289b3bc187440e3556d72226c8f364bdc257acb0b3a99956ad013b60a

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.sanook.com/
accept-language: ka-GE,ka;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Jun 2023 09:12:17 GMT
content-encoding: gzip
x-cache-lookup: Cache Hit
last-modified: Tue, 27 Jun 2023 02:29:59 GMT
server: Lego Server
age: 7420
etag: "649a49a7-38e8"
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=2592000, s-maxage=10
x-nws-log-uuid: 5539147417440465469
accept-ranges: bytes
content-length: 2550
expires: Thu, 27 Jul 2023 09:12:17 GMT

GET
H2 200 cookiepolicy.png
s.isanook.com/sr/0/images/ 17 KB
17 KB 156ms
155ms Image
image/png 43.152.44.81
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.isanook.com/sr/0/images/cookiepolicy.png
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/women/220941/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 43.152.44.81 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: Lego Server /
Resource Hash: d57aeaf80265f0b85de1bf9798c3eb60e8b8a71869a16cea4873e21667c9f657

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Jun 2023 04:58:16 GMT
x-cache-lookup: Cache Hit
last-modified: Fri, 23 Jun 2023 02:33:50 GMT
server: Lego Server
age: 0
etag: "6495048e-428b"
content-type: image/png
cache-control: s-maxage=10
x-nws-log-uuid: 16730237472736279334
accept-ranges: bytes
content-length: 17035

GET
H/1.1 200
OK sanook_trend Show response
sloth-api.sanook.com/api/ 662 B
1 KB 1785ms
405ms XHR
application/json 203.151.128.177
INET-TH-AS Intern...

General

Check archive.org

Show headers Download Go to

Full URL: https://sloth-api.sanook.com/api/sanook_trend?channel=women&t=468869
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/women/220941/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 203.151.128.177 Mueang Samut Prakan, Thailand, ASN4618 (INET-TH-AS Internet Thailand Company Limited, TH),
Reverse DNS: 177.128.151.203.sta.inet.co.th
Software: nginx / Express
Resource Hash: bb9be29c53cd9ba53868db438577a847030688be6b5d77ffc309b154fcf58f96

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.sanook.com/
accept-language: ka-GE,ka;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

X-Response-Time: 2.710ms
Date: Wed, 28 Jun 2023 05:03:21 GMT
Server: nginx
X-Powered-By: Express
ETag: W/"296-t7frZLjMkXotFoQ+500JYFWSYUc"
Vary: Accept-Encoding
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=2592000
Connection: keep-alive
Content-Length: 662
Expires: Fri, 28 Jul 2023 05:03:21 GMT

GET
H/1.1 200
OK / Show response
graph.sanook.com/ 701 B
1 KB 409ms
408ms Fetch
application/json 203.151.130.56
INET-TH-AS Intern...

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: s.isanook.com
URL: https://s.isanook.com/sr/0/_next/static/chunks/pages/_app-dd35ddff6c3a8a09f528.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

203.151.130.56 Mueang Samut Prakan, Thailand, ASN4618 (INET-TH-AS Internet Thailand Company Limited, TH),

Reverse DNS

56.130.151.203.sta.inet.co.th

Software

nginx /

Resource Hash

8c4b69c824c4178c36992112852830ad02e2a81511f8073d9e1cecc839ffecb8

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains;

Request headers

accept: */*
Referer: https://www.sanook.com/
accept-language: ka-GE,ka;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type: application/json

Response headers

Date: Wed, 28 Jun 2023 05:03:21 GMT
Strict-Transport-Security: max-age=15724800; includeSubDomains;
Content-Encoding: br
Server: nginx
ETag: W/"2bd-XktoHvinbOpjl6Xz0OAG8yPSPoY"
X-Cache-Status: HIT
Transfer-Encoding: chunked
Vary: Accept-Encoding, Origin
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://www.sanook.com
Access-Control-Allow-Methods: GET, POST, OPTIONS, HEAD
Access-Control-Allow-Credentials: true
G-API-Cache-Status: HIT
Connection: keep-alive
Access-Control-Allow-Headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range,XPURGE,XNAME,Authorization

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame 62E1 15 KB
6 KB 417ms
137ms Document
text/html 178.250.1.11
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.sanook.com

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

42b9a15f9b6a86e0bca2678c6a6679ed2e73777ca55d893012e685275249f702

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://www.sanook.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: ka-GE,ka;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 28 Jun 2023 05:03:19 GMT
server: Kestrel
server-processing-duration-in-ticks: 284584
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

POST
H2 204 collect
analytics.google.com/g/ 0
244 B 441ms
138ms Ping
text/plain 216.239.38.181
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-M0RYDTKBFK&gtm=45je36q0&_p=1565226986&_gaz=1&cid=1184271674.1687928600&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&dl=https%3A%2F%2Fwww.sanook.com%2Fwomen%2F220941%2F&sid=1687928600&sct=1&seg=0&dt=%E2%80%9C%E0%B8%89%E0%B8%B2%E0%B8%81%E0%B8%81%E0%B8%B1%E0%B9%89%E0%B8%99%E0%B9%82%E0%B8%84%E0%B8%A7%E0%B8%B4%E0%B8%94-19%E2%80%9D%20%E0%B8%AD%E0%B8%A2%E0%B8%B2%E0%B8%81%E0%B9%84%E0%B8%94%E0%B9%89%20%E0%B8%97%E0%B8%B3%E0%B9%80%E0%B8%AD%E0%B8%87%20%E0%B8%AB%E0%B8%A3%E0%B8%B7%E0%B8%AD%E0%B8%97%E0%B8%B5%E0%B9%88%E0%B9%84%E0%B8%AB%E0%B8%99%E0%B8%A1%E0%B8%B5%E0%B8%82%E0%B8%B2%E0%B8%A2%E0%B8%9A%E0%B9%89%E0%B8%B2%E0%B8%87&en=page_view&_fv=1&_nsi=1&_ss=2&ep.content_editor=Sanook%20API&ep.content_source=S!%20Women%20(Rewrite)&ep.content_category=home&ep.user_session_id=1687928599626.jtyah5s&ep.content_tag_primary=covid-19&ep.content_tag_secondary=%E0%B9%82%E0%B8%84%E0%B8%A7%E0%B8%B4%E0%B8%94-19&ep.content_unique_id=220941&ep.content_editorial_type=editorial&ep.content_publication_date=2020-05-06&ep.content_publication_time=11%3A36&ep.content_partner=S!%20Women%20(Rewrite)&ep.content_number_of_characters=2491&ep.content_channel=women&ep.content_page_format=readpage&ep.content_tags=covid-19%2C%20%E0%B9%82%E0%B8%84%E0%B8%A7%E0%B8%B4%E0%B8%94-19%2C%20%E0%B8%89%E0%B8%B2%E0%B8%81%E0%B8%81%E0%B8%B1%E0%B9%89%E0%B8%99%E0%B9%82%E0%B8%84%E0%B8%A7%E0%B8%B4%E0%B8%94-19%2C%20%E0%B8%89%E0%B8%B2%E0%B8%81%E0%B8%81%E0%B8%B1%E0%B9%89%E0%B8%99%E0%B8%9E%E0%B8%A5%E0%B8%B2%E0%B8%AA%E0%B8%95%E0%B8%B4%E0%B8%81%2C%20%E0%B8%89%E0%B8%B2%E0%B8%81%E0%B8%81%E0%B8%B1%E0%B9%89%E0%B8%99%20pvc%2C%20%E0%B9%80%E0%B8%84%E0%B8%A5%E0%B9%87%E0%B8%94%E0%B8%A5%E0%B8%B1%E0%B8%9A%E0%B9%80%E0%B8%A3%E0%B8%B7%E0%B9%88%E0%B8%AD%E0%B8%87%E0%B8%9A%E0%B9%89%E0%B8%B2%E0%B8%99%2C%20%E0%B9%81%E0%B8%95%E0%B9%88%E0%B8%87%E0%B8%9A%E0%B9%89%E0%B8%B2%E0%B8%99&ep.content_type=article&ep.adblock_tracker=false&ep.article_read=1&upn.user_login=0
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-M0RYDTKBFK&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 216.239.38.181 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 28 Jun 2023 05:03:21 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.sanook.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
56 B 141ms
138ms Ping
text/plain 173.194.76.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-M0RYDTKBFK&cid=1184271674.1687928600&gtm=45je36q0&aip=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-M0RYDTKBFK&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 173.194.76.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: ws-in-f155.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 28 Jun 2023 05:03:21 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.sanook.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.ge/ads/ 42 B
63 B 141ms
141ms Image
image/gif 142.250.181.227
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.ge/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-M0RYDTKBFK&cid=1184271674.1687928600&gtm=45je36q0&aip=1&z=1857652714

Requested by

Host: www.sanook.com
URL: https://www.sanook.com/women/220941/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.227 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f3.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 28 Jun 2023 05:03:21 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 beacon.js Show response
sb.scorecardresearch.com/ 4 KB
2 KB 402ms
132ms Script
application/javascript 13.32.99.90
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/beacon.js
Requested by: Host: p3.isanook.com
URL: https://p3.isanook.com/sh/0/js/beacon.v1.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-90.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 1aee66e2e24e851039801c0dace90f3efb7a1a17b033f7d5bbc12ca7c1d19432

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 01:20:22 GMT
content-encoding: gzip
via: 1.1 b43c04a791e8dcb8ddb6bb0847fcf95a.cloudfront.net (CloudFront)
last-modified: Thu, 09 Mar 2023 09:22:40 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P3
age: 13380
x-amz-server-side-encryption: AES256
etag: W/"a06e7a176f40dc26aa5e9567ac9d2d5e"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=86400
x-amz-cf-id: oTPkQC17VqtaZpyUM85iyfaAQnl3iiiBNvFa5fYQPgPUj3uT2r7roQ==

GET
H/1.1 200
OK container_57b51f2f1c51b15b6d1e8553.js Show response
avd.innity.net/225/ 8 KB
4 KB 460ms
142ms Script
application/javascript 184.28.181.176
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://avd.innity.net/225/container_57b51f2f1c51b15b6d1e8553.js
Requested by: Host: p3.isanook.com
URL: https://p3.isanook.com/sh/0/js/oppa.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 184.28.181.176 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-28-181-176.deploy.static.akamaitechnologies.com
Software: nginx/1.20.2 /
Resource Hash: 79e294a7071dc71eebe41f088919fd137441a80f5ba5bd2765b978726ec5ee9d

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 28 Jun 2023 05:03:21 GMT
Content-Encoding: gzip
Last-Modified: Fri, 28 Aug 2020 08:27:45 GMT
Server: nginx/1.20.2
ETag: "5f48c001-20eb-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: public, max-age=503986
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3222
Expires: Tue, 04 Jul 2023 01:03:07 GMT

GET
H2 200 iz_setcid.html Show response
cdn.izooto.com/scripts/sak/ Frame 5353 4 KB
1 KB 252ms
81ms Document
text/html 104.18.216.65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.izooto.com/scripts/sak/iz_setcid.html?v=1

Requested by

Host: s.isanook.com
URL: https://s.isanook.com/sr/0/js/izooto/db04b7e80825ebbe7211052ca9638d056f74acc8-1.11.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.216.65 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d1baf1e3c12564049e49e6a2f91ab528957fa12cb80c3dc0b113329a44d4216c

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.sanook.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: ka-GE,ka;q=0.9

Response headers

access-control-allow-origin: *
age: 1859471
cache-control: public, max-age=2678400
cf-cache-status: HIT
cf-ray: 7de361f96b4d2dcf-TBS
content-encoding: br
content-type: text/html
date: Wed, 28 Jun 2023 05:03:20 GMT
expires: Sat, 29 Jul 2023 05:03:20 GMT
last-modified: Tue, 07 Feb 2023 10:27:13 GMT
server: cloudflare
vary: Accept-Encoding
x-xss-protection: 1; mode=block

POST
H2 200 collect Show response
www.google-analytics.com/j/ 4 B
208 B 144ms
142ms XHR
text/plain 142.250.185.174
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1565226986&t=pageview&_s=1&dl=https%3A%2F%2Fwww.sanook.com%2Fwomen%2F220941%2F&ul=en-us&de=UTF-8&dt=%E2%80%9C%E0%B8%89%E0%B8%B2%E0%B8%81%E0%B8%81%E0%B8%B1%E0%B9%89%E0%B8%99%E0%B9%82%E0%B8%84%E0%B8%A7%E0%B8%B4%E0%B8%94-19%E2%80%9D%20%E0%B8%AD%E0%B8%A2%E0%B8%B2%E0%B8%81%E0%B9%84%E0%B8%94%E0%B9%89%20%E0%B8%97%E0%B8%B3%E0%B9%80%E0%B8%AD%E0%B8%87%20%E0%B8%AB%E0%B8%A3%E0%B8%B7%E0%B8%AD%E0%B8%97%E0%B8%B5%E0%B9%88%E0%B9%84%E0%B8%AB%E0%B8%99%E0%B8%A1%E0%B8%B5%E0%B8%82%E0%B8%B2%E0%B8%A2%E0%B8%9A%E0%B9%89%E0%B8%B2%E0%B8%87&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAEABQAAAACAEK~&jid=1599719362&gjid=987492202&cid=1184271674.1687928600&tid=UA-8147095-6&_gid=1412767983.1687928600&_r=1&_slc=1&gtm=45He36q0n81PNXLXRS&cd1=Sanook%20API&cd2=S!%20Women%20(Rewrite)&cd3=home&cd4=0&cd12=1687928599627.ljxl9o6&cd13=covid-19&cd14=%E0%B9%82%E0%B8%84%E0%B8%A7%E0%B8%B4%E0%B8%94-19&cd15=220941&cd16=editorial&cd17=2020-05-06&cd18=11%3A36&cd19=S!%20Women%20(Rewrite)&cd21=2491&cd22=women&cd23=readpage&cd33=covid-19%2C%20%E0%B9%82%E0%B8%84%E0%B8%A7%E0%B8%B4%E0%B8%94-19%2C%20%E0%B8%89%E0%B8%B2%E0%B8%81%E0%B8%81%E0%B8%B1%E0%B9%89%E0%B8%99%E0%B9%82%E0%B8%84%E0%B8%A7%E0%B8%B4%E0%B8%94-19%2C%20%E0%B8%89%E0%B8%B2%E0%B8%81%E0%B8%81%E0%B8%B1%E0%B9%89%E0%B8%99%E0%B8%9E%E0%B8%A5%E0%B8%B2%E0%B8%AA%E0%B8%95%E0%B8%B4%E0%B8%81%2C%20%E0%B8%89%E0%B8%B2%E0%B8%81%E0%B8%81%E0%B8%B1%E0%B9%89%E0%B8%99%20pvc%2C%20%E0%B9%80%E0%B8%84%E0%B8%A5%E0%B9%87%E0%B8%94%E0%B8%A5%E0%B8%B1%E0%B8%9A%E0%B9%80%E0%B8%A3%E0%B8%B7%E0%B9%88%E0%B8%AD%E0%B8%87%E0%B8%9A%E0%B9%89%E0%B8%B2%E0%B8%99%2C%20%E0%B9%81%E0%B8%95%E0%B9%88%E0%B8%87%E0%B8%9A%E0%B9%89%E0%B8%B2%E0%B8%99&cd34=article&cd35=S!%20Women%20(Rewrite)&cd36=home&cd43=0&cm5=1&z=1464205414

Requested by

Host: www.sanook.com
URL: https://www.sanook.com/women/220941/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.174 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.sanook.com/
accept-language: ka-GE,ka;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 28 Jun 2023 05:03:20 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.sanook.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 floors.json Show response
ads.pubmatic.com/AdServer/js/pwt/floors/155976/781/ 5 KB
980 B 395ms
131ms XHR
application/json 23.32.184.192
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/pwt/floors/155976/781/floors.json
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/women/220941/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.32.184.192 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-32-184-192.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: fec1885fb0d6f6e49a8e02f66262fc9b7ce3b52a54d24c4574a6ce90d4cb4879

Request headers

Referer: https://www.sanook.com/
accept-language: ka-GE,ka;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 28 Jun 2023 05:03:20 GMT
content-encoding: gzip
last-modified: Tue, 27 Jun 2023 02:34:44 GMT
server: Apache
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
access-control-allow-origin: *
content-type: application/json
cache-control: max-age=77475
access-control-allow-credentials: true
accept-ranges: bytes
content-length: 578
expires: Thu, 29 Jun 2023 02:34:35 GMT

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 83 KB
27 KB 522ms
248ms Script
text/javascript 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: s.isanook.com
URL: https://s.isanook.com/sh/0/js/pubmatic_desktop.1.0.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

09439d5fce9bc38ceac331e7da5d0a7bc2b88c88b9fe7e6bb12a006254632e60

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 05:03:22 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 26841
x-xss-protection: 0
server: cafe
etag: 456 / 19536 / 31075705 / config-hash: 13728557897118412599
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Wed, 28 Jun 2023 05:03:22 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
348 B 416ms
138ms XHR
text/plain 173.194.76.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-8147095-6&cid=1184271674.1687928600&jid=1599719362&gjid=987492202&_gid=1412767983.1687928600&_u=YADAAEAAQAAAACAEK~&z=1993395750

Requested by

Host: www.sanook.com
URL: https://www.sanook.com/women/220941/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

173.194.76.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ws-in-f155.1e100.net

Software

Golfe2 /

Resource Hash

12033e73be050321fdc3d2756f9970c1423c57bd877e8c316cb023b67ecd34df

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.sanook.com/
accept-language: ka-GE,ka;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Wed, 28 Jun 2023 05:03:20 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.sanook.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 json Show response
gum.criteo.com/sid/ Frame 62E1 431 B
559 B 138ms
137ms Fetch
application/json 178.250.1.11
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=publishertag&domain=sanook.com&sn=ChromeSyncframe&so=0&topUrl=www.sanook.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0

Requested by

Host: gum.criteo.com
URL: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.sanook.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

8965d65e3e94312945cad97325a2f8fd48b24489ef0c84ca950d68f6b41a7859

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.sanook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 28 Jun 2023 05:03:20 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
content-type: application/json; charset=utf-8
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 1120642
expires: 0

GET
H/1.1 200
OK dc-script-v2.min.js Show response
sal.isanook.com/dc/ 25 KB
25 KB 562ms
559ms Script
application/javascript 61.91.94.165
TRUEINTERNET-AS-A...

General

Check archive.org

Show headers Download Go to

Full URL: https://sal.isanook.com/dc/dc-script-v2.min.js
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/women/220941/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 61.91.94.165 Bangkok, Thailand, ASN7470 (TRUEINTERNET-AS-AP TRUE INTERNET Co.,Ltd., TH),
Reverse DNS: 61-91-94-165.static.asianet.co.th
Software: nginx /
Resource Hash: 3742d5b28f7d0667a9e788a9a6867410194c116b62d93bcd6d256dad386189ad

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 28 Jun 2023 05:03:21 GMT
Last-Modified: Mon, 16 Nov 2020 11:46:30 GMT
Server: nginx
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 25278
Expires: Fri, 28 Jul 2023 05:03:21 GMT

GET
H/1.1 200
OK c
sal.isanook.com/sa/ 35 B
355 B 886ms
311ms Image
image/gif 61.91.94.165
TRUEINTERNET-AS-A...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sal.isanook.com/sa/c?v=1&_v=j41&a=643656024&t=pageview&_s=1&dl=https%3A%2F%2Fwww.sanook.com%2Fwomen%2F220941%2F&dp=%2Fwomen%2F220941%2F&ul=en-us&de=UTF-8&dt=%E2%80%9C%E0%B8%89%E0%B8%B2%E0%B8%81%E0%B8%81%E0%B8%B1%E0%B9%89%E0%B8%99%E0%B9%82%E0%B8%84%E0%B8%A7%E0%B8%B4%E0%B8%94-19%E2%80%9D%20%E0%B8%AD%E0%B8%A2%E0%B8%B2%E0%B8%81%E0%B9%84%E0%B8%94%E0%B9%89%20%E0%B8%97%E0%B8%B3%E0%B9%80%E0%B8%AD%E0%B8%87%20%E0%B8%AB%E0%B8%A3%E0%B8%B7%E0%B8%AD%E0%B8%97%E0%B8%B5%E0%B9%88%E0%B9%84%E0%B8%AB%E0%B8%99%E0%B8%A1%E0%B8%B5%E0%B8%82%E0%B8%B2%E0%B8%A2%E0%B8%9A%E0%B9%89%E0%B8%B2%E0%B8%87&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=QAAAAAABC~&cid=1064489419.1687928601&tid=SA-8147095-6&cd4=0&cd8=b&z=197715830
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/women/220941/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 61.91.94.165 Bangkok, Thailand, ASN7470 (TRUEINTERNET-AS-AP TRUE INTERNET Co.,Ltd., TH),
Reverse DNS: 61-91-94-165.static.asianet.co.th
Software: nginx /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
Date: Wed, 28 Jun 2023 05:03:22 GMT
Server: nginx
Vary: Accept-Encoding
Content-Type: image/gif
Cache-Control: no-cache, no-cache, no-store, must-revalidate
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 35
Expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
107 B 147ms
144ms Image
image/gif 142.250.186.132
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-8147095-6&cid=1184271674.1687928600&jid=1599719362&_u=YADAAEAAQAAAACAEK~&z=2088856160

Requested by

Host: www.sanook.com
URL: https://www.sanook.com/women/220941/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f4.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 28 Jun 2023 05:03:21 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.ge/ads/ 42 B
63 B 144ms
141ms Image
image/gif 142.250.181.227
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.ge/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-8147095-6&cid=1184271674.1687928600&jid=1599719362&_u=YADAAEAAQAAAACAEK~&z=2088856160

Requested by

Host: www.sanook.com
URL: https://www.sanook.com/women/220941/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.227 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f3.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 28 Jun 2023 05:03:21 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sdk.js Show response
connect.facebook.net/en_US/ 301 KB
85 KB 269ms
130ms Script
application/x-javascript 157.240.251.9
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js?hash=99aed7db38b39329763f3e741adff2ca

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.251.9 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-fra5.fbcdn.net

Software

Resource Hash

5ae21c64bacbf4172043a14a53245ecd4b869070425c24344ef5e4d983b20a33

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.sanook.com/
Origin: https://www.sanook.com
accept-language: ka-GE,ka;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 28 Jun 2023 05:03:21 GMT
content-md5: 2Sk4Rap8ml8Ghsz4Pza24w==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 87282
x-fb-debug: ZSDNhIy+MMF3LjYYBkBqjfqlsuCJcJrqBrUJ7Wxv2FuLjBtiYkjdR2IEqes40PX+H7L+PQuGJi2NCtbSLgm6xA==
x-fb-content-md5: 9c72bf09cd91afb0c5fc9263a825456d
cross-origin-opener-policy: same-origin-allow-popups
etag: "6a4964397679155232ee72c851138cc0"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
priority: u=3,i
expires: Wed, 26 Jun 2024 23:06:33 GMT

GET
H2 200 hub.js Show response
p3.isanook.com/jo/0/mu/evt/_cross_storage/lib/ Frame C49E 3 KB
1 KB 131ms
130ms Script
application/javascript 43.152.44.81
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to

Full URL: https://p3.isanook.com/jo/0/mu/evt/_cross_storage/lib/hub.js
Requested by: Host: p3.isanook.com
URL: https://p3.isanook.com/jo/0/mu/evt/_cross_storage/ex/hub.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 43.152.44.81 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: Lego Server /
Resource Hash: 776a28e191f05a078df0df129f85d0365d274ac128afd1342265570deac8aaf8

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://p3.isanook.com/jo/0/mu/evt/_cross_storage/ex/hub.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 19 Jun 2023 08:58:46 GMT
content-encoding: gzip
x-cache-lookup: Cache Hit
x-original-content-length: 3222
age: 363817
content-length: 1062
last-modified: Fri, 18 Nov 2016 04:14:33 GMT
server: Lego Server
etag: W/"PSA-aj-UwdRNtHGhk"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000
x-nws-log-uuid: 3326563260496349664
accept-ranges: bytes
expires: Sat, 15 Jul 2023 18:27:19 GMT

GET
H2

204

b2
sb.scorecardresearch.com/
Redirect Chain

https://sb.scorecardresearch.com/b?c1=2&c2=14617386&cs_it=b9&cv=4.0.0%2B2301240627&ns__t=1687928601602&ns_c=UTF-8&c7=https%3A%2F%2Fwww.sanook.com%2Fwomen%2F220941%2F&c8=%E2%80%9C%E0%B8%89%E0%B8%B2%...
https://sb.scorecardresearch.com/b2?c1=2&c2=14617386&cs_it=b9&cv=4.0.0%2B2301240627&ns__t=1687928601602&ns_c=UTF-8&c7=https%3A%2F%2Fwww.sanook.com%2Fwomen%2F220941%2F&c8=%E2%80%9C%E0%B8%89%E0%B8%B2...

0
226 B

133ms
133ms

Image
text/plain

13.32.99.90
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b2?c1=2&c2=14617386&cs_it=b9&cv=4.0.0%2B2301240627&ns__t=1687928601602&ns_c=UTF-8&c7=https%3A%2F%2Fwww.sanook.com%2Fwomen%2F220941%2F&c8=%E2%80%9C%E0%B8%89%E0%B8%B2%E0%B8%81%E0%B8%81%E0%B8%B1%E0%B9%89%E0%B8%99%E0%B9%82%E0%B8%84%E0%B8%A7%E0%B8%B4%E0%B8%94-19%E2%80%9D%20%E0%B8%AD%E0%B8%A2%E0%B8%B2%E0%B8%81%E0%B9%84%E0%B8%94%E0%B9%89%20%E0%B8%97%E0%B8%B3%E0%B9%80%E0%B8%AD%E0%B8%87%20%E0%B8%AB%E0%B8%A3%E0%B8%B7%E0%B8%AD%E0%B8%97%E0%B8%B5%E0%B9%88%E0%B9%84%E0%B8%AB%E0%B8%99%E0%B8%A1%E0%B8%B5%E0%B8%82%E0%B8%B2%E0%B8%A2%E0%B8%9A%E0%B9%89%E0%B8%B2%E0%B8%87&c9=
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/women/220941/
Protocol: H2
Server: 13.32.99.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-90.fra60.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 05:03:21 GMT
via: 1.1 b43c04a791e8dcb8ddb6bb0847fcf95a.cloudfront.net (CloudFront)
accept-ch: UA, Platform, Arch, Model, Mobile
x-amz-cf-pop: FRA60-P3
x-amz-cf-id: zqqdIvIzefBAeP_ed4wJAhEBZyGUpEwc0zFIgey-Zw8BPH37kxbbVg==
x-cache: Miss from cloudfront

Redirect headers

date: Wed, 28 Jun 2023 05:03:21 GMT
via: 1.1 b43c04a791e8dcb8ddb6bb0847fcf95a.cloudfront.net (CloudFront)
accept-ch: UA, Platform, Arch, Model, Mobile
x-amz-cf-pop: FRA60-P3
x-cache: Miss from cloudfront
location: /b2?c1=2&c2=14617386&cs_it=b9&cv=4.0.0%2B2301240627&ns__t=1687928601602&ns_c=UTF-8&c7=https%3A%2F%2Fwww.sanook.com%2Fwomen%2F220941%2F&c8=%E2%80%9C%E0%B8%89%E0%B8%B2%E0%B8%81%E0%B8%81%E0%B8%B1%E0%B9%89%E0%B8%99%E0%B9%82%E0%B8%84%E0%B8%A7%E0%B8%B4%E0%B8%94-19%E2%80%9D%20%E0%B8%AD%E0%B8%A2%E0%B8%B2%E0%B8%81%E0%B9%84%E0%B8%94%E0%B9%89%20%E0%B8%97%E0%B8%B3%E0%B9%80%E0%B8%AD%E0%B8%87%20%E0%B8%AB%E0%B8%A3%E0%B8%B7%E0%B8%AD%E0%B8%97%E0%B8%B5%E0%B9%88%E0%B9%84%E0%B8%AB%E0%B8%99%E0%B8%A1%E0%B8%B5%E0%B8%82%E0%B8%B2%E0%B8%A2%E0%B8%9A%E0%B9%89%E0%B8%B2%E0%B8%87&c9=
content-length: 0
x-amz-cf-id: FnISc3H93s3EPFTwmI44TAtbipWxxTIOC0_52cwbKohy--ZYGRz9pA==

GET
H2 200 load.js Show response
pm-widget.taboola.com/sanook/ 4 KB
2 KB 471ms
469ms Script
application/javascript 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://pm-widget.taboola.com/sanook/load.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/sanook/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 1d2af190c50b253938d0bd45e907ae7981359dc7224bbc020c518d449cadad09

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: HOe39fuCUuh9CqTNSdLIDLcVEWV5wEWy
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
date: Wed, 28 Jun 2023 05:03:22 GMT
x-amz-request-id: FCFFNQB0KZ1PDTCK
age: 0
x-cache: HIT, HIT
content-length: 1327
x-amz-id-2: YyCFKCQ+UOeEs2dcm/wf1izoIZFlnyNhbZr+vrYtXBlcxEeHJZtkXOqZ/xl3iJKq+X3Xuwd9GKI=
x-served-by: cache-bur-kbur8200067-BUR, cache-mxp6942-MXP
last-modified: Wed, 26 Apr 2023 05:52:19 GMT
server: AmazonS3
x-timer: S1687928602.914402,VS0,VE334
etag: "f22bfee2c00440a2593cbe45676c1fe0"
vary: Accept-Encoding,,
content-type: application/javascript; charset=utf-8
cache-control: max-age=300
accept-ranges: bytes
x-cache-hits: 2, 1

GET
H2 200 impl.20230627-7-RELEASE.js Show response
cdn.taboola.com/libtrc/ 784 KB
163 KB 133ms
133ms Script
application/javascript 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/impl.20230627-7-RELEASE.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/sanook/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3-br /
Resource Hash: 7836c8ef8022b3852c8abe0e8a3a481d896ac1815b7b33b06feaa61ef7ac4f4f

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: 3FczbS2wR46b.V_yJX7fwdpCggJLuLiz
content-encoding: br
via: 1.1 varnish
date: Wed, 28 Jun 2023 05:03:21 GMT
x-amz-request-id: ZNYFSCTQTZSFZX2M
age: 12046
x-amz-server-side-encryption: AES256
x-cache: HIT
content-length: 166066
x-amz-id-2: ebxKJ2QUdGMxgIwUo/1GRhz9eCWQ75TQk5lxMWO/d6diF92RqTniV8sdAEPeQ3dkDQVFDK1L4m8=
x-served-by: cache-mxp6942-MXP
last-modified: Tue, 27 Jun 2023 09:42:35 GMT
server: AmazonS3-br
x-tbl-debug: bestatus=200,beresp=OK
x-timer: S1687928602.912666,VS0,VE0
etag: "6ef5645890f0d35ca288ceb58c882e9a"
vary: Accept-Encoding
content-type: application/javascript
abp: 80
access-control-allow-origin: *
cache-control: private,max-age=31536000
accept-ranges: bytes
x-cache-hits: 8773

OPTIONS
H/1.1 204
No Content /
graph.sanook.com/ Frame 0
0 441ms
409ms Preflight 203.151.130.56
INET-TH-AS Intern...

General

Check archive.org

Show headers Download Go to

Full URL

https://graph.sanook.com/?operationName=getDiscussion&variables=%7B%22app%22%3A%22women%22%2C%22entryId%22%3A%22220941%22%2C%22orderBy%22%3A%22DESC%22%2C%22limit%22%3A3%2C%22first%22%3A20%2C%22status%22%3A%5B%22online%22%2C%22approve%22%2C%22pending%22%5D%7D&extensions=%7B%22persistedQuery%22%3A%7B%22version%22%3A1%2C%22sha256Hash%22%3A%2282896c022500aca939eee159f786a22c48d36151b904f6abac81125e9e4fbacb%22%7D%7D

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

203.151.130.56 Mueang Samut Prakan, Thailand, ASN4618 (INET-TH-AS Internet Thailand Company Limited, TH),

Reverse DNS

56.130.151.203.sta.inet.co.th

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains;

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,xpurge
Access-Control-Request-Method: GET
Origin: https://www.sanook.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range,XPURGE,XNAME,Authorization
Access-Control-Allow-Methods: GET, POST, OPTIONS, HEAD
Access-Control-Allow-Origin: https://www.sanook.com
Access-Control-Max-Age: 300
Connection: keep-alive
Date: Wed, 28 Jun 2023 05:03:22 GMT
G-API-Cache-Status: BYPASS
Server: nginx
Strict-Transport-Security: max-age=15724800; includeSubDomains;
Vary: Origin

GET
H/1.1 200
OK / Show response
graph.sanook.com/ 216 B
860 B 428ms
428ms Fetch
application/json 203.151.130.56
INET-TH-AS Intern...

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: s.isanook.com
URL: https://s.isanook.com/sr/0/_next/static/chunks/pages/_app-dd35ddff6c3a8a09f528.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

203.151.130.56 Mueang Samut Prakan, Thailand, ASN4618 (INET-TH-AS Internet Thailand Company Limited, TH),

Reverse DNS

56.130.151.203.sta.inet.co.th

Software

nginx /

Resource Hash

ab935e06ab36047954ec11bfc6677db2c06bf64a0b6ab0b0566004e2ef5bcc6e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains;

Request headers

accept: */*
Referer: https://www.sanook.com/
accept-language: ka-GE,ka;q=0.9
XPURGE: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type: application/json

Response headers

Date: Wed, 28 Jun 2023 05:03:22 GMT
Strict-Transport-Security: max-age=15724800; includeSubDomains;
Content-Encoding: br
Server: nginx
ETag: W/"d8-pijFInCuKNeVMFRKZdE6AneOTlY"
X-Cache-Status: BYPASS
Transfer-Encoding: chunked
Vary: Accept-Encoding, Origin
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://www.sanook.com
Access-Control-Allow-Methods: GET, POST, OPTIONS, HEAD
Access-Control-Allow-Credentials: true
G-API-Cache-Status: BYPASS
Connection: keep-alive
Access-Control-Allow-Headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range,XPURGE,XNAME,Authorization

GET
H/1.1 200
OK dc.js Show response
avd.innity.net/lib/ 20 KB
7 KB 149ms
149ms Script
application/javascript 184.28.181.176
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://avd.innity.net/lib/dc.js
Requested by: Host: avd.innity.net
URL: https://avd.innity.net/225/container_57b51f2f1c51b15b6d1e8553.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 184.28.181.176 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-28-181-176.deploy.static.akamaitechnologies.com
Software: nginx/1.20.2 /
Resource Hash: 0014ffccade01ae1ab385b85433decef0f11f26cbe25721faa0d13bb5c0badda

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 28 Jun 2023 05:03:22 GMT
Content-Encoding: gzip
Last-Modified: Fri, 22 Oct 2021 06:40:46 GMT
Server: nginx/1.20.2
ETag: "61725cee-5149-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: public, max-age=1090232
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 6407
Expires: Mon, 10 Jul 2023 19:53:54 GMT

GET
H/1.1 200
OK container_5f47736a47e7049801000002.js Show response
avd.innity.net/261/ 8 KB
3 KB 294ms
144ms Script
application/javascript 184.28.181.176
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://avd.innity.net/261/container_5f47736a47e7049801000002.js
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/women/220941/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 184.28.181.176 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-28-181-176.deploy.static.akamaitechnologies.com
Software: nginx/1.20.2 /
Resource Hash: 2c3282f6361e85f669bc3d248b8693c53dd22f8f06488c99beb57258e6e00f87

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 28 Jun 2023 05:03:22 GMT
Content-Encoding: gzip
Last-Modified: Wed, 30 Sep 2020 01:58:26 GMT
Server: nginx/1.20.2
ETag: "5f73e642-1eac-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: public, max-age=1263853
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2875
Expires: Wed, 12 Jul 2023 20:07:35 GMT

GET
H/1.1 200
OK / Show response
www.sanook.com/video/embed/clip/1537276/ Frame 6010 29 KB
11 KB 456ms
456ms Document
text/html 203.151.130.56
INET-TH-AS Intern...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.sanook.com/video/embed/clip/1537276/?playerType=video-js

Requested by

Host: s.isanook.com
URL: https://s.isanook.com/sr/0/_next/static/chunks/framework-bccd505f411f10b308c7.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

203.151.130.56 Mueang Samut Prakan, Thailand, ASN4618 (INET-TH-AS Internet Thailand Company Limited, TH),

Reverse DNS

56.130.151.203.sta.inet.co.th

Software

nginx /

Resource Hash

3a3708ae57e8e85f42e94cd40dc4e8dfd2c6fae3ec52d67b35e19237f450084f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains;

Request headers

Referer: https://www.sanook.com/women/220941/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: ka-GE,ka;q=0.9

Response headers

Cache-Control: public, s-maxage=15, max-age=5, must-revalidate
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html; charset=utf-8
Date: Wed, 28 Jun 2023 05:03:22 GMT
Proxy-Cache-Status: HIT
SN-Cache-Status: HIT
Server: nginx
Strict-Transport-Security: max-age=15724800; includeSubDomains;
Transfer-Encoding: chunked
Vary: Accept-Encoding User-Agent
X-Cache-Status: MISS
X-Ua-Device: desktop
X-Ua-Exp: notset
X-Ua-Key: cover_display
X-Ua-Type: human

GET
H2 200 like.php Show response
www.facebook.com/v2.9/plugins/ Frame 2EBE 51 KB
18 KB 388ms
388ms Document
text/html 157.240.251.35
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/v2.9/plugins/like.php?action=like&app_id=1675028022749749&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3fd02278eaba9%26domain%3Dwww.sanook.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.sanook.com%252Ff7ab130de26838%26relation%3Dparent.parent&color_scheme=light&container_width=270&href=https%3A%2F%2Fwww.facebook.com%2Fsanookwomen%2F&layout=standard&locale=en_US&sdk=joey&share=false&show_faces=true&size=small&width=270

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js?hash=99aed7db38b39329763f3e741adff2ca

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

157.240.251.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-01-fra5.facebook.com

Software

Resource Hash

4d78dbde982addc92e11e80a520cfc7b5fc849346821ca7bd668bccfac21d4d2

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com;font-src data: .gstatic.com .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com .tenor.co media.tenor.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net .giphy.com connect.facebook.net .carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com .whatsapp.net .fb.com .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com https://.giphy.com data:;frame-src .doubleclick.net .google.com .facebook.com www.googleadservices.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.sanook.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: ka-GE,ka;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: private, no-cache, no-store, must-revalidate
content-encoding: br
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-type: text/html; charset="utf-8"
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Wed, 28 Jun 2023 05:03:22 GMT
document-policy: force-load-at-top
expires: Sat, 01 Jan 2000 00:00:00 GMT
facebook-api-version: v11.0
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(self), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(self), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
pragma: no-cache
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
strict-transport-security: max-age=15552000; preload
vary: Accept-Encoding
x-content-type-options: nosniff
x-fb-debug: EXccDScPXjVE7KMMlMUo15346dNr2iA/+wRVFgLRmVsyhaU5mw5hGOD1vr/IlyODdF2RfbrFAx2hV4YqUNfLnw==
x-xss-protection: 0

GET
H2 200 sync Show response
gum.criteo.com/ 73 B
313 B 137ms
137ms Script
text/javascript 178.250.1.11
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sync?c=72&r=2&j=TRC.getRTUS

Requested by

Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230627-7-RELEASE.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

1ed6dbf78873f431131c57bceef419d33c140c1c1e20b5235f0015f8cf5192a8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 05:03:21 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
cache-control: private, max-age=3600
server-processing-duration-in-ticks: 861665
expires: 60

GET
H2 200 json Show response
trc.taboola.com/sanook/trc/3/ 88 KB
24 KB 1116ms
1107ms XHR
application/javascript 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/sanook/trc/3/json?tim=05%3A03%3A22.177&lti=deflated&data=%7B%22id%22%3A114%2C%22ii%22%3A%22%2Fwomen%2F220941%22%2C%22it%22%3A%22text%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22uifp%22%3Anull%2C%22lbt%22%3A1687862304805%2C%22vi%22%3A1687928602174%2C%22cv%22%3A%2220230627-7-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fwww.sanook.com%2Fwomen%2F220941%2F%22%2C%22bv%22%3A%220%22%2C%22wc%22%3Atrue%2C%22ul%22%3A%5B%22en-US%22%2C%22en%22%5D%2C%22uad%22%3A%7B%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%2C%22uaFullVersion%22%3A%22%22%7D%2C%22btv%22%3A%220%22%2C%22cos%22%3A%224g%22%2C%22bu%22%3A%22https%3A%2F%2Fwww.sanook.com%2Fwomen%2F220941%2F%22%2C%22vpi%22%3A%22%2Fwomen%2F220941%22%2C%22bad%22%3A-1%2C%22sw%22%3A1600%2C%22sh%22%3A1200%2C%22bw%22%3A1600%2C%22sde%22%3A%221.000%22%2C%22bh%22%3A1200%2C%22dw%22%3A1600%2C%22dh%22%3A9058%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-t2m%22%2C%22s%22%3A6%2C%22uim%22%3A%22alternating-thumbnails-a%3Aabp%3D0%22%2C%22uip%22%3A%22Below%20Article%20Thumbnails%22%2C%22orig_uip%22%3A%22Below%20Article%20Thumbnails%22%2C%22cd%22%3A9057.671875%2C%22mw%22%3A728%7D%5D%2C%22cacheKey%22%3A%22text%3D%2Fwomen%2F220941%2CBelow%20Article%20Thumbnails%3Dalternating-thumbnails-a%3Aabp%3D0%22%2C%22cb%22%3A%22TRC.callbacks.recommendations_1%22%2C%22lt%22%3A%22deflated%22%7D&llvl=2
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/women/220941/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 8ec0877d3ebac0139432fad7a7a93c900087db3c391de08c1b0d73d650952eb8

Request headers

Referer: https://www.sanook.com/
accept-language: ka-GE,ka;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

x-vcl-time-ms: 960
date: Wed, 28 Jun 2023 05:03:23 GMT
content-encoding: gzip
via: 1.1 varnish
x-fastly-to-nlb-rtt: 75075
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version: v2
x-served-by: cache-mxp6942-MXP
server: nginx
x-timer: S1687928602.274485,VS0,VE960
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: https://www.sanook.com
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 0

POST
H2 204 bulk-metrics Show response
trc-events.taboola.com/sanook/log/3/ 0
246 B 453ms
149ms XHR
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://trc-events.taboola.com/sanook/log/3/bulk-metrics?lti=deflated&bulkSize=1
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/women/220941/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.sanook.com/
accept-language: ka-GE,ka;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://www.sanook.com
pragma: no-cache
date: Wed, 28 Jun 2023 05:03:22 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306270101/ 392 KB
125 KB 401ms
129ms Script
text/javascript 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306270101/pubads_impl.js?cb=31075705

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

cafe /

Resource Hash

6df7c73fa12d8261f09a11faff5c77f91f912362a9fdc15c46c3b949b188717b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Jun 2023 10:36:28 GMT
content-encoding: br
x-content-type-options: nosniff
age: 66414
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 127740
x-xss-protection: 0
server: cafe
etag: 1744020965594933375
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Wed, 26 Jun 2024 10:36:28 GMT

GET
H/1.1 200
OK / Show response
avd.innity.com/dc/cb/ 59 B
726 B 1517ms
373ms Script
application/javascript 119.81.216.16
SOFTLAYER

General

Check archive.org

Show headers Download Go to

Full URL: https://avd.innity.com/dc/cb/?mt=_iampt._cbUC
Requested by: Host: avd.innity.net
URL: https://avd.innity.net/lib/dc.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 119.81.216.16 , Singapore, ASN36351 (SOFTLAYER, US),
Reverse DNS: 10.d8.5177.ip4.static.sl-reverse.com
Software: Apache /
Resource Hash: c3ef41a7b2711db4fe8004949f24349f5235b029705b22c8a5f9194bd8cef5c1

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 28 Jun 2023 05:03:23 GMT
Content-Encoding: gzip
Last-Modified: Wed, 28 Jun 2023 05:03:23 GMT
Server: Apache
Vary: Accept-Encoding
P3P: policyref=http://www.innity.com/p3p/p3p.xml,CP="CURa ADMa DEVa OUR BUS UNI COM NAV INT"
Content-Type: application/javascript
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Content-Length: 79
Expires: Wed, 04 Aug 1985 12:59:00 GMT

GET
H2 200 pmk-20220605.23.js Show response
pm-widget.taboola.com/sanook/ 115 KB
31 KB 151ms
151ms Script
application/javascript 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://pm-widget.taboola.com/sanook/pmk-20220605.23.js
Requested by: Host: pm-widget.taboola.com
URL: https://pm-widget.taboola.com/sanook/load.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 35ca42e2853ea433b5c3a2e4d2f159a54d0b3133d0b54d37f40b85e6d4c51aa9

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: yu2AxphjsPa18q60m4PdzQZaVZxlqMYU
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
date: Wed, 28 Jun 2023 05:03:22 GMT
x-amz-request-id: 149FKES8V2E4RZJA
age: 1863128
x-cache: HIT, HIT
content-length: 31816
x-amz-id-2: Q52iLml235c9UUfWI7f2OWLoQxQweF5okJVp7aWD55siatMyVe+aXdCWK7XYoSI28K6RyE71xiE=
x-served-by: cache-bur-kbur8200037-BUR, cache-mxp6942-MXP
last-modified: Wed, 26 Apr 2023 05:52:18 GMT
server: AmazonS3
x-timer: S1687928602.388841,VS0,VE11
etag: "0f4ca938da8176a4da0d0c7a78de9f9a"
vary: Accept-Encoding,,
content-type: application/javascript; charset=utf-8
cache-control: max-age=31536000
accept-ranges: bytes
x-cache-hits: 426, 1

GET
H2 200 pubmatic_desktop.1.0.0.js Show response
s.isanook.com/sh/0/js/ Frame 6010 1 KB
748 B 130ms
129ms Script
application/javascript 43.152.44.81
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to

Full URL: https://s.isanook.com/sh/0/js/pubmatic_desktop.1.0.0.js
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/video/embed/clip/1537276/?playerType=video-js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 43.152.44.81 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: Lego Server /
Resource Hash: f5c2cea9fb4541a86979fdf18bb69f11555678d14a9d0b9be1758b65d180553b

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 08 Apr 2023 12:24:14 GMT
content-encoding: gzip
x-cache-lookup: Cache Hit
x-original-content-length: 1087
server: Lego Server
age: 22075
etag: W/"5afbec11-43f"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000, s-maxage=10
x-nws-log-uuid: 13947092437877425228
accept-ranges: bytes
content-length: 550
expires: Mon, 08 May 2023 12:24:14 GMT

GET
H2 200 publishertag.js Show response
static.criteo.net/js/ld/ Frame 6010 126 KB
41 KB 153ms
153ms Script
text/javascript 178.250.7.2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.js

Requested by

Host: www.sanook.com
URL: https://www.sanook.com/video/embed/clip/1537276/?playerType=video-js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.7.2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

ce42adf01899c970e7e1791dc9c4665f8307e40bc6dc1dc7fd20041b8f5f44a6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 05:03:22 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 31 May 2023 13:09:50 GMT
server: nginx
etag: W/"6477471e-1f8af"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 29 Jun 2023 05:03:22 GMT

GET
H2 200 beacon.v1.js Show response
p3.isanook.com/sh/0/js/ Frame 6010 375 B
410 B 133ms
129ms Script
application/javascript 43.152.44.81
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to

Full URL: https://p3.isanook.com/sh/0/js/beacon.v1.js
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/video/embed/clip/1537276/?playerType=video-js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 43.152.44.81 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: Lego Server /
Resource Hash: 5b0a1c9fa55b83f6c2baabc1ff99f48a43294126d03299226c166fb461520305

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 06 Jun 2023 18:15:33 GMT
content-encoding: gzip
x-cache-lookup: Cache Hit
last-modified: Thu, 28 Nov 2013 06:56:15 GMT
server: Lego Server
age: 749732
etag: "5296e90f-177"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000, s-maxage=10
x-nws-log-uuid: 4109269810150647118
accept-ranges: bytes
content-length: 266
expires: Tue, 06 Jun 2023 18:15:34 GMT

GET
H2 200 bc1a5e788a33746f4adc.css
s.isanook.com/sr/0/_next/static/css/ Frame 6010 42 KB
9 KB 130ms
130ms Stylesheet
text/css 43.152.44.81
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to

Full URL: https://s.isanook.com/sr/0/_next/static/css/bc1a5e788a33746f4adc.css
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/video/embed/clip/1537276/?playerType=video-js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 43.152.44.81 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: Lego Server /
Resource Hash: 63f76efdf34dcee17d568b373f3b6616322a133cf8299dec72a3f9e74789e363

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Jun 2023 15:38:17 GMT
content-encoding: gzip
x-cache-lookup: Cache Hit
last-modified: Tue, 06 Jun 2023 09:43:57 GMT
server: Lego Server
age: 125900
etag: W/"647effdd-a6ad"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=2592000, s-maxage=10
x-nws-log-uuid: 11763520380310679364
accept-ranges: bytes
content-length: 8901
expires: Fri, 07 Jul 2023 15:38:17 GMT

GET
H2 200 webpack-c785922bccc4816522cc.js Show response
s.isanook.com/sr/0/_next/static/chunks/ Frame 6010 9 KB
5 KB 136ms
131ms Script
application/javascript 43.152.44.81
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to

Full URL: https://s.isanook.com/sr/0/_next/static/chunks/webpack-c785922bccc4816522cc.js
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/video/embed/clip/1537276/?playerType=video-js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 43.152.44.81 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: Lego Server /
Resource Hash: a687719cfe27e33b9d4c5dbf769cb12c0981fab940fd8a9e3ca78515e98e8ada

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Jun 2023 02:33:15 GMT
content-encoding: gzip
x-cache-lookup: Cache Hit
x-original-content-length: 9093
server: Lego Server
age: 0
etag: W/"649a498f-2385"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000, s-maxage=10
x-nws-log-uuid: 14576019677760437491
accept-ranges: bytes
content-length: 4521
expires: Thu, 27 Jul 2023 02:33:15 GMT

GET
H2 200 framework-bccd505f411f10b308c7.js Show response
s.isanook.com/sr/0/_next/static/chunks/ Frame 6010 147 KB
47 KB 136ms
131ms Script
application/javascript 43.152.44.81
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to

Full URL: https://s.isanook.com/sr/0/_next/static/chunks/framework-bccd505f411f10b308c7.js
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/video/embed/clip/1537276/?playerType=video-js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 43.152.44.81 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: Lego Server /
Resource Hash: e16941500a7e562826092aa4e31a907a0c6e9354e4c843391cd3fdec33602bb1

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Jun 2023 11:03:08 GMT
content-encoding: gzip
x-cache-lookup: Cache Hit
last-modified: Tue, 27 Jun 2023 10:15:54 GMT
server: Lego Server
age: 0
etag: W/"649ab6da-24b58"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000, s-maxage=10
x-nws-log-uuid: 9868522455091277908
accept-ranges: bytes
content-length: 47794
expires: Thu, 27 Jul 2023 11:03:08 GMT

GET
H2 200 main-bcf4d111f618a82e6a4e.js Show response
s.isanook.com/sr/0/_next/static/chunks/ Frame 6010 75 KB
24 KB 136ms
131ms Script
application/javascript 43.152.44.81
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to

Full URL: https://s.isanook.com/sr/0/_next/static/chunks/main-bcf4d111f618a82e6a4e.js
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/video/embed/clip/1537276/?playerType=video-js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 43.152.44.81 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: Lego Server /
Resource Hash: 1c4ab2f8971959b6a8e4375092eacd41007a97c2078e14af4dd43fdfea43bb6a

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Jun 2023 18:15:23 GMT
content-encoding: gzip
x-cache-lookup: Cache Hit
last-modified: Fri, 23 Jun 2023 02:33:36 GMT
server: Lego Server
age: 60953
etag: W/"64950480-12af2"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000, s-maxage=10
x-nws-log-uuid: 14574765894614431390
accept-ranges: bytes
content-length: 24854
expires: Mon, 26 Jun 2023 18:15:24 GMT

GET
H2 200 _app-dd35ddff6c3a8a09f528.js Show response
s.isanook.com/sr/0/_next/static/chunks/pages/ Frame 6010 556 KB
152 KB 136ms
131ms Script
application/javascript 43.152.44.81
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to

Full URL: https://s.isanook.com/sr/0/_next/static/chunks/pages/_app-dd35ddff6c3a8a09f528.js
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/video/embed/clip/1537276/?playerType=video-js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 43.152.44.81 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: Lego Server /
Resource Hash: 3f32099b59e873a57587a20c99cfd8d1f5c60081add4d50b9ff6ce25bd3cd0b5

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 03:23:22 GMT
content-encoding: gzip
x-cache-lookup: Cache Hit
x-original-content-length: 569192
server: Lego Server
age: 0
etag: W/"649b9b87-8af68"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-nws-log-uuid: 10262092511068689369
accept-ranges: bytes
content-length: 154922
expires: Fri, 28 Jul 2023 03:23:22 GMT

GET
H2 200 7918-3bbc8a6036bbcdb09d83.js Show response
s.isanook.com/sr/0/_next/static/chunks/ Frame 6010 29 KB
8 KB 136ms
132ms Script
application/javascript 43.152.44.81
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to

Full URL: https://s.isanook.com/sr/0/_next/static/chunks/7918-3bbc8a6036bbcdb09d83.js
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/video/embed/clip/1537276/?playerType=video-js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 43.152.44.81 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: Lego Server /
Resource Hash: 8acb5c888f88d9948d9729db88e737b9dd92ae3653dd11557aa286a55eeaeb09

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 30 May 2023 02:33:54 GMT
content-encoding: gzip
x-cache-lookup: Cache Hit
last-modified: Tue, 30 May 2023 02:29:27 GMT
server: Lego Server
age: 2
etag: W/"64755f87-7567"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000
x-nws-log-uuid: 14659444128859647095
accept-ranges: bytes
content-length: 7999
expires: Thu, 29 Jun 2023 02:33:53 GMT

GET
H2 200 8229-a3ffb213d38ea4b85bad.js Show response
s.isanook.com/sr/0/_next/static/chunks/ Frame 6010 29 KB
7 KB 136ms
132ms Script
application/javascript 43.152.44.81
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to

Full URL: https://s.isanook.com/sr/0/_next/static/chunks/8229-a3ffb213d38ea4b85bad.js
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/video/embed/clip/1537276/?playerType=video-js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 43.152.44.81 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: Lego Server /
Resource Hash: 0b93fcce3e4ed4086f6f2e19b753dfd7f9e48213ddba0ab5b8c9dfb2dc862ae0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 05:18:57 GMT
content-encoding: gzip
x-cache-lookup: Cache Hit
last-modified: Wed, 31 May 2023 10:37:52 GMT
server: Lego Server
age: 0
etag: W/"64772380-7506"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000, s-maxage=10
x-nws-log-uuid: 8566150747746501165
accept-ranges: bytes
content-length: 6889
expires: Wed, 05 Jul 2023 05:18:57 GMT

GET
H2 200 9669-b56602280eb9384c191d.js Show response
s.isanook.com/sr/0/_next/static/chunks/ Frame 6010 13 KB
5 KB 137ms
132ms Script
application/javascript 43.152.44.81
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to

Full URL: https://s.isanook.com/sr/0/_next/static/chunks/9669-b56602280eb9384c191d.js
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/video/embed/clip/1537276/?playerType=video-js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 43.152.44.81 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: Lego Server /
Resource Hash: 9cd0cf9358f6d9ef9aecc29466faba4f8f2f5b9a79f03be60e6b220558fd4340

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Jun 2023 03:46:46 GMT
content-encoding: gzip
x-cache-lookup: Cache Hit
last-modified: Tue, 27 Jun 2023 02:29:35 GMT
server: Lego Server
age: 2287173
etag: W/"649a498f-35e2"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000, s-maxage=10
x-nws-log-uuid: 16655439891772216169
accept-ranges: bytes
content-length: 4715
expires: Tue, 27 Jun 2023 03:46:47 GMT

GET
H2 200 1354-e6e263fd45386d27bc3d.js Show response
s.isanook.com/sr/0/_next/static/chunks/ Frame 6010 50 KB
17 KB 186ms
182ms Script
application/javascript 43.152.44.81
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to

Full URL: https://s.isanook.com/sr/0/_next/static/chunks/1354-e6e263fd45386d27bc3d.js
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/video/embed/clip/1537276/?playerType=video-js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 43.152.44.81 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: Lego Server /
Resource Hash: 6110bd3d72d24a65ab45401d0318208e362f323aca3c84d57a36523d34a60f0b

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Jun 2023 00:45:24 GMT
content-encoding: gzip
x-cache-lookup: Cache Hit
last-modified: Fri, 23 Jun 2023 02:33:35 GMT
server: Lego Server
age: 0
etag: W/"6495047f-c680"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000, s-maxage=10
x-nws-log-uuid: 13709037219687199482
accept-ranges: bytes
content-length: 17204
expires: Thu, 27 Jul 2023 00:45:24 GMT

GET
H2 200 2962-603a28e62dde6ed2aedb.js Show response
s.isanook.com/sr/0/_next/static/chunks/ Frame 6010 12 KB
3 KB 186ms
181ms Script
application/javascript 43.152.44.81
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to

Full URL: https://s.isanook.com/sr/0/_next/static/chunks/2962-603a28e62dde6ed2aedb.js
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/video/embed/clip/1537276/?playerType=video-js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 43.152.44.81 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: Lego Server /
Resource Hash: 39a9767a33fe8b9d31f24bb9f29f98152c9f738a1bf59539cfd87285d30be231

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 11 Jun 2023 04:46:43 GMT
content-encoding: gzip
x-cache-lookup: Cache Hit
last-modified: Wed, 17 May 2023 04:20:35 GMT
server: Lego Server
age: 2137204
etag: W/"64645613-2ebe"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000
x-nws-log-uuid: 12042080784932322649
accept-ranges: bytes
content-length: 2807
expires: Fri, 16 Jun 2023 11:06:41 GMT

GET
H2 200 9047-2d652cafc35943e20d62.js Show response
s.isanook.com/sr/0/_next/static/chunks/ Frame 6010 14 KB
5 KB 186ms
182ms Script
application/javascript 43.152.44.81
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to

Full URL: https://s.isanook.com/sr/0/_next/static/chunks/9047-2d652cafc35943e20d62.js
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/video/embed/clip/1537276/?playerType=video-js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 43.152.44.81 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: Lego Server /
Resource Hash: 50242617945a6f6a36fe2fd68afa582d0b765e127a17bfe46487e5cc3970bb18

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 12 Jun 2023 14:35:03 GMT
content-encoding: gzip
x-cache-lookup: Cache Hit
last-modified: Mon, 12 Jun 2023 09:36:42 GMT
server: Lego Server
age: 0
etag: W/"6486e72a-38a5"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000, s-maxage=10
x-nws-log-uuid: 5270735675780226096
accept-ranges: bytes
content-length: 4475
expires: Wed, 12 Jul 2023 14:35:03 GMT

GET
H2 200 3253-079293c535abc2a452b6.js Show response
s.isanook.com/sr/0/_next/static/chunks/ Frame 6010 22 KB
7 KB 186ms
182ms Script
application/javascript 43.152.44.81
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to

Full URL: https://s.isanook.com/sr/0/_next/static/chunks/3253-079293c535abc2a452b6.js
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/video/embed/clip/1537276/?playerType=video-js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 43.152.44.81 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: Lego Server /
Resource Hash: 3c306814caff0bcd34236c2f17695012ea796e2e7d0d1506ec323773f70596b8

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 09 Jun 2023 05:57:45 GMT
content-encoding: gzip
x-cache-lookup: Cache Hit
last-modified: Fri, 19 May 2023 10:42:40 GMT
server: Lego Server
age: 1589139
etag: W/"646752a0-57ad"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000
x-nws-log-uuid: 3076558952254357618
accept-ranges: bytes
content-length: 6481
expires: Tue, 20 Jun 2023 20:32:07 GMT

GET
H2 200 1350-ccbe2b949cfdea577ff1.js Show response
s.isanook.com/sr/0/_next/static/chunks/ Frame 6010 14 KB
5 KB 190ms
186ms Script
application/javascript 43.152.44.81
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to

Full URL: https://s.isanook.com/sr/0/_next/static/chunks/1350-ccbe2b949cfdea577ff1.js
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/video/embed/clip/1537276/?playerType=video-js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 43.152.44.81 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: Lego Server /
Resource Hash: 7492395fef5caac2500eb07ba8dbc30c0fa593fe2db43e89db33dc0d3af70e41

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 10 Jun 2023 09:51:08 GMT
content-encoding: gzip
x-cache-lookup: Cache Hit
last-modified: Fri, 09 Jun 2023 10:07:26 GMT
server: Lego Server
age: 0
etag: W/"6482f9de-3614"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000, s-maxage=10
x-nws-log-uuid: 3580658807683578627
accept-ranges: bytes
content-length: 4649
expires: Mon, 10 Jul 2023 09:51:08 GMT

GET
H2 200 391-d65bd606af1dec261c9c.js Show response
s.isanook.com/sr/0/_next/static/chunks/ Frame 6010 14 KB
5 KB 187ms
183ms Script
application/javascript 43.152.44.81
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to

Full URL: https://s.isanook.com/sr/0/_next/static/chunks/391-d65bd606af1dec261c9c.js
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/video/embed/clip/1537276/?playerType=video-js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 43.152.44.81 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: Lego Server /
Resource Hash: 3c78f30eae1c546abce28fb3253e8e32612aa206d67c02049b35506691a77ec7

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 11 Jun 2023 02:14:57 GMT
content-encoding: gzip
x-cache-lookup: Cache Hit
last-modified: Fri, 09 Jun 2023 10:07:26 GMT
server: Lego Server
age: 0
etag: W/"6482f9de-385d"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000, s-maxage=10
x-nws-log-uuid: 13643245482670886646
accept-ranges: bytes
content-length: 5053
expires: Tue, 11 Jul 2023 02:14:57 GMT

GET
H2 200 2930-e57bfc69aee05a2179a5.js Show response
s.isanook.com/sr/0/_next/static/chunks/ Frame 6010 204 KB
27 KB 187ms
183ms Script
application/javascript 43.152.44.81
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to

Full URL: https://s.isanook.com/sr/0/_next/static/chunks/2930-e57bfc69aee05a2179a5.js
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/video/embed/clip/1537276/?playerType=video-js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 43.152.44.81 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: Lego Server /
Resource Hash: 55bbfc861e7a701243f51f7e35b254b20ec854f162f6f9d37e68a75f90dfcbc8

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 07:30:52 GMT
content-encoding: gzip
x-cache-lookup: Cache Hit
x-original-content-length: 209275
server: Lego Server
age: 1
etag: W/"6492a402-3317b"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-nws-log-uuid: 6128866816179903448
accept-ranges: bytes
content-length: 27887
expires: Fri, 21 Jul 2023 07:28:20 GMT

GET
H2 200 2996-02c93ea9f8ef187330a7.js Show response
s.isanook.com/sr/0/_next/static/chunks/ Frame 6010 92 KB
17 KB 186ms
183ms Script
application/javascript 43.152.44.81
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to

Full URL: https://s.isanook.com/sr/0/_next/static/chunks/2996-02c93ea9f8ef187330a7.js
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/video/embed/clip/1537276/?playerType=video-js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 43.152.44.81 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: Lego Server /
Resource Hash: 535499bf25b6a149637ce611286da6239dee803fda1191102371595c8d23d63e

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 12 Jun 2023 14:35:06 GMT
content-encoding: gzip
x-cache-lookup: Cache Hit
last-modified: Mon, 12 Jun 2023 09:36:42 GMT
server: Lego Server
age: 0
etag: "6486e72a-16f46"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000
x-nws-log-uuid: 17254034603461593775
accept-ranges: bytes
content-length: 16728
expires: Wed, 12 Jul 2023 14:35:06 GMT

GET
H2 200 7263-9483e4dd3cfab9dcfac3.js Show response
s.isanook.com/sr/0/_next/static/chunks/ Frame 6010 197 KB
43 KB 185ms
182ms Script
application/javascript 43.152.44.81
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to

Full URL: https://s.isanook.com/sr/0/_next/static/chunks/7263-9483e4dd3cfab9dcfac3.js
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/video/embed/clip/1537276/?playerType=video-js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 43.152.44.81 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: Lego Server /
Resource Hash: 2d7ffcc5150251cee54325976f95f3b844dd7ac7970eee86552ee9382a1a8fa8

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 03:23:22 GMT
content-encoding: gzip
x-cache-lookup: Cache Hit
last-modified: Wed, 28 Jun 2023 02:31:33 GMT
server: Lego Server
age: 0
etag: W/"649b9b85-31365"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000, s-maxage=10
x-nws-log-uuid: 6346133688255072099
accept-ranges: bytes
content-length: 44180
expires: Wed, 28 Jun 2023 03:23:33 GMT

GET
H2 200 3316-c2db2abb0c275a7040e2.js Show response
s.isanook.com/sr/0/_next/static/chunks/ Frame 6010 18 KB
5 KB 185ms
182ms Script
application/javascript 43.152.44.81
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to

Full URL: https://s.isanook.com/sr/0/_next/static/chunks/3316-c2db2abb0c275a7040e2.js
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/video/embed/clip/1537276/?playerType=video-js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 43.152.44.81 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: Lego Server /
Resource Hash: d38961bd0b1ca21df559b911d10e02450f663398373f3e6ac76eb31809b5b75e

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Jun 2023 23:04:39 GMT
content-encoding: gzip
x-cache-lookup: Cache Hit
last-modified: Fri, 23 Jun 2023 02:33:36 GMT
server: Lego Server
age: 50354
etag: W/"64950480-4663"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000, s-maxage=10
x-nws-log-uuid: 11426618158215156554
accept-ranges: bytes
content-length: 4488
expires: Wed, 26 Jul 2023 23:04:39 GMT

GET
H2 200 8817-667afea6b4063b7df2e9.js Show response
s.isanook.com/sr/0/_next/static/chunks/ Frame 6010 14 KB
4 KB 186ms
182ms Script
application/javascript 43.152.44.81
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to

Full URL: https://s.isanook.com/sr/0/_next/static/chunks/8817-667afea6b4063b7df2e9.js
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/video/embed/clip/1537276/?playerType=video-js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 43.152.44.81 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: Lego Server /
Resource Hash: 991b8b544ad11ad8176e3fc1287058425715839ab4c534e61bdc4cd882ea2fee

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Jun 2023 06:29:02 GMT
content-encoding: gzip
x-cache-lookup: Cache Hit
x-original-content-length: 14499
server: Lego Server
age: 0
etag: W/"64880b39-38a3"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-nws-log-uuid: 2353114984571495189
accept-ranges: bytes
content-length: 3848
expires: Thu, 13 Jul 2023 06:29:02 GMT

GET
H2 200 695-62c72b2d35df86fa20fb.js Show response
s.isanook.com/sr/0/_next/static/chunks/ Frame 6010 16 KB
5 KB 190ms
187ms Script
application/javascript 43.152.44.81
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to

Full URL: https://s.isanook.com/sr/0/_next/static/chunks/695-62c72b2d35df86fa20fb.js
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/video/embed/clip/1537276/?playerType=video-js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 43.152.44.81 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: Lego Server /
Resource Hash: 7f68ee2786c79a1fa01d4a0f41300e20597ae64bb3604fa6441b594ab9ad3353

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 07:28:23 GMT
content-encoding: gzip
x-cache-lookup: Cache Hit
x-original-content-length: 16640
server: Lego Server
age: 0
etag: W/"6492a402-4100"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-nws-log-uuid: 1100446470692180946
accept-ranges: bytes
content-length: 5237
expires: Fri, 21 Jul 2023 07:28:23 GMT

GET
H2 200 embed-video-detail-06cfcb98b228afc031c7.js Show response
s.isanook.com/sr/0/_next/static/chunks/pages/channels/video/ Frame 6010 10 KB
4 KB 189ms
186ms Script
application/javascript 43.152.44.81
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to

Full URL: https://s.isanook.com/sr/0/_next/static/chunks/pages/channels/video/embed-video-detail-06cfcb98b228afc031c7.js
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/video/embed/clip/1537276/?playerType=video-js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 43.152.44.81 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: Lego Server /
Resource Hash: 5834100b74df5b33141bade07e3c6cc1de333768ad6dfe8f11504c01523d7e94

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 07:28:23 GMT
content-encoding: gzip
x-cache-lookup: Cache Hit
x-original-content-length: 10601
server: Lego Server
age: 0
etag: W/"6492a403-2969"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-nws-log-uuid: 11087270323933589360
accept-ranges: bytes
content-length: 3733
expires: Fri, 21 Jul 2023 07:28:23 GMT

GET
H2 200 _buildManifest.js Show response
s.isanook.com/sr/0/_next/static/Fd6S4s2m299Jv9sKCK_yd/ Frame 6010 22 KB
6 KB 186ms
183ms Script
application/javascript 43.152.44.81
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to

Full URL: https://s.isanook.com/sr/0/_next/static/Fd6S4s2m299Jv9sKCK_yd/_buildManifest.js
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/video/embed/clip/1537276/?playerType=video-js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 43.152.44.81 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: Lego Server /
Resource Hash: c37abd9dc04c7337013980a8b65c81aa00207cbc8197aa136263684f1ca37233

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 03:23:22 GMT
content-encoding: gzip
x-cache-lookup: Cache Hit
last-modified: Wed, 28 Jun 2023 02:31:33 GMT
server: Lego Server
age: 0
etag: W/"649b9b85-58a1"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000, s-maxage=10
x-nws-log-uuid: 8622862543041502452
accept-ranges: bytes
content-length: 6213
expires: Fri, 28 Jul 2023 03:23:22 GMT

GET
H2 200 _ssgManifest.js Show response
s.isanook.com/sr/0/_next/static/Fd6S4s2m299Jv9sKCK_yd/ Frame 6010 77 B
321 B 190ms
187ms Script
application/javascript 43.152.44.81
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to

Full URL: https://s.isanook.com/sr/0/_next/static/Fd6S4s2m299Jv9sKCK_yd/_ssgManifest.js
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/video/embed/clip/1537276/?playerType=video-js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 43.152.44.81 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: Lego Server /
Resource Hash: 6f5b4aa00d2f8d6aed9935b471806bf7acef464d0c1d390260e5fe27f800c67e

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 03:23:22 GMT
x-cache-lookup: Cache Hit
last-modified: Wed, 28 Jun 2023 02:31:33 GMT
server: Lego Server
age: 0
etag: "649b9b85-4d"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000, s-maxage=10
x-nws-log-uuid: 3210106752843912356
accept-ranges: bytes
content-length: 77
expires: Fri, 28 Jul 2023 03:23:22 GMT

GET
H2 200 spacer.gif
p3.isanook.com/sh/0/di/ac/vl/ Frame 6010 43 B
220 B 193ms
191ms Image
image/gif 43.152.44.81
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p3.isanook.com/sh/0/di/ac/vl/spacer.gif
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/video/embed/clip/1537276/?playerType=video-js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 43.152.44.81 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: Lego Server /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Jun 2023 01:56:59 GMT
x-cache-lookup: Cache Hit
last-modified: Tue, 08 Feb 2011 09:07:23 GMT
server: Lego Server
age: 0
etag: "4d5107cb-2b"
vary: Accept-Encoding
content-type: image/gif
cache-control: max-age=2592000, s-maxage=10
x-nws-log-uuid: 12518464971534290030
accept-ranges: bytes
content-length: 43
expires: Sat, 08 Jul 2023 01:56:59 GMT

GET
H2 200 oppa.js Show response
p3.isanook.com/sh/0/js/ Frame 6010 537 B
551 B 189ms
186ms Script
application/javascript 43.152.44.81
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to

Full URL: https://p3.isanook.com/sh/0/js/oppa.js
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/video/embed/clip/1537276/?playerType=video-js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 43.152.44.81 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: Lego Server /
Resource Hash: 8d9ca9a070463bcbe29e90af7f3b2aff78adce09eb1481d5b261af72ef998f28

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 10 Jun 2023 07:15:33 GMT
content-encoding: gzip
x-cache-lookup: Cache Hit
last-modified: Wed, 17 May 2017 08:37:40 GMT
server: Lego Server
age: 0
etag: "591c0bd4-219"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000, s-maxage=10
x-nws-log-uuid: 4167773729449048584
accept-ranges: bytes
content-length: 363
expires: Mon, 10 Jul 2023 07:15:33 GMT

GET
H2 200 db04b7e80825ebbe7211052ca9638d056f74acc8-1.11.0.js Show response
s.isanook.com/sr/0/js/izooto/ Frame 6010 209 KB
54 KB 189ms
187ms Script
application/javascript 43.152.44.81
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to

Full URL: https://s.isanook.com/sr/0/js/izooto/db04b7e80825ebbe7211052ca9638d056f74acc8-1.11.0.js
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/video/embed/clip/1537276/?playerType=video-js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 43.152.44.81 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: Lego Server /
Resource Hash: 04739cdd0a9f88f3ceac9851166b8376d4d10cc38cff7f92edc30d5e298d11b1

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 09 Jun 2023 04:56:35 GMT
content-encoding: gzip
x-cache-lookup: Cache Hit
x-original-content-length: 214388
server: Lego Server
age: 1965006
etag: W/"64645631-34574"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000
x-nws-log-uuid: 16030328150812332647
accept-ranges: bytes
content-length: 54927
expires: Fri, 16 Jun 2023 11:01:25 GMT

GET
H3 200 gtm.js Show response
www.googletagmanager.com/ Frame 6010 225 KB
73 KB 150ms
149ms Script
application/javascript 142.250.185.168
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-PNXLXRS

Requested by

Host: www.sanook.com
URL: https://www.sanook.com/video/embed/clip/1537276/?playerType=video-js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.168 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

4da184569357566a9c9ed2eb6c8e143f4bef95e9ac567d72df5e31ee47d2b351

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 05:03:22 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 74580
x-xss-protection: 0
last-modified: Wed, 28 Jun 2023 03:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 28 Jun 2023 05:03:22 GMT

GET
H/1.1 200
OK a102.js Show response
sal.isanook.com/js/ Frame 6010 23 KB
24 KB 312ms
311ms Script
application/javascript 61.91.94.165
TRUEINTERNET-AS-A...

General

Check archive.org

Show headers Download Go to

Full URL: https://sal.isanook.com/js/a102.js
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/video/embed/clip/1537276/?playerType=video-js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 61.91.94.165 Bangkok, Thailand, ASN7470 (TRUEINTERNET-AS-AP TRUE INTERNET Co.,Ltd., TH),
Reverse DNS: 61-91-94-165.static.asianet.co.th
Software: nginx /
Resource Hash: 65a2c51a124c9c70ba2658a101e28c00535c64651897577b2ed90693e9aeabd4

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 28 Jun 2023 05:03:22 GMT
Last-Modified: Mon, 10 Aug 2020 09:23:14 GMT
Server: nginx
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 24035
Expires: Fri, 28 Jul 2023 05:03:22 GMT

GET
H3 200 fbevents.js Show response
connect.facebook.net/en_US/ Frame 6010 170 KB
46 KB 136ms
134ms Script
application/x-javascript 157.240.251.9
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.sanook.com
URL: https://www.sanook.com/video/embed/clip/1537276/?playerType=video-js

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.251.9 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-fra5.fbcdn.net

Software

Resource Hash

ab8666c9c5f434bb652bf6ee88cb6ff9e51b120c0c38648fd3352168bcb96dae

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Wed, 28 Jun 2023 05:03:22 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 46730
x-xss-protection: 0
pragma: public
x-fb-debug: 4caDmrOzgavNYdR14V9iWPEMpLJxhE2U+AHWpFgXEhji/FLXS+pPmnJRiaEpqMfIufCzMBFVe8bRk/Y/6Z/FCg==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 UQEWgAUyr7Z.js Show response
static.xx.fbcdn.net/rsrc.php/v3iEpO4/yl/l/en_US/ Frame 2EBE 517 KB
134 KB 132ms
131ms Script
application/x-javascript 157.240.251.9
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3iEpO4/yl/l/en_US/UQEWgAUyr7Z.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/v2.9/plugins/like.php?action=like&app_id=1675028022749749&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3fd02278eaba9%26domain%3Dwww.sanook.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.sanook.com%252Ff7ab130de26838%26relation%3Dparent.parent&color_scheme=light&container_width=270&href=https%3A%2F%2Fwww.facebook.com%2Fsanookwomen%2F&layout=standard&locale=en_US&sdk=joey&share=false&show_faces=true&size=small&width=270

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

157.240.251.9 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-fra5.fbcdn.net

Software

Resource Hash

21a1f91c8fc410da7a83086287557260103aec19581bdc9b8331243779367451

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 05:03:22 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: L0DhG8QBDrD/kKTObD8rvw==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 136539
x-fb-debug: VDKeYhEY6kOQ861/yhLFdTnilJ6/cmxj74f8i6hkMP7EKdPCw2IZh8TvebQ9rQNXW3qVjMrPCrSw6h2tbF3+xQ==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
expires: Wed, 26 Jun 2024 03:20:15 GMT

GET
H2 200 FEppCFCt76d.png
static.xx.fbcdn.net/rsrc.php/v3/yD/r/ Frame 2EBE 299 B
575 B 131ms
130ms Image
image/png 157.240.251.9
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yD/r/FEppCFCt76d.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

157.240.251.9 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-fra5.fbcdn.net

Software

Resource Hash

d65f4b2e8eee94ddc7f762d098de19558d879a3b597c8913b4d075532e3ed4b4

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 05:03:22 GMT
x-content-type-options: nosniff
content-md5: OIlAxCmR79nrM/Ez4ygGlg==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 299
x-fb-debug: ic88XuOJtGkNz7JR1RYJ+/0Or9Cd3Jkxw8ha1Zq5u8+20e7YKcz26wkrACXrlssewZLN8ZIzbvgz7Ibtpl2jUQ==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
content-type: image/png
access-control-allow-origin: *
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
expires: Thu, 20 Jun 2024 22:19:58 GMT

GET
H2 200 pwt.js Show response
ads.pubmatic.com/AdServer/js/pwt/155976/781/ Frame 6010 2 MB
238 KB 129ms
129ms Script
application/javascript 23.32.184.192
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js
Requested by: Host: s.isanook.com
URL: https://s.isanook.com/sh/0/js/pubmatic_desktop.1.0.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.32.184.192 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-32-184-192.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 90dc8ea5f4689b21cfb8a0a192e3e017aa6d81ba6eaa93d00b17db3efcbd4121

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 05:03:22 GMT
content-encoding: gzip
last-modified: Tue, 30 May 2023 09:15:23 GMT
server: Apache
vary: Accept-Encoding
content-type: application/javascript
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: max-age=27584
accept-ranges: bytes
content-length: 243421
expires: Wed, 28 Jun 2023 12:43:06 GMT

GET
H2 200 beacon.js Show response
sb.scorecardresearch.com/ Frame 6010 4 KB
2 KB 132ms
132ms Script
application/javascript 13.32.99.90
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/beacon.js
Requested by: Host: p3.isanook.com
URL: https://p3.isanook.com/sh/0/js/beacon.v1.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-90.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 1aee66e2e24e851039801c0dace90f3efb7a1a17b033f7d5bbc12ca7c1d19432

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 01:20:22 GMT
content-encoding: gzip
via: 1.1 b43c04a791e8dcb8ddb6bb0847fcf95a.cloudfront.net (CloudFront)
last-modified: Thu, 09 Mar 2023 09:22:40 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P3
age: 13381
x-amz-server-side-encryption: AES256
etag: W/"a06e7a176f40dc26aa5e9567ac9d2d5e"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=86400
x-amz-cf-id: YgNiiK-RFLqM_UZPKSAjPBP9alTMX4Jmdav4u3B98CzwqsVbyA5E7w==

GET
H2 200 hub.html Show response
p3.isanook.com/jo/0/mu/evt/_cross_storage/ex/ Frame FFD2 236 B
359 B 1531ms
1531ms Document
text/html 43.152.44.81
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to

Full URL: https://p3.isanook.com/jo/0/mu/evt/_cross_storage/ex/hub.html
Requested by: Host: s.isanook.com
URL: https://s.isanook.com/sr/0/_next/static/chunks/pages/_app-dd35ddff6c3a8a09f528.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 43.152.44.81 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: Lego Server /
Resource Hash: 076d24cbdcf9e0597833fef55d3dca79e6b5fd281e45d85957bea5925473bc6c

Request headers

Referer: https://www.sanook.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: ka-GE,ka;q=0.9

Response headers

accept-ranges: bytes
age: 0
cache-control: no-cache, max-age=0
content-encoding: gzip
content-type: text/html
date: Wed, 28 Jun 2023 05:03:24 GMT
server: Lego Server
vary: Accept-Encoding
x-cache-lookup: Cache Miss Cache Miss
x-nws-log-uuid: 335792796115692032
x-page-speed: 1.13.35.2-0

GET
H2 200 6066-d50250a536141f89d39a.js Show response
s.isanook.com/sr/0/_next/static/chunks/ Frame 6010 37 KB
10 KB 130ms
130ms Script
application/javascript 43.152.44.81
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to

Full URL: https://s.isanook.com/sr/0/_next/static/chunks/6066-d50250a536141f89d39a.js
Requested by: Host: s.isanook.com
URL: https://s.isanook.com/sr/0/_next/static/chunks/webpack-c785922bccc4816522cc.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 43.152.44.81 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: Lego Server /
Resource Hash: 12c77ac611a4332b163f12367043df571ad45e56537880d12235f9aa3376e777

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Jun 2023 07:29:09 GMT
content-encoding: gzip
x-cache-lookup: Cache Hit
last-modified: Tue, 13 Jun 2023 06:22:49 GMT
server: Lego Server
age: 0
etag: W/"64880b39-95e4"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000, s-maxage=10
x-nws-log-uuid: 17883245861079045096
accept-ranges: bytes
content-length: 9981
expires: Thu, 13 Jul 2023 07:29:09 GMT

GET
H2 200 905ababb31917acf0113.css
s.isanook.com/sr/0/_next/static/css/ Frame 6010 47 KB
13 KB 132ms
131ms Stylesheet
text/css 43.152.44.81
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to

Full URL: https://s.isanook.com/sr/0/_next/static/css/905ababb31917acf0113.css
Requested by: Host: s.isanook.com
URL: https://s.isanook.com/sr/0/_next/static/chunks/webpack-c785922bccc4816522cc.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 43.152.44.81 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: Lego Server /
Resource Hash: 6573600e0b8e8846b336b6bdd25cf29487f066ed5960befe0a17e9a1d74e6081

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 07:31:36 GMT
content-encoding: gzip
x-cache-lookup: Cache Hit
last-modified: Wed, 21 Jun 2023 07:17:23 GMT
server: Lego Server
age: 0
etag: W/"6492a403-bc92"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=2592000
x-nws-log-uuid: 658091064318223632
accept-ranges: bytes
content-length: 13298
expires: Fri, 21 Jul 2023 07:31:36 GMT

GET
H2 200 165-175f1657a2ec88c9f4dd.js Show response
s.isanook.com/sr/0/_next/static/chunks/ Frame 6010 19 KB
5 KB 132ms
132ms Script
application/javascript 43.152.44.81
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to

Full URL: https://s.isanook.com/sr/0/_next/static/chunks/165-175f1657a2ec88c9f4dd.js
Requested by: Host: s.isanook.com
URL: https://s.isanook.com/sr/0/_next/static/chunks/webpack-c785922bccc4816522cc.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 43.152.44.81 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: Lego Server /
Resource Hash: 6f2e467708bf33042629c5ea99418aeb1c3026a41851f320d6dd309c26b667ed

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 07:28:24 GMT
content-encoding: gzip
x-cache-lookup: Cache Hit
x-original-content-length: 19705
server: Lego Server
age: 0
etag: W/"6492a401-4cf9"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000
x-nws-log-uuid: 629258535088353594
accept-ranges: bytes
content-length: 5113
expires: Fri, 21 Jul 2023 07:28:24 GMT

GET
H2 200 741.14cc4ed0facf93e50925.js Show response
s.isanook.com/sr/0/_next/static/chunks/ Frame 6010 16 KB
6 KB 132ms
131ms Script
application/javascript 43.152.44.81
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to

Full URL: https://s.isanook.com/sr/0/_next/static/chunks/741.14cc4ed0facf93e50925.js
Requested by: Host: s.isanook.com
URL: https://s.isanook.com/sr/0/_next/static/chunks/webpack-c785922bccc4816522cc.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 43.152.44.81 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: Lego Server /
Resource Hash: 5254ef619ea505e932d4cd0a9a1e4bb2b9520dfde31099e8427b491b3b9dad87

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 07:31:36 GMT
content-encoding: gzip
x-cache-lookup: Cache Hit
last-modified: Wed, 21 Jun 2023 07:17:23 GMT
server: Lego Server
age: 0
etag: W/"6492a403-3e5c"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000, s-maxage=10
x-nws-log-uuid: 8183262256526738097
accept-ranges: bytes
content-length: 5627
expires: Fri, 21 Jul 2023 07:31:36 GMT

GET
H/1.1 200
OK dc-script-v2.min.js Show response
sal.isanook.com/dc/ Frame 6010 25 KB
25 KB 556ms
555ms Script
application/javascript 61.91.94.165
TRUEINTERNET-AS-A...

General

Check archive.org

Show headers Download Go to

Full URL: https://sal.isanook.com/dc/dc-script-v2.min.js
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/women/220941/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 61.91.94.165 Bangkok, Thailand, ASN7470 (TRUEINTERNET-AS-AP TRUE INTERNET Co.,Ltd., TH),
Reverse DNS: 61-91-94-165.static.asianet.co.th
Software: nginx /
Resource Hash: 3742d5b28f7d0667a9e788a9a6867410194c116b62d93bcd6d256dad386189ad

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 28 Jun 2023 05:03:22 GMT
Last-Modified: Mon, 16 Nov 2020 11:46:30 GMT
Server: nginx
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 25278
Expires: Fri, 28 Jul 2023 05:03:22 GMT

GET
H/1.1 200
OK container_57b51f2f1c51b15b6d1e8553.js Show response
avd.innity.net/225/ Frame 6010 8 KB
4 KB 147ms
147ms Script
application/javascript 184.28.181.176
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://avd.innity.net/225/container_57b51f2f1c51b15b6d1e8553.js
Requested by: Host: p3.isanook.com
URL: https://p3.isanook.com/sh/0/js/oppa.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 184.28.181.176 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-28-181-176.deploy.static.akamaitechnologies.com
Software: nginx/1.20.2 /
Resource Hash: 79e294a7071dc71eebe41f088919fd137441a80f5ba5bd2765b978726ec5ee9d

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 28 Jun 2023 05:03:22 GMT
Content-Encoding: gzip
Last-Modified: Fri, 28 Aug 2020 08:27:45 GMT
Server: nginx/1.20.2
ETag: "5f48c001-20eb-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: public, max-age=503985
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3222
Expires: Tue, 04 Jul 2023 01:03:07 GMT

GET
H3 200 1489944661112333 Show response
connect.facebook.net/signals/config/ Frame 6010 300 KB
86 KB 141ms
139ms Script
application/x-javascript 157.240.251.9
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1489944661112333?v=2.9.109&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.251.9 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-fra5.fbcdn.net

Software

Resource Hash

4475158a6db4d9f6acb7ff044c9ab87b433707a49404ca74e9806950bb565e3f

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Wed, 28 Jun 2023 05:03:22 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 88177
x-xss-protection: 0
pragma: public
x-fb-debug: StROaptgd+DDk/ywMS7EevZFXnj/TxSNO1FbvVBkiqHn43Jmlx1gQqF5wCwDtm588Hye/8EF94jX/x1ox+IjmA==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H2 204 cdb Show response
bidder.criteo.com/ 0
193 B 438ms
143ms XHR
text/plain 178.250.1.8
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?ptv=137&profileId=184&cb=35128363585

Requested by

Host: www.sanook.com
URL: https://www.sanook.com/women/220941/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.8 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://www.sanook.com/
accept-language: ka-GE,ka;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://www.sanook.com
date: Wed, 28 Jun 2023 05:03:23 GMT
strict-transport-security: max-age=31536000; preload;
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
server: Kestrel
vary: Origin

POST
H2 204 cdb Show response
bidder.criteo.com/ 0
192 B 436ms
144ms XHR
text/plain 178.250.1.8
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?ptv=137&profileId=184&cb=1399296544

Requested by

Host: www.sanook.com
URL: https://www.sanook.com/women/220941/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.8 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://www.sanook.com/
accept-language: ka-GE,ka;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://www.sanook.com
date: Wed, 28 Jun 2023 05:03:22 GMT
strict-transport-security: max-age=31536000; preload;
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
server: Kestrel
vary: Origin

POST
H2 204 cdb Show response
bidder.criteo.com/ 0
192 B 435ms
145ms XHR
text/plain 178.250.1.8
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?ptv=137&profileId=184&cb=1004129813

Requested by

Host: www.sanook.com
URL: https://www.sanook.com/women/220941/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.8 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://www.sanook.com/
accept-language: ka-GE,ka;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://www.sanook.com
date: Wed, 28 Jun 2023 05:03:22 GMT
strict-transport-security: max-age=31536000; preload;
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
server: Kestrel
vary: Origin

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ 0
112 B 422ms
132ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=ow-client&correlator=331
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/women/220941/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.sanook.com/
accept-language: ka-GE,ka;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.sanook.com
date: Wed, 28 Jun 2023 05:03:22 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ 0
56 B 411ms
132ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=ow-client&correlator=850
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/women/220941/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.sanook.com/
accept-language: ka-GE,ka;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.sanook.com
date: Wed, 28 Jun 2023 05:03:22 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

POST
H2 204 cdb Show response
bidder.criteo.com/ 0
192 B 403ms
145ms XHR
text/plain 178.250.1.8
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?ptv=137&profileId=184&cb=61098976056

Requested by

Host: www.sanook.com
URL: https://www.sanook.com/women/220941/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.8 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://www.sanook.com/
accept-language: ka-GE,ka;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://www.sanook.com
date: Wed, 28 Jun 2023 05:03:23 GMT
strict-transport-security: max-age=31536000; preload;
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
server: Kestrel
vary: Origin

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ 0
56 B 455ms
197ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=ow-client&correlator=245
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/women/220941/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.sanook.com/
accept-language: ka-GE,ka;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.sanook.com
date: Wed, 28 Jun 2023 05:03:22 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

GET
H2 200 213794966 Show response
fundingchoicesmessages.google.com/i/ 147 KB
49 KB 445ms
168ms Script
application/javascript 142.250.181.238
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/i/213794966?ers=3

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306270101/pubads_impl.js?cb=31075705

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.238 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f14.1e100.net

Software

ESF /

Resource Hash

c4a27ee312943a0da319a5c3ffc038424873954f22bb5203a41620b2d8c44d18

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-6JPGEV8r-cX0v3B8wI5knA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 05:03:23 GMT
content-security-policy: script-src 'report-sample' 'nonce-6JPGEV8r-cX0v3B8wI5knA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 204 b
sb.scorecardresearch.com/ Frame 6010 0
319 B 131ms
131ms Image
text/plain 13.32.99.90
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b?c1=2&c2=14617386&cs_it=b9&cv=4.0.0%2B2301240627&ns__t=1687928602948&ns_c=UTF-8&ns_if=1&c7=https%3A%2F%2Fwww.sanook.com%2Fvideo%2Fembed%2Fclip%2F1537276%2F%3FplayerType%3Dvideo-js&c8=%E0%B8%94%E0%B8%B9%E0%B8%94%E0%B8%A7%E0%B8%87%E0%B8%9B%E0%B8%A3%E0%B8%B0%E0%B8%88%E0%B8%B3%E0%B8%AA%E0%B8%B1%E0%B8%9B%E0%B8%94%E0%B8%B2%E0%B8%AB%E0%B9%8C%2016-30%20%E0%B8%A1%E0%B8%B4%E0%B8%96%E0%B8%B8%E0%B8%99%E0%B8%B2%E0%B8%A2%E0%B8%99%202566%20%3AEmbed%20Video&c9=https%3A%2F%2Fwww.sanook.com%2Fwomen%2F220941%2F
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/video/embed/clip/1537276/?playerType=video-js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-90.fra60.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 05:03:23 GMT
via: 1.1 b43c04a791e8dcb8ddb6bb0847fcf95a.cloudfront.net (CloudFront)
accept-ch: UA, Platform, Arch, Model, Mobile
x-amz-cf-pop: FRA60-P3
x-amz-cf-id: 3aVNxtpAQjj4ULovXxBD_N2WoQmabmtxc07SIJj8PUzdM5rDQecuew==
x-cache: Miss from cloudfront

GET
H2 200 floors.json Show response
ads.pubmatic.com/AdServer/js/pwt/floors/155976/781/ Frame 6010 5 KB
980 B 132ms
131ms XHR
application/json 23.32.184.192
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/pwt/floors/155976/781/floors.json
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/video/embed/clip/1537276/?playerType=video-js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.32.184.192 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-32-184-192.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: fec1885fb0d6f6e49a8e02f66262fc9b7ce3b52a54d24c4574a6ce90d4cb4879

Request headers

Referer: https://www.sanook.com/
accept-language: ka-GE,ka;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 28 Jun 2023 05:03:23 GMT
content-encoding: gzip
last-modified: Tue, 27 Jun 2023 02:34:44 GMT
server: Apache
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
access-control-allow-origin: *
content-type: application/json
cache-control: max-age=77472
access-control-allow-credentials: true
accept-ranges: bytes
content-length: 578
expires: Thu, 29 Jun 2023 02:34:35 GMT

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ Frame 6010 85 KB
27 KB 211ms
211ms Script
text/javascript 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: s.isanook.com
URL: https://s.isanook.com/sh/0/js/pubmatic_desktop.1.0.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

4c3eda48e1bef3d279a49a60e5c561301b795d120557aaa8505501d81c8bce8d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 05:03:23 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 27626
x-xss-protection: 0
server: cafe
etag: 87 / 19536 / m202306220101 / config-hash: 13728557897118412599
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Wed, 28 Jun 2023 05:03:23 GMT

GET
H2 200 optimize.js Show response
www.googleoptimize.com/ Frame 6010 125 KB
48 KB 139ms
139ms Script
application/javascript 172.217.16.206
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleoptimize.com/optimize.js?id=GTM-NBRLWV4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PNXLXRS

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.206 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s65-in-f14.1e100.net

Software

Google Tag Manager /

Resource Hash

9163a6cffabb323a25f6d9ce6806368972f8f17a88ec4ba9e5aa0a92d5fa4fc2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 05:03:23 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 49346
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 28 Jun 2023 05:03:23 GMT

GET
H2 200 / Show response
www.googleadservices.com/pagead/conversion/1007499765/ Frame 6010 3 KB
2 KB 140ms
138ms Script
text/javascript 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion/1007499765/?random=1687928603017&cv=11&fst=1687928603017&bg=ffffff&guid=ON&async=1&gtm=45He36q0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.sanook.com%2Fwomen%2F220941%2F&ref=https%3A%2F%2Fwww.sanook.com%2Fwomen%2F220941%2F&label=JxFSCKqXqfMBEPXztOAD&hn=www.googleadservices.com&frm=1&tiba=%E0%B8%94%E0%B8%B9%E0%B8%94%E0%B8%A7%E0%B8%87%E0%B8%9B%E0%B8%A3%E0%B8%B0%E0%B8%88%E0%B8%B3%E0%B8%AA%E0%B8%B1%E0%B8%9B%E0%B8%94%E0%B8%B2%E0%B8%AB%E0%B9%8C%2016-30%20%E0%B8%A1%E0%B8%B4%E0%B8%96%E0%B8%B8%E0%B8%99%E0%B8%B2%E0%B8%A2%E0%B8%99%202566%20%3AEmbed&value=0&bttype=purchase&auid=710439222.1687928599&uamb=0&uaw=0&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PNXLXRS

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

49882d4c608390a68db3bc5b2cd2ae75c71b170ff0f2763b57e87686d8bc7992

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 28 Jun 2023 05:03:23 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1704
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/408516141/ Frame 6010 3 KB
1 KB 149ms
148ms Script
text/javascript 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/408516141/?random=1687928603021&cv=11&fst=1687928603021&bg=ffffff&guid=ON&async=1&gtm=45He36q0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.sanook.com%2Fwomen%2F220941%2F&ref=https%3A%2F%2Fwww.sanook.com%2Fwomen%2F220941%2F&hn=www.googleadservices.com&frm=1&tiba=%E0%B8%94%E0%B8%B9%E0%B8%94%E0%B8%A7%E0%B8%87%E0%B8%9B%E0%B8%A3%E0%B8%B0%E0%B8%88%E0%B8%B3%E0%B8%AA%E0%B8%B1%E0%B8%9B%E0%B8%94%E0%B8%B2%E0%B8%AB%E0%B9%8C%2016-30%20%E0%B8%A1%E0%B8%B4%E0%B8%96%E0%B8%B8%E0%B8%99%E0%B8%B2%E0%B8%A2%E0%B8%99%202566%20%3AEmbed&auid=710439222.1687928599&uamb=0&uaw=0&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PNXLXRS

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s06-in-f130.1e100.net

Software

cafe /

Resource Hash

b69375931b746ba3f1efd882ecbc0ed69bda0b4eacfcbdf90c3b36fe0dc68d97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 28 Jun 2023 05:03:23 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1380
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 videojs.min.js Show response
s.isanook.com/sr/0/js/videojs-v8/ Frame 6010 545 KB
164 KB 130ms
129ms Script
application/javascript 43.152.44.81
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to

Full URL: https://s.isanook.com/sr/0/js/videojs-v8/videojs.min.js
Requested by: Host: s.isanook.com
URL: https://s.isanook.com/sr/0/_next/static/chunks/pages/_app-dd35ddff6c3a8a09f528.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 43.152.44.81 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: Lego Server /
Resource Hash: 93191b26f0c23a09a2fabf5e0d71815caab853f55f7ffd3d9b053d7703fadfec

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 07:31:36 GMT
content-encoding: gzip
x-cache-lookup: Cache Hit
last-modified: Wed, 21 Jun 2023 07:17:48 GMT
server: Lego Server
age: 0
etag: W/"6492a41c-88408"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000, s-maxage=10
x-nws-log-uuid: 7642413140903240678
accept-ranges: bytes
content-length: 167762
expires: Fri, 21 Jul 2023 07:31:36 GMT

GET
H2 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ Frame 6010 361 KB
121 KB 421ms
148ms Script
text/javascript 142.250.184.202
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: s.isanook.com
URL: https://s.isanook.com/sr/0/_next/static/chunks/pages/_app-dd35ddff6c3a8a09f528.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.202 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f10.1e100.net

Software

sffe /

Resource Hash

ed3307c62c0d78bf73af142b4c660e3257374d97385b2f50b28b1003a5c00513

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 05:03:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 123120
x-xss-protection: 0
expires: Wed, 28 Jun 2023 05:03:23 GMT

GET
H/1.1 200
OK dc.js Show response
avd.innity.net/lib/ Frame 6010 20 KB
7 KB 150ms
150ms Script
application/javascript 184.28.181.176
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://avd.innity.net/lib/dc.js
Requested by: Host: avd.innity.net
URL: https://avd.innity.net/225/container_57b51f2f1c51b15b6d1e8553.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 184.28.181.176 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-28-181-176.deploy.static.akamaitechnologies.com
Software: nginx/1.20.2 /
Resource Hash: 0014ffccade01ae1ab385b85433decef0f11f26cbe25721faa0d13bb5c0badda

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 28 Jun 2023 05:03:23 GMT
Content-Encoding: gzip
Last-Modified: Fri, 22 Oct 2021 06:40:46 GMT
Server: nginx/1.20.2
ETag: "61725cee-5149-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: public, max-age=1090231
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 6407
Expires: Mon, 10 Jul 2023 19:53:54 GMT

GET
H/1.1 200
OK container_5f47736a47e7049801000002.js Show response
avd.innity.net/261/ Frame 6010 8 KB
3 KB 131ms
131ms Script
application/javascript 184.28.181.176
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://avd.innity.net/261/container_5f47736a47e7049801000002.js
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/women/220941/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 184.28.181.176 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-28-181-176.deploy.static.akamaitechnologies.com
Software: nginx/1.20.2 /
Resource Hash: 2c3282f6361e85f669bc3d248b8693c53dd22f8f06488c99beb57258e6e00f87

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 28 Jun 2023 05:03:23 GMT
Content-Encoding: gzip
Last-Modified: Wed, 30 Sep 2020 01:58:26 GMT
Server: nginx/1.20.2
ETag: "5f73e642-1eac-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: public, max-age=1263852
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2875
Expires: Wed, 12 Jul 2023 20:07:35 GMT

GET
H3 200 /
www.facebook.com/tr/ Frame 6010 0
18 B 132ms
132ms Image
text/plain 157.240.251.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1489944661112333&ev=PageView&dl=https%3A%2F%2Fwww.sanook.com%2Fvideo%2Fembed%2Fclip%2F1537276%2F%3FplayerType%3Dvideo-js&rl=https%3A%2F%2Fwww.sanook.com%2Fwomen%2F220941%2F&if=true&ts=1687928603135&sw=1600&sh=1200&v=2.9.109&r=stable&ec=0&o=30&fbp=fb.1.1687928599267.2034102562&it=1687928602854&coo=false&rqm=GET

Requested by

Host: www.sanook.com
URL: https://www.sanook.com/video/embed/clip/1537276/?playerType=video-js

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.251.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-01-fra5.facebook.com

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Wed, 28 Jun 2023 05:03:23 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

GET
H3

200

/
www.google.ge/pagead/1p-conversion/1007499765/ Frame 6010
Redirect Chain

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1007499765/?random=1936137015&cv=11&fst=1687928603017&bg=ffffff&guid=ON&async=1&gtm=45He36q0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww...
https://www.google.com/pagead/1p-conversion/1007499765/?random=1936137015&cv=11&fst=1687928603017&bg=ffffff&guid=ON&async=1&gtm=45He36q0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.sanook.com%2Fwomen%2...
https://www.google.ge/pagead/1p-conversion/1007499765/?random=1936137015&cv=11&fst=1687928603017&bg=ffffff&guid=ON&async=1&gtm=45He36q0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.sanook.com%2Fwomen%2F...

42 B
64 B

148ms
147ms

Image
image/gif

142.250.181.227
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.ge/pagead/1p-conversion/1007499765/?random=1936137015&cv=11&fst=1687928603017&bg=ffffff&guid=ON&async=1&gtm=45He36q0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.sanook.com%2Fwomen%2F220941%2F&ref=https%3A%2F%2Fwww.sanook.com%2Fwomen%2F220941%2F&label=JxFSCKqXqfMBEPXztOAD&hn=www.googleadservices.com&frm=1&tiba=%E0%B8%94%E0%B8%B9%E0%B8%94%E0%B8%A7%E0%B8%87%E0%B8%9B%E0%B8%A3%E0%B8%B0%E0%B8%88%E0%B8%B3%E0%B8%AA%E0%B8%B1%E0%B8%9B%E0%B8%94%E0%B8%B2%E0%B8%AB%E0%B9%8C%2016-30%20%E0%B8%A1%E0%B8%B4%E0%B8%96%E0%B8%B8%E0%B8%99%E0%B8%B2%E0%B8%A2%E0%B8%99%202566%20%3AEmbed&value=0&auid=710439222.1687928599&uamb=0&uaw=0&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek5DaEVJOEpIcXBBWVExZkt5bDcyRi1MYnRBUklsQU45ZlFycFhodUNPdlRZeWpnYmpvMzhjNUZyRDJRUDMxQkx6bVoxRlh2RFlVb0FiUlEaWENoRUk4SkhxcEFZUXByaW9rYVBna3BEWkFSSXRBR0pnSjREWXVOS3BfUFdUYmRyNTc0Mm0zS3BiN1g0MHJNQ21IdW9ncllvN2U4aC1vTkJ2V2ZqVDhWMm4iEwjQq6yGmOX_AhWV0bsIHSgtB-w&is_vtc=1&ocp_id=G7-bZJCyBZWj7_UPqNqc4A4&cid=CAQSKQBygQiDbcVWndpgpTNHFAkDMFzSQG0Icx6csGy8XLm78SBZTVtWK7AL&eitems=ChEI8JHqpAYQ-u6G6J3B5NfdARIdANK3YqOQIeqkB9HyKIKkaDIYtZgPKh4ykeHBQQ0&random=2055897092&ipr=y

Requested by

Host: www.sanook.com
URL: https://www.sanook.com/video/embed/clip/1537276/?playerType=video-js

Protocol

Server

142.250.181.227 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f3.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 28 Jun 2023 05:03:23 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 28 Jun 2023 05:03:23 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://www.google.ge/pagead/1p-conversion/1007499765/?random=1936137015&cv=11&fst=1687928603017&bg=ffffff&guid=ON&async=1&gtm=45He36q0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.sanook.com%2Fwomen%2F220941%2F&ref=https%3A%2F%2Fwww.sanook.com%2Fwomen%2F220941%2F&label=JxFSCKqXqfMBEPXztOAD&hn=www.googleadservices.com&frm=1&tiba=%E0%B8%94%E0%B8%B9%E0%B8%94%E0%B8%A7%E0%B8%87%E0%B8%9B%E0%B8%A3%E0%B8%B0%E0%B8%88%E0%B8%B3%E0%B8%AA%E0%B8%B1%E0%B8%9B%E0%B8%94%E0%B8%B2%E0%B8%AB%E0%B9%8C%2016-30%20%E0%B8%A1%E0%B8%B4%E0%B8%96%E0%B8%B8%E0%B8%99%E0%B8%B2%E0%B8%A2%E0%B8%99%202566%20%3AEmbed&value=0&auid=710439222.1687928599&uamb=0&uaw=0&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek5DaEVJOEpIcXBBWVExZkt5bDcyRi1MYnRBUklsQU45ZlFycFhodUNPdlRZeWpnYmpvMzhjNUZyRDJRUDMxQkx6bVoxRlh2RFlVb0FiUlEaWENoRUk4SkhxcEFZUXByaW9rYVBna3BEWkFSSXRBR0pnSjREWXVOS3BfUFdUYmRyNTc0Mm0zS3BiN1g0MHJNQ21IdW9ncllvN2U4aC1vTkJ2V2ZqVDhWMm4iEwjQq6yGmOX_AhWV0bsIHSgtB-w&is_vtc=1&ocp_id=G7-bZJCyBZWj7_UPqNqc4A4&cid=CAQSKQBygQiDbcVWndpgpTNHFAkDMFzSQG0Icx6csGy8XLm78SBZTVtWK7AL&eitems=ChEI8JHqpAYQ-u6G6J3B5NfdARIdANK3YqOQIeqkB9HyKIKkaDIYtZgPKh4ykeHBQQ0&random=2055897092&ipr=y
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/408516141/ Frame 6010 42 B
64 B 149ms
148ms Image
image/gif 142.250.186.132
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/408516141/?random=1687928603021&cv=11&fst=1687928400000&bg=ffffff&guid=ON&async=1&gtm=45He36q0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.sanook.com%2Fwomen%2F220941%2F&ref=https%3A%2F%2Fwww.sanook.com%2Fwomen%2F220941%2F&frm=1&tiba=%E0%B8%94%E0%B8%B9%E0%B8%94%E0%B8%A7%E0%B8%87%E0%B8%9B%E0%B8%A3%E0%B8%B0%E0%B8%88%E0%B8%B3%E0%B8%AA%E0%B8%B1%E0%B8%9B%E0%B8%94%E0%B8%B2%E0%B8%AB%E0%B9%8C%2016-30%20%E0%B8%A1%E0%B8%B4%E0%B8%96%E0%B8%B8%E0%B8%99%E0%B8%B2%E0%B8%A2%E0%B8%99%202566%20%3AEmbed&fmt=3&is_vtc=1&random=1089202549&rmt_tld=0&ipr=y

Requested by

Host: www.sanook.com
URL: https://www.sanook.com/video/embed/clip/1537276/?playerType=video-js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f4.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 28 Jun 2023 05:03:23 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.ge/pagead/1p-user-list/408516141/ Frame 6010 42 B
64 B 143ms
143ms Image
image/gif 142.250.181.227
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.ge/pagead/1p-user-list/408516141/?random=1687928603021&cv=11&fst=1687928400000&bg=ffffff&guid=ON&async=1&gtm=45He36q0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.sanook.com%2Fwomen%2F220941%2F&ref=https%3A%2F%2Fwww.sanook.com%2Fwomen%2F220941%2F&frm=1&tiba=%E0%B8%94%E0%B8%B9%E0%B8%94%E0%B8%A7%E0%B8%87%E0%B8%9B%E0%B8%A3%E0%B8%B0%E0%B8%88%E0%B8%B3%E0%B8%AA%E0%B8%B1%E0%B8%9B%E0%B8%94%E0%B8%B2%E0%B8%AB%E0%B9%8C%2016-30%20%E0%B8%A1%E0%B8%B4%E0%B8%96%E0%B8%B8%E0%B8%99%E0%B8%B2%E0%B8%A2%E0%B8%99%202566%20%3AEmbed&fmt=3&is_vtc=1&random=1089202549&rmt_tld=1&ipr=y

Requested by

Host: www.sanook.com
URL: https://www.sanook.com/video/embed/clip/1537276/?playerType=video-js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.227 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f3.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 28 Jun 2023 05:03:23 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 analytics.js Show response
www.google-analytics.com/ Frame 6010 52 KB
21 KB 128ms
127ms Script
text/javascript 142.250.185.174
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PNXLXRS

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.174 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 28 Jun 2023 04:35:22 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 1681
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Wed, 28 Jun 2023 06:35:22 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ Frame 6010 241 KB
83 KB 147ms
146ms Script
application/javascript 142.250.185.168
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-M0RYDTKBFK&l=dataLayer&cx=c

Requested by

Host: www.googleoptimize.com
URL: https://www.googleoptimize.com/optimize.js?id=GTM-NBRLWV4

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.168 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

3d65d402bfd2d40e6f69dc563fa6dc454bbbff49c4601c8fd9a9e4179d16d6f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 05:03:23 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 85458
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 28 Jun 2023 05:03:23 GMT

GET
H/1.1 200
OK / Show response
avd.innity.com/dc/cb/ Frame 6010 59 B
726 B 1487ms
371ms Script
application/javascript 119.81.216.16
SOFTLAYER

General

Check archive.org

Show headers Download Go to

Full URL: https://avd.innity.com/dc/cb/?mt=_iampt._cbUC
Requested by: Host: avd.innity.net
URL: https://avd.innity.net/lib/dc.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 119.81.216.16 , Singapore, ASN36351 (SOFTLAYER, US),
Reverse DNS: 10.d8.5177.ip4.static.sl-reverse.com
Software: Apache /
Resource Hash: d435ab5b315fa05b5ec2875afe20287bbfd930a91185fefc35dba18c1ef2722c

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 28 Jun 2023 05:03:24 GMT
Content-Encoding: gzip
Last-Modified: Wed, 28 Jun 2023 05:03:24 GMT
Server: Apache
Vary: Accept-Encoding
P3P: policyref=http://www.innity.com/p3p/p3p.xml,CP="CURa ADMa DEVa OUR BUS UNI COM NAV INT"
Content-Type: application/javascript
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Content-Length: 79
Expires: Wed, 04 Aug 1985 12:59:00 GMT

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306220101/ Frame 6010 393 KB
125 KB 131ms
130ms Script
text/javascript 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306220101/pubads_impl.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

cafe /

Resource Hash

3086c49956d51c2cba2562ba86a083aedf01d66f41c264f158f5d4f6e632c3eb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Jun 2023 12:16:17 GMT
content-encoding: br
x-content-type-options: nosniff
age: 60426
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 127939
x-xss-protection: 0
server: cafe
etag: 10569078359274256513
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Wed, 26 Jun 2024 12:16:17 GMT

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ 0
56 B 133ms
130ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=ow-client&correlator=130
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/women/220941/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.sanook.com/
accept-language: ka-GE,ka;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.sanook.com
date: Wed, 28 Jun 2023 05:03:23 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

POST
H2 204 events
bidder.criteo.com/csm/ 0
78 B 138ms
135ms Ping
text/plain 178.250.1.8
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/csm/events

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.8 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://www.sanook.com/
accept-language: ka-GE,ka;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Wed, 28 Jun 2023 05:03:23 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel

GET
H2 200 pixel.gif
static.criteo.net/images/ 43 B
365 B 139ms
137ms Image
image/gif 178.250.7.2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/images/pixel.gif?ch=1

Requested by

Host: www.sanook.com
URL: https://www.sanook.com/women/220941/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.7.2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 05:03:23 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 09 Dec 2008 16:52:36 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "493ea254-2b"
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 43
expires: Sat, 22 Jun 2024 05:03:23 GMT

GET
H2 200 pixel.gif
static.criteo.net/images/ 43 B
365 B 138ms
136ms Image
image/gif 178.250.7.2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/images/pixel.gif?ch=2

Requested by

Host: www.sanook.com
URL: https://www.sanook.com/women/220941/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.7.2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 05:03:23 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 09 Dec 2008 16:52:36 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "493ea254-2b"
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 43
expires: Sat, 22 Jun 2024 05:03:23 GMT

POST
H2 204 events
bidder.criteo.com/csm/ 0
78 B 137ms
136ms Ping
text/plain 178.250.1.8
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/csm/events

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.8 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://www.sanook.com/
accept-language: ka-GE,ka;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Wed, 28 Jun 2023 05:03:23 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel

POST
H2 204 events
bidder.criteo.com/csm/ 0
78 B 137ms
136ms Ping
text/plain 178.250.1.8
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/csm/events

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.8 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://www.sanook.com/
accept-language: ka-GE,ka;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Wed, 28 Jun 2023 05:03:22 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel

POST
H2 204 events
bidder.criteo.com/csm/ 0
78 B 137ms
135ms Ping
text/plain 178.250.1.8
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/csm/events

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.8 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://www.sanook.com/
accept-language: ka-GE,ka;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Wed, 28 Jun 2023 05:03:23 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel

GET
H2 200 app-install-v3.js Show response
cdn.taboola.com/demand-formats/app-install-v3/ 5 KB
2 KB 136ms
134ms Script
application/javascript 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/demand-formats/app-install-v3/app-install-v3.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230627-7-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 49388d71763e0cd0a0c7489561fd837dc39069c6273f049f2f25775b023121b3

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: 2rjMAREvE1QGUj8OxtRZN2GVRjfKZMY.
content-encoding: gzip
via: 1.1 varnish
date: Wed, 28 Jun 2023 05:03:23 GMT
x-amz-request-id: N2F5347PC491DPFY
age: 28476
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 1406
x-amz-id-2: Xipzj63KvIAZJ8BCyKQrehzH7PJ3GLJ5Gw+oMkHly5m5OnoOm0FKK+IIkz/JVB344dIAqxUKIow=
x-served-by: cache-mxp6942-MXP
last-modified: Tue, 27 Jun 2023 13:08:31 GMT
server: AmazonS3
x-tbl-debug: bestatus=200,beresp=OK
x-timer: S1687928603.469232,VS0,VE0
etag: "10226671163992d097d58425256f2f3d"
vary: Accept-Encoding
content-type: application/javascript
abp: 16
access-control-allow-origin: *
cache-control: private,max-age=14400
accept-ranges: bytes
x-cache-hits: 4382

GET
H2 200 app-install-v3.css
cdn.taboola.com/demand-formats/app-install-v3/ 9 KB
2 KB 137ms
136ms Stylesheet
text/css 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/demand-formats/app-install-v3/app-install-v3.css
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230627-7-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f7fa57c0d35ae39ac4987d2e8c46206616245c2dd1f8f75e848bc58c235e12ce

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: gc0m9hltiimDy.Ve9hpildYbvs8hsvcz
content-encoding: gzip
via: 1.1 varnish
date: Wed, 28 Jun 2023 05:03:23 GMT
x-amz-request-id: 87Z2FVZ0PECQ14T2
age: 28478
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 1509
x-amz-id-2: Np3CSbTOmbQCseE0wgerQ+CKC39lb0Dq8o+pL1DK6UGbnDv9LcSYZ2ClNp7/6rF8YuI/Dl6qeBc=
x-served-by: cache-mxp6942-MXP
last-modified: Tue, 27 Jun 2023 13:08:31 GMT
server: AmazonS3
x-tbl-debug: bestatus=200,beresp=OK
x-timer: S1687928603.469258,VS0,VE0
etag: "9a3d8d4b9a1a96d0d0d87e8dcdbf16b9"
vary: Accept-Encoding
content-type: text/css
abp: 53
access-control-allow-origin: *
cache-control: private,max-age=14400
accept-ranges: bytes
x-cache-hits: 4387

GET
H2 200 em-different-fonts.js Show response
cdn.taboola.com/ui-ab-tests/em-different-fonts/ 1 KB
1013 B 134ms
133ms Script
application/x-javascript 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/ui-ab-tests/em-different-fonts/em-different-fonts.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230627-7-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 75a4652125853a945a31d2262da42d0bbc892271ee28a53d4db1a02b2bce05ca

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: fYsNM7sHF7dwBD3hBYbpYek88ufRH0GY
content-encoding: gzip
via: 1.1 varnish
date: Wed, 28 Jun 2023 05:03:23 GMT
x-amz-request-id: T31V5EAY7VECQ8FA
age: 28556
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 627
x-amz-id-2: lrPe+Bzf3IN/irVU/fFvlAhA8lJhhMad5sTNO8UQ+p3kIzoEtsZhkzOzFqA2Nx7H+OxPvf/2CkM=
x-served-by: cache-mxp6942-MXP
last-modified: Wed, 21 Jun 2023 12:55:19 GMT
server: AmazonS3
x-tbl-debug: bestatus=200,beresp=OK
x-timer: S1687928603.469149,VS0,VE0
etag: "1ba718852eb7091aef085dfe7cc6b306"
vary: Accept-Encoding
content-type: application/x-javascript
abp: 13
access-control-allow-origin: *
cache-control: private,max-age=14400
accept-ranges: bytes
x-cache-hits: 7399

GET
H2 200 em-different-fonts.css
cdn.taboola.com/ui-ab-tests/em-different-fonts/ 904 B
549 B 137ms
137ms Stylesheet
text/css 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/ui-ab-tests/em-different-fonts/em-different-fonts.css
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230627-7-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: afd8f0857ea78c5062357999db000e31d7469b088ff8eb6bdb5f6842d552d9cc

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: ZLIDsz8dyG0OBqsDRdkkA7jd8r8qFgLw
content-encoding: gzip
via: 1.1 varnish
date: Wed, 28 Jun 2023 05:03:23 GMT
x-amz-request-id: C9DVT9ZC4J3J9H94
age: 347
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 212
x-amz-id-2: fDr9lqafDxbVfjPFV0igy27H01bcabuTqAJa/oZbEm8xlW9c7Kr3uHqaSHAX45o+hn2NInGuQq0=
x-served-by: cache-mxp6942-MXP
last-modified: Wed, 21 Jun 2023 12:55:17 GMT
server: AmazonS3
x-tbl-debug: bestatus=200,beresp=OK
x-timer: S1687928603.469183,VS0,VE0
etag: "e1534bdf46e0bf286e2dda06c6237e86"
vary: Accept-Encoding
content-type: text/css
abp: 33
access-control-allow-origin: *
cache-control: private,max-age=14400
accept-ranges: bytes
x-cache-hits: 197

GET
H2 200 feed-card-placeholder.20230627-7-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ 5 KB
2 KB 138ms
137ms Script
application/javascript 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/feed-card-placeholder.20230627-7-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/sanook/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 641e51f616d000ed9254b3392c53737e2cd5b63f0761051a4f0a15187fb2e2c2

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: A9y1qfBwzNPigLHzt2MY8LnN0hnW5me5
content-encoding: gzip
via: 1.1 varnish
date: Wed, 28 Jun 2023 05:03:23 GMT
x-amz-request-id: F38GHY4RFAYNGASB
age: 66481
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 1262
x-amz-id-2: P3F07xBw+PMv+BavbzlDt6m71HraQWIzO9Ry5tJaGqZgUzydw748OUmmKdwQbDPFFrwI0fJBatc=
x-served-by: cache-mxp6942-MXP
last-modified: Tue, 27 Jun 2023 10:35:22 GMT
server: AmazonS3
x-tbl-debug: bestatus=200,beresp=OK
x-timer: S1687928603.477371,VS0,VE0
etag: "72b0968da54d64673ebb8c7adb85af31"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 63
access-control-allow-origin: *
cache-control: private,max-age=2629743
accept-ranges: bytes
x-cache-hits: 85728

GET
H2 200 distance-from-article.20230627-7-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ 2 KB
1 KB 151ms
150ms Script
application/javascript 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/distance-from-article.20230627-7-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/sanook/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: aada7cafad2a820fa83ff944ac71e869921ddadf753539cf23403e13e922c33a

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: BAVTpERE7VUEXyg630p.ZsRZ2gb3.DWr
content-encoding: gzip
via: 1.1 varnish
date: Wed, 28 Jun 2023 05:03:23 GMT
x-amz-request-id: Q9VJE44MH3D88K2G
age: 66498
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 1135
x-amz-id-2: c5s7PIhCO5F74osLLs6uVs7ZtLCSNNvdOyUjjBOY8temKA9Afw1af9c56nutLFfpQYjB0xBT0T4=
x-served-by: cache-mxp6942-MXP
last-modified: Tue, 27 Jun 2023 10:35:05 GMT
server: AmazonS3
x-tbl-debug: bestatus=200,beresp=OK
x-timer: S1687928604.520771,VS0,VE0
etag: "ae09c1ddadd1898020edf79ceae73c11"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 55
access-control-allow-origin: *
cache-control: private,max-age=2629743
accept-ranges: bytes
x-cache-hits: 80662

GET
H2 200 article-detection.20230627-7-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ 3 KB
2 KB 138ms
137ms Script
application/javascript 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/article-detection.20230627-7-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/sanook/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 250c5d4f82a35a76df85b2888aeee92bb430fdfafb5722bfdb39610caeb65dc0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: J.wQ0TJRS6qG2rJYUbomO_797dCavhw5
content-encoding: gzip
via: 1.1 varnish
date: Wed, 28 Jun 2023 05:03:23 GMT
x-amz-request-id: ZRNK1EY7JR61XTE3
age: 66521
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 1236
x-amz-id-2: mo92oerIfSkhY4YupZKbVwopoT5anEytQF4N/Y13SARcvKiNpyeH89ziHIEzUmxq3VTHnuYF1AU=
x-served-by: cache-mxp6942-MXP
last-modified: Tue, 27 Jun 2023 10:34:43 GMT
server: AmazonS3
x-tbl-debug: bestatus=200,beresp=OK
x-timer: S1687928604.520757,VS0,VE0
etag: "dec9b1c88dc3eaa3e8c06aaca63f3c49"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 33
access-control-allow-origin: *
cache-control: private,max-age=2629743
accept-ranges: bytes
x-cache-hits: 80651

GET
H2 200 f89e1763-220d-4e09-ba69-9e040548fb7a.svg
cdn.taboola.com/static/f8/ 4 KB
2 KB 142ms
142ms Image
image/svg+xml 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.taboola.com/static/f8/f89e1763-220d-4e09-ba69-9e040548fb7a.svg
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/women/220941/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 39b076e4bb4fab9b8a142499cf6155f8c128464974691a04de7e764f71b72618

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: cMrDKn.emLmm9kiiOOF64ulDT4DRy6LK
content-encoding: gzip
via: 1.1 varnish
date: Wed, 28 Jun 2023 05:03:23 GMT
x-amz-request-id: SM64PABGMRG8J5RK
age: 119
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 1758
x-amz-id-2: Vc0ugujo7XKoeagit2IOEwch92U/SIaxPVZBgq+e5/wbBmankivo/ARaYPpZfIClpwc2Lx47wdg=
x-served-by: cache-mxp6942-MXP
last-modified: Wed, 07 Feb 2018 11:15:52 GMT
server: AmazonS3
x-timer: S1687928604.543173,VS0,VE0
etag: "b8b410e4b18d45aa2f3d9bc09cd335fb"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: image/svg+xml
access-control-allow-origin: *
abp: 97
cache-control: private,max-age=31536000
accept-ranges: bytes
access-control-allow-headers: *
x-cache-hits: 101

GET
H2 200 UnitWidgetItemDesktop.min.js Show response
vidstat.taboola.com/lite-unit/4.0.6/ 112 KB
30 KB 136ms
135ms Script
application/javascript 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vidstat.taboola.com/lite-unit/4.0.6/UnitWidgetItemDesktop.min.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230627-7-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 0e7180a71dde7d28bbb50ea73c1f2687ac78e876e393870c9b9a3b57f7b95986

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 05:03:23 GMT
via: 1.1 6b552294ba6a60cc56d1bc328f57165e.cloudfront.net (CloudFront), 1.1 varnish
content-encoding: gzip
x-amz-cf-pop: MXP63-P4
age: 158252
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront, HIT
content-length: 30695
x-served-by: cache-mxp6942-MXP
last-modified: Mon, 26 Jun 2023 09:05:18 GMT
server: AmazonS3
x-timer: S1687928604.551554,VS0,VE0
etag: "ef24c9e350329713f3e1415cac9f6f3f"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
access-control-allow-headers: *
x-amz-cf-id: MkBXsK274V774AYqIT4hEFjdVOkc5Cb4gKsep85MxAKAf3n92AU5Jg==
x-cache-hits: 3305

GET
H2 200 explore-more.20230627-7-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ 28 KB
8 KB 144ms
144ms Script
application/javascript 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/explore-more.20230627-7-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/sanook/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 6bf9ce9415eea6f068b8ae700abc9be21de147384e5a62b967cfb630062d6a7e

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: 4q_4dtLswueaT7WRCSaEmE2JfQZ9re_h
content-encoding: gzip
via: 1.1 varnish
date: Wed, 28 Jun 2023 05:03:23 GMT
x-amz-request-id: FBPQY66XYHG9ST2B
age: 66486
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 8242
x-amz-id-2: 79AYEJeZWUv1KWTevJDmO8xOK2Tt/zXGpqST0OnJKkSTQnD7eAVt8krSnaoCefCvXQmh1yTcISc=
x-served-by: cache-mxp6942-MXP
last-modified: Tue, 27 Jun 2023 10:35:17 GMT
server: AmazonS3
x-tbl-debug: bestatus=200,beresp=OK
x-timer: S1687928604.562365,VS0,VE0
etag: "bfe7932c133f4c5d210ad83d9f4a56cc"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 84
access-control-allow-origin: *
cache-control: private,max-age=2629743
accept-ranges: bytes
x-cache-hits: 48950

GET
H2 204 abtests
il-trc-events.taboola.com/sanook/log/3/ 0
362 B 639ms
275ms Image
text/plain 185.106.33.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://il-trc-events.taboola.com/sanook/log/3/abtests?route=AM:IL:V&lti=deflated&ri=ef388e4c439b85c2273328a682ab3d80&sd=v2_cc9298280d251f6dc0759311146b2de7_3c291396-702d-4cf3-a32f-583610550673-tuctb95449a_1687928602_1687928602_CNawjgYQgeA9GL78iYOQMSABKAEwTzj74glAho4QSLLZ2ANQ____________AVgAYABosa_ptcr9986tAXAB&ui=3c291396-702d-4cf3-a32f-583610550673-tuctb95449a&pi=/women/220941&wi=-3636414332327407013&pt=text&vi=1687928602174&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22block_clicks_init%22%2C%22type%22%3A%22block-clicks-manager%22%2C%22eventTime%22%3A1687928603434%7D&tim=05%3A03%3A23.434&id=496&llvl=2&cv=20230627-7-RELEASE&
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/women/220941/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Wed, 28 Jun 2023 05:03:24 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H2 204 supply-feature
il-trc-events.taboola.com/sanook/log/3/ 0
362 B 637ms
273ms Image
text/plain 185.106.33.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://il-trc-events.taboola.com/sanook/log/3/supply-feature?route=AM:IL:V&lti=deflated&ri=ef388e4c439b85c2273328a682ab3d80&sd=v2_cc9298280d251f6dc0759311146b2de7_3c291396-702d-4cf3-a32f-583610550673-tuctb95449a_1687928602_1687928602_CNawjgYQgeA9GL78iYOQMSABKAEwTzj74glAho4QSLLZ2ANQ____________AVgAYABosa_ptcr9986tAXAB&ui=3c291396-702d-4cf3-a32f-583610550673-tuctb95449a&pi=/women/220941&wi=-3636414332327407013&pt=text&vi=1687928602174&d=%7B%22event_type%22%3A%22EXPLORE_MORE%22%2C%22event_state%22%3A%22ADOPTED%22%2C%22event_value%22%3A%22%22%2C%22event_msg%22%3A%22%22%2C%22event_key%22%3A%22%22%7D&tim=05%3A03%3A23.488&id=9849&llvl=2&cv=20230627-7-RELEASE&
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/women/220941/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Wed, 28 Jun 2023 05:03:24 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ 0
56 B 148ms
147ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=ow-client&correlator=360
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/women/220941/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.sanook.com/
accept-language: ka-GE,ka;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.sanook.com
date: Wed, 28 Jun 2023 05:03:23 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

POST
H2 200 bid-request Show response
a.teads.tv/hb/ 16 B
495 B 531ms
187ms XHR
application/json 95.101.149.35
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://a.teads.tv/hb/bid-request
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/women/220941/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 95.101.149.35 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a95-101-149-35.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c

Request headers

Referer: https://www.sanook.com/
accept-language: ka-GE,ka;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 28 Jun 2023 05:03:23 GMT
content-encoding: gzip
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://www.sanook.com
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 42
expires: Wed, 28 Jun 2023 05:03:23 GMT

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ 0
56 B 141ms
140ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=ow-client&correlator=767
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/women/220941/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.sanook.com/
accept-language: ka-GE,ka;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.sanook.com
date: Wed, 28 Jun 2023 05:03:22 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

POST
H2 200 bid-request Show response
a.teads.tv/hb/ 16 B
494 B 502ms
167ms XHR
application/json 95.101.149.35
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://a.teads.tv/hb/bid-request
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/women/220941/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 95.101.149.35 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a95-101-149-35.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c

Request headers

Referer: https://www.sanook.com/
accept-language: ka-GE,ka;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 28 Jun 2023 05:03:23 GMT
content-encoding: gzip
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://www.sanook.com
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 42
expires: Wed, 28 Jun 2023 05:03:23 GMT

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ 0
56 B 133ms
132ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=ow-client&correlator=542
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/women/220941/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.sanook.com/
accept-language: ka-GE,ka;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.sanook.com
date: Wed, 28 Jun 2023 05:03:23 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

POST
H2 200 bid-request Show response
a.teads.tv/hb/ 16 B
495 B 485ms
188ms XHR
application/json 95.101.149.35
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://a.teads.tv/hb/bid-request
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/women/220941/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 95.101.149.35 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a95-101-149-35.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c

Request headers

Referer: https://www.sanook.com/
accept-language: ka-GE,ka;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 28 Jun 2023 05:03:23 GMT
content-encoding: gzip
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://www.sanook.com
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 42
expires: Wed, 28 Jun 2023 05:03:23 GMT

GET
H2 204 social
il-trc-events.taboola.com/sanook/log/3/ 0
362 B 571ms
275ms Image
text/plain 185.106.33.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://il-trc-events.taboola.com/sanook/log/3/social?route=AM:IL:V&lti=deflated&ri=ef388e4c439b85c2273328a682ab3d80&sd=v2_cc9298280d251f6dc0759311146b2de7_3c291396-702d-4cf3-a32f-583610550673-tuctb95449a_1687928602_1687928602_CNawjgYQgeA9GL78iYOQMSABKAEwTzj74glAho4QSLLZ2ANQ____________AVgAYABosa_ptcr9986tAXAB&ui=3c291396-702d-4cf3-a32f-583610550673-tuctb95449a&pi=/women/220941&wi=-3636414332327407013&pt=text&vi=1687928602174&st=social-available&d=%7B%22data%22%3A%5B%7B%22i%22%3A%22ctx%22%2C%22ism%22%3Afalse%2C%22srx%22%3A1600%2C%22sry%22%3A1200%2C%22pd%22%3Anull%2C%22tpl%22%3A%22%22%2C%22url%22%3A%22https%3A%2F%2Fwww.sanook.com%2Fwomen%2F220941%22%2C%22rref%22%3A%22%22%2C%22sref%22%3A%22_sessionPending_%22%2C%22hdl%22%3A%22%E2%80%9C%E0%B8%89%E0%B8%B2%E0%B8%81%E0%B8%81%E0%B8%B1%E0%B9%89%E0%B8%99%E0%B9%82%E0%B8%84%E0%B8%A7%E0%B8%B4%E0%B8%94-19%E2%80%9D%20%E0%B8%AD%E0%B8%A2%E0%B8%B2%E0%B8%81%E0%B9%84%E0%B8%94%E0%B9%89%20%E0%B8%97%E0%B8%B3%E0%B9%80%E0%B8%AD%E0%B8%87%20%E0%B8%AB%E0%B8%A3%E0%B8%B7%E0%B8%AD%E0%B8%97%E0%B8%B5%E0%B9%88%E0%B9%84%E0%B8%AB%E0%B8%99%E0%B8%A1%E0%B8%B5%E0%B8%82%E0%B8%B2%E0%B8%A2%E0%B8%9A%E0%B9%89%E0%B8%B2%E0%B8%87%22%2C%22sec%22%3A%22Baby%27s%20Food%2CBeauty%2CBeauty%2CBeverage%2CBobbi%20Brown%2CBusiness%20Owners%2CChanel%2CClinique%2CCoffee%2CCooking%2CDessert%2CDining%2CEstee%20Lauder%2CFamily%2CFashion%2CFashion%20Trends%2CFitness%2CFood%2CHair%2CHealth%2CJewelry%2CLancome%2CLaneige%2CLoreal%2CMake%20up%2CNew%20Mom%2COOTD%2CParenting%2CPregnant%2CRecipe%2CRecipe%2CRestaurant%2CSKII%2CShiseido%2CSingle%20Mom%2CSkin%20Care%2CSurgery%2CWomen%22%2C%22aut%22%3A%5B%22S!%20Women%20(Rewrite)%22%5D%2C%22img%22%3A%22https%3A%2F%2Fs.isanook.com%2Fwo%2F0%2Fud%2F44%2F220941%2F220941-thumbnail.jpg%22%2C%22v%22%3A15%2C%22pw%22%3Afalse%7D%5D%7D&tim=05%3A03%3A23.585&id=3027&llvl=2&cv=20230627-7-RELEASE&
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/women/220941/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Wed, 28 Jun 2023 05:03:24 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

POST
H2 204 bulk-metrics Show response
il-trc-events.taboola.com/sanook/log/3/ 0
377 B 509ms
238ms XHR
text/plain 185.106.33.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://il-trc-events.taboola.com/sanook/log/3/bulk-metrics?route=AM%3AIL%3AV&lti=deflated&bulkSize=13
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/women/220941/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.sanook.com/
accept-language: ka-GE,ka;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://www.sanook.com
pragma: no-cache
date: Wed, 28 Jun 2023 05:03:24 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H2 204 abtests
il-trc-events.taboola.com/sanook/log/3/ 0
363 B 496ms
237ms Image
text/plain 185.106.33.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://il-trc-events.taboola.com/sanook/log/3/abtests?route=AM:IL:V&lti=deflated&ri=ef388e4c439b85c2273328a682ab3d80&sd=v2_cc9298280d251f6dc0759311146b2de7_3c291396-702d-4cf3-a32f-583610550673-tuctb95449a_1687928602_1687928602_CNawjgYQgeA9GL78iYOQMSABKAEwTzj74glAho4QSLLZ2ANQ____________AVgAYABosa_ptcr9986tAXAB&ui=3c291396-702d-4cf3-a32f-583610550673-tuctb95449a&pi=/women/220941&wi=-3636414332327407013&pt=text&vi=1687928602174&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22recommendation-reel%22%2C%22type%22%3A%22available%22%2C%22eventTime%22%3A1687928603617%7D&tim=05%3A03%3A23.618&id=9460&llvl=2&cv=20230627-7-RELEASE&
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/women/220941/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Wed, 28 Jun 2023 05:03:24 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame 56F3 16 KB
6 KB 131ms
130ms Document
text/html 23.32.184.192
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=155976
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.32.184.192 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-32-184-192.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48

Request headers

Referer: https://www.sanook.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: ka-GE,ka;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=22096
content-encoding: gzip
content-length: 5554
content-type: text/html
date: Wed, 28 Jun 2023 05:03:23 GMT
expires: Wed, 28 Jun 2023 11:11:39 GMT
last-modified: Fri, 16 Dec 2022 06:36:49 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: Apache
vary: Accept-Encoding

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame 3FF2 16 KB
6 KB 142ms
142ms Document
text/html 23.32.184.192
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=155976
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.32.184.192 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-32-184-192.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48

Request headers

Referer: https://www.sanook.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: ka-GE,ka;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=22096
content-encoding: gzip
content-length: 5554
content-type: text/html
date: Wed, 28 Jun 2023 05:03:23 GMT
expires: Wed, 28 Jun 2023 11:11:39 GMT
last-modified: Fri, 16 Dec 2022 06:36:49 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: Apache
vary: Accept-Encoding

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame 0D28 16 KB
6 KB 140ms
140ms Document
text/html 23.32.184.192
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=155976
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.32.184.192 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-32-184-192.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48

Request headers

Referer: https://www.sanook.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: ka-GE,ka;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=22096
content-encoding: gzip
content-length: 5554
content-type: text/html
date: Wed, 28 Jun 2023 05:03:23 GMT
expires: Wed, 28 Jun 2023 11:11:39 GMT
last-modified: Fri, 16 Dec 2022 06:36:49 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: Apache
vary: Accept-Encoding

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame 3DB0 16 KB
6 KB 134ms
134ms Document
text/html 23.32.184.192
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=155976
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.32.184.192 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-32-184-192.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48

Request headers

Referer: https://www.sanook.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: ka-GE,ka;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=22096
content-encoding: gzip
content-length: 5554
content-type: text/html
date: Wed, 28 Jun 2023 05:03:23 GMT
expires: Wed, 28 Jun 2023 11:11:39 GMT
last-modified: Fri, 16 Dec 2022 06:36:49 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: Apache
vary: Accept-Encoding

GET
H/1.1 200
OK c
sal.isanook.com/sa/ Frame 6010 35 B
355 B 314ms
313ms Image
image/gif 61.91.94.165
TRUEINTERNET-AS-A...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sal.isanook.com/sa/c?v=1&_v=j41&a=1350317497&t=pageview&_s=1&dl=https%3A%2F%2Fwww.sanook.com%2Fvideo%2Fembed%2Fclip%2F1537276%2F%3FplayerType%3Dvideo-js&dp=%2Fvideo%2Fembed%2Fclip%2F1537276%2F%3FplayerType%3Dvideo-js&ul=en-us&de=UTF-8&dt=%E0%B8%94%E0%B8%B9%E0%B8%94%E0%B8%A7%E0%B8%87%E0%B8%9B%E0%B8%A3%E0%B8%B0%E0%B8%88%E0%B8%B3%E0%B8%AA%E0%B8%B1%E0%B8%9B%E0%B8%94%E0%B8%B2%E0%B8%AB%E0%B9%8C%2016-30%20%E0%B8%A1%E0%B8%B4%E0%B8%96%E0%B8%B8%E0%B8%99%E0%B8%B2%E0%B8%A2%E0%B8%99%202566%20%3AEmbed%20Video&sd=24-bit&sr=1600x1200&vp=728x410&je=0&_u=QAAAAAABC~&cid=1064489419.1687928601&tid=SA-8147095-6&cd4=0&cd8=b&z=1141431277
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/video/embed/clip/1537276/?playerType=video-js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 61.91.94.165 Bangkok, Thailand, ASN7470 (TRUEINTERNET-AS-AP TRUE INTERNET Co.,Ltd., TH),
Reverse DNS: 61-91-94-165.static.asianet.co.th
Software: nginx /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
Date: Wed, 28 Jun 2023 05:03:23 GMT
Server: nginx
Vary: Accept-Encoding
Content-Type: image/gif
Cache-Control: no-cache, no-cache, no-store, must-revalidate
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 35
Expires: Thu, 01 Jan 1970 00:00:01 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ Frame 6010 3 B
23 B 136ms
135ms XHR
text/plain 142.250.185.174
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=338464037&t=pageview&_s=1&dl=https%3A%2F%2Fwww.sanook.com%2Fvideo%2Fembed%2Fclip%2F1537276%2F%3FplayerType%3Dvideo-js&ul=en-us&de=UTF-8&dt=%E0%B8%94%E0%B8%B9%E0%B8%94%E0%B8%A7%E0%B8%87%E0%B8%9B%E0%B8%A3%E0%B8%B0%E0%B8%88%E0%B8%B3%E0%B8%AA%E0%B8%B1%E0%B8%9B%E0%B8%94%E0%B8%B2%E0%B8%AB%E0%B9%8C%2016-30%20%E0%B8%A1%E0%B8%B4%E0%B8%96%E0%B8%B8%E0%B8%99%E0%B8%B2%E0%B8%A2%E0%B8%99%202566%20%3AEmbed%20Video&sd=24-bit&sr=1600x1200&vp=728x410&je=0&_u=QACAAEABQAAAACAEK~&jid=&gjid=&cid=1184271674.1687928600&tid=UA-8147095-6&_gid=1412767983.1687928600&_slc=1&gtm=45He36q0n81PNXLXRS&cd1=newsgroup&cd2=newsgroup&cd3=mystery&cd4=0&cd12=1687928603197.51fiedgj&cd13=%E0%B8%84%E0%B8%A5%E0%B8%B4%E0%B8%9B%E0%B8%99%E0%B9%88%E0%B8%B2%E0%B8%AA%E0%B8%99%E0%B9%83%E0%B8%88&cd14=%E0%B8%94%E0%B8%A7%E0%B8%87%E0%B8%9B%E0%B8%A3%E0%B8%B0%E0%B8%88%E0%B8%B3%E0%B8%AA%E0%B8%B1%E0%B8%9B%E0%B8%94%E0%B8%B2%E0%B8%AB%E0%B9%8C&cd15=1537276&cd16=user%20generated%20content%20(ugc)&cd21=37&cd22=video&cd23=embedplayer&cd33=%E0%B8%84%E0%B8%A5%E0%B8%B4%E0%B8%9B%E0%B8%99%E0%B9%88%E0%B8%B2%E0%B8%AA%E0%B8%99%E0%B9%83%E0%B8%88%2C%E0%B8%94%E0%B8%A7%E0%B8%87%E0%B8%9B%E0%B8%A3%E0%B8%B0%E0%B8%88%E0%B8%B3%E0%B8%AA%E0%B8%B1%E0%B8%9B%E0%B8%94%E0%B8%B2%E0%B8%AB%E0%B9%8C%2C%E0%B8%94%E0%B8%B9%E0%B8%94%E0%B8%A7%E0%B8%87%2CHoriscope%20Clip&cd34=video&cd35=newsgroup&cd36=mystery&cd43=0&cd44=2&cm5=1&z=1604928046

Requested by

Host: www.sanook.com
URL: https://www.sanook.com/video/embed/clip/1537276/?playerType=video-js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.174 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.sanook.com/
accept-language: ka-GE,ka;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 28 Jun 2023 05:03:23 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.sanook.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 AGSKWxULiKztFOq9WrTw0txOA5_anCXchriRnRNwHK9g8jmGWbEaN9iZYCi3VjDOAnaqRXB-YXNk83Hg4maPRUzxPHs= Show response
fundingchoicesmessages.google.com/f/ 4 KB
3 KB 173ms
172ms Script
application/javascript 142.250.181.238
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxULiKztFOq9WrTw0txOA5_anCXchriRnRNwHK9g8jmGWbEaN9iZYCi3VjDOAnaqRXB-YXNk83Hg4maPRUzxPHs=?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNjg3OTI4NjAzLDc4MDAwMDAwMF0sIjVDQjAwNDgyLUZFRDEtNDVBMi04MkNFLURERTFEQkIyM0VGNSIsbnVsbCxudWxsLFtudWxsLFs3XV0sImh0dHBzOi8vd3d3LnNhbm9vay5jb20vd29tZW4vMjIwOTQxLyIsbnVsbCxbWzgsIkljdWZRSUxFU3BjIl0sWzksImVuLVVTIl0sWzE2LCJbMSwxLDFdIl0sWzE5LCIyIl1dXQ

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.IcufQILESpc.es5.O/d=1/rs=AJlcJMzkUJbcjmH2GjuAJfdqmg32pcxH-Q/m=kernel_loader,loader_js_executable

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.238 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f14.1e100.net

Software

ESF /

Resource Hash

d4e3661d345f8e4fea14950432ef9862ab23bd33441e7c27cb93f8ef8c9534e0

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-BY40vdcM19qOIbYs8Um_xw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 05:03:23 GMT
content-security-policy: script-src 'report-sample' 'nonce-BY40vdcM19qOIbYs8Um_xw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
456 B 424ms
140ms Script
application/javascript 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.sanook.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306270101/pubads_impl.js?cb=31075705

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 05:03:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 esp.js Show response
oa.openxcdn.net/ 24 KB
8 KB 405ms
133ms Script
application/javascript 34.102.146.192
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://oa.openxcdn.net/esp.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306270101/pubads_impl.js?cb=31075705
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.102.146.192 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 192.146.102.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 12:24:20 GMT
content-encoding: gzip
age: 923944
x-guploader-uploadid: ADPycdsuws19q6gut2HVw5Cbtoy2R9nMFWEkfsW4j28cg71BlAh_maBVLR9J0a9wek9aI3l80Gjw2adcfLZSJ2do6Qt7pQ
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7927
last-modified: Thu, 27 May 2021 18:30:51 GMT
server: UploadServer
etag: "df5542b88bc0e368c6999754a5b9e2ba"
x-goog-generation: 1622140251693895
x-goog-hash: crc32c=f21hYg==, md5=31VCuIvA42jGmZdUpbniug==
content-type: application/javascript
cache-control: no-transform
x-goog-stored-content-length: 7927
accept-ranges: bytes
expires: Sun, 16 Jun 2024 12:24:20 GMT

GET
H2 200 publishertag.ids.js Show response
static.criteo.net/js/ld/ 42 KB
13 KB 150ms
148ms Script
text/javascript 178.250.7.2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.ids.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306270101/pubads_impl.js?cb=31075705

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.7.2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

839c424b188a9bdafd46e5b643a2c5afb4b7df5e51f0321ffafd5f23b118e259

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 05:03:23 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 31 May 2023 13:09:50 GMT
server: nginx
etag: W/"6477471e-a980"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 29 Jun 2023 05:03:23 GMT

GET
H2 200 sync.min.js Show response
tags.crwdcntrl.net/lt/c/16589/ 38 KB
12 KB 450ms
159ms Script
text/javascript 108.138.36.28
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306270101/pubads_impl.js?cb=31075705
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.36.28 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-36-28.muc50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c0c2ec1f2d626ab278d81abe34d30681f0007e8c79a890165f27e3e1550e99b7

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Jun 2023 05:20:10 GMT
content-encoding: gzip
via: 1.1 66a008dd3c1b49635fc036a68872758c.cloudfront.net (CloudFront)
last-modified: Wed, 31 May 2023 20:34:33 GMT
server: AmazonS3
x-amz-cf-pop: MUC50-P2
age: 85395
x-amz-server-side-encryption: AES256
etag: W/"550ead3a95bd6cfcd917d45c5f8f4553"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: public, max-age=86400
x-amz-cf-id: XPWGfhESuoLmm1vkaAq0YAd7VVJ5EFFzjnTnnrA48NBv_TQoIQfryw==

GET
H/1.1 200
OK uid2SecureSignal.js Show response
cdn.prod.uidapi.com/ 2 KB
2 KB 435ms
138ms Script
text/javascript 108.138.39.216
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.prod.uidapi.com/uid2SecureSignal.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306270101/pubads_impl.js?cb=31075705
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.39.216 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-39-216.muc50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a695b8b12c7d88355d0b1b33d6c643a7913bcfbeae91553bd7560019188b1032

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: null
Date: Tue, 27 Jun 2023 05:58:55 GMT
Via: 1.1 0c17d6e113cee388d94028cac715ecd2.cloudfront.net (CloudFront)
Last-Modified: Thu, 04 May 2023 00:14:06 GMT
Server: AmazonS3
X-Amz-Cf-Pop: MUC50-P2
Age: 83070
x-amz-server-side-encryption: AES256
ETag: "4d5acbf33f4a0592ac0515db92fe88e6"
X-Cache: Hit from cloudfront
Content-Type: text/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1858
X-Amz-Cf-Id: BHLxDl-c0Fa2jg2gQdS9I6afTnZMMyg9otJwBYuzF4dORdsrJKu57Q==

GET
H2 200 pubcid.min.js Show response
cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/ 732 B
878 B 410ms
133ms Script
application/javascript 151.101.65.229
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/pubcid.min.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306270101/pubads_impl.js?cb=31075705

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.65.229 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Wed, 28 Jun 2023 05:03:24 GMT
x-content-type-options: nosniff
content-encoding: br
age: 20617
x-jsd-version: master
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 439
x-served-by: cache-fra-eddf8230122-FRA
x-jsd-version-type: branch
etag: W/"2dc-IrZxm/sP4aqtIfs1EfEw6Dg5q1Y"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 esp.js Show response
cdn.id5-sync.com/api/1.0/ 102 KB
25 KB 222ms
81ms Script
text/javascript 104.22.53.86
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.id5-sync.com/api/1.0/esp.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306270101/pubads_impl.js?cb=31075705

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.22.53.86 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4924e12a30059184d9bd1c36294dcdf957f5f2da452209448b35a93aa785cca5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 05:03:23 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 22 Jun 2023 08:35:03 GMT
server: cloudflare
x-amz-request-id: F4YJZYC7J5Y19ZS1
age: 279
etag: W/"9b8b8eb50e4814cbdc325ce477c96910"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: text/javascript;charset=utf-8
cache-control: public, max-age=3600
cf-ray: 7de3620edc492dcd-TBS
x-amz-id-2: fDHMmQ29l+JGp6Nt7AIqLl7GDQ/JQHGgpkI8Fj+r5qPVBAlGHynGa4qcaKC+u9tGvyk8emXpg4M=

GET
H2 200 encrypted-tag-g.js Show response
invstatic101.creativecdn.com/encrypted-signals/ 2 KB
2 KB 403ms
132ms Script
text/javascript 34.96.70.87
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://invstatic101.creativecdn.com/encrypted-signals/encrypted-tag-g.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306270101/pubads_impl.js?cb=31075705
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.70.87 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 87.70.96.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 3b89401fea631023de67ae75bf8f246b1af109a9a4247c3862016949eacc462b

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 04:17:42 GMT
via: 1.1 google
age: 2742
x-guploader-uploadid: ADPycdu-zA8-hnvsT1A30m-b9ztT6SJU4sMJFIZpSh77aRlyOGVn0JWELDN76Lj4NjpGLb9dzcWxg-JZ9qW4Lfm4WNYXlA
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1938
last-modified: Thu, 27 Apr 2023 19:53:17 GMT
server: UploadServer
etag: "0a4a90264145ed4c5c647dae5dfb0429"
x-goog-generation: 1682625197861193
x-goog-hash: crc32c=jhvysQ==, md5=CkqQJkFF7UxcZH2uXfsEKQ==
content-type: text/javascript
cache-control: public,max-age=3600
x-goog-stored-content-length: 1938
accept-ranges: bytes

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 56 KB
19 KB 323ms
320ms XHR
text/plain 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3524534100599897&correlator=3982135580044263&eid=31072019%2C31075705&output=ldjh&gdfp_req=1&vrg=202306270101&ptt=17&impl=fif&us_privacy=1---&iu_parts=4899711%2Cwomen.sanook%2Cdesktop%2Chome%2Creadpage%2Cinviewadrequest&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4%2F5&prev_iu_szs=640x480%7C640x360&ifi=1&adks=2732521762&didk=2149787503&sfv=1-0-40&prev_scp=category%3Dauthor-profile-display%2Chome%2Cs-women-partner%26subcategory%3Dhometips%26tags%3Dcovid-19%2C%25E0%25B9%2582%25E0%25B8%2584%25E0%25B8%25A7%25E0%25B8%25B4%25E0%25B8%2594-19%2C%25E0%25B8%2589%25E0%25B8%25B2%25E0%25B8%2581%25E0%25B8%2581%25E0%25B8%25B1%25E0%25B9%2589%25E0%25B8%2599%25E0%25B9%2582%25E0%25B8%2584%25E0%25B8%25A7%25E0%25B8%25B4%25E0%25B8%2594-19%2C%25E0%25B8%2589%25E0%25B8%25B2%25E0%25B8%2581%25E0%25B8%2581%25E0%25B8%25B1%25E0%25B9%2589%25E0%25B8%2599%25E0%25B8%259E%25E0%25B8%25A5%25E0%25B8%25B2%25E0%25B8%25AA%25E0%25B8%2595%25E0%25B8%25B4%25E0%25B8%2581%2C%25E0%25B8%2589%25E0%25B8%25B2%25E0%25B8%2581%25E0%25B8%2581%25E0%25B8%25B1%25E0%25B9%2589%25E0%25B8%2599%2520pvc%2C%25E0%25B9%2580%25E0%25B8%2584%25E0%25B8%25A5%25E0%25B9%2587%25E0%25B8%2594%25E0%25B8%25A5%25E0%25B8%25B1%25E0%25B8%259A%25E0%25B9%2580%25E0%25B8%25A3%25E0%25B8%25B7%25E0%25B9%2588%25E0%25B8%25AD%25E0%25B8%2587%25E0%25B8%259A%25E0%25B9%2589%25E0%25B8%25B2%25E0%25B8%2599%2C%25E0%25B9%2581%25E0%25B8%2595%25E0%25B9%2588%25E0%25B8%2587%25E0%25B8%259A%25E0%25B9%2589%25E0%25B8%25B2%25E0%25B8%2599%26partner%3Ds-women-partner%26entry_id%3D220941&eri=1&ppid=87be735004d3ab42567f8fd2be7d673a&sc=1&cookie_enabled=1&abxe=1&dt=1687928603805&lmt=1687928603&dlt=1687928598125&idt=4741&adxs=1200&adys=1303&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=1&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fwww.sanook.com%2Fwomen%2F220941%2F&frm=20&vis=1&psz=400x-1&msz=400x-1&fws=512&ohw=0&ga_vid=1184271674.1687928600&ga_sid=1687928604&ga_hid=1565226986&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQYlomKg5AxSABSAghkEhkKCnB1YmNpZC5vcmcYlomKg5AxSABSAghkEh0KDmVzcC5jcml0ZW8uY29tGJWJioOQMUgAUgIIZBIUCgVvcGVueBiViYqDkDFIAFICCGQSGQoKdWlkYXBpLmNvbRiWiYqDkDFIAFICCGQSFwoIcnRiaG91c2UYlomKg5AxSABSAghkEhsKDGlkNS1zeW5jLmNvbRiWiYqDkDFIAFICCGQ.

Requested by

Host: www.sanook.com
URL: https://www.sanook.com/women/220941/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

cafe /

Resource Hash

57d130a294cfd6ac50429fa86234f0381598113601b34f0a26995a59a475252d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 05:03:24 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19053
x-xss-protection: 0
google-lineitem-id: 4741987593
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138239031270
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.sanook.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 27 KB
11 KB 182ms
179ms XHR
text/plain 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3524534100599897&correlator=4330801667686024&eid=31072019%2C31075705&output=ldjh&gdfp_req=1&vrg=202306270101&ptt=17&impl=fif&us_privacy=1---&iu_parts=4899711%2Cwomen.sanook%2Cdesktop%2Chome%2Creadpage%2Cuniversalb&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4%2F5&prev_iu_szs=1x1&ifi=2&adks=1396602897&didk=2096832714&sfv=1-0-40&prev_scp=category%3Dauthor-profile-display%2Chome%2Cs-women-partner%26subcategory%3Dhometips%26tags%3Dcovid-19%2C%25E0%25B9%2582%25E0%25B8%2584%25E0%25B8%25A7%25E0%25B8%25B4%25E0%25B8%2594-19%2C%25E0%25B8%2589%25E0%25B8%25B2%25E0%25B8%2581%25E0%25B8%2581%25E0%25B8%25B1%25E0%25B9%2589%25E0%25B8%2599%25E0%25B9%2582%25E0%25B8%2584%25E0%25B8%25A7%25E0%25B8%25B4%25E0%25B8%2594-19%2C%25E0%25B8%2589%25E0%25B8%25B2%25E0%25B8%2581%25E0%25B8%2581%25E0%25B8%25B1%25E0%25B9%2589%25E0%25B8%2599%25E0%25B8%259E%25E0%25B8%25A5%25E0%25B8%25B2%25E0%25B8%25AA%25E0%25B8%2595%25E0%25B8%25B4%25E0%25B8%2581%2C%25E0%25B8%2589%25E0%25B8%25B2%25E0%25B8%2581%25E0%25B8%2581%25E0%25B8%25B1%25E0%25B9%2589%25E0%25B8%2599%2520pvc%2C%25E0%25B9%2580%25E0%25B8%2584%25E0%25B8%25A5%25E0%25B9%2587%25E0%25B8%2594%25E0%25B8%25A5%25E0%25B8%25B1%25E0%25B8%259A%25E0%25B9%2580%25E0%25B8%25A3%25E0%25B8%25B7%25E0%25B9%2588%25E0%25B8%25AD%25E0%25B8%2587%25E0%25B8%259A%25E0%25B9%2589%25E0%25B8%25B2%25E0%25B8%2599%2C%25E0%25B9%2581%25E0%25B8%2595%25E0%25B9%2588%25E0%25B8%2587%25E0%25B8%259A%25E0%25B9%2589%25E0%25B8%25B2%25E0%25B8%2599%26partner%3Ds-women-partner%26entry_id%3D220941&eri=1&ppid=87be735004d3ab42567f8fd2be7d673a&sc=1&cookie_enabled=1&abxe=1&dt=1687928603819&lmt=1687928603&dlt=1687928598125&idt=4741&adxs=-12245933&adys=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fwww.sanook.com%2Fwomen%2F220941%2F&frm=20&vis=1&psz=0x0&msz=0x0&fws=128&ohw=0&ga_vid=1184271674.1687928600&ga_sid=1687928604&ga_hid=1565226986&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQYlomKg5AxSABSAghkEhkKCnB1YmNpZC5vcmcYlomKg5AxSABSAghkEh0KDmVzcC5jcml0ZW8uY29tGJWJioOQMUgAUgIIZBIUCgVvcGVueBiViYqDkDFIAFICCGQSGQoKdWlkYXBpLmNvbRiWiYqDkDFIAFICCGQSFwoIcnRiaG91c2UYlomKg5AxSABSAghkEhsKDGlkNS1zeW5jLmNvbRiWiYqDkDFIAFICCGQ.

Requested by

Host: www.sanook.com
URL: https://www.sanook.com/women/220941/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

cafe /

Resource Hash

179499f36d5bea583e01d4b176aaf461aa94be585275eb34fc9a099013e68e60

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 05:03:23 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11681
x-xss-protection: 0
google-lineitem-id: 5582840632
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138373742424
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.sanook.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 67 KB
17 KB 442ms
439ms XHR
text/plain 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3524534100599897&correlator=2779344772795467&eid=31072019%2C31075705&output=ldjh&gdfp_req=1&vrg=202306270101&ptt=17&impl=fif&us_privacy=1---&iu_parts=4899711%2Cwomen.sanook%2Cdesktop%2Chome%2Creadpage%2Cinviewarticle&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4%2F5&prev_iu_szs=640x480%7C300x250%7C640x360%7C336x280%7C320x480&ifi=3&adks=2428001358&didk=1005935157&sfv=1-0-40&prev_scp=category%3Dauthor-profile-display%2Chome%2Cs-women-partner%26subcategory%3Dhometips%26tags%3Dcovid-19%2C%25E0%25B9%2582%25E0%25B8%2584%25E0%25B8%25A7%25E0%25B8%25B4%25E0%25B8%2594-19%2C%25E0%25B8%2589%25E0%25B8%25B2%25E0%25B8%2581%25E0%25B8%2581%25E0%25B8%25B1%25E0%25B9%2589%25E0%25B8%2599%25E0%25B9%2582%25E0%25B8%2584%25E0%25B8%25A7%25E0%25B8%25B4%25E0%25B8%2594-19%2C%25E0%25B8%2589%25E0%25B8%25B2%25E0%25B8%2581%25E0%25B8%2581%25E0%25B8%25B1%25E0%25B9%2589%25E0%25B8%2599%25E0%25B8%259E%25E0%25B8%25A5%25E0%25B8%25B2%25E0%25B8%25AA%25E0%25B8%2595%25E0%25B8%25B4%25E0%25B8%2581%2C%25E0%25B8%2589%25E0%25B8%25B2%25E0%25B8%2581%25E0%25B8%2581%25E0%25B8%25B1%25E0%25B9%2589%25E0%25B8%2599%2520pvc%2C%25E0%25B9%2580%25E0%25B8%2584%25E0%25B8%25A5%25E0%25B9%2587%25E0%25B8%2594%25E0%25B8%25A5%25E0%25B8%25B1%25E0%25B8%259A%25E0%25B9%2580%25E0%25B8%25A3%25E0%25B8%25B7%25E0%25B9%2588%25E0%25B8%25AD%25E0%25B8%2587%25E0%25B8%259A%25E0%25B9%2589%25E0%25B8%25B2%25E0%25B8%2599%2C%25E0%25B9%2581%25E0%25B8%2595%25E0%25B9%2588%25E0%25B8%2587%25E0%25B8%259A%25E0%25B9%2589%25E0%25B8%25B2%25E0%25B8%2599%26partner%3Ds-women-partner%26entry_id%3D220941&eri=1&ppid=87be735004d3ab42567f8fd2be7d673a&sc=1&cookie_enabled=1&abxe=1&dt=1687928603823&lmt=1687928603&dlt=1687928598125&idt=4741&adxs=279&adys=4682&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=2&ucis=3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fwww.sanook.com%2Fwomen%2F220941%2F&frm=20&vis=1&psz=728x0&msz=728x0&fws=0&ohw=0&ga_vid=1184271674.1687928600&ga_sid=1687928604&ga_hid=1565226986&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQYlomKg5AxSABSAghkEhkKCnB1YmNpZC5vcmcYlomKg5AxSABSAghkEh0KDmVzcC5jcml0ZW8uY29tGJWJioOQMUgAUgIIZBIUCgVvcGVueBiViYqDkDFIAFICCGQSGQoKdWlkYXBpLmNvbRiWiYqDkDFIAFICCGQSFwoIcnRiaG91c2UYlomKg5AxSABSAghkEhsKDGlkNS1zeW5jLmNvbRiWiYqDkDFIAFICCGQ.

Requested by

Host: www.sanook.com
URL: https://www.sanook.com/women/220941/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

cafe /

Resource Hash

3a6dd89113e4ac5370c05fa1239fa2b3bd7daec9988e214698bb4337d7055e32

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 05:03:24 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 17477
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.sanook.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 26 KB
12 KB 402ms
399ms XHR
text/plain 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3524534100599897&correlator=3480862848560109&eid=31072019%2C31075705&output=ldjh&gdfp_req=1&vrg=202306270101&ptt=17&impl=fif&us_privacy=1---&iu_parts=4899711%2Cwomen.sanook%2Cdesktop%2Chome%2Creadpage%2Cbillboard&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4%2F5&prev_iu_szs=1x1%7C1150x90%7C1090x250%7C728x90&ifi=4&adks=2779983359&didk=498303882&sfv=1-0-40&prev_scp=category%3Dauthor-profile-display%2Chome%2Cs-women-partner%26subcategory%3Dhometips%26tags%3Dcovid-19%2C%25E0%25B9%2582%25E0%25B8%2584%25E0%25B8%25A7%25E0%25B8%25B4%25E0%25B8%2594-19%2C%25E0%25B8%2589%25E0%25B8%25B2%25E0%25B8%2581%25E0%25B8%2581%25E0%25B8%25B1%25E0%25B9%2589%25E0%25B8%2599%25E0%25B9%2582%25E0%25B8%2584%25E0%25B8%25A7%25E0%25B8%25B4%25E0%25B8%2594-19%2C%25E0%25B8%2589%25E0%25B8%25B2%25E0%25B8%2581%25E0%25B8%2581%25E0%25B8%25B1%25E0%25B9%2589%25E0%25B8%2599%25E0%25B8%259E%25E0%25B8%25A5%25E0%25B8%25B2%25E0%25B8%25AA%25E0%25B8%2595%25E0%25B8%25B4%25E0%25B8%2581%2C%25E0%25B8%2589%25E0%25B8%25B2%25E0%25B8%2581%25E0%25B8%2581%25E0%25B8%25B1%25E0%25B9%2589%25E0%25B8%2599%2520pvc%2C%25E0%25B9%2580%25E0%25B8%2584%25E0%25B8%25A5%25E0%25B9%2587%25E0%25B8%2594%25E0%25B8%25A5%25E0%25B8%25B1%25E0%25B8%259A%25E0%25B9%2580%25E0%25B8%25A3%25E0%25B8%25B7%25E0%25B9%2588%25E0%25B8%25AD%25E0%25B8%2587%25E0%25B8%259A%25E0%25B9%2589%25E0%25B8%25B2%25E0%25B8%2599%2C%25E0%25B9%2581%25E0%25B8%2595%25E0%25B9%2588%25E0%25B8%2587%25E0%25B8%259A%25E0%25B9%2589%25E0%25B8%25B2%25E0%25B8%2599%26partner%3Ds-women-partner%26entry_id%3D220941&eri=1&ppid=87be735004d3ab42567f8fd2be7d673a&sc=1&cookie_enabled=1&abxe=1&dt=1687928603826&lmt=1687928603&dlt=1687928598125&idt=4741&adxs=225&adys=-90&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fwww.sanook.com%2Fwomen%2F220941%2F&frm=20&vis=1&psz=1150x-1&msz=1150x-1&fws=4&ohw=1150&ga_vid=1184271674.1687928600&ga_sid=1687928604&ga_hid=1565226986&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQYlomKg5AxSABSAghkEhkKCnB1YmNpZC5vcmcYlomKg5AxSABSAghkEh0KDmVzcC5jcml0ZW8uY29tGJWJioOQMUgAUgIIZBIUCgVvcGVueBiViYqDkDFIAFICCGQSGQoKdWlkYXBpLmNvbRiWiYqDkDFIAFICCGQSFwoIcnRiaG91c2UYlomKg5AxSABSAghkEhsKDGlkNS1zeW5jLmNvbRiWiYqDkDFIAFICCGQ.

Requested by

Host: www.sanook.com
URL: https://www.sanook.com/women/220941/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

cafe /

Resource Hash

89548297e461ee363c33f97f4b761cfd9a4cba8d3dd34e915e4b95ee61d77441

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 05:03:24 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12406
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.sanook.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
7b396d131b51a631f1f56b13a95d7996.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 7408 6 KB
3 KB 425ms
141ms Document
text/html 142.250.186.161
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://7b396d131b51a631f1f56b13a95d7996.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306270101/pubads_impl.js?cb=31075705

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.161 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f1.1e100.net

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.sanook.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: ka-GE,ka;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 28 Jun 2023 05:03:24 GMT
expires: Thu, 27 Jun 2024 05:03:24 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 200
OK d
dc.sanook.com/sanookStat/userActBinary/ Frame 6010 0
130 B 6067ms
382ms Image
text/plain 61.91.93.45
TRUEINTERNET-AS-A...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dc.sanook.com/sanookStat/userActBinary/d?v=1&_v=j41&a=1350317497&t=pageview&_s=1&dl=https%3A%2F%2Fwww.sanook.com%2Fvideo%2Fembed%2Fclip%2F1537276%2F%3FplayerType%3Dvideo-js&ul=en-us&de=UTF-8&dt=%E0%B8%94%E0%B8%B9%E0%B8%94%E0%B8%A7%E0%B8%87%E0%B8%9B%E0%B8%A3%E0%B8%B0%E0%B8%88%E0%B8%B3%E0%B8%AA%E0%B8%B1%E0%B8%9B%E0%B8%94%E0%B8%B2%E0%B8%AB%E0%B9%8C%2016-30%20%E0%B8%A1%E0%B8%B4%E0%B8%96%E0%B8%B8%E0%B8%99%E0%B8%B2%E0%B8%A2%E0%B8%99%202566%20%3AEmbed%20Video&sd=24-bit&sr=1600x1200&vp=728x410&je=0&cd1=newsgroup&cd4=0&cd13=%E0%B8%84%E0%B8%A5%E0%B8%B4%E0%B8%9B%E0%B8%99%E0%B9%88%E0%B8%B2%E0%B8%AA%E0%B8%99%E0%B9%83%E0%B8%88&cd14=%E0%B8%94%E0%B8%A7%E0%B8%87%E0%B8%9B%E0%B8%A3%E0%B8%B0%E0%B8%88%E0%B8%B3%E0%B8%AA%E0%B8%B1%E0%B8%9B%E0%B8%94%E0%B8%B2%E0%B8%AB%E0%B9%8C&cd15=1537276&cd16=user%20generated%20content%20(ugc)&cd21=37&cd22=video&cd23=embedplayer&cd33=%E0%B8%84%E0%B8%A5%E0%B8%B4%E0%B8%9B%E0%B8%99%E0%B9%88%E0%B8%B2%E0%B8%AA%E0%B8%99%E0%B9%83%E0%B8%88%2C%E0%B8%94%E0%B8%A7%E0%B8%87%E0%B8%9B%E0%B8%A3%E0%B8%B0%E0%B8%88%E0%B8%B3%E0%B8%AA%E0%B8%B1%E0%B8%9B%E0%B8%94%E0%B8%B2%E0%B8%AB%E0%B9%8C%2C%E0%B8%94%E0%B8%B9%E0%B8%94%E0%B8%A7%E0%B8%87%2CHoriscope%20Clip&cd34=video&cd35=newsgroup&cd36=mystery&_gid=1412767983.1687928600&_u=AAAAAEABC~&cid=1184271674.1687928600&tid=DC-8147095-6&z=47849178
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/video/embed/clip/1537276/?playerType=video-js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 61.91.93.45 Bangkok, Thailand, ASN7470 (TRUEINTERNET-AS-AP TRUE INTERNET Co.,Ltd., TH),
Reverse DNS: 61-91-93-45.static.asianet.co.th
Software: / ARR/3.0
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Wed, 28 Jun 2023 14:47:56 GMT
X-Powered-By: ARR/3.0
Content-Length: 0

POST
H3 200 / Show response
www.facebook.com/tr/ Frame 46B7 0
15 B 133ms
132ms Document
text/plain 157.240.251.35
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Host: www.sanook.com
URL: https://www.sanook.com/video/embed/clip/1537276/?playerType=video-js

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.251.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-01-fra5.facebook.com

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Content-Type: application/x-www-form-urlencoded
Origin: https://www.sanook.com
Referer: https://www.sanook.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: ka-GE,ka;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-origin: https://www.sanook.com
alt-svc: h3=":443"; ma=86400
content-length: 0
content-type: text/plain
cross-origin-resource-policy: cross-origin
date: Wed, 28 Jun 2023 05:03:23 GMT
priority: u=0,i
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains

GET
H2 200 videojs-hlsjs-plugin.js Show response
cdn.streamroot.io/videojs-hlsjs-plugin/1/stable/ Frame 6010 236 KB
71 KB 524ms
179ms Script
application/javascript 207.120.36.69
LEVEL3

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.streamroot.io/videojs-hlsjs-plugin/1/stable/videojs-hlsjs-plugin.js
Requested by: Host: s.isanook.com
URL: https://s.isanook.com/sr/0/_next/static/chunks/pages/_app-dd35ddff6c3a8a09f528.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 207.120.36.69 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: /
Resource Hash: f022d004b222efee610e30fd68b5be41fe393cfe9212ad27612762bf08e6938e

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 05:03:24 GMT
x-amz-version-id: Y7fWyjM.VjxPjeforXx3R_XdWuNXr1zZ
section-io-cache-id: 3a93c43608506bb0d5b5b7511603b7f5
via: 1.1 varnish (Varnish/6.6)
x-amz-request-id: 6SWY67DAPASV3V7G
age: 0
content-encoding: gzip
x-amz-meta-version: 1.0.16
section-io-cache: Hit
x-amz-id-2: 1vev3JUVvPoXIeRk3/Mcn4zGqEbN+tJVQ4RB91o65i5GfBWdcZ3Ei8WNbyUaNI7taC+F2MeDC1o=
last-modified: Thu, 03 Feb 2022 16:33:36 GMT
etag: W/"605e257f5b6ad2780ea4f907a0f1157e"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: application/javascript
x-varnish: 1085864 30
access-control-allow-origin: *
cache-control: must-revalidate, max-age=600
section-io-id: d1454653db71444d036a2bdc596d90d7

GET
H2 200 videojs-contrib-ads.min.js Show response
s.isanook.com/sr/0/js/videojs-v8/ Frame 6010 30 KB
9 KB 130ms
129ms Script
application/javascript 43.152.44.81
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to

Full URL: https://s.isanook.com/sr/0/js/videojs-v8/videojs-contrib-ads.min.js
Requested by: Host: s.isanook.com
URL: https://s.isanook.com/sr/0/_next/static/chunks/pages/_app-dd35ddff6c3a8a09f528.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 43.152.44.81 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: Lego Server /
Resource Hash: 1fbcc7f3b789fe32c35941497b721bb531abec0f03d77ccdee56119af3f27bdc

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 07:32:12 GMT
content-encoding: gzip
x-cache-lookup: Cache Hit
last-modified: Wed, 21 Jun 2023 07:17:48 GMT
server: Lego Server
age: 0
etag: W/"6492a41c-78f4"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000, s-maxage=10
x-nws-log-uuid: 3467892510573054206
accept-ranges: bytes
content-length: 8964
expires: Fri, 21 Jul 2023 07:32:12 GMT

GET
H2 200 videojs-ima.min.js Show response
s.isanook.com/sr/0/js/videojs-v8/ Frame 6010 47 KB
10 KB 131ms
130ms Script
application/javascript 43.152.44.81
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to

Full URL: https://s.isanook.com/sr/0/js/videojs-v8/videojs-ima.min.js
Requested by: Host: s.isanook.com
URL: https://s.isanook.com/sr/0/_next/static/chunks/pages/_app-dd35ddff6c3a8a09f528.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 43.152.44.81 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: Lego Server /
Resource Hash: 64faf061ed09cea996b42e0975d7b0425b77b4b50967b211bd5cf375508df564

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 07:31:36 GMT
content-encoding: gzip
x-cache-lookup: Cache Hit
last-modified: Wed, 21 Jun 2023 07:17:48 GMT
server: Lego Server
age: 0
etag: W/"6492a41c-bb01"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000, s-maxage=10
x-nws-log-uuid: 15175867114999527116
accept-ranges: bytes
content-length: 9880
expires: Fri, 21 Jul 2023 07:31:36 GMT

GET
H2 200 videojs-titleoverlay.js Show response
s.isanook.com/sr/0/js/videojs-v8/ Frame 6010 6 KB
2 KB 130ms
130ms Script
application/javascript 43.152.44.81
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to

Full URL: https://s.isanook.com/sr/0/js/videojs-v8/videojs-titleoverlay.js
Requested by: Host: s.isanook.com
URL: https://s.isanook.com/sr/0/_next/static/chunks/pages/_app-dd35ddff6c3a8a09f528.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 43.152.44.81 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: Lego Server /
Resource Hash: 9c3414876f3603f781a46bc8642c58b25d5ebd027f56367f0a1487de285c6e63

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Jun 2023 20:13:53 GMT
content-encoding: gzip
x-cache-lookup: Cache Hit
last-modified: Fri, 23 Jun 2023 02:34:07 GMT
server: Lego Server
age: 0
etag: W/"6495049f-1747"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000, s-maxage=10
x-nws-log-uuid: 15009422074860907551
accept-ranges: bytes
content-length: 1818
expires: Wed, 26 Jul 2023 20:13:53 GMT

GET
H2 200 videojs-vtt-thumbnails.min.js Show response
s.isanook.com/sr/0/js/videojs-v8/ Frame 6010 13 KB
3 KB 131ms
130ms Script
application/javascript 43.152.44.81
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to

Full URL: https://s.isanook.com/sr/0/js/videojs-v8/videojs-vtt-thumbnails.min.js
Requested by: Host: s.isanook.com
URL: https://s.isanook.com/sr/0/_next/static/chunks/pages/_app-dd35ddff6c3a8a09f528.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 43.152.44.81 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: Lego Server /
Resource Hash: b79ae3695c2658408d8e846750080aed460c56994fe8cbfcfa0bd1b77e249604

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 07:31:36 GMT
content-encoding: gzip
x-cache-lookup: Cache Hit
last-modified: Wed, 21 Jun 2023 07:17:48 GMT
server: Lego Server
age: 0
etag: W/"6492a41c-3219"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000, s-maxage=10
x-nws-log-uuid: 14766270593133916171
accept-ranges: bytes
content-length: 3295
expires: Fri, 21 Jul 2023 07:31:36 GMT

POST
H2 204 collect
analytics.google.com/g/ Frame 6010 0
54 B 138ms
137ms Ping
text/plain 216.239.38.181
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-M0RYDTKBFK&gtm=45je36q0&_p=338464037&cid=1184271674.1687928600&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&dl=https%3A%2F%2Fwww.sanook.com%2Fvideo%2Fembed%2Fclip%2F1537276%2F%3FplayerType%3Dvideo-js&sid=1687928600&sct=1&seg=1&dr=https%3A%2F%2Fwww.sanook.com%2Fwomen%2F220941%2F&dt=%E0%B8%94%E0%B8%B9%E0%B8%94%E0%B8%A7%E0%B8%87%E0%B8%9B%E0%B8%A3%E0%B8%B0%E0%B8%88%E0%B8%B3%E0%B8%AA%E0%B8%B1%E0%B8%9B%E0%B8%94%E0%B8%B2%E0%B8%AB%E0%B9%8C%2016-30%20%E0%B8%A1%E0%B8%B4%E0%B8%96%E0%B8%B8%E0%B8%99%E0%B8%B2%E0%B8%A2%E0%B8%99%202566%20%3AEmbed%20Video&en=page_view&ep.content_editor=newsgroup&ep.content_source=newsgroup&ep.content_category=mystery&ep.user_session_id=1687928603196.9xvpsbfz&ep.content_tag_primary=%E0%B8%84%E0%B8%A5%E0%B8%B4%E0%B8%9B%E0%B8%99%E0%B9%88%E0%B8%B2%E0%B8%AA%E0%B8%99%E0%B9%83%E0%B8%88&ep.content_tag_secondary=%E0%B8%94%E0%B8%A7%E0%B8%87%E0%B8%9B%E0%B8%A3%E0%B8%B0%E0%B8%88%E0%B8%B3%E0%B8%AA%E0%B8%B1%E0%B8%9B%E0%B8%94%E0%B8%B2%E0%B8%AB%E0%B9%8C&ep.content_unique_id=1537276&ep.content_editorial_type=user%20generated%20content%20(ugc)&ep.content_number_of_characters=37&ep.content_channel=video&ep.content_page_format=embedplayer&ep.content_tags=%E0%B8%84%E0%B8%A5%E0%B8%B4%E0%B8%9B%E0%B8%99%E0%B9%88%E0%B8%B2%E0%B8%AA%E0%B8%99%E0%B9%83%E0%B8%88%2C%E0%B8%94%E0%B8%A7%E0%B8%87%E0%B8%9B%E0%B8%A3%E0%B8%B0%E0%B8%88%E0%B8%B3%E0%B8%AA%E0%B8%B1%E0%B8%9B%E0%B8%94%E0%B8%B2%E0%B8%AB%E0%B9%8C%2C%E0%B8%94%E0%B8%B9%E0%B8%94%E0%B8%A7%E0%B8%87%2CHoriscope%20Clip&ep.content_type=video&ep.adblock_tracker=false&ep.article_read=1&epn.user_non_personalized_ads=2&upn.user_login=0
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-M0RYDTKBFK&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 216.239.38.181 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 28 Jun 2023 05:03:23 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.sanook.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 abtests
il-trc-events.taboola.com/sanook/log/3/ 0
362 B 240ms
239ms Image
text/plain 185.106.33.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://il-trc-events.taboola.com/sanook/log/3/abtests?route=AM:IL:V&lti=deflated&ri=ef388e4c439b85c2273328a682ab3d80&sd=v2_cc9298280d251f6dc0759311146b2de7_3c291396-702d-4cf3-a32f-583610550673-tuctb95449a_1687928602_1687928602_CNawjgYQgeA9GL78iYOQMSABKAEwTzj74glAho4QSLLZ2ANQ____________AVgAYABosa_ptcr9986tAXAB&ui=3c291396-702d-4cf3-a32f-583610550673-tuctb95449a&pi=/women/220941&wi=-3636414332327407013&pt=text&vi=1687928602174&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22feed-distance-from-article-end%22%2C%22type%22%3A%221185.671875%22%2C%22eventTime%22%3A1687928603915%7D&tim=05%3A03%3A23.915&id=3681&llvl=2&cv=20230627-7-RELEASE&
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/women/220941/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Wed, 28 Jun 2023 05:03:24 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H2 204 debug
il-trc-events.taboola.com/sanook/log/2/ 0
90 B 231ms
231ms Image
text/plain 185.106.33.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://il-trc-events.taboola.com/sanook/log/2/debug?tim=05%3A03%3A23.922&type=warn&msg=video%20tag%20loader%20-%20didn%27t%20find%20enough%20sponsored%20items%20for%20integrated%20widget%20replacement&llvl=2&id=282&cv=20230627-7-RELEASE&lt=deflated&pct=1
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/women/220941/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 05:03:24 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 103308

GET
H2 200 spa-detector.20230627-7-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ 2 KB
1 KB 137ms
136ms Script
application/javascript 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/spa-detector.20230627-7-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/sanook/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c0905692ca87c28ed7f0c12ad5e300868a6087d813c527529f9df3958838c4b9

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: PKR31XY1PigGlJb86K4anZIuVOeRAkI8
content-encoding: gzip
via: 1.1 varnish
date: Wed, 28 Jun 2023 05:03:24 GMT
x-amz-request-id: ZFZ64WD7AEYJ1S0X
age: 66435
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 810
x-amz-id-2: cuNRLI9CYgoQ7QEHc4FRhn2GzUblLykWu9z0RK27x+uGwMC5uFCRTnDi05yCiU5FaYRjZS+EBiM=
x-served-by: cache-mxp6942-MXP
last-modified: Tue, 27 Jun 2023 10:36:09 GMT
server: AmazonS3
x-tbl-debug: bestatus=200,beresp=OK
x-timer: S1687928604.005093,VS0,VE0
etag: "701f2deb549c97f4bf0d7307087863ad"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 32
access-control-allow-origin: *
cache-control: private,max-age=2629743
accept-ranges: bytes
x-cache-hits: 49245

GET
H2 204 supply-feature
il-trc-events.taboola.com/sanook/log/3/ 0
362 B 230ms
229ms Image
text/plain 185.106.33.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://il-trc-events.taboola.com/sanook/log/3/supply-feature?route=AM:IL:V&lti=deflated&ri=ef388e4c439b85c2273328a682ab3d80&sd=v2_cc9298280d251f6dc0759311146b2de7_3c291396-702d-4cf3-a32f-583610550673-tuctb95449a_1687928602_1687928602_CNawjgYQgeA9GL78iYOQMSABKAEwTzj74glAho4QSLLZ2ANQ____________AVgAYABosa_ptcr9986tAXAB&ui=3c291396-702d-4cf3-a32f-583610550673-tuctb95449a&pi=/women/220941&wi=-3636414332327407013&pt=text&vi=1687928602174&d=%7B%22event_type%22%3A%22EXPLORE_MORE%22%2C%22event_state%22%3A%22AVAILABLE%22%2C%22event_value%22%3A%22%22%2C%22event_msg%22%3A%22%22%2C%22event_key%22%3A%22%22%7D&tim=05%3A03%3A23.927&id=4840&llvl=2&cv=20230627-7-RELEASE&
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/women/220941/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Wed, 28 Jun 2023 05:03:24 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H2 204 abtests
il-trc-events.taboola.com/sanook/log/3/ 0
362 B 232ms
231ms Image
text/plain 185.106.33.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://il-trc-events.taboola.com/sanook/log/3/abtests?route=AM:IL:V&lti=deflated&ri=ef388e4c439b85c2273328a682ab3d80&sd=v2_cc9298280d251f6dc0759311146b2de7_3c291396-702d-4cf3-a32f-583610550673-tuctb95449a_1687928602_1687928602_CNawjgYQgeA9GL78iYOQMSABKAEwTzj74glAho4QSLLZ2ANQ____________AVgAYABosa_ptcr9986tAXAB&ui=3c291396-702d-4cf3-a32f-583610550673-tuctb95449a&pi=/women/220941&wi=-3636414332327407013&pt=text&vi=1687928602174&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22explore-more%22%2C%22type%22%3A%22header%20found%22%2C%22eventTime%22%3A1687928603928%7D&tim=05%3A03%3A23.928&id=1277&llvl=2&cv=20230627-7-RELEASE&
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/women/220941/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Wed, 28 Jun 2023 05:03:24 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H2 204 supply-feature
il-trc-events.taboola.com/sanook/log/3/ 0
362 B 232ms
232ms Image
text/plain 185.106.33.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://il-trc-events.taboola.com/sanook/log/3/supply-feature?route=AM:IL:V&lti=deflated&ri=ef388e4c439b85c2273328a682ab3d80&sd=v2_cc9298280d251f6dc0759311146b2de7_3c291396-702d-4cf3-a32f-583610550673-tuctb95449a_1687928602_1687928602_CNawjgYQgeA9GL78iYOQMSABKAEwTzj74glAho4QSLLZ2ANQ____________AVgAYABosa_ptcr9986tAXAB&ui=3c291396-702d-4cf3-a32f-583610550673-tuctb95449a&pi=/women/220941&wi=-3636414332327407013&pt=text&vi=1687928602174&d=%7B%22event_type%22%3A%22EXPLORE_MORE%22%2C%22event_state%22%3A%22CLICKABLE%22%2C%22event_value%22%3A%22tblOriginalState%3A%20true%2C%20%22%2C%22event_msg%22%3A%22back%20button%20enabled%2C%20history%20changed.%22%2C%22event_key%22%3A%22%22%7D&tim=05%3A03%3A23.929&id=8154&llvl=2&cv=20230627-7-RELEASE&
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/women/220941/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Wed, 28 Jun 2023 05:03:24 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H2 204 abtests
il-trc-events.taboola.com/sanook/log/3/ 0
362 B 231ms
231ms Image
text/plain 185.106.33.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://il-trc-events.taboola.com/sanook/log/3/abtests?route=AM:IL:V&lti=deflated&ri=ef388e4c439b85c2273328a682ab3d80&sd=v2_cc9298280d251f6dc0759311146b2de7_3c291396-702d-4cf3-a32f-583610550673-tuctb95449a_1687928602_1687928602_CNawjgYQgeA9GL78iYOQMSABKAEwTzj74glAho4QSLLZ2ANQ____________AVgAYABosa_ptcr9986tAXAB&ui=3c291396-702d-4cf3-a32f-583610550673-tuctb95449a&pi=/women/220941&wi=-3636414332327407013&pt=text&vi=1687928602174&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22explore-more%22%2C%22type%22%3A%22explore-more-available%22%2C%22eventTime%22%3A1687928603931%7D&tim=05%3A03%3A23.931&id=3758&llvl=2&cv=20230627-7-RELEASE&
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/women/220941/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Wed, 28 Jun 2023 05:03:24 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H2 200 css2
fonts.googleapis.com/ 4 KB
942 B 430ms
143ms Stylesheet
text/css 142.250.185.106
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Encode%20Sans:wght@400;600;700

Requested by

Host: cdn.taboola.com
URL: https://cdn.taboola.com/ui-ab-tests/em-different-fonts/em-different-fonts.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.106 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f10.1e100.net

Software

ESF /

Resource Hash

93024aa94f49cd25fc69986bf962db245afc6879b3101d3fa2d58bfcb963e78d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 28 Jun 2023 05:03:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 28 Jun 2023 05:03:24 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 28 Jun 2023 05:03:24 GMT

POST
H2 204 bulk-metrics Show response
il-trc-events.taboola.com/sanook/log/3/ 0
377 B 187ms
187ms XHR
text/plain 185.106.33.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://il-trc-events.taboola.com/sanook/log/3/bulk-metrics?route=AM%3AIL%3AV&lti=deflated&bulkSize=1
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/women/220941/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.sanook.com/
accept-language: ka-GE,ka;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://www.sanook.com
pragma: no-cache
date: Wed, 28 Jun 2023 05:03:24 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H/1.1 200
OK /
avd.innity.com/dc/ Frame 6010 43 B
600 B 1100ms
369ms Image
image/gif 119.81.216.16
SOFTLAYER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://avd.innity.com/dc/?cl=225&cuid=5f6fcfd0f0469f38826f16b8ae2bcdee&cb=1687928603982&douid=&sess=76488593.225.1687928603980&dur=0&ref=https%3A%2F%2Fwww.sanook.com%2Fwomen%2F220941%2F&srf=&pk=&pt=%E2%80%9C%E0%B8%89%E0%B8%B2%E0%B8%81%E0%B8%81%E0%B8%B1%E0%B9%89%E0%B8%99%E0%B9%82%E0%B8%84%E0%B8%A7%E0%B8%B4%E0%B8%94-19%E2%80%9D%20%E0%B8%AD%E0%B8%A2%E0%B8%B2%E0%B8%81%E0%B9%84%E0%B8%94%E0%B9%89%20%E0%B8%97%E0%B8%B3%E0%B9%80%E0%B8%AD%E0%B8%87%20%E0%B8%AB%E0%B8%A3%E0%B8%B7%E0%B8%AD%E0%B8%97%E0%B8%B5%E0%B9%88%E0%B9%84%E0%B8%AB%E0%B8%99%E0%B8%A1%E0%B8%B5%E0%B8%82%E0%B8%B2%E0%B8%A2%E0%B8%9A%E0%B9%89%E0%B8%B2%E0%B8%87&sr=1600x1200&ul=en-US&de=UTF-8&vp=1600x1200
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/video/embed/clip/1537276/?playerType=video-js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 119.81.216.16 , Singapore, ASN36351 (SOFTLAYER, US),
Reverse DNS: 10.d8.5177.ip4.static.sl-reverse.com
Software: Apache /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 28 Jun 2023 05:03:24 GMT
Last-Modified: Wed, 28 Jun 2023 05:03:24 GMT
Server: Apache
P3P: policyref=http://www.innity.com/p3p/p3p.xml,CP="CURa ADMa DEVa OUR BUS UNI COM NAV INT"
Content-Type: image/gif
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Content-Length: 43
Expires: Wed, 04 Aug 1985 12:59:00 GMT

GET
H/1.1 200
OK /
avd.innity.com/sync/ Frame 6010 43 B
471 B 1723ms
992ms Image
image/gif 119.81.216.16
SOFTLAYER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://avd.innity.com/sync/?partner=innity&token=5f6fcfd0f0469f38826f16b8ae2bcdee&type=cookie&itmcb=1687928603983
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/video/embed/clip/1537276/?playerType=video-js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 119.81.216.16 , Singapore, ASN36351 (SOFTLAYER, US),
Reverse DNS: 10.d8.5177.ip4.static.sl-reverse.com
Software: Apache /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 28 Jun 2023 05:03:25 GMT
Last-Modified: Wed, 28 Jun 2023 05:03:25 GMT
Server: Apache
P3P: policyref=http://www.innity.com/p3p/p3p.xml,CP="CURa ADMa DEVa OUR BUS UNI COM NAV INT"
Content-Type: image/gif
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Content-Length: 43
Expires: Wed, 04 Aug 1985 12:59:00 GMT

GET
H2 200 PugMaster Show response
image6.pubmatic.com/AdServer/ Frame 56F3 4 KB
4 KB 469ms
147ms Script
text/html 185.64.190.78
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=89683873&p=155976&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=1---
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=155976
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: 2b1b0887304a18419d7cd3f97a53310197a1f8783737b823147a5c891c6e6dcc

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type: text/html; charset=UTF-8
date: Wed, 28 Jun 2023 05:03:24 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H2 200 AGSKWxW9n39oNPAVpSDVNx8JbY8ycLWv6wos08H056G4YVRPP-NV1rfajTsXsIJsAnfi6mYnX7Gh72H66sEErfryJOYstLOYUzg3G8XrdsmBHJ99vhVOjw0uMycPhz3knQi1_LzGikpZHg== Show response
fundingchoicesmessages.google.com/f/ 13 KB
6 KB 187ms
187ms Script
application/javascript 142.250.181.238
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxW9n39oNPAVpSDVNx8JbY8ycLWv6wos08H056G4YVRPP-NV1rfajTsXsIJsAnfi6mYnX7Gh72H66sEErfryJOYstLOYUzg3G8XrdsmBHJ99vhVOjw0uMycPhz3knQi1_LzGikpZHg==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNjg3OTI4NjA0LDE1MDAwMDAwXSwiNUNCMDA0ODItRkVEMS00NUEyLTgyQ0UtRERFMURCQjIzRUY1IixudWxsLG51bGwsW251bGwsWzcsMTBdXSwiaHR0cHM6Ly93d3cuc2Fub29rLmNvbS93b21lbi8yMjA5NDEvIixudWxsLFtbOCwiSWN1ZlFJTEVTcGMiXSxbOSwiZW4tVVMiXSxbMTYsIlsxLDEsMV0iXSxbMTksIjIiXV1d

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.238 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f14.1e100.net

Software

ESF /

Resource Hash

97154d299252283a6f591aea0b5984c7db3609792007852d753dd491be860180

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-B52VZsvkPo8SgzB-QE07PQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 05:03:24 GMT
content-security-policy: script-src 'report-sample' 'nonce-B52VZsvkPo8SgzB-QE07PQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame F8C5 0
0 183ms
183ms Fetch
image/gif 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjss6wyij_ILcQuncvLOHPC58qIAVaPH176jIkMZ1UoTa6nc3EJeCNC7x1ePr_wKom4dV_LBkbXHKHLceEBJZpaJusw-a430cxvPXyI4sID4RSlkw0f01OOHzOyn2jUdL6GKGesYBT6YW9nOLkRy8jtC7xABK3luKBVmjAyqY_8qPMz9JC7SQxsw1Ou264lpC-x-lD4PcgOvJPQsRpALGccCnTK9CBtDpGviZTFSz0G9_8YHnK8yQCBLrg5lFda-DJrm2g4y8O7Ofyzjw0w4Enuhpu0VcB6YmhUtOctmGTg5TocHDAAxcBuXtSZtWmGdcAIRe9HxcCXycMhDDUcT91B1RlYRX0vInOS1zBEmIpDj884bo&sai=AMfl-YSmc5G9l9PRnHFVQ5K89P96BRAd_ozhOH7mcF6DcV9XzlnrvinXlKmXndCIHvsO2KtTr0nsbX1yRgskd_AWZIajh8AiaIz9flFEMoJoV4BI6vESj_GyPtFEzZKHoIMjDNz_nbEU2f6RdKvJHjHR6wk&sig=Cg0ArKJSzAWhB9loI8giEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: www.sanook.com
URL: https://www.sanook.com/women/220941/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 05:03:24 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ Frame F8C5 85 KB
27 KB 277ms
276ms Script
text/javascript 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306270101/pubads_impl.js?cb=31075705

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

cafe /

Resource Hash

414ffa2cfb16d4cab6ba693f1dc1d4682a4f2a08e3d9aa8536cf1dcac822eca2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 05:03:24 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 27627
x-xss-protection: 0
server: cafe
etag: 617 / 19536 / m202306220101 / config-hash: 13728557897118412599
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Wed, 28 Jun 2023 05:03:24 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame F8C5 179 KB
56 KB 146ms
146ms Script
text/javascript 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306270101/pubads_impl.js?cb=31075705

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

sffe /

Resource Hash

cdd152da46fe3cee3e804d967f5dead6756bfb9698b157766bbbdc0ab5ce9b0c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 05:03:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57261
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1687779365227900"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 28 Jun 2023 05:03:24 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 57 KB
22 KB 412ms
411ms XHR
text/plain 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3524534100599897&correlator=2273022490118343&eid=31072019%2C31075705%2C676982996&output=ldjh&gdfp_req=1&vrg=202306270101&ptt=17&impl=fif&us_privacy=1---&iu_parts=4899711%2Cwomen.sanook%2Cdesktop%2Chome%2Creadpage%2Ctower&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4%2F5&prev_iu_szs=300x250%7C300x600%7C160x600%7C120x600%7C240x400&ifi=5&adks=869927549&didk=1425532729&sfv=1-0-40&prev_scp=category%3Dauthor-profile-display%2Chome%2Cs-women-partner%26subcategory%3Dhometips%26tags%3Dcovid-19%2C%25E0%25B9%2582%25E0%25B8%2584%25E0%25B8%25A7%25E0%25B8%25B4%25E0%25B8%2594-19%2C%25E0%25B8%2589%25E0%25B8%25B2%25E0%25B8%2581%25E0%25B8%2581%25E0%25B8%25B1%25E0%25B9%2589%25E0%25B8%2599%25E0%25B9%2582%25E0%25B8%2584%25E0%25B8%25A7%25E0%25B8%25B4%25E0%25B8%2594-19%2C%25E0%25B8%2589%25E0%25B8%25B2%25E0%25B8%2581%25E0%25B8%2581%25E0%25B8%25B1%25E0%25B9%2589%25E0%25B8%2599%25E0%25B8%259E%25E0%25B8%25A5%25E0%25B8%25B2%25E0%25B8%25AA%25E0%25B8%2595%25E0%25B8%25B4%25E0%25B8%2581%2C%25E0%25B8%2589%25E0%25B8%25B2%25E0%25B8%2581%25E0%25B8%2581%25E0%25B8%25B1%25E0%25B9%2589%25E0%25B8%2599%2520pvc%2C%25E0%25B9%2580%25E0%25B8%2584%25E0%25B8%25A5%25E0%25B9%2587%25E0%25B8%2594%25E0%25B8%25A5%25E0%25B8%25B1%25E0%25B8%259A%25E0%25B9%2580%25E0%25B8%25A3%25E0%25B8%25B7%25E0%25B9%2588%25E0%25B8%25AD%25E0%25B8%2587%25E0%25B8%259A%25E0%25B9%2589%25E0%25B8%25B2%25E0%25B8%2599%2C%25E0%25B9%2581%25E0%25B8%2595%25E0%25B9%2588%25E0%25B8%2587%25E0%25B8%259A%25E0%25B9%2589%25E0%25B8%25B2%25E0%25B8%2599%26partner%3Ds-women-partner%26entry_id%3D220941&eri=1&ppid=87be735004d3ab42567f8fd2be7d673a&sc=1&cookie=ID%3Df7f3180d1d8192c7%3AT%3D1687928603%3ART%3D1687928603%3AS%3DALNI_MZyVz0hHNftWNXLX-HGAbIy1DY_LQ&gpic=UID%3D00000c34a7132de1%3AT%3D1687928603%3ART%3D1687928603%3AS%3DALNI_MY0CxV8OUPCzjNm3GtCMe3LdrEuIA&abxe=1&dt=1687928604059&lmt=1687928604&dlt=1687928598125&idt=4741&adxs=1065&adys=2685&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=3&ucis=5&oid=2&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fwww.sanook.com%2Fwomen%2F220941%2F&frm=20&vis=1&psz=300x0&msz=300x0&fws=0&ohw=0&psts=ABHeCvjWKfAnpU-_l4Ruxb-xHuYmzkHdMhiZAJIQ_GyGhEJJZCAsHQhFkDtpwE-IJw4yXASawNPU6_aK85pe24E7fMnH-e8CnfJ9xbRGcaSkFQM7lt6Un9J_qVs&ga_vid=1184271674.1687928600&ga_sid=1687928604&ga_hid=1565226986&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQYlomKg5AxSABSAghkEhkKCnB1YmNpZC5vcmcYlomKg5AxSABSAghkEh0KDmVzcC5jcml0ZW8uY29tGJWJioOQMUgAUgIIZBIUCgVvcGVueBiViYqDkDFIAFICCGQSGQoKdWlkYXBpLmNvbRiWiYqDkDFIAFICCGQSFwoIcnRiaG91c2UYlomKg5AxSABSAghkEhsKDGlkNS1zeW5jLmNvbRiWiYqDkDFIAFICCGQ.

Requested by

Host: www.sanook.com
URL: https://www.sanook.com/women/220941/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

cafe /

Resource Hash

2196ce7f33cc68484877fa94f170765e9a2ed92a55b5dc6e12b4efa5197fa925

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 05:03:24 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 21985
x-xss-protection: 0
google-lineitem-id: 5615991028
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138339643786
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.sanook.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 27 KB
12 KB 344ms
343ms XHR
text/plain 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3524534100599897&correlator=1342187873967752&eid=31072019%2C31075705%2C676982996&output=ldjh&gdfp_req=1&vrg=202306270101&ptt=17&impl=fif&us_privacy=1---&iu_parts=4899711%2Cwomen.sanook%2Cdesktop%2Chome%2Creadpage%2Cleaderboard&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4%2F5&prev_iu_szs=728x90%7C468x60&ifi=6&adks=1547059643&didk=3402878632&sfv=1-0-40&prev_scp=category%3Dauthor-profile-display%2Chome%2Cs-women-partner%26subcategory%3Dhometips%26tags%3Dcovid-19%2C%25E0%25B9%2582%25E0%25B8%2584%25E0%25B8%25A7%25E0%25B8%25B4%25E0%25B8%2594-19%2C%25E0%25B8%2589%25E0%25B8%25B2%25E0%25B8%2581%25E0%25B8%2581%25E0%25B8%25B1%25E0%25B9%2589%25E0%25B8%2599%25E0%25B9%2582%25E0%25B8%2584%25E0%25B8%25A7%25E0%25B8%25B4%25E0%25B8%2594-19%2C%25E0%25B8%2589%25E0%25B8%25B2%25E0%25B8%2581%25E0%25B8%2581%25E0%25B8%25B1%25E0%25B9%2589%25E0%25B8%2599%25E0%25B8%259E%25E0%25B8%25A5%25E0%25B8%25B2%25E0%25B8%25AA%25E0%25B8%2595%25E0%25B8%25B4%25E0%25B8%2581%2C%25E0%25B8%2589%25E0%25B8%25B2%25E0%25B8%2581%25E0%25B8%2581%25E0%25B8%25B1%25E0%25B9%2589%25E0%25B8%2599%2520pvc%2C%25E0%25B9%2580%25E0%25B8%2584%25E0%25B8%25A5%25E0%25B9%2587%25E0%25B8%2594%25E0%25B8%25A5%25E0%25B8%25B1%25E0%25B8%259A%25E0%25B9%2580%25E0%25B8%25A3%25E0%25B8%25B7%25E0%25B9%2588%25E0%25B8%25AD%25E0%25B8%2587%25E0%25B8%259A%25E0%25B9%2589%25E0%25B8%25B2%25E0%25B8%2599%2C%25E0%25B9%2581%25E0%25B8%2595%25E0%25B9%2588%25E0%25B8%2587%25E0%25B8%259A%25E0%25B9%2589%25E0%25B8%25B2%25E0%25B8%2599%26partner%3Ds-women-partner%26entry_id%3D220941&eri=1&ppid=87be735004d3ab42567f8fd2be7d673a&sc=1&cookie=ID%3Df7f3180d1d8192c7%3AT%3D1687928603%3ART%3D1687928603%3AS%3DALNI_MZyVz0hHNftWNXLX-HGAbIy1DY_LQ&gpic=UID%3D00000c34a7132de1%3AT%3D1687928603%3ART%3D1687928603%3AS%3DALNI_MY0CxV8OUPCzjNm3GtCMe3LdrEuIA&abxe=1&dt=1687928604082&lmt=1687928604&dlt=1687928598125&idt=4741&adxs=235&adys=1023&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=6&oid=2&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fwww.sanook.com%2Fwomen%2F220941%2F&frm=20&vis=1&psz=728x0&msz=728x0&fws=0&ohw=0&psts=ABHeCvjWKfAnpU-_l4Ruxb-xHuYmzkHdMhiZAJIQ_GyGhEJJZCAsHQhFkDtpwE-IJw4yXASawNPU6_aK85pe24E7fMnH-e8CnfJ9xbRGcaSkFQM7lt6Un9J_qVs&ga_vid=1184271674.1687928600&ga_sid=1687928604&ga_hid=1565226986&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQYlomKg5AxSABSAghkEhkKCnB1YmNpZC5vcmcYlomKg5AxSABSAghkEh0KDmVzcC5jcml0ZW8uY29tGJWJioOQMUgAUgIIZBIUCgVvcGVueBiViYqDkDFIAFICCGQSGQoKdWlkYXBpLmNvbRiWiYqDkDFIAFICCGQSFwoIcnRiaG91c2UYlomKg5AxSABSAghkEhsKDGlkNS1zeW5jLmNvbRiWiYqDkDFIAFICCGQ.

Requested by

Host: www.sanook.com
URL: https://www.sanook.com/women/220941/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

cafe /

Resource Hash

e1db25900e37106b1acae1f42e2dba3fa34e76cdd3e33824b38c658ac8268227

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 05:03:24 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12581
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.sanook.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 27 KB
12 KB 359ms
359ms XHR
text/plain 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3524534100599897&correlator=852393143744266&eid=31072019%2C31075705%2C676982996&output=ldjh&gdfp_req=1&vrg=202306270101&ptt=17&impl=fif&us_privacy=1---&iu_parts=4899711%2Cwomen.sanook%2Cdesktop%2Chome%2Creadpage%2Creca&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4%2F5&prev_iu_szs=300x250&ifi=7&adks=1198679254&didk=4218483588&sfv=1-0-40&prev_scp=category%3Dauthor-profile-display%2Chome%2Cs-women-partner%26subcategory%3Dhometips%26tags%3Dcovid-19%2C%25E0%25B9%2582%25E0%25B8%2584%25E0%25B8%25A7%25E0%25B8%25B4%25E0%25B8%2594-19%2C%25E0%25B8%2589%25E0%25B8%25B2%25E0%25B8%2581%25E0%25B8%2581%25E0%25B8%25B1%25E0%25B9%2589%25E0%25B8%2599%25E0%25B9%2582%25E0%25B8%2584%25E0%25B8%25A7%25E0%25B8%25B4%25E0%25B8%2594-19%2C%25E0%25B8%2589%25E0%25B8%25B2%25E0%25B8%2581%25E0%25B8%2581%25E0%25B8%25B1%25E0%25B9%2589%25E0%25B8%2599%25E0%25B8%259E%25E0%25B8%25A5%25E0%25B8%25B2%25E0%25B8%25AA%25E0%25B8%2595%25E0%25B8%25B4%25E0%25B8%2581%2C%25E0%25B8%2589%25E0%25B8%25B2%25E0%25B8%2581%25E0%25B8%2581%25E0%25B8%25B1%25E0%25B9%2589%25E0%25B8%2599%2520pvc%2C%25E0%25B9%2580%25E0%25B8%2584%25E0%25B8%25A5%25E0%25B9%2587%25E0%25B8%2594%25E0%25B8%25A5%25E0%25B8%25B1%25E0%25B8%259A%25E0%25B9%2580%25E0%25B8%25A3%25E0%25B8%25B7%25E0%25B9%2588%25E0%25B8%25AD%25E0%25B8%2587%25E0%25B8%259A%25E0%25B9%2589%25E0%25B8%25B2%25E0%25B8%2599%2C%25E0%25B9%2581%25E0%25B8%2595%25E0%25B9%2588%25E0%25B8%2587%25E0%25B8%259A%25E0%25B9%2589%25E0%25B8%25B2%25E0%25B8%2599%26partner%3Ds-women-partner%26entry_id%3D220941&eri=1&ppid=87be735004d3ab42567f8fd2be7d673a&sc=1&cookie=ID%3Df7f3180d1d8192c7%3AT%3D1687928603%3ART%3D1687928603%3AS%3DALNI_MZyVz0hHNftWNXLX-HGAbIy1DY_LQ&gpic=UID%3D00000c34a7132de1%3AT%3D1687928603%3ART%3D1687928603%3AS%3DALNI_MY0CxV8OUPCzjNm3GtCMe3LdrEuIA&abxe=1&dt=1687928604092&lmt=1687928604&dlt=1687928598125&idt=4741&adxs=1065&adys=649&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=7&oid=2&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fwww.sanook.com%2Fwomen%2F220941%2F&frm=20&vis=1&psz=300x0&msz=300x0&fws=0&ohw=0&psts=ABHeCvjWKfAnpU-_l4Ruxb-xHuYmzkHdMhiZAJIQ_GyGhEJJZCAsHQhFkDtpwE-IJw4yXASawNPU6_aK85pe24E7fMnH-e8CnfJ9xbRGcaSkFQM7lt6Un9J_qVs&ga_vid=1184271674.1687928600&ga_sid=1687928604&ga_hid=1565226986&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQYlomKg5AxSABSAghkEhkKCnB1YmNpZC5vcmcYlomKg5AxSABSAghkEh0KDmVzcC5jcml0ZW8uY29tGJWJioOQMUgAUgIIZBIUCgVvcGVueBiViYqDkDFIAFICCGQSGQoKdWlkYXBpLmNvbRiWiYqDkDFIAFICCGQSFwoIcnRiaG91c2UYlomKg5AxSABSAghkEhsKDGlkNS1zeW5jLmNvbRiWiYqDkDFIAFICCGQ.

Requested by

Host: www.sanook.com
URL: https://www.sanook.com/women/220941/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

cafe /

Resource Hash

ed12cf700eadbdceab2058404396037584477fafd3bbbfd84d9ce2a6f3461e2a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 05:03:24 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12772
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.sanook.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 204 increment Show response
id5-sync.com/api/esp/ 0
323 B 418ms
140ms XHR
text/plain 141.95.98.65
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/api/esp/increment?counter=no-config

Requested by

Host: www.sanook.com
URL: https://www.sanook.com/women/220941/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

141.95.98.65 , France, ASN16276 (OVH, FR),

Reverse DNS

ns3216659.ip-141-95-98.eu

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://www.sanook.com/
accept-language: ka-GE,ka;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.sanook.com
date: Wed, 28 Jun 2023 05:03:23 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 7130 0
0 176ms
176ms Fetch
image/gif 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstnN-rNkr7e82PMGuPVRypEIrTV0r6cIwaLLpL4Pw4rAUwKr3vIPR17W4Aompp90ab59gu2-AUrkKZafX0mEJp3_31o5jtBBouudCmw8yneCG2ZcniO-l8nkhUmujbM7h83ZI4ldqn5iWILAC6xNHneo89F36CP2cNhIsWRz6AC5XD3aCXR8sKO4hppCrQKAWR4NDGm9IjUALce9QLWhfo1ueLgHrKQNyASKepam8XQpN0xwG2iOX7XAWlyCxAo0UYfnlVifusJhSKO2Zf357pb7Cz5tjiD2ZsRG5RL3gWLlGIEg_qDlMtYyzN2wSqhZtPjULccwQyp8MTGvHAnsZIhcrnR1GTEv_wJCDtBQ7_F9iZu0WQdkRdHzdM&sai=AMfl-YTS_NuFSHi5CdX5EWKJROBUEYgRbkYCfNipVh732CED51P-LZ7Bnnl3nbPyUrWV0BhYOEbKk-LvN3qFfJ6jqVO63hS4-oySV2FwZ42hVA-GJU9C8ASUvzmYvpwaEnegApnosqP9YZsG5SM0X6Jl4Q&sig=Cg0ArKJSzCKRDkTVtK6UEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: www.sanook.com
URL: https://www.sanook.com/women/220941/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 05:03:24 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 video-js.min.css
s.isanook.com/sh/0/ad/inview/ Frame 7130 38 KB
13 KB 133ms
133ms Stylesheet
text/css 43.152.44.81
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to

Full URL: https://s.isanook.com/sh/0/ad/inview/video-js.min.css
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306270101/pubads_impl.js?cb=31075705
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 43.152.44.81 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: Lego Server /
Resource Hash: cbbea5ddef89ab10c3ba4c56b378f820b7426c4da981721ad97f6d7638e0c2b1

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Jun 2023 09:08:34 GMT
content-encoding: gzip
x-cache-lookup: Cache Hit
x-original-content-length: 39377
server: Lego Server
age: 1498318
etag: W/"5958d2e5-99d1"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
x-nws-log-uuid: 2888591636799721237
accept-ranges: bytes
content-length: 13271
expires: Sun, 09 Jul 2023 00:56:37 GMT

GET
H2 200 videojs.ads.min.css
s.isanook.com/sh/0/ad/inview/ Frame 7130 359 B
376 B 137ms
136ms Stylesheet
text/css 43.152.44.81
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to

Full URL: https://s.isanook.com/sh/0/ad/inview/videojs.ads.min.css
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306270101/pubads_impl.js?cb=31075705
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 43.152.44.81 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: Lego Server /
Resource Hash: 44ca2146f5e4ac14cbb7e71aefc11dc07792aa5302627fee0209b3ecdab18b25

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 18 Apr 2023 17:08:24 GMT
content-encoding: gzip
x-cache-lookup: Cache Hit
last-modified: Sun, 02 Jul 2017 11:02:59 GMT
server: Lego Server
age: 0
etag: W/"5958d2e3-167"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
x-nws-log-uuid: 13090911284669723579
accept-ranges: bytes
content-length: 196
expires: Thu, 18 May 2023 17:08:24 GMT

GET
H2 200 ads-v1.0.3.css
s.isanook.com/sh/0/ad/inview/ Frame 7130 4 KB
2 KB 137ms
136ms Stylesheet
text/css 43.152.44.81
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to

Full URL: https://s.isanook.com/sh/0/ad/inview/ads-v1.0.3.css
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306270101/pubads_impl.js?cb=31075705
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 43.152.44.81 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: Lego Server /
Resource Hash: 63a535305d3b0ca376dd8225cc817b1e6709f346016a99a5aa85c48ca2f77482

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 25 Jun 2023 16:23:00 GMT
content-encoding: gzip
x-cache-lookup: Cache Hit
x-original-content-length: 4477
server: Lego Server
age: 1168050
etag: W/"5b20b088-117d"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
x-nws-log-uuid: 15107176921363627759
accept-ranges: bytes
content-length: 1540
expires: Wed, 12 Jul 2023 03:53:38 GMT

GET
H2 200 jquery-1.8.3.min.js Show response
s.isanook.com/sh/0/ad/inview/ Frame 7130 91 KB
33 KB 138ms
137ms Script
application/javascript 43.152.44.81
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to

Full URL: https://s.isanook.com/sh/0/ad/inview/jquery-1.8.3.min.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306270101/pubads_impl.js?cb=31075705
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 43.152.44.81 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: Lego Server /
Resource Hash: 2295fbd4eed6fa5b0d775a17048a0f73e85c3a347bb384be7b427418cd453d23

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 25 Jun 2023 19:08:56 GMT
content-encoding: gzip
x-cache-lookup: Cache Hit
x-original-content-length: 93583
server: Lego Server
age: 2274658
etag: W/"5958d2e1-16d8f"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-nws-log-uuid: 5350172608700830818
accept-ranges: bytes
content-length: 33384
expires: Thu, 29 Jun 2023 11:17:28 GMT

GET
H2 200 video.min.js Show response
s.isanook.com/sh/0/ad/inview/ Frame 7130 246 KB
56 KB 139ms
138ms Script
application/javascript 43.152.44.81
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to

Full URL: https://s.isanook.com/sh/0/ad/inview/video.min.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306270101/pubads_impl.js?cb=31075705
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 43.152.44.81 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: Lego Server /
Resource Hash: 4b73ba1653aaddc0c19e9729053ed92d6273c68705d70d145bf83080feee8deb

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Jun 2023 04:49:13 GMT
content-encoding: gzip
x-cache-lookup: Cache Hit
last-modified: Sun, 02 Jul 2017 11:02:59 GMT
server: Lego Server
age: 0
etag: W/"5958d2e3-3d69b"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000, s-maxage=10
x-nws-log-uuid: 3368306243170429183
accept-ranges: bytes
content-length: 57340
expires: Wed, 26 Jul 2023 04:49:13 GMT

GET
H2 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ Frame 7130 361 KB
120 KB 147ms
145ms Script
text/javascript 142.250.184.202
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306270101/pubads_impl.js?cb=31075705

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.202 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f10.1e100.net

Software

sffe /

Resource Hash

ed3307c62c0d78bf73af142b4c660e3257374d97385b2f50b28b1003a5c00513

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 05:03:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 123120
x-xss-protection: 0
expires: Wed, 28 Jun 2023 05:03:24 GMT

GET
H2 200 videojs.ads.min.js Show response
s.isanook.com/sh/0/ad/inview/ Frame 7130 18 KB
5 KB 139ms
138ms Script
application/javascript 43.152.44.81
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to

Full URL: https://s.isanook.com/sh/0/ad/inview/videojs.ads.min.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306270101/pubads_impl.js?cb=31075705
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 43.152.44.81 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: Lego Server /
Resource Hash: d021a42429c9121303b4aa9316b84d89377992c1ba5c680eadb5b3e38989fe61

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 28 May 2023 13:39:12 GMT
content-encoding: gzip
x-cache-lookup: Cache Hit
last-modified: Sun, 02 Jul 2017 11:03:00 GMT
server: Lego Server
age: 637853
etag: W/"5958d2e4-490c"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000, s-maxage=10
x-nws-log-uuid: 4429349305224772746
accept-ranges: bytes
content-length: 5148
expires: Tue, 27 Jun 2023 13:39:12 GMT

GET
H2 200 videojs.ima.js Show response
s.isanook.com/sh/0/ad/inview/ Frame 7130 47 KB
11 KB 139ms
138ms Script
application/javascript 43.152.44.81
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to

Full URL: https://s.isanook.com/sh/0/ad/inview/videojs.ima.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306270101/pubads_impl.js?cb=31075705
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 43.152.44.81 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: Lego Server /
Resource Hash: 10b7f660bbe70fc660e99f219bfd972dafc4837c50260a04c0ec63f7a7c2cead

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 13 May 2023 16:13:05 GMT
content-encoding: gzip
x-cache-lookup: Cache Hit
last-modified: Sun, 02 Jul 2017 11:03:00 GMT
server: Lego Server
age: 783314
etag: W/"5958d2e4-bbbc"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000
x-nws-log-uuid: 5856591206746993352
accept-ranges: bytes
content-length: 10915
expires: Sat, 03 Jun 2023 14:37:52 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 7130 179 KB
56 KB 147ms
146ms Script
text/javascript 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306270101/pubads_impl.js?cb=31075705

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

sffe /

Resource Hash

cdd152da46fe3cee3e804d967f5dead6756bfb9698b157766bbbdc0ab5ce9b0c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 05:03:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57261
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1687779365227900"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 28 Jun 2023 05:03:24 GMT

GET
H2 200 st Show response
imprammp.taboola.com/ Frame F5F2 422 B
344 B 292ms
284ms Document
text/html 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V8GoQCLAbM_EDMOI-yeBGY-YGYcR5l8SoAAABgYED8AAlZlhOHx-Zwq5Yz11q0HC7cwtVy41YMFxaLbeLZTVajISAhy3Li8NgcbtVy5lqLlsOFW7habtyK4cJisU08u8lqNAUfxnKZDGqBhGX2-w4KyunpMbsMoqLrbbE7nGbPG5Cg6XT4XPd63e931zzsfr_XrvG7_bq_22X3SyaD5WixlwMAAACAB_____8QAAAAACIAAAAASAAAAACgEFDh34LABQAAAAAM_____xoAnjgc0MVpdnqe_gAAAAAAAgAAAIAEAEHHWgkAC6yqE___________MQboM29k_P___98w6AHw4APgQQgAAIDHEISc4s36AvJ3IgWbRRgBAAAA2Hp3rj0ySSeoWFT5___vtwJwBQAgIBFA7G8ji-6gxFsYAAAAgTEL9LD4_WaHXeN3u8z_________v5n_M_9ohEyEH9MIzUSxq_kFBABY8wsIAMBG3QAAvAmAE3QIWjEYrM5ArlazAwAAAHDn____Xw_IeJyT5XAyHIwsq8XMNvIYdqvlZrFYjGYTy8jl2x5DJtxNjnbe2z4hwjL7fQcF5fT0mF0GUdH1ttgdTrPnID5oGJaTQTQ_E7YYrSaTzXI4Wy4mg-FoOBrtjwAuB2giBsvlZLKY7Faj1Wgz3I1mgwUSiMEEUbRoMFmNRpPFZLgaTVaz5WK32yCKVq1mo81guJpNZrvdajgYLkcjNGGL0Woy2SyHs-ViMhiOhqPREMHMxrJcbJaztW4wGblFG5tnrfBMZm7VcDNbDFarwWy3WYteH9PFuRqNlgsvEgzw2IvkaZFOVDbPcLgybUyb5cS42lgmu81mMlzYhpOFxTMyDiZiieZkkU5kl33H45wsh5PhYGRZLWa2kcewWy03i8ViNJtYRi7fvrOxLBeb5WytG0xGbtHG5lkrPJOZWzXczBaD1Wow223WotfHdHGuRqPlwt-YDXfLyXA2mOwbs-FuORnOBpN9h87wXX3ORs_lYO7IvOHS2We0OQ0Kl8HinapX32hndhD9pkWnTKZWFnRGv9_v9_v9fr_f7zdoPQezQeF7Hv7C6WN5Loez0YPYoFDEEsFFOtE87H6_1yKWKE0X6USv-7tddr9kMliOFhOxRHC6SCeil_F0Uf-RQy7mks1yLhnM5orhYpUAAAAAAAAAACzBJNNNAAAAAJwMZLac7VbrdBCj2Wg0WC0XwANcgC5gEAAAAAAAgF3NiNxuaXxSW8Uae8xgHna_32tlABCC2cw2-4wg1mq1rAEAAAhgAwAACOCmG28CVKG4_____3EAAABk5NADAAAQ3wcE9MSFUi_8yK8gFovBaP8AVIi1Wq1uN9ZqtQA!&cmcv=&pix=undefined&cb=1687928604229&uv=3291&tms=1687928604229&abt=esv_vB!lvlstst-in2_vB!lvlstst1_vB!nonrv_vA!t45!ufm&ft=0&unm=WIDGET_ITEM&aure=false&agl=1&cirid=d29bacfa-59f5-498a-859c-18abb6b37254&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.0.6/UnitWidgetItemDesktop.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 3a73e8d0ec72b787592da2c1396e3c077c069387174b97e4dca18a911b1d54eb

Request headers

Referer: https://www.sanook.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: ka-GE,ka;q=0.9

Response headers

accept-ranges: bytes
content-encoding: gzip
content-type: text/html;charset=ISO-8859-1
date: Wed, 28 Jun 2023 05:03:24 GMT
server: nginx
vary: Accept-Encoding
via: 1.1 varnish
x-cache: MISS
x-cache-hits: 0
x-served-by: cache-mxp6942-MXP
x-timer: S1687928604.318201,VS0,VE155

GET
H2 200 sync Show response
am-match.taboola.com/ Frame FBEF 439 B
524 B 164ms
155ms Document
text/html 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://am-match.taboola.com/sync?dast=V8GoQCLAbM_EDMOI-yeBGY-YGYcR5l8SoAAABgYED8AAlZlhOHx-Zwq5Yz11q0HC7cwtVy41YMFxaLbeLZTVajISAhy3Li8NgcbtVy5lqLlsOFW7habtyK4cJisU08u8lqNAUfxnKZDGqBhGX2-w4KyunpMbsMoqLrbbE7nGbPG5Cg6XT4XPd63e931zzsfr_XrvG7_bq_22X3SyaD5WixlwMAAACAB_____8QAAAAACIAAAAASAAAAACgEFDh34LABQAAAAAM_____xoAnjgc0MVpdnqe_gAAAAAAAgAAAIAEAEHHWgkAC6yqE___________MQboM29k_P___98w6AHw4APgQQgAAIDHEISc4s36AvJ3IgWbRRgBAAAA2Hp3rj0ySSeoWFT5___vtwJwBQAgIBFA7G8ji-6gxFsYAAAAgTEL9LD4_WaHXeN3u8z_________v5n_M_9ohEyEH9MIzUSxq_kFBABY8wsIAMBG3QAAvAmAE3QIWjEYrM5ArlazAwAAAHDn____Xw_IeJyT5XAyHIwsq8XMNvIYdqvlZrFYjGYTy8jl2x5DJtxNjnbe2z4hwjL7fQcF5fT0mF0GUdH1ttgdTrPnID5oGJaTQTQ_E7YYrSaTzXI4Wy4mg-FoOBrtjwAuB2giBsvlZLKY7Faj1Wgz3I1mgwUSiMEEUbRoMFmNRpPFZLgaTVaz5WK32yCKVq1mo81guJpNZrvdajgYLkcjNGGL0Woy2SyHs-ViMhiOhqPREMHMxrJcbJaztW4wGblFG5tnrfBMZm7VcDNbDFarwWy3WYteH9PFuRqNlgsvEgzw2IvkaZFOVDbPcLgybUyb5cS42lgmu81mMlzYhpOFxTMyDiZiieZkkU5kl33H45wsh5PhYGRZLWa2kcewWy03i8ViNJtYRi7fvrOxLBeb5WytG0xGbtHG5lkrPJOZWzXczBaD1Wow223WotfHdHGuRqPlwt-YDXfLyXA2mOwbs-FuORnOBpN9h87wXX3ORs_lYO7IvOHS2We0OQ0Kl8HinapX32hndhD9pkWnTKZWFnRGv9_v9_v9fr_f7zdoPQezQeF7Hv7C6WN5Loez0YPYoFDEEsFFOtE87H6_1yKWKE0X6USv-7tddr9kMliOFhOxRHC6SCeil_F0Uf-RQy7mks1yLhnM5orhYpUAAAAAAAAAACzBJNNNAAAAAJwMZLac7VbrdBCj2Wg0WC0XwANcgC5gEAAAAAAAgF3NiNxuaXxSW8Uae8xgHna_32tlABCC2cw2-4wg1mq1rAEAAAhgAwAACOCmG28CVKG4_____3EAAABk5NADAAAQ3wcE9MSFUi_8yK8gFovBaP8AVIi1Wq1uN9ZqtQA!&excid=22&docw=0&cijs=1&nlb=false
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.0.6/UnitWidgetItemDesktop.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: a02c8ac8f495a76ff06168feb71fda144e5bc5389fb70bc0986bc7450e7473c7

Request headers

Referer: https://www.sanook.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: ka-GE,ka;q=0.9

Response headers

content-type: text/html;charset=ISO-8859-1
date: Wed, 28 Jun 2023 05:03:24 GMT
machineid: 3406
server: nginx

POST
H2 200 VideoBidRequestHandlerServlet Show response
wf.taboola.com/ 2 KB
1 KB 562ms
542ms XHR
application/json 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://wf.taboola.com/VideoBidRequestHandlerServlet?oid=15&width=357&height=200&pubid=208401&tagid=1047981&crid=-1&noaop=3&sortOrderType=0&cb=1687928604242&mimes=5,10,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=1&pv=1529&pt=1137934403&tz=0&viewable=true&ddast=V8GoQCLAbM_EDMOI-yeBGY-YGYcR5l8SoAAABgYED8AAlZlhOHx-Zwq5Yz11q0HC7cwtVy41YMFxaLbeLZTVajISAhy3Li8NgcbtVy5lqLlsOFW7habtyK4cJisU08u8lqNAUfxnKZDGqBhGX2-w4KyunpMbsMoqLrbbE7nGbPG5Cg6XT4XPd63e931zzsfr_XrvG7_bq_22X3SyaD5WixlwMAAACAB_____8QAAAAACIAAAAASAAAAACgEFDh34LABQAAAAAM_____xoAnjgc0MVpdnqe_gAAAAAAAgAAAIAEAEHHWgkAC6yqE___________MQboM29k_P___98w6AHw4APgQQgAAIDHEISc4s36AvJ3IgWbRRgBAAAA2Hp3rj0ySSeoWFT5___vtwJwBQAgIBFA7G8ji-6gxFsYAAAAgTEL9LD4_WaHXeN3u8z_________v5n_M_9ohEyEH9MIzUSxq_kFBABY8wsIAMBG3QAAvAmAE3QIWjEYrM5ArlazAwAAAHDn____Xw_IeJyT5XAyHIwsq8XMNvIYdqvlZrFYjGYTy8jl2x5DJtxNjnbe2z4hwjL7fQcF5fT0mF0GUdH1ttgdTrPnID5oGJaTQTQ_E7YYrSaTzXI4Wy4mg-FoOBrtjwAuB2giBsvlZLKY7Faj1Wgz3I1mgwUSiMEEUbRoMFmNRpPFZLgaTVaz5WK32yCKVq1mo81guJpNZrvdajgYLkcjNGGL0Woy2SyHs-ViMhiOhqPREMHMxrJcbJaztW4wGblFG5tnrfBMZm7VcDNbDFarwWy3WYteH9PFuRqNlgsvEgzw2IvkaZFOVDbPcLgybUyb5cS42lgmu81mMlzYhpOFxTMyDiZiieZkkU5kl33H45wsh5PhYGRZLWa2kcewWy03i8ViNJtYRi7fvrOxLBeb5WytG0xGbtHG5lkrPJOZWzXczBaD1Wow223WotfHdHGuRqPlwt-YDXfLyXA2mOwbs-FuORnOBpN9h87wXX3ORs_lYO7IvOHS2We0OQ0Kl8HinapX32hndhD9pkWnTKZWFnRGv9_v9_v9fr_f7zdoPQezQeF7Hv7C6WN5Loez0YPYoFDEEsFFOtE87H6_1yKWKE0X6USv-7tddr9kMliOFhOxRHC6SCeil_F0Uf-RQy7mks1yLhnM5orhYpUAAAAAAAAAACzBJNNNAAAAAJwMZLac7VbrdBCj2Wg0WC0XwANcgC5gEAAAAAAAgF3NiNxuaXxSW8Uae8xgHna_32tlABCC2cw2-4wg1mq1rAEAAAhgAwAACOCmG28CVKG4_____3EAAABk5NADAAAQ3wcE9MSFUi_8yK8gFovBaP8AVIi1Wq1uN9ZqtQA!&proto=2,3,5,6&encoded=1&pstn=vforce2&callback=&wfv=1&amp=0&qsz=6&ft=0&pb=0&pagg=1&sd=undefined&ctsldr=0&dtagid=1464405&dpubid=269675&abtst=esv_vB!lvlstst-in2_vB!lvlstst1_vB!nonrv_vA!t45!ufm&mPre=0.033&cirf=https%3A%2F%2Fwww.sanook.com&en=1
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/women/220941/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 1cc6ea7b5ee7743c78ecc2ce4cfa26dbf557cda7c3964f51a97ca821fe191407

Request headers

Referer: https://www.sanook.com/
accept-language: ka-GE,ka;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type: text/plain

Response headers

x-cache-hits: 0
date: Wed, 28 Jun 2023 05:03:24 GMT
content-encoding: gzip
via: 1.1 varnish
machineid: 1448
x-cache: MISS
x-served-by: cache-mxp6942-MXP
pragma: no-cache
server: nginx
x-timer: S1687928604.350307,VS0,VE399
vary: Accept-Encoding
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.sanook.com
cache-control: no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
access-control-allow-credentials: true
accept-ranges: bytes
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2 200 st
am-vid-events.taboola.com/ 0
43 B 175ms
157ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-vid-events.taboola.com/st?cijs=convusmp&ttype=45&cisd=convusmp&cipid=66361655&crid=-1&dast=V8GoQCLAbM_EDMOI-yeBGY-YGYcR5l8SoAAABgYED8AAlZlhOHx-Zwq5Yz11q0HC7cwtVy41YMFxaLbeLZTVajISAhy3Li8NgcbtVy5lqLlsOFW7habtyK4cJisU08u8lqNAUfxnKZDGqBhGX2-w4KyunpMbsMoqLrbbE7nGbPG5Cg6XT4XPd63e931zzsfr_XrvG7_bq_22X3SyaD5WixlwMAAACAB_____8QAAAAACIAAAAASAAAAACgEFDh34LABQAAAAAM_____xoAnjgc0MVpdnqe_gAAAAAAAgAAAIAEAEHHWgkAC6yqE___________MQboM29k_P___98w6AHw4APgQQgAAIDHEISc4s36AvJ3IgWbRRgBAAAA2Hp3rj0ySSeoWFT5___vtwJwBQAgIBFA7G8ji-6gxFsYAAAAgTEL9LD4_WaHXeN3u8z_________v5n_M_9ohEyEH9MIzUSxq_kFBABY8wsIAMBG3QAAvAmAE3QIWjEYrM5ArlazAwAAAHDn____Xw_IeJyT5XAyHIwsq8XMNvIYdqvlZrFYjGYTy8jl2x5DJtxNjnbe2z4hwjL7fQcF5fT0mF0GUdH1ttgdTrPnID5oGJaTQTQ_E7YYrSaTzXI4Wy4mg-FoOBrtjwAuB2giBsvlZLKY7Faj1Wgz3I1mgwUSiMEEUbRoMFmNRpPFZLgaTVaz5WK32yCKVq1mo81guJpNZrvdajgYLkcjNGGL0Woy2SyHs-ViMhiOhqPREMHMxrJcbJaztW4wGblFG5tnrfBMZm7VcDNbDFarwWy3WYteH9PFuRqNlgsvEgzw2IvkaZFOVDbPcLgybUyb5cS42lgmu81mMlzYhpOFxTMyDiZiieZkkU5kl33H45wsh5PhYGRZLWa2kcewWy03i8ViNJtYRi7fvrOxLBeb5WytG0xGbtHG5lkrPJOZWzXczBaD1Wow223WotfHdHGuRqPlwt-YDXfLyXA2mOwbs-FuORnOBpN9h87wXX3ORs_lYO7IvOHS2We0OQ0Kl8HinapX32hndhD9pkWnTKZWFnRGv9_v9_v9fr_f7zdoPQezQeF7Hv7C6WN5Loez0YPYoFDEEsFFOtE87H6_1yKWKE0X6USv-7tddr9kMliOFhOxRHC6SCeil_F0Uf-RQy7mks1yLhnM5orhYpUAAAAAAAAAACzBJNNNAAAAAJwMZLac7VbrdBCj2Wg0WC0XwANcgC5gEAAAAAAAgF3NiNxuaXxSW8Uae8xgHna_32tlABCC2cw2-4wg1mq1rAEAAAhgAwAACOCmG28CVKG4_____3EAAABk5NADAAAQ3wcE9MSFUi_8yK8gFovBaP8AVIi1Wq1uN9ZqtQA!&cmcv=&pix=31589837&cb=1687928604229&uv=3291&tms=1687928604229&abt=esv_vB!lvlstst-in2_vB!lvlstst1_vB!nonrv_vA!t45!ufm&ft=0&unm=WIDGET_ITEM&debug=pn:!sqg:!torgn:1687928595107.3!ts:1687928604229&mntl=1
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/women/220941/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 05:03:24 GMT
content-length: 0
server: nginx

OPTIONS
H2 200 encrypt
esp.rtbhouse.com/ Frame 0
0 437ms
148ms Preflight
text/plain 35.190.39.111
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://esp.rtbhouse.com/encrypt
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.39.111 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 111.39.190.35.bc.googleusercontent.com
Software: Google Frontend /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.sanook.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: POST, GET
access-control-allow-origin: https://www.sanook.com
access-control-max-age: 600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2
content-type: text/plain; charset=utf-8
date: Wed, 28 Jun 2023 05:03:24 GMT
server: Google Frontend
vary: Origin
via: 1.1 google, 1.1 google
x-cloud-trace-context: 144a6637cc3c4b58ff7a2c9981a49cd6

POST
H2 200 encrypt Show response
esp.rtbhouse.com/ 221 B
315 B 154ms
153ms Fetch
application/json 35.190.39.111
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://esp.rtbhouse.com/encrypt
Requested by: Host: invstatic101.creativecdn.com
URL: https://invstatic101.creativecdn.com/encrypted-signals/encrypted-tag-g.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.39.111 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 111.39.190.35.bc.googleusercontent.com
Software: Google Frontend /
Resource Hash: 94094359237b11ed1329f5d99a38f8b64a5690ddbeca1c8d2081c0525ba25155

Request headers

Referer: https://www.sanook.com/
accept-language: ka-GE,ka;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

date: Wed, 28 Jun 2023 05:03:24 GMT
via: 1.1 google, 1.1 google
server: Google Frontend
content-type: application/json
access-control-allow-origin: *
x-cloud-trace-context: a560b0b72e6adcd05e4f893f54fdda45
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 221

GET
H2

200

esp Show response
oajs.openx.net/
Redirect Chain

https://oajs.openx.net/esp?url=https%3A%2F%2Fwww.sanook.com%2Fwomen%2F220941%2F&rid=esp
https://oajs.openx.net/esp?url=https%3A%2F%2Fwww.sanook.com%2Fwomen%2F220941%2F&rid=esp&cc=1

85 B
203 B

250ms
241ms

Fetch
application/json

34.120.107.143
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://oajs.openx.net/esp?url=https%3A%2F%2Fwww.sanook.com%2Fwomen%2F220941%2F&rid=esp&cc=1
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/women/220941/
Protocol: H2
Server: 34.120.107.143 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 143.107.120.34.bc.googleusercontent.com
Software: / Express
Resource Hash: cf1b60bfeb6a35c7ecef0f2b781093889727240ccbf677b23255dfc798c1f5b3

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 05:03:24 GMT
via: 1.1 google
x-powered-by: Express
etag: W/"55-emk6zdj2pKZP4YRkqPw4VtzWML0"
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.sanook.com
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 85

Redirect headers

date: Wed, 28 Jun 2023 05:03:24 GMT
via: 1.1 google
x-powered-by: Express
vary: Origin
access-control-allow-origin: https://www.sanook.com
location: /esp?url=https%3A%2F%2Fwww.sanook.com%2Fwomen%2F220941%2F&rid=esp&cc=1
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2 200 container.html Show response
7b396d131b51a631f1f56b13a95d7996.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 96A0 6 KB
3 KB 137ms
132ms Document
text/html 142.250.186.161
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://7b396d131b51a631f1f56b13a95d7996.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306270101/pubads_impl.js?cb=31075705

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.161 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f1.1e100.net

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.sanook.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: ka-GE,ka;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 28 Jun 2023 05:03:24 GMT
expires: Thu, 27 Jun 2024 05:03:24 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 container.html Show response
7b396d131b51a631f1f56b13a95d7996.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 6932 6 KB
3 KB 137ms
137ms Document
text/html 142.250.186.161
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://7b396d131b51a631f1f56b13a95d7996.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306270101/pubads_impl.js?cb=31075705

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.161 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f1.1e100.net

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.sanook.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: ka-GE,ka;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 28 Jun 2023 05:03:24 GMT
expires: Thu, 27 Jun 2024 05:03:24 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 hub.js Show response
p3.isanook.com/jo/0/mu/evt/_cross_storage/lib/ Frame FFD2 3 KB
1 KB 141ms
140ms Script
application/javascript 43.152.44.81
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to

Full URL: https://p3.isanook.com/jo/0/mu/evt/_cross_storage/lib/hub.js
Requested by: Host: p3.isanook.com
URL: https://p3.isanook.com/jo/0/mu/evt/_cross_storage/ex/hub.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 43.152.44.81 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: Lego Server /
Resource Hash: 776a28e191f05a078df0df129f85d0365d274ac128afd1342265570deac8aaf8

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://p3.isanook.com/jo/0/mu/evt/_cross_storage/ex/hub.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 19 Jun 2023 08:58:46 GMT
content-encoding: gzip
x-cache-lookup: Cache Hit
x-original-content-length: 3222
age: 363817
content-length: 1062
last-modified: Fri, 18 Nov 2016 04:14:33 GMT
server: Lego Server
etag: W/"PSA-aj-UwdRNtHGhk"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000
x-nws-log-uuid: 12868892985248892700
accept-ranges: bytes
expires: Sat, 15 Jul 2023 18:27:19 GMT

POST
H2 200 map Show response
bcp.crwdcntrl.net/6/ 156 B
613 B 534ms
176ms XHR
application/json 52.30.150.15
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bcp.crwdcntrl.net/6/map
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/women/220941/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.30.150.15 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-30-150-15.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: b4b2fa70821bb895efc62481fc0894cd2787949383f7067c69a494b8443d62ff

Request headers

Referer: https://www.sanook.com/
accept-language: ka-GE,ka;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Wed, 28 Jun 2023 05:03:24 GMT
server: Jetty(9.4.38.v20210224)
content-type: application/json;charset=utf-8
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: https://www.sanook.com
cache-control: no-cache
x-server: 10.45.31.78
access-control-allow-credentials: true
content-length: 156
expires: 0

GET
H2

200

/
trc.taboola.com/sg/thetradedesk-network/1/rtb-h/ Frame FBEF
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?gdpr=0&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
https://match.adsrvr.org/track/cmb/generic?gdpr=0&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=afa44a28-be32-4884-b7e2-2e84609cee3b

0
68 B

215ms
214ms

Image
text/plain

151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=afa44a28-be32-4884-b7e2-2e84609cee3b
Requested by: Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V8GoQCLAbM_EDMOI-yeBGY-YGYcR5l8SoAAABgYED8AAlZlhOHx-Zwq5Yz11q0HC7cwtVy41YMFxaLbeLZTVajISAhy3Li8NgcbtVy5lqLlsOFW7habtyK4cJisU08u8lqNAUfxnKZDGqBhGX2-w4KyunpMbsMoqLrbbE7nGbPG5Cg6XT4XPd63e931zzsfr_XrvG7_bq_22X3SyaD5WixlwMAAACAB_____8QAAAAACIAAAAASAAAAACgEFDh34LABQAAAAAM_____xoAnjgc0MVpdnqe_gAAAAAAAgAAAIAEAEHHWgkAC6yqE___________MQboM29k_P___98w6AHw4APgQQgAAIDHEISc4s36AvJ3IgWbRRgBAAAA2Hp3rj0ySSeoWFT5___vtwJwBQAgIBFA7G8ji-6gxFsYAAAAgTEL9LD4_WaHXeN3u8z_________v5n_M_9ohEyEH9MIzUSxq_kFBABY8wsIAMBG3QAAvAmAE3QIWjEYrM5ArlazAwAAAHDn____Xw_IeJyT5XAyHIwsq8XMNvIYdqvlZrFYjGYTy8jl2x5DJtxNjnbe2z4hwjL7fQcF5fT0mF0GUdH1ttgdTrPnID5oGJaTQTQ_E7YYrSaTzXI4Wy4mg-FoOBrtjwAuB2giBsvlZLKY7Faj1Wgz3I1mgwUSiMEEUbRoMFmNRpPFZLgaTVaz5WK32yCKVq1mo81guJpNZrvdajgYLkcjNGGL0Woy2SyHs-ViMhiOhqPREMHMxrJcbJaztW4wGblFG5tnrfBMZm7VcDNbDFarwWy3WYteH9PFuRqNlgsvEgzw2IvkaZFOVDbPcLgybUyb5cS42lgmu81mMlzYhpOFxTMyDiZiieZkkU5kl33H45wsh5PhYGRZLWa2kcewWy03i8ViNJtYRi7fvrOxLBeb5WytG0xGbtHG5lkrPJOZWzXczBaD1Wow223WotfHdHGuRqPlwt-YDXfLyXA2mOwbs-FuORnOBpN9h87wXX3ORs_lYO7IvOHS2We0OQ0Kl8HinapX32hndhD9pkWnTKZWFnRGv9_v9_v9fr_f7zdoPQezQeF7Hv7C6WN5Loez0YPYoFDEEsFFOtE87H6_1yKWKE0X6USv-7tddr9kMliOFhOxRHC6SCeil_F0Uf-RQy7mks1yLhnM5orhYpUAAAAAAAAAACzBJNNNAAAAAJwMZLac7VbrdBCj2Wg0WC0XwANcgC5gEAAAAAAAgF3NiNxuaXxSW8Uae8xgHna_32tlABCC2cw2-4wg1mq1rAEAAAhgAwAACOCmG28CVKG4_____3EAAABk5NADAAAQ3wcE9MSFUi_8yK8gFovBaP8AVIi1Wq1uN9ZqtQA!&excid=22&docw=0&cijs=1&nlb=false
Protocol: H2
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://am-match.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 80
date: Wed, 28 Jun 2023 05:03:25 GMT
via: 1.1 varnish
x-served-by: cache-mxp6942-MXP
server: nginx
x-timer: S1687928606.561939,VS0,VE80
x-fastly-to-nlb-rtt: 78657
x-cache: MISS
accept-ranges: bytes
content-length: 0
x-service-version: v2
x-cache-hits: 0

Redirect headers

pragma: no-cache
date: Wed, 28 Jun 2023 05:03:25 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=afa44a28-be32-4884-b7e2-2e84609cee3b
content-type: text/html
cache-control: private,no-cache, must-revalidate
content-length: 239

GET
H2

200

/
sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/ Frame FBEF
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/taboola/3c291396-702d-4cf3-a32f-583610550673-tuctb95449a?gdpr=0&us_privacy=1---
https://sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/?taboola_hm=y-ZPs47xtE2oSaqVi71d.lNp.kVPzigeHZAskgGA--~A

0
230 B

156ms
155ms

Image
text/plain

141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/?taboola_hm=y-ZPs47xtE2oSaqVi71d.lNp.kVPzigeHZAskgGA--~A
Requested by: Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V8GoQCLAbM_EDMOI-yeBGY-YGYcR5l8SoAAABgYED8AAlZlhOHx-Zwq5Yz11q0HC7cwtVy41YMFxaLbeLZTVajISAhy3Li8NgcbtVy5lqLlsOFW7habtyK4cJisU08u8lqNAUfxnKZDGqBhGX2-w4KyunpMbsMoqLrbbE7nGbPG5Cg6XT4XPd63e931zzsfr_XrvG7_bq_22X3SyaD5WixlwMAAACAB_____8QAAAAACIAAAAASAAAAACgEFDh34LABQAAAAAM_____xoAnjgc0MVpdnqe_gAAAAAAAgAAAIAEAEHHWgkAC6yqE___________MQboM29k_P___98w6AHw4APgQQgAAIDHEISc4s36AvJ3IgWbRRgBAAAA2Hp3rj0ySSeoWFT5___vtwJwBQAgIBFA7G8ji-6gxFsYAAAAgTEL9LD4_WaHXeN3u8z_________v5n_M_9ohEyEH9MIzUSxq_kFBABY8wsIAMBG3QAAvAmAE3QIWjEYrM5ArlazAwAAAHDn____Xw_IeJyT5XAyHIwsq8XMNvIYdqvlZrFYjGYTy8jl2x5DJtxNjnbe2z4hwjL7fQcF5fT0mF0GUdH1ttgdTrPnID5oGJaTQTQ_E7YYrSaTzXI4Wy4mg-FoOBrtjwAuB2giBsvlZLKY7Faj1Wgz3I1mgwUSiMEEUbRoMFmNRpPFZLgaTVaz5WK32yCKVq1mo81guJpNZrvdajgYLkcjNGGL0Woy2SyHs-ViMhiOhqPREMHMxrJcbJaztW4wGblFG5tnrfBMZm7VcDNbDFarwWy3WYteH9PFuRqNlgsvEgzw2IvkaZFOVDbPcLgybUyb5cS42lgmu81mMlzYhpOFxTMyDiZiieZkkU5kl33H45wsh5PhYGRZLWa2kcewWy03i8ViNJtYRi7fvrOxLBeb5WytG0xGbtHG5lkrPJOZWzXczBaD1Wow223WotfHdHGuRqPlwt-YDXfLyXA2mOwbs-FuORnOBpN9h87wXX3ORs_lYO7IvOHS2We0OQ0Kl8HinapX32hndhD9pkWnTKZWFnRGv9_v9_v9fr_f7zdoPQezQeF7Hv7C6WN5Loez0YPYoFDEEsFFOtE87H6_1yKWKE0X6USv-7tddr9kMliOFhOxRHC6SCeil_F0Uf-RQy7mks1yLhnM5orhYpUAAAAAAAAAACzBJNNNAAAAAJwMZLac7VbrdBCj2Wg0WC0XwANcgC5gEAAAAAAAgF3NiNxuaXxSW8Uae8xgHna_32tlABCC2cw2-4wg1mq1rAEAAAhgAwAACOCmG28CVKG4_____3EAAABk5NADAAAQ3wcE9MSFUi_8yK8gFovBaP8AVIi1Wq1uN9ZqtQA!&excid=22&docw=0&cijs=1&nlb=false
Protocol: H2
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://am-match.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 05:03:25 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 82108

Redirect headers

date: Wed, 28 Jun 2023 05:03:24 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/?taboola_hm=y-ZPs47xtE2oSaqVi71d.lNp.kVPzigeHZAskgGA--~A
content-length: 0

GET
H2

200

/
sync.taboola.com/sg/yahoosspus-network/1/rtb-h/ Frame FBEF
Redirect Chain

https://ups.analytics.yahoo.com/ups/58785/sync?redir=true&gdpr=0&us_privacy=1---
https://ups.analytics.yahoo.com/ups/58785/sync?redir=true&gdpr=0&us_privacy=1---&verify=true
https://sync.taboola.com/sg/yahoosspus-network/1/rtb-h/?taboola_hm=y-nm.H0RdE2uEDd7hWm0WgW0uTGpizmj17~A&gdpr_in_effect=0

0
230 B

151ms
151ms

Image
text/plain

141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.taboola.com/sg/yahoosspus-network/1/rtb-h/?taboola_hm=y-nm.H0RdE2uEDd7hWm0WgW0uTGpizmj17~A&gdpr_in_effect=0
Requested by: Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V8GoQCLAbM_EDMOI-yeBGY-YGYcR5l8SoAAABgYED8AAlZlhOHx-Zwq5Yz11q0HC7cwtVy41YMFxaLbeLZTVajISAhy3Li8NgcbtVy5lqLlsOFW7habtyK4cJisU08u8lqNAUfxnKZDGqBhGX2-w4KyunpMbsMoqLrbbE7nGbPG5Cg6XT4XPd63e931zzsfr_XrvG7_bq_22X3SyaD5WixlwMAAACAB_____8QAAAAACIAAAAASAAAAACgEFDh34LABQAAAAAM_____xoAnjgc0MVpdnqe_gAAAAAAAgAAAIAEAEHHWgkAC6yqE___________MQboM29k_P___98w6AHw4APgQQgAAIDHEISc4s36AvJ3IgWbRRgBAAAA2Hp3rj0ySSeoWFT5___vtwJwBQAgIBFA7G8ji-6gxFsYAAAAgTEL9LD4_WaHXeN3u8z_________v5n_M_9ohEyEH9MIzUSxq_kFBABY8wsIAMBG3QAAvAmAE3QIWjEYrM5ArlazAwAAAHDn____Xw_IeJyT5XAyHIwsq8XMNvIYdqvlZrFYjGYTy8jl2x5DJtxNjnbe2z4hwjL7fQcF5fT0mF0GUdH1ttgdTrPnID5oGJaTQTQ_E7YYrSaTzXI4Wy4mg-FoOBrtjwAuB2giBsvlZLKY7Faj1Wgz3I1mgwUSiMEEUbRoMFmNRpPFZLgaTVaz5WK32yCKVq1mo81guJpNZrvdajgYLkcjNGGL0Woy2SyHs-ViMhiOhqPREMHMxrJcbJaztW4wGblFG5tnrfBMZm7VcDNbDFarwWy3WYteH9PFuRqNlgsvEgzw2IvkaZFOVDbPcLgybUyb5cS42lgmu81mMlzYhpOFxTMyDiZiieZkkU5kl33H45wsh5PhYGRZLWa2kcewWy03i8ViNJtYRi7fvrOxLBeb5WytG0xGbtHG5lkrPJOZWzXczBaD1Wow223WotfHdHGuRqPlwt-YDXfLyXA2mOwbs-FuORnOBpN9h87wXX3ORs_lYO7IvOHS2We0OQ0Kl8HinapX32hndhD9pkWnTKZWFnRGv9_v9_v9fr_f7zdoPQezQeF7Hv7C6WN5Loez0YPYoFDEEsFFOtE87H6_1yKWKE0X6USv-7tddr9kMliOFhOxRHC6SCeil_F0Uf-RQy7mks1yLhnM5orhYpUAAAAAAAAAACzBJNNNAAAAAJwMZLac7VbrdBCj2Wg0WC0XwANcgC5gEAAAAAAAgF3NiNxuaXxSW8Uae8xgHna_32tlABCC2cw2-4wg1mq1rAEAAAhgAwAACOCmG28CVKG4_____3EAAABk5NADAAAQ3wcE9MSFUi_8yK8gFovBaP8AVIi1Wq1uN9ZqtQA!&excid=22&docw=0&cijs=1&nlb=false
Protocol: H2
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://am-match.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 05:03:25 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 82117

Redirect headers

location: https://sync.taboola.com/sg/yahoosspus-network/1/rtb-h/?taboola_hm=y-nm.H0RdE2uEDd7hWm0WgW0uTGpizmj17~A&gdpr_in_effect=0
date: Wed, 28 Jun 2023 05:03:25 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.57
age: 0
content-length: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2 200 container.html Show response
7b396d131b51a631f1f56b13a95d7996.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 0642 6 KB
3 KB 132ms
130ms Document
text/html 142.250.186.161
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://7b396d131b51a631f1f56b13a95d7996.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306270101/pubads_impl.js?cb=31075705

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.161 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f1.1e100.net

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.sanook.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: ka-GE,ka;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 28 Jun 2023 05:03:24 GMT
expires: Thu, 27 Jun 2024 05:03:24 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 container.html Show response
7b396d131b51a631f1f56b13a95d7996.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 7A4B 6 KB
3 KB 131ms
130ms Document
text/html 142.250.186.161
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://7b396d131b51a631f1f56b13a95d7996.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306270101/pubads_impl.js?cb=31075705

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.161 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f1.1e100.net

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.sanook.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: ka-GE,ka;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 28 Jun 2023 05:03:24 GMT
expires: Thu, 27 Jun 2024 05:03:24 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 7130 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6bc543d46cca98aead3005a87979d5dfbad919b8020fa78c1d1952336f967db1

Request headers

accept-language: ka-GE,ka;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 35E6 0
0 172ms
172ms Fetch
image/gif 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvOOrzqjU2Gdl9B6cs_7Qc1HyRVGyEcRnQnwFBe897uvV5nvjH7wmLeox5YRjQEXzNaVFjgyjXwJGUujB0LGwmxU-7XFG9fehxj0YOm7-lFM4g8_eja1UMYpd2FywOeBztLfZN7z5K8-ryMcsyMCl4qqOPRWlrxwTHKqJqRhmCk1qktjBLetTPYRb824dUtscs4eDwggeDruG_TaDG6KHdUjubFvgJ1dCG1jg9KMiN4m3X0C0Hmy0mGniUfPJ84UIsLnup2ZU7TE156DAb2OtaQpOplM03GY2gBeR-jDbw_vOuupZ-oMwJgVNYpbAWqyzGtVoJhg8hTqUviVvMilMIMR2mwAn9k9pOszERBXw&sai=AMfl-YSMTkKbcYYcfVA2pOwdNzleUBTqiN0yLQUns2bVvtBmuQzJAPlcd0Dq5eni5gBUsVxl6cHENgAYBiwszLwamz4p-ZUqW9XiVCYmG88fTFjIQUYJ-gAfaQXNUcTeB9Bl0tQb7YKb_9R9p_bf3wZEm4M&sig=Cg0ArKJSzCfbU7Ihq6GQEAE&uach_m=[UACH]&adurl=

Requested by

Host: www.sanook.com
URL: https://www.sanook.com/women/220941/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 05:03:24 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230620/r20110914/ Frame 35E6 22 KB
9 KB 136ms
135ms Script
text/javascript 142.250.186.161
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230620/r20110914/abg_lite_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306270101/pubads_impl.js?cb=31075705

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.161 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f1.1e100.net

Software

cafe /

Resource Hash

81f66fb840c902b62f902bc4e27a6e3dee001d2f8babf5e767f78f16136ff0b7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Jun 2023 18:49:13 GMT
content-encoding: br
x-content-type-options: nosniff
age: 36851
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9007
x-xss-protection: 0
server: cafe
etag: 10216374826415589524
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 11 Jul 2023 18:49:13 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230620/r20110914/client/ Frame 35E6 3 KB
1 KB 135ms
134ms Script
text/javascript 142.250.186.161
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230620/r20110914/client/window_focus_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306270101/pubads_impl.js?cb=31075705

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.161 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f1.1e100.net

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Jun 2023 15:02:48 GMT
content-encoding: br
x-content-type-options: nosniff
age: 50436
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 11 Jul 2023 15:02:48 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 35E6 179 KB
56 KB 141ms
141ms Script
text/javascript 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306270101/pubads_impl.js?cb=31075705

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

sffe /

Resource Hash

cdd152da46fe3cee3e804d967f5dead6756bfb9698b157766bbbdc0ab5ce9b0c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 05:03:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57261
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1687779365227900"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 28 Jun 2023 05:03:24 GMT

GET
H2 200 o_1eu2h4lrdq011gf96nq16a1i0sc.jpg
img-as.fsanook.com/files/uploads/ads/dfp/20210209/ Frame 35E6 138 KB
139 KB 2208ms
133ms Image
image/jpeg 43.152.26.154
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img-as.fsanook.com/files/uploads/ads/dfp/20210209/o_1eu2h4lrdq011gf96nq16a1i0sc.jpg
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306270101/pubads_impl.js?cb=31075705
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 43.152.26.154 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: Lego Server /
Resource Hash: e6c49e667ef73a512d1b579ca675dae131aed4b0541873902abf76840000e9de

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 14 May 2023 13:15:29 GMT
x-cache-lookup: Cache Hit
last-modified: Tue, 09 Feb 2021 04:34:42 GMT
server: Lego Server
age: 0
etag: "602210e2-22880"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=2592000
access-control-allow-credentials: true
x-nws-log-uuid: 13821683271010790545
accept-ranges: bytes
content-length: 141440
expires: Tue, 13 Jun 2023 13:15:29 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 35E6 0
0 141ms
141ms Image
text/html 142.250.186.132
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRJR8CP6FajPsEVyzTiFUHx1z8nI1g5-6YsFo9-GIgPTXrSv4VIeeveUXjKrl7PwFtvxNxaNjrhcldXxeNrue4vHXi3ig
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306270101/pubads_impl.js?cb=31075705
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.186.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s07-in-f4.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306220101/ Frame F8C5 393 KB
125 KB 134ms
133ms Script
text/javascript 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306220101/pubads_impl.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

cafe /

Resource Hash

3086c49956d51c2cba2562ba86a083aedf01d66f41c264f158f5d4f6e632c3eb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Jun 2023 12:16:17 GMT
content-encoding: br
x-content-type-options: nosniff
age: 60427
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 127939
x-xss-protection: 0
server: cafe
etag: 10569078359274256513
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Wed, 26 Jun 2024 12:16:17 GMT

GET
H2

200

/
trc.taboola.com/sg/thetradedesk-network/1/rtb-h/ Frame F5F2
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?gdpr=0&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
https://match.adsrvr.org/track/cmb/generic?gdpr=0&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=afa44a28-be32-4884-b7e2-2e84609cee3b

0
214 B

211ms
210ms

Image
text/plain

151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=afa44a28-be32-4884-b7e2-2e84609cee3b
Requested by: Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V8GoQCLAbM_EDMOI-yeBGY-YGYcR5l8SoAAABgYED8AAlZlhOHx-Zwq5Yz11q0HC7cwtVy41YMFxaLbeLZTVajISAhy3Li8NgcbtVy5lqLlsOFW7habtyK4cJisU08u8lqNAUfxnKZDGqBhGX2-w4KyunpMbsMoqLrbbE7nGbPG5Cg6XT4XPd63e931zzsfr_XrvG7_bq_22X3SyaD5WixlwMAAACAB_____8QAAAAACIAAAAASAAAAACgEFDh34LABQAAAAAM_____xoAnjgc0MVpdnqe_gAAAAAAAgAAAIAEAEHHWgkAC6yqE___________MQboM29k_P___98w6AHw4APgQQgAAIDHEISc4s36AvJ3IgWbRRgBAAAA2Hp3rj0ySSeoWFT5___vtwJwBQAgIBFA7G8ji-6gxFsYAAAAgTEL9LD4_WaHXeN3u8z_________v5n_M_9ohEyEH9MIzUSxq_kFBABY8wsIAMBG3QAAvAmAE3QIWjEYrM5ArlazAwAAAHDn____Xw_IeJyT5XAyHIwsq8XMNvIYdqvlZrFYjGYTy8jl2x5DJtxNjnbe2z4hwjL7fQcF5fT0mF0GUdH1ttgdTrPnID5oGJaTQTQ_E7YYrSaTzXI4Wy4mg-FoOBrtjwAuB2giBsvlZLKY7Faj1Wgz3I1mgwUSiMEEUbRoMFmNRpPFZLgaTVaz5WK32yCKVq1mo81guJpNZrvdajgYLkcjNGGL0Woy2SyHs-ViMhiOhqPREMHMxrJcbJaztW4wGblFG5tnrfBMZm7VcDNbDFarwWy3WYteH9PFuRqNlgsvEgzw2IvkaZFOVDbPcLgybUyb5cS42lgmu81mMlzYhpOFxTMyDiZiieZkkU5kl33H45wsh5PhYGRZLWa2kcewWy03i8ViNJtYRi7fvrOxLBeb5WytG0xGbtHG5lkrPJOZWzXczBaD1Wow223WotfHdHGuRqPlwt-YDXfLyXA2mOwbs-FuORnOBpN9h87wXX3ORs_lYO7IvOHS2We0OQ0Kl8HinapX32hndhD9pkWnTKZWFnRGv9_v9_v9fr_f7zdoPQezQeF7Hv7C6WN5Loez0YPYoFDEEsFFOtE87H6_1yKWKE0X6USv-7tddr9kMliOFhOxRHC6SCeil_F0Uf-RQy7mks1yLhnM5orhYpUAAAAAAAAAACzBJNNNAAAAAJwMZLac7VbrdBCj2Wg0WC0XwANcgC5gEAAAAAAAgF3NiNxuaXxSW8Uae8xgHna_32tlABCC2cw2-4wg1mq1rAEAAAhgAwAACOCmG28CVKG4_____3EAAABk5NADAAAQ3wcE9MSFUi_8yK8gFovBaP8AVIi1Wq1uN9ZqtQA!&cmcv=&pix=undefined&cb=1687928604229&uv=3291&tms=1687928604229&abt=esv_vB!lvlstst-in2_vB!lvlstst1_vB!nonrv_vA!t45!ufm&ft=0&unm=WIDGET_ITEM&aure=false&agl=1&cirid=d29bacfa-59f5-498a-859c-18abb6b37254&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol: H2
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://imprammp.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 74
date: Wed, 28 Jun 2023 05:03:25 GMT
via: 1.1 varnish
x-served-by: cache-mxp6942-MXP
server: nginx
x-timer: S1687928606.561931,VS0,VE74
x-fastly-to-nlb-rtt: 76097
x-cache: MISS
accept-ranges: bytes
content-length: 0
x-service-version: v2
x-cache-hits: 0

Redirect headers

pragma: no-cache
date: Wed, 28 Jun 2023 05:03:25 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=afa44a28-be32-4884-b7e2-2e84609cee3b
content-type: text/html
cache-control: private,no-cache, must-revalidate
content-length: 239

GET
H2

200

/
sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/ Frame F5F2
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/taboola/3c291396-702d-4cf3-a32f-583610550673-tuctb95449a?gdpr=0&us_privacy=1---
https://sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/?taboola_hm=y-tK481uZE2oSi1QguVlokP.G6qlN8n1C2E6q6HA--~A

0
230 B

151ms
150ms

Image
text/plain

141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/?taboola_hm=y-tK481uZE2oSi1QguVlokP.G6qlN8n1C2E6q6HA--~A
Requested by: Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V8GoQCLAbM_EDMOI-yeBGY-YGYcR5l8SoAAABgYED8AAlZlhOHx-Zwq5Yz11q0HC7cwtVy41YMFxaLbeLZTVajISAhy3Li8NgcbtVy5lqLlsOFW7habtyK4cJisU08u8lqNAUfxnKZDGqBhGX2-w4KyunpMbsMoqLrbbE7nGbPG5Cg6XT4XPd63e931zzsfr_XrvG7_bq_22X3SyaD5WixlwMAAACAB_____8QAAAAACIAAAAASAAAAACgEFDh34LABQAAAAAM_____xoAnjgc0MVpdnqe_gAAAAAAAgAAAIAEAEHHWgkAC6yqE___________MQboM29k_P___98w6AHw4APgQQgAAIDHEISc4s36AvJ3IgWbRRgBAAAA2Hp3rj0ySSeoWFT5___vtwJwBQAgIBFA7G8ji-6gxFsYAAAAgTEL9LD4_WaHXeN3u8z_________v5n_M_9ohEyEH9MIzUSxq_kFBABY8wsIAMBG3QAAvAmAE3QIWjEYrM5ArlazAwAAAHDn____Xw_IeJyT5XAyHIwsq8XMNvIYdqvlZrFYjGYTy8jl2x5DJtxNjnbe2z4hwjL7fQcF5fT0mF0GUdH1ttgdTrPnID5oGJaTQTQ_E7YYrSaTzXI4Wy4mg-FoOBrtjwAuB2giBsvlZLKY7Faj1Wgz3I1mgwUSiMEEUbRoMFmNRpPFZLgaTVaz5WK32yCKVq1mo81guJpNZrvdajgYLkcjNGGL0Woy2SyHs-ViMhiOhqPREMHMxrJcbJaztW4wGblFG5tnrfBMZm7VcDNbDFarwWy3WYteH9PFuRqNlgsvEgzw2IvkaZFOVDbPcLgybUyb5cS42lgmu81mMlzYhpOFxTMyDiZiieZkkU5kl33H45wsh5PhYGRZLWa2kcewWy03i8ViNJtYRi7fvrOxLBeb5WytG0xGbtHG5lkrPJOZWzXczBaD1Wow223WotfHdHGuRqPlwt-YDXfLyXA2mOwbs-FuORnOBpN9h87wXX3ORs_lYO7IvOHS2We0OQ0Kl8HinapX32hndhD9pkWnTKZWFnRGv9_v9_v9fr_f7zdoPQezQeF7Hv7C6WN5Loez0YPYoFDEEsFFOtE87H6_1yKWKE0X6USv-7tddr9kMliOFhOxRHC6SCeil_F0Uf-RQy7mks1yLhnM5orhYpUAAAAAAAAAACzBJNNNAAAAAJwMZLac7VbrdBCj2Wg0WC0XwANcgC5gEAAAAAAAgF3NiNxuaXxSW8Uae8xgHna_32tlABCC2cw2-4wg1mq1rAEAAAhgAwAACOCmG28CVKG4_____3EAAABk5NADAAAQ3wcE9MSFUi_8yK8gFovBaP8AVIi1Wq1uN9ZqtQA!&cmcv=&pix=undefined&cb=1687928604229&uv=3291&tms=1687928604229&abt=esv_vB!lvlstst-in2_vB!lvlstst1_vB!nonrv_vA!t45!ufm&ft=0&unm=WIDGET_ITEM&aure=false&agl=1&cirid=d29bacfa-59f5-498a-859c-18abb6b37254&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol: H2
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://imprammp.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 05:03:25 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 82108

Redirect headers

date: Wed, 28 Jun 2023 05:03:24 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/?taboola_hm=y-tK481uZE2oSi1QguVlokP.G6qlN8n1C2E6q6HA--~A
content-length: 0

GET

cm
p.rfihub.com/ Frame F5F2
Redirect Chain

https://x.bidswitch.net/sync?gdpr=0&us_privacy=1---&ssp=taboola
https://x.bidswitch.net/ul_cb/sync?gdpr=0&us_privacy=1---&ssp=taboola
https://p.rfihub.com/cm?in=1&pub=20513&ssp=taboola&gdpr=0&gdpr_consent=

0
0

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame C341 624 B
242 B 178ms
176ms Document
text/html 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CPW01AIQlfyX1QQY68D47gEwAQ&v=APEucNVNs_yQh6ymLjfQ6GcuRUvWtH-Re9CXcbN3A6iwCbwLmt3npA0qMAeQRWy5RgBE-tmJEXZN0-IDvmyD5o7DFAzNzDZjQA

Requested by

Host: 7b396d131b51a631f1f56b13a95d7996.safeframe.googlesyndication.com
URL: https://7b396d131b51a631f1f56b13a95d7996.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s06-in-f130.1e100.net

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://7b396d131b51a631f1f56b13a95d7996.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: ka-GE,ka;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 28 Jun 2023 05:03:24 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 96A0 78 KB
28 KB 496ms
216ms Script
text/javascript 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: 7b396d131b51a631f1f56b13a95d7996.safeframe.googlesyndication.com
URL: https://7b396d131b51a631f1f56b13a95d7996.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

332d8e2d6964e41c92a430d24b1b469bfdcc30ad072f980b2e7adf241590886a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://7b396d131b51a631f1f56b13a95d7996.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 05:03:25 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28042
x-xss-protection: 0
server: cafe
etag: 3261498652431352696
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Wed, 28 Jun 2023 05:03:25 GMT

GET
H2 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 96A0 42 B
110 B 455ms
174ms Image
image/gif 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-D2K__rdq0yt3ywFGfYPrniPJ8Gz56_bjbX90LWbRXYD_Rd_NQe6KSm6f2gRXcJ30P0AhhNUY3hfh5YTSqUbTwUcUhyUHtVGGzcIIENQiGNQHRIZpA

Requested by

Host: 7b396d131b51a631f1f56b13a95d7996.safeframe.googlesyndication.com
URL: https://7b396d131b51a631f1f56b13a95d7996.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://7b396d131b51a631f1f56b13a95d7996.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 28 Jun 2023 05:03:25 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 96A0 0
349 B 454ms
174ms Image
image/gif 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=2053284010352760491&x=1&ct=77

Requested by

Host: 7b396d131b51a631f1f56b13a95d7996.safeframe.googlesyndication.com
URL: https://7b396d131b51a631f1f56b13a95d7996.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://7b396d131b51a631f1f56b13a95d7996.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 28 Jun 2023 05:03:25 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230620/r20110914/client/ Frame 96A0 3 KB
1 KB 157ms
156ms Script
text/javascript 142.250.186.161
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230620/r20110914/client/window_focus_fy2021.js

Requested by

Host: 7b396d131b51a631f1f56b13a95d7996.safeframe.googlesyndication.com
URL: https://7b396d131b51a631f1f56b13a95d7996.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.161 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f1.1e100.net

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://7b396d131b51a631f1f56b13a95d7996.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Jun 2023 15:02:48 GMT
content-encoding: br
x-content-type-options: nosniff
age: 50436
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 11 Jul 2023 15:02:48 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230620/r20110914/client/ Frame 96A0 19 KB
8 KB 132ms
130ms Script
text/javascript 142.250.186.161
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230620/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 7b396d131b51a631f1f56b13a95d7996.safeframe.googlesyndication.com
URL: https://7b396d131b51a631f1f56b13a95d7996.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.161 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f1.1e100.net

Software

cafe /

Resource Hash

8d67e93b773c993230e55a3881853d5e8d399b32fb591d845c41553c0fe8c71b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://7b396d131b51a631f1f56b13a95d7996.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Jun 2023 19:19:38 GMT
content-encoding: br
x-content-type-options: nosniff
age: 35026
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8131
x-xss-protection: 0
server: cafe
etag: 7076601798724011321
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 11 Jul 2023 19:19:38 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 96A0 179 KB
56 KB 143ms
142ms Script
text/javascript 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 7b396d131b51a631f1f56b13a95d7996.safeframe.googlesyndication.com
URL: https://7b396d131b51a631f1f56b13a95d7996.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

sffe /

Resource Hash

cdd152da46fe3cee3e804d967f5dead6756bfb9698b157766bbbdc0ab5ce9b0c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://7b396d131b51a631f1f56b13a95d7996.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 05:03:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57261
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1687779365227900"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 28 Jun 2023 05:03:24 GMT

GET
H2 206 default_video.mp4
s.isanook.com/vi/0/ud/1/ext/video/ Frame 7130 23 KB
23 KB 130ms
129ms Media
video/mp4 43.152.44.81
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to

Full URL: https://s.isanook.com/vi/0/ud/1/ext/video/default_video.mp4
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/women/220941/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 43.152.44.81 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: Lego Server /
Resource Hash: c7e91ec737c4456ae82d47d50d3099d60105d58ddfe04c0001b9b13887d41d21

Request headers

Referer: https://www.sanook.com/
Accept-Encoding: identity;q=1, *;q=0
accept-language: ka-GE,ka;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range: bytes=0-

Response headers

date: Fri, 12 May 2023 20:29:39 GMT
x-cache-lookup: Cache Hit
last-modified: Thu, 20 Aug 2015 06:26:08 GMT
server: Lego Server
age: 0
etag: "55d57300-5b54"
vary: Accept-Encoding
content-type: video/mp4
Content-Range: bytes 0-23379/23380
cache-control: s-maxage=10
x-nws-log-uuid: 10292189500123190066
Content-Length: 23380

GET
DATA 200
OK truncated
/ Frame 35E6 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9a18306fa24c601c0dab093a860e17849370b11ecb4f863eec35f9521f2c5ee0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

POST
H2 204 bulk Show response
trc.taboola.com/sanook/log/3/ 0
419 B 300ms
300ms XHR
image/gif 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/sanook/log/3/bulk?route=AM%3AIL%3AV&lti=deflated&bulkSize=12
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/women/220941/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.sanook.com/
accept-language: ka-GE,ka;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-vcl-time-ms: 88
date: Wed, 28 Jun 2023 05:03:24 GMT
via: 1.1 varnish
x-fastly-to-nlb-rtt: 76547
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version: v2
x-served-by: cache-mxp6942-MXP
pragma: no-cache
server: nginx
x-timer: S1687928605.863620,VS0,VE88
content-type: image/gif
access-control-allow-origin: https://www.sanook.com
cache-control: no-cache
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 0

GET
H2 200 css
fonts.googleapis.com/ Frame 6932 8 KB
823 B 140ms
140ms Stylesheet
text/css 142.250.185.106
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:700,500,400,300

Requested by

Host: 7b396d131b51a631f1f56b13a95d7996.safeframe.googlesyndication.com
URL: https://7b396d131b51a631f1f56b13a95d7996.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.106 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f10.1e100.net

Software

ESF /

Resource Hash

98d2e3edd14aa506c4521125c7cdb7bb3030d7caae5803feec6d2613195ee955

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://7b396d131b51a631f1f56b13a95d7996.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 28 Jun 2023 05:03:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 28 Jun 2023 04:11:10 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 28 Jun 2023 05:03:24 GMT

GET
H3 200 outstream.min.css
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230516_RC00/ Frame 6932 15 KB
3 KB 139ms
138ms Stylesheet
text/css 142.250.184.202
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230516_RC00/outstream.min.css

Requested by

Host: 7b396d131b51a631f1f56b13a95d7996.safeframe.googlesyndication.com
URL: https://7b396d131b51a631f1f56b13a95d7996.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.202 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f10.1e100.net

Software

sffe /

Resource Hash

7d4095ea226f3f80d6d4fc62e3737dd5107fd9d4aa4a443cac11378b102f64b6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://7b396d131b51a631f1f56b13a95d7996.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Jun 2023 05:06:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 86238
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2883
x-xss-protection: 0
last-modified: Wed, 17 May 2023 00:43:28 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 26 Jun 2024 05:06:06 GMT

GET
H3 200 outstream.min.js Show response
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230516_RC00/ Frame 6932 371 KB
127 KB 138ms
138ms Script
text/javascript 142.250.184.202
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230516_RC00/outstream.min.js

Requested by

Host: 7b396d131b51a631f1f56b13a95d7996.safeframe.googlesyndication.com
URL: https://7b396d131b51a631f1f56b13a95d7996.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.202 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f10.1e100.net

Software

sffe /

Resource Hash

464be521d749b2ba1c7e8c1f87223b56a03ee0bd05484baa0e9067ce9eb9d2be

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://7b396d131b51a631f1f56b13a95d7996.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Jun 2023 16:50:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 44002
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 130330
x-xss-protection: 0
last-modified: Wed, 17 May 2023 00:43:28 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 26 Jun 2024 16:50:02 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230620/r20110914/client/ Frame 6932 19 KB
8 KB 136ms
131ms Script
text/javascript 142.250.186.161
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230620/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 7b396d131b51a631f1f56b13a95d7996.safeframe.googlesyndication.com
URL: https://7b396d131b51a631f1f56b13a95d7996.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.161 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f1.1e100.net

Software

cafe /

Resource Hash

8d67e93b773c993230e55a3881853d5e8d399b32fb591d845c41553c0fe8c71b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://7b396d131b51a631f1f56b13a95d7996.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Jun 2023 19:19:38 GMT
content-encoding: br
x-content-type-options: nosniff
age: 35026
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8131
x-xss-protection: 0
server: cafe
etag: 7076601798724011321
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 11 Jul 2023 19:19:38 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 6932 0
0 163ms
158ms Image
text/html 142.250.186.132
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQnK95VL99y8T4fx94pIXHLAhdw88yizg50RVE8FxiEiISii5SCP3jXqvhOFZi1_Hnm_msZ5o8p6Vd5Ob1CO2I0qhOYaA
Requested by: Host: 7b396d131b51a631f1f56b13a95d7996.safeframe.googlesyndication.com
URL: https://7b396d131b51a631f1f56b13a95d7996.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.186.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s07-in-f4.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://7b396d131b51a631f1f56b13a95d7996.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 6932 24 KB
6 KB 159ms
153ms Script
text/javascript 142.250.186.161
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js

Requested by

Host: 7b396d131b51a631f1f56b13a95d7996.safeframe.googlesyndication.com
URL: https://7b396d131b51a631f1f56b13a95d7996.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.161 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f1.1e100.net

Software

sffe /

Resource Hash

08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://7b396d131b51a631f1f56b13a95d7996.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 12:02:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 579633
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6402
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Thu, 20 Jun 2024 12:02:51 GMT

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame AE09
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:75ea649b-bf1d-4100-8616-1c08765efb1e&gdpr=0&gdpr_consent=

42 B
404 B

382ms
148ms

Document
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:75ea649b-bf1d-4100-8616-1c08765efb1e&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=155976
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: ka-GE,ka;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Wed, 28 Jun 2023 05:03:25 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

Access-Control-Allow-Origin: *
Cache-Control: no-cache
Connection: keep-alive
Content-Length: 0
Content-Type: image/gif
Date: Wed, 28 Jun 2023 05:03:25 GMT
Expires: Wed, 28 Jun 2023 05:03:24 GMT
Keep-Alive: timeout=360
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Server: MT3 1031 59fd23a master cdg cdg-pixel-x28 config_version:"1438"
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:75ea649b-bf1d-4100-8616-1c08765efb1e&gdpr=0&gdpr_consent=

GET pubmatic
d5p.de17a.com/getuid/ Frame BDCB 0
0

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame E90B
Redirect Chain

https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCooki...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=

42 B
245 B

456ms
147ms

Document
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=155976
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: ka-GE,ka;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Wed, 28 Jun 2023 05:03:25 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

cache-control: no-cache
content-length: 0
cross-origin-resource-policy: cross-origin
date: Wed, 28 Jun 2023 05:03:24 GMT
expires: Wed, 28 Jun 2023 00:00:00 GMT
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
pragma: no-cache
server: Kestrel
server-processing-duration-in-ticks: 849967
strict-transport-security: max-age=31536000; preload;
x-errorlevel: 0

GET cm
p.rfihub.com/ Frame C17B 0
0

GET
H/1.1

200
OK

dcm Show response
aax-eu.amazon-adsystem.com/s/ Frame 0F1B
Redirect Chain

https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=42506BB5-4699-4248-8DC1-E5C15A48A7E9&redir=true&gdpr=0&gdpr_consent=
https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=42506BB5-4699-4248-8DC1-E5C15A48A7E9&redir=true&gdpr=0&gdpr_consent=&dcc=t

43 B
855 B

340ms
337ms

Document
image/gif

67.220.228.203
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=42506BB5-4699-4248-8DC1-E5C15A48A7E9&redir=true&gdpr=0&gdpr_consent=&dcc=t

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=155976

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

67.220.228.203 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: ka-GE,ka;q=0.9

Response headers

Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif
Date: Wed, 28 Jun 2023 05:03:25 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Pragma: no-cache
Server: Server
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Vary: Content-Type,Accept-Encoding,User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid: B1CMM4T8G3ZMYB5YC7D8

Redirect headers

Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 0
Date: Wed, 28 Jun 2023 05:03:25 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Location: https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=42506BB5-4699-4248-8DC1-E5C15A48A7E9&redir=true&gdpr=0&gdpr_consent=&dcc=t
Pragma: no-cache
Server: Server
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Vary: Content-Type,Accept-Encoding,User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid: ART22A0W4Y6KGS4GS3H0

GET
H2 200 p-5aWVS_roA1dVM.gif Show response
cms.quantserve.com/pixel/ Frame BB77 35 B
424 B 675ms
135ms Document
image/gif 91.228.74.159
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=155976

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

91.228.74.159 , United Kingdom, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: ka-GE,ka;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-origin: *
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 35
content-type: image/gif
date: Wed, 28 Jun 2023 05:03:25 GMT
expires: Fri, 04 Aug 1978 12:00:00 GMT
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
pragma: no-cache
strict-transport-security: max-age=86400

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame 2D6E
Redirect Chain

https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA%3D%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=164765543742477328&gdpr=0&gdpr_consent=

42 B
217 B

146ms
145ms

Document
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=164765543742477328&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=155976
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: ka-GE,ka;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Wed, 28 Jun 2023 05:03:25 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

AN-X-Request-Uuid: 45ab39e9-af7d-4a69-bebf-39174547a0f9
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Length: 0
Content-Type: text/html; charset=utf-8
Date: Wed, 28 Jun 2023 05:03:25 GMT
Expires: Sat, 15 Nov 2008 16:00:00 GMT
Location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=164765543742477328&gdpr=0&gdpr_consent=
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Pragma: no-cache
Server: nginx/1.21.3
X-Proxy-Origin: 91.239.206.181; 91.239.206.181; 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
X-XSS-Protection: 0

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame 642F
Redirect Chain

https://dsp.adfarm1.adition.com/cookie/?ssp=9&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7249598160764663957&gdpr=0&gdpr_consent=

42 B
220 B

152ms
151ms

Document
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7249598160764663957&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=155976
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: ka-GE,ka;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Wed, 28 Jun 2023 05:03:26 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

Connection: keep-alive
Date: Wed, 28 Jun 2023 05:03:26 GMT
Location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7249598160764663957&gdpr=0&gdpr_consent=
Server: nginx
Transfer-Encoding: chunked
p3p: policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"

GET pm
match.prod.bidr.io/cookie-sync/ Frame 3AFE 0
0

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame 11A6
Redirect Chain

https://sync.srv.stackadapt.com/sync?nid=11&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=Lty_i4_-UTl6oP4k4aSluFvvzrU&gdpr=0&gdpr_consent=

42 B
297 B

152ms
149ms

Document
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=Lty_i4_-UTl6oP4k4aSluFvvzrU&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=155976
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: ka-GE,ka;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Wed, 28 Jun 2023 05:03:28 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

Connection: keep-alive
Content-Length: 188
Content-Type: text/html; charset=utf-8
Date: Wed, 28 Jun 2023 05:03:28 GMT
Location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=Lty_i4_-UTl6oP4k4aSluFvvzrU&gdpr=0&gdpr_consent=

GET
H2

200

user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 56F3
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=QlBrtUaZQkiNweXBWkin6Q%3D%3D&gdpr=0&gdpr_consent=
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=

16 KB
16 KB

135ms
131ms

Image
text/html

23.32.184.192
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/women/220941/
Protocol: H2
Server: 23.32.184.192 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-32-184-192.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 05:03:25 GMT
content-encoding: gzip
last-modified: Fri, 16 Dec 2022 06:36:49 GMT
server: Apache
vary: Accept-Encoding
content-type: text/html
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: max-age=22094
accept-ranges: bytes
content-length: 5554
expires: Wed, 28 Jun 2023 11:11:39 GMT

Redirect headers

pragma: no-cache
date: Wed, 28 Jun 2023 05:03:25 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 301
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

qmap
sync.crwdcntrl.net/ Frame 56F3
Redirect Chain

https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=42506BB5-4699-4248-8DC1-E5C15A48A7E9&gdpr=0&gdpr_consent=
https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=42506BB5-4699-4248-8DC1-E5C15A48A7E9&gdpr=0&gdpr_consent=&ct=y

49 B
265 B

170ms
169ms

Image
image/gif

52.211.103.124
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=42506BB5-4699-4248-8DC1-E5C15A48A7E9&gdpr=0&gdpr_consent=&ct=y
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/women/220941/
Protocol: H2
Server: 52.211.103.124 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-211-103-124.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 28 Jun 2023 05:03:25 GMT
server: Jetty(9.4.38.v20210224)
content-type: image/gif
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: *
cache-control: no-cache
x-server: 10.45.29.109
content-length: 49
expires: 0

Redirect headers

pragma: no-cache
date: Wed, 28 Jun 2023 05:03:25 GMT
server: Jetty(9.4.38.v20210224)
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location: https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=42506BB5-4699-4248-8DC1-E5C15A48A7E9&gdpr=0&gdpr_consent=&ct=y
cache-control: no-cache
x-server: 10.45.14.149
content-length: 0
expires: 0

GET cr
cr.frontend.weborama.fr/ Frame 56F3 0
0

GET match
a.audrte.com/ Frame 56F3 0
0

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame 56F3
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=NDI1MDZCQjUtNDY5OS00MjQ4LThEQzEtRTVDMTVBNDhBN0U5&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=

42 B
245 B

675ms
138ms

Image
image/gif

198.47.127.205
GTT-BACKBONE GTT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/women/220941/
Protocol: H2
Server: 198.47.127.205 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type: image/gif; charset=utf-8
date: Wed, 28 Jun 2023 05:03:25 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Wed, 28 Jun 2023 05:03:25 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame 56F3
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEPPeSxlv60YU1Rnr-T4FKlY&google_cver=1

42 B
378 B

675ms
138ms

Image
image/gif

198.47.127.205
GTT-BACKBONE GTT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEPPeSxlv60YU1Rnr-T4FKlY&google_cver=1
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/women/220941/
Protocol: H2
Server: 198.47.127.205 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type: image/gif; charset=utf-8
date: Wed, 28 Jun 2023 05:03:24 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Wed, 28 Jun 2023 05:03:25 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEPPeSxlv60YU1Rnr-T4FKlY&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 379
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pubmatic
um.simpli.fi/ Frame 56F3 43 B
612 B 458ms
140ms Image
image/gif 35.204.158.49
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=

Requested by

Host: www.sanook.com
URL: https://www.sanook.com/women/220941/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

35.204.158.49 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

49.158.204.35.bc.googleusercontent.com

Software

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 05:03:25 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 43
expires: Tue, 27 Jun 2023 05:03:25 GMT

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame 56F3
Redirect Chain

https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=4494080886801228774

42 B
390 B

148ms
147ms

Image
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=4494080886801228774
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/women/220941/
Protocol: H2
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type: image/gif; charset=utf-8
date: Wed, 28 Jun 2023 05:03:32 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Wed, 28 Jun 2023 05:03:32 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=4494080886801228774
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame 56F3
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
https://match.adsrvr.org/track/cmb/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=afa44a28-be32-4884-b7e2-2e84609cee3b&gdpr=0&gdpr_consent=

42 B
391 B

209ms
148ms

Image
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=afa44a28-be32-4884-b7e2-2e84609cee3b&gdpr=0&gdpr_consent=
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/women/220941/
Protocol: H2
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type: image/gif; charset=utf-8
date: Wed, 28 Jun 2023 05:03:23 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Wed, 28 Jun 2023 05:03:25 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=afa44a28-be32-4884-b7e2-2e84609cee3b&gdpr=0&gdpr_consent=
content-type: text/html
cache-control: private,no-cache, must-revalidate
content-length: 355

GET
H2

200

SPug
image4.pubmatic.com/AdServer/ Frame 56F3
Redirect Chain

https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=42506BB5-4699-4248-8DC1-E5C15A48A7E9&redir=true&gdpr=0&gdpr_consent=
https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=42506BB5-4699-4248-8DC1-E5C15A48A7E9&redir=true&gdpr=0&gdpr_consent=&verify=true
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-WXQcBiBE2uWpjD30b.PizN0g2KbER5o-~A&gdpr=0

0
260 B

1485ms
152ms

Image
text/plain

198.47.127.20
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-WXQcBiBE2uWpjD30b.PizN0g2KbER5o-~A&gdpr=0
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/women/220941/
Protocol: H2
Server: 198.47.127.20 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 05:03:26 GMT
cache-control: no-store, no-cache, private
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location: https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-WXQcBiBE2uWpjD30b.PizN0g2KbER5o-~A&gdpr=0
date: Wed, 28 Jun 2023 05:03:25 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.57
age: 0
content-length: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2 200 42506BB5-4699-4248-8DC1-E5C15A48A7E9
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame 56F3 43 B
602 B 162ms
155ms Image
image/gif 34.247.153.61
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pr-bh.ybp.yahoo.com/sync/pubmatic/42506BB5-4699-4248-8DC1-E5C15A48A7E9?gdpr=0&gdpr_consent=

Requested by

Host: www.sanook.com
URL: https://www.sanook.com/women/220941/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.247.153.61 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-247-153-61.eu-west-1.compute.amazonaws.com

Software

ATS /

Resource Hash

48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Security Headers

Name	Value
Content-Security-Policy	sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 05:03:25 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: image/gif
content-length: 43

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame 56F3
Redirect Chain

https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
https://x.bidswitch.net/ul_cb/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
https://ws.rqtrk.eu/pull?pid=6298098f-c92c-4c68-bdfc-f454f26a86ac&redirect=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D193%26user_id%3D%24BROWSER_ID%26gdpr%3D%24GDPR%26gdpr_consent%3D%24GDPR_CO...
https://x.bidswitch.net/sync?dsp_id=193&user_id=&gdpr=0&gdpr_consent=&expires=1&ssp=pubmatic
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=da905178-8959-4a60-8e7c-b68c63e97565&gdpr=0&gdpr_consent=&gdpr_pd=

1 B
245 B

152ms
152ms

Image
text/html

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=da905178-8959-4a60-8e7c-b68c63e97565&gdpr=0&gdpr_consent=&gdpr_pd=
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/women/220941/
Protocol: H2
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type: text/html; charset=utf-8
date: Wed, 28 Jun 2023 05:03:28 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 1
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location: //simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=da905178-8959-4a60-8e7c-b68c63e97565&gdpr=0&gdpr_consent=&gdpr_pd=
date: Wed, 28 Jun 2023 05:03:28 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame 56F3
Redirect Chain

https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=42506BB5-4699-4248-8DC1-E5C15A48A7E9&gdpr=0&gdpr_consent=
https://pubmatic-match.dotomi.com/match/bounce/current?DotomiTest=706ecc9f3c241f5f&is_secure=true&networkId=17100&version=1&nuid=42506BB5-4699-4248-8DC1-E5C15A48A7E9&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAALVYbJouvsjQNZUo4gAAAAAAA&expiration=1688015006&nuid=42506BB5-4699-4248-8DC1-E5C15A48A7E9&...

42 B
265 B

152ms
152ms

Image
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAALVYbJouvsjQNZUo4gAAAAAAA&expiration=1688015006&nuid=42506BB5-4699-4248-8DC1-E5C15A48A7E9&is_secure=true&gdpr_consent=&gdpr=0
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/women/220941/
Protocol: H2
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type: image/gif; charset=utf-8
date: Wed, 28 Jun 2023 05:03:26 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Wed, 28 Jun 2023 05:03:26 GMT
server: nginx
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAALVYbJouvsjQNZUo4gAAAAAAA&expiration=1688015006&nuid=42506BB5-4699-4248-8DC1-E5C15A48A7E9&is_secure=true&gdpr_consent=&gdpr=0
cache-control: no-cache, private, max-age=0, no-store
content-length: 0
expires: 0

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame 56F3
Redirect Chain

https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=8328107424253339475&gdpr=0&gdpr_consent=&us_privacy=

1 B
274 B

147ms
146ms

Image
text/html

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=8328107424253339475&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/women/220941/
Protocol: H2
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type: text/html; charset=utf-8
date: Wed, 28 Jun 2023 05:03:26 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 1
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=8328107424253339475&gdpr=0&gdpr_consent=&us_privacy=
pragma: no-cache
date: Wed, 28 Jun 2023 05:03:25 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 0
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 221E 640 B
262 B 181ms
177ms Document
text/html 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CPW01AIQlfyX1QQY68D47gEwAQ&v=APEucNVlXj0MRJiF1ejQHTeVYjp2AUTUf0aata1OVSegLEfrr-Se96SfJ1o2L43IrnduO3DV80_5BOUoSYqEsYb4HM0HHYS4nQ

Requested by

Host: 7b396d131b51a631f1f56b13a95d7996.safeframe.googlesyndication.com
URL: https://7b396d131b51a631f1f56b13a95d7996.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s06-in-f130.1e100.net

Software

cafe /

Resource Hash

d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://7b396d131b51a631f1f56b13a95d7996.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: ka-GE,ka;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 242
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 28 Jun 2023 05:03:24 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 0642 78 KB
27 KB 519ms
327ms Script
text/javascript 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: 7b396d131b51a631f1f56b13a95d7996.safeframe.googlesyndication.com
URL: https://7b396d131b51a631f1f56b13a95d7996.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

332d8e2d6964e41c92a430d24b1b469bfdcc30ad072f980b2e7adf241590886a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://7b396d131b51a631f1f56b13a95d7996.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 05:03:25 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28042
x-xss-protection: 0
server: cafe
etag: 3261498652431352696
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Wed, 28 Jun 2023 05:03:25 GMT

GET
H2 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 0642 42 B
107 B 362ms
175ms Image
image/gif 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-Ac4dno3S_9Hr-t5Y5jwT-GjsnpH8iSx-oi2IMmrZKUMaYhh9I1CZ6VL7h9_VbcD-84LQwHboG_ZOIvEufp1-Q35l1vp_n1IDeeLmbNbe1VavGGypA

Requested by

Host: 7b396d131b51a631f1f56b13a95d7996.safeframe.googlesyndication.com
URL: https://7b396d131b51a631f1f56b13a95d7996.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://7b396d131b51a631f1f56b13a95d7996.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 28 Jun 2023 05:03:25 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 0642 0
56 B 361ms
175ms Image
image/gif 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=303992262618112245&x=1&ct=77

Requested by

Host: 7b396d131b51a631f1f56b13a95d7996.safeframe.googlesyndication.com
URL: https://7b396d131b51a631f1f56b13a95d7996.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://7b396d131b51a631f1f56b13a95d7996.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 28 Jun 2023 05:03:25 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230620/r20110914/client/ Frame 0642 3 KB
1 KB 138ms
134ms Script
text/javascript 142.250.186.161
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230620/r20110914/client/window_focus_fy2021.js

Requested by

Host: 7b396d131b51a631f1f56b13a95d7996.safeframe.googlesyndication.com
URL: https://7b396d131b51a631f1f56b13a95d7996.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.161 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f1.1e100.net

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://7b396d131b51a631f1f56b13a95d7996.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Jun 2023 15:02:48 GMT
content-encoding: br
x-content-type-options: nosniff
age: 50436
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 11 Jul 2023 15:02:48 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230620/r20110914/client/ Frame 0642 19 KB
8 KB 139ms
135ms Script
text/javascript 142.250.186.161
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230620/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 7b396d131b51a631f1f56b13a95d7996.safeframe.googlesyndication.com
URL: https://7b396d131b51a631f1f56b13a95d7996.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.161 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f1.1e100.net

Software

cafe /

Resource Hash

8d67e93b773c993230e55a3881853d5e8d399b32fb591d845c41553c0fe8c71b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://7b396d131b51a631f1f56b13a95d7996.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Jun 2023 19:19:38 GMT
content-encoding: br
x-content-type-options: nosniff
age: 35026
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8131
x-xss-protection: 0
server: cafe
etag: 7076601798724011321
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 11 Jul 2023 19:19:38 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 0642 179 KB
56 KB 158ms
153ms Script
text/javascript 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 7b396d131b51a631f1f56b13a95d7996.safeframe.googlesyndication.com
URL: https://7b396d131b51a631f1f56b13a95d7996.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

sffe /

Resource Hash

cdd152da46fe3cee3e804d967f5dead6756bfb9698b157766bbbdc0ab5ce9b0c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://7b396d131b51a631f1f56b13a95d7996.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 05:03:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57261
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1687779365227900"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 28 Jun 2023 05:03:24 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 80D7 640 B
262 B 169ms
169ms Document
text/html 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CPW01AIQlfyX1QQY7af47gEwAQ&v=APEucNXy5X2ozdkDyztgnCuhqGDmR6DumnCDMtL63BmQXAIISMwonVKWlnE-828_kEWnvTKrILl9BlRVmJTbtma5yDQ_mGJXEg

Requested by

Host: 7b396d131b51a631f1f56b13a95d7996.safeframe.googlesyndication.com
URL: https://7b396d131b51a631f1f56b13a95d7996.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s06-in-f130.1e100.net

Software

cafe /

Resource Hash

d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://7b396d131b51a631f1f56b13a95d7996.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: ka-GE,ka;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 242
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 28 Jun 2023 05:03:24 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 7A4B 78 KB
27 KB 502ms
328ms Script
text/javascript 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: 7b396d131b51a631f1f56b13a95d7996.safeframe.googlesyndication.com
URL: https://7b396d131b51a631f1f56b13a95d7996.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

332d8e2d6964e41c92a430d24b1b469bfdcc30ad072f980b2e7adf241590886a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://7b396d131b51a631f1f56b13a95d7996.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 05:03:25 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28042
x-xss-protection: 0
server: cafe
etag: 3261498652431352696
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Wed, 28 Jun 2023 05:03:25 GMT

GET
H2 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 7A4B 42 B
107 B 454ms
280ms Image
image/gif 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-AKpJ2uoK0VjaN4HbYaabgOEQONQXMXMoavyKDM8OhsBEPDV8kapjOz6qiVpYobOu1uuQlkNBvn5IUVbGQ4ShtdCfxnq1ZYv7gebSRbUWpgI-uK_tk

Requested by

Host: 7b396d131b51a631f1f56b13a95d7996.safeframe.googlesyndication.com
URL: https://7b396d131b51a631f1f56b13a95d7996.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://7b396d131b51a631f1f56b13a95d7996.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 28 Jun 2023 05:03:25 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 7A4B 0
56 B 350ms
175ms Image
image/gif 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=4616080017104061062&x=1&ct=77

Requested by

Host: 7b396d131b51a631f1f56b13a95d7996.safeframe.googlesyndication.com
URL: https://7b396d131b51a631f1f56b13a95d7996.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://7b396d131b51a631f1f56b13a95d7996.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 28 Jun 2023 05:03:25 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230620/r20110914/client/ Frame 7A4B 3 KB
1 KB 143ms
142ms Script
text/javascript 142.250.186.161
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230620/r20110914/client/window_focus_fy2021.js

Requested by

Host: 7b396d131b51a631f1f56b13a95d7996.safeframe.googlesyndication.com
URL: https://7b396d131b51a631f1f56b13a95d7996.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.161 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f1.1e100.net

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://7b396d131b51a631f1f56b13a95d7996.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Jun 2023 15:02:48 GMT
content-encoding: br
x-content-type-options: nosniff
age: 50436
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 11 Jul 2023 15:02:48 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230620/r20110914/client/ Frame 7A4B 19 KB
8 KB 144ms
143ms Script
text/javascript 142.250.186.161
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230620/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 7b396d131b51a631f1f56b13a95d7996.safeframe.googlesyndication.com
URL: https://7b396d131b51a631f1f56b13a95d7996.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.161 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f1.1e100.net

Software

cafe /

Resource Hash

8d67e93b773c993230e55a3881853d5e8d399b32fb591d845c41553c0fe8c71b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://7b396d131b51a631f1f56b13a95d7996.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Jun 2023 19:19:38 GMT
content-encoding: br
x-content-type-options: nosniff
age: 35026
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8131
x-xss-protection: 0
server: cafe
etag: 7076601798724011321
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 11 Jul 2023 19:19:38 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 7A4B 0
0 145ms
143ms Image
text/html 142.250.186.132
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRKtIm7tGELeaDU2kEuvk5AisIHYkbLxFIzH9oStx-UvR-K-ViD77TBDGmpXBMetLB4v02veDSqN1PGqO1uFamTtAIg6g
Requested by: Host: 7b396d131b51a631f1f56b13a95d7996.safeframe.googlesyndication.com
URL: https://7b396d131b51a631f1f56b13a95d7996.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.186.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s07-in-f4.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://7b396d131b51a631f1f56b13a95d7996.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 7A4B 179 KB
56 KB 187ms
186ms Script
text/javascript 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 7b396d131b51a631f1f56b13a95d7996.safeframe.googlesyndication.com
URL: https://7b396d131b51a631f1f56b13a95d7996.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

sffe /

Resource Hash

cdd152da46fe3cee3e804d967f5dead6756bfb9698b157766bbbdc0ab5ce9b0c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://7b396d131b51a631f1f56b13a95d7996.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 05:03:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57261
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1687779365227900"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 28 Jun 2023 05:03:24 GMT

GET
DATA 200
OK truncated
/ Frame 6010 4 KB
4 KB Font
application/font-woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: aef991b2e0b693a95d41986576dd3901ea7ac03b379501b1caba966058753308

Request headers

Referer
Origin: https://www.sanook.com
accept-language: ka-GE,ka;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: application/font-woff;charset=utf-8

GET
H2 200 cmTagWIDGET_ITEM.js Show response
vidstat.taboola.com/vpaid/units/32_9_1/infra/ 772 KB
132 KB 365ms
116ms Script
application/javascript 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vidstat.taboola.com/vpaid/units/32_9_1/infra/cmTagWIDGET_ITEM.js
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.0.6/UnitWidgetItemDesktop.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3-br /
Resource Hash: 22a191737d58e91e6ea2b8bfbdcded9a8c184ea7b438cebb84f65e107bdab663

Request headers

Referer: https://www.sanook.com/
Origin: https://www.sanook.com
accept-language: ka-GE,ka;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-meta-mtime: 1687770454
date: Wed, 28 Jun 2023 05:03:25 GMT
via: 1.1 varnish
content-encoding: br
x-amz-request-id: YHQWD5CNT3KPE18V
age: 157987
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-meta-ctime: 1687770455
x-amz-meta-mode: 33188
content-length: 134841
x-amz-id-2: Jy/UMDm9AiHurf19iZMJT9lXne7g4mEAXdJF8MCANwArRUV4fRt6PwKuWDQoAzMCqVMzRDL4lxI=
x-served-by: cache-sof1510021-SOF
last-modified: Mon, 26 Jun 2023 09:07:36 GMT
server: AmazonS3-br
x-timer: S1687928605.155169,VS0,VE0
etag: "7794504a8074c13d0b28454ee6f9a0f6"
x-amz-meta-uid: 0
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
x-amz-meta-gid: 0
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
access-control-allow-headers: *
x-cache-hits: 79799

GET
H2 200 cmOsUnit.css
vidstat.taboola.com/vpaid/units/32_9_1/assets/css/ 60 KB
8 KB 145ms
143ms Stylesheet
text/css 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vidstat.taboola.com/vpaid/units/32_9_1/assets/css/cmOsUnit.css
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.0.6/UnitWidgetItemDesktop.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3-br /
Resource Hash: a6571199455f009b27bb8719e76ab06240bb4c9246f6b8915e3119ced168c132

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-meta-mtime: 1687770517
date: Wed, 28 Jun 2023 05:03:24 GMT
via: 1.1 varnish
content-encoding: br
x-amz-request-id: V5JH624KQB9WC796
age: 157987
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-meta-ctime: 1687770518
x-amz-meta-mode: 33188
content-length: 7877
x-amz-id-2: DDdR3PWdWKoKRlD8ifXrUH9weMuJONLzYE9MbfSBT+yrXISTMjuDyOfDgGwsNyogRMb1MBV2Tyw=
x-served-by: cache-mxp6942-MXP
last-modified: Mon, 26 Jun 2023 09:08:39 GMT
server: AmazonS3-br
x-timer: S1687928605.931705,VS0,VE0
etag: "92502277b3d6d05481ffd7687771377e"
x-amz-meta-uid: 0
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
x-amz-meta-gid: 0
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
access-control-allow-headers: *
x-cache-hits: 70663

GET
H2 200 icon_relate.svg
s.isanook.com/sr/0/images/video/video-js/ Frame 6010 2 KB
761 B 137ms
135ms Image
image/svg+xml 43.152.44.81
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.isanook.com/sr/0/images/video/video-js/icon_relate.svg
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/video/embed/clip/1537276/?playerType=video-js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 43.152.44.81 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: Lego Server /
Resource Hash: b3f3f379d724f87e5282f75c162017587c0f0bdd6fe267518119c7bd4a72059d

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 07:31:37 GMT
content-encoding: gzip
x-cache-lookup: Cache Hit
last-modified: Wed, 21 Jun 2023 07:17:44 GMT
server: Lego Server
age: 0
etag: W/"6492a418-61b"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=2592000
x-nws-log-uuid: 1118445847173771592
accept-ranges: bytes
content-length: 526
expires: Fri, 21 Jul 2023 07:31:37 GMT

POST
H/1.1 200
OK graphql Show response
apiu.sanook.com/ Frame 6010 107 B
805 B 1256ms
443ms XHR
application/json 203.151.130.56
INET-TH-AS Intern...

General

Check archive.org

Show headers Download Go to

Full URL

https://apiu.sanook.com/graphql

Requested by

Host: www.sanook.com
URL: https://www.sanook.com/video/embed/clip/1537276/?playerType=video-js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

203.151.130.56 Mueang Samut Prakan, Thailand, ASN4618 (INET-TH-AS Internet Thailand Company Limited, TH),

Reverse DNS

56.130.151.203.sta.inet.co.th

Software

nginx / Express

Resource Hash

43ea9ef76731500d6c3463b196d10efe7821051bb44d24b7080919adbe6366f2

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains;

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.sanook.com/
accept-language: ka-GE,ka;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

Date: Wed, 28 Jun 2023 05:03:27 GMT
Strict-Transport-Security: max-age=15724800; includeSubDomains;
Content-Encoding: br
Server: nginx
U-API-Cache-Status: BYPASS
X-Powered-By: Express
ETag: W/"6b-5s5Ne7H531qDN8o0RLpcb5m/Yfo"
Transfer-Encoding: chunked
Vary: Accept-Encoding, Origin
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://www.sanook.com
Access-Control-Allow-Methods: GET, POST, OPTIONS, HEAD
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range,XPURGE,Authorization

GET
H/1.1 200
OK 772a1c3a379e9b30cfd6758a05284668 Show response
apiu.sanook.com/video-player/liveplay/ Frame 6010 455 B
1 KB 1941ms
419ms XHR
application/vnd.apple.mpegurl 203.151.130.56
INET-TH-AS Intern...

General

Check archive.org

Show headers Download Go to

Full URL

https://apiu.sanook.com/video-player/liveplay/772a1c3a379e9b30cfd6758a05284668

Requested by

Host: www.sanook.com
URL: https://www.sanook.com/video/embed/clip/1537276/?playerType=video-js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

203.151.130.56 Mueang Samut Prakan, Thailand, ASN4618 (INET-TH-AS Internet Thailand Company Limited, TH),

Reverse DNS

56.130.151.203.sta.inet.co.th

Software

nginx / Express

Resource Hash

d78d9c8e1b7a9ac6fd03b9fe14ca5b561f0365ccfe490cfb0e51e996aa4fdf6c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains;

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 28 Jun 2023 05:03:26 GMT
Strict-Transport-Security: max-age=15724800; includeSubDomains;
Server: nginx
U-API-Cache-Status: HIT
X-Powered-By: Express
X-Cache-Status: HIT
Vary: Origin, Accept-Encoding
Access-Control-Allow-Methods: GET, POST, OPTIONS, HEAD
Content-Type: application/vnd.apple.mpegurl
Access-Control-Allow-Origin: https://www.sanook.com
Access-Control-Allow-Credentials: true
Content-Disposition: attachment; filename=1537276.m3u8
Connection: keep-alive
Access-Control-Allow-Headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range,XPURGE,Authorization
Content-Length: 455

OPTIONS
H/1.1 204
No Content graphql
apiu.sanook.com/ Frame 0
0 1530ms
430ms Preflight 203.151.130.56
INET-TH-AS Intern...

General

Check archive.org

Show headers Download Go to

Full URL

https://apiu.sanook.com/graphql

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

203.151.130.56 Mueang Samut Prakan, Thailand, ASN4618 (INET-TH-AS Internet Thailand Company Limited, TH),

Reverse DNS

56.130.151.203.sta.inet.co.th

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains;

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.sanook.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range,XPURGE,Authorization
Access-Control-Allow-Methods: GET, POST, OPTIONS, HEAD
Access-Control-Allow-Origin: https://www.sanook.com
Access-Control-Max-Age: 300
Connection: keep-alive
Date: Wed, 28 Jun 2023 05:03:26 GMT
Server: nginx
Strict-Transport-Security: max-age=15724800; includeSubDomains;
U-API-Cache-Status: BYPASS
Vary: Origin

GET /
avd.innity.com/dc/ Frame 6010 0
0

GET
H3 200 bridge3.578.0_en.html Show response
imasdk.googleapis.com/js/core/ Frame B487 709 KB
226 KB 144ms
144ms Document
text/html 142.250.184.202
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.578.0_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.202 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f10.1e100.net

Software

sffe /

Resource Hash

4895c44118a86780663c6e877b78922dda0ddb83051b4b1d22ed786415868af1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.sanook.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: ka-GE,ka;q=0.9

Response headers

accept-ranges: bytes
age: 80480
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 231472
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy: cross-origin
date: Tue, 27 Jun 2023 06:42:05 GMT
expires: Wed, 26 Jun 2024 06:42:05 GMT
last-modified: Wed, 07 Jun 2023 16:35:26 GMT
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 client.js Show response
s0.2mdn.net/instream/video/ Frame 6010 44 KB
16 KB 3773ms
461ms Script
text/javascript 142.250.185.166
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/instream/video/client.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.166 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f6.1e100.net

Software

sffe /

Resource Hash

d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 05:03:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16746
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 28 Jun 2023 05:03:28 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame C341
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJfmF2DbR1hs1Zjno37yVV8&google_cver=1
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJfmF2DbR1hs1Zjno37yVV8&google_cver=1&C=1

43 B
632 B

138ms
131ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJfmF2DbR1hs1Zjno37yVV8&google_cver=1&C=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPW01AIQlfyX1QQY68D47gEwAQ&v=APEucNVNs_yQh6ymLjfQ6GcuRUvWtH-Re9CXcbN3A6iwCbwLmt3npA0qMAeQRWy5RgBE-tmJEXZN0-IDvmyD5o7DFAzNzDZjQA
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 28 Jun 2023 05:03:26 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=500
Content-Length: 43
Expires: 0

Redirect headers

Pragma: no-cache
Date: Wed, 28 Jun 2023 05:03:26 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: /rum?cm_dsp_id=45&external_user_id=CAESEJfmF2DbR1hs1Zjno37yVV8&google_cver=1&C=1
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=499
Content-Length: 0
Expires: 0

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame C341
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZJu-HshRkwND67zR.rCKogAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJfmF2DbR1hs1Zjno37yVV8&google_cver=1&google_hm=2

43 B
632 B

131ms
131ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJfmF2DbR1hs1Zjno37yVV8&google_cver=1&google_hm=2
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPW01AIQlfyX1QQY68D47gEwAQ&v=APEucNVNs_yQh6ymLjfQ6GcuRUvWtH-Re9CXcbN3A6iwCbwLmt3npA0qMAeQRWy5RgBE-tmJEXZN0-IDvmyD5o7DFAzNzDZjQA
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 28 Jun 2023 05:03:26 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=499
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Wed, 28 Jun 2023 05:03:26 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJfmF2DbR1hs1Zjno37yVV8&google_cver=1&google_hm=2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame C341
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEE4i8cBvM27fkXoDRKiTBMQ&google_cver=1

43 B
1 KB

394ms
129ms

Image
image/gif

37.252.171.149
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEE4i8cBvM27fkXoDRKiTBMQ&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPW01AIQlfyX1QQY68D47gEwAQ&v=APEucNVNs_yQh6ymLjfQ6GcuRUvWtH-Re9CXcbN3A6iwCbwLmt3npA0qMAeQRWy5RgBE-tmJEXZN0-IDvmyD5o7DFAzNzDZjQA

Protocol

HTTP/1.1

Server

37.252.171.149 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 28 Jun 2023 05:03:25 GMT
AN-X-Request-Uuid: f9b98773-7bb5-4d2d-8182-8f7dcf8a848f
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: image/gif
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 91.239.206.181; 91.239.206.181; 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 28 Jun 2023 05:03:25 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEE4i8cBvM27fkXoDRKiTBMQ&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame C341
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTc2NTIwMDg3MjI3ODkyMjc4NQ%3D%3D

170 B
243 B

140ms
140ms

Image
image/png

142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTc2NTIwMDg3MjI3ODkyMjc4NQ%3D%3D

Requested by

Protocol

Server

142.250.74.194 Staten Island, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 28 Jun 2023 05:03:25 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Wed, 28 Jun 2023 05:03:25 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 91.239.206.181; 91.239.206.181; 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: b63531c6-18a3-4304-a6de-079832a3a106
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTc2NTIwMDg3MjI3ODkyMjc4NQ%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 7130 0
0 447ms
172ms Fetch
image/gif 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvOf2GrbDQZIt0s7_T-NrNTq5z_gD0jHM6e4t7ueVb4zz5vbpeTn5IxCqomJOzUIwEwOg_uAnRmleMztgVVs5BAgGPmHyUhf6Kji-6wYgNCGFbhTPWinMdwUwcIDPA3nca8v78jO1Wg0-JV_8ew-6aa5ljNCJnhKCOhM2JlAB4x6yCNAGpssXM8NBxKm80rqK3lESKBQyxBDiPwyTsVbJvKpwwl8RwUtGrn71AVHqqXzcLf8WW5Qz0VsaLQmWWMgppbQiZTPbhWvND_64PLNw9fj1iuE42OYTSb0KepjHrtJhykbc9j7S0DHYJY6Wxl2Ryd4DHMxVdpQgjhgv-iPIUJGPWqTjIWyHqFOMM4RGqJ0_NOuqSdawsFpurTbQ&sai=AMfl-YSefqjL4MCyZ1hS-K1G6l0Om8SsK_UTkLd1q34dkF6jeCWRY1HtUCQGW1wGboMTYMZdFxkIEvTWvC-SeqNGVvh29-aGpttnkVQ5Hvq5V28SAnr5n5oYqPN69JcWHaWQe8YUbzpJQLugjunraK-t-A&sig=Cg0ArKJSzN_-AA7H6AmJEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 05:03:25 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Wed, 28 Jun 2023 05:03:25 GMT

GET
H/1.1 200
OK screenshot Show response
apiu.sanook.com/video-player/ Frame 6010 750 B
875 B 2236ms
415ms XHR
text/html 203.151.130.56
INET-TH-AS Intern...

General

Check archive.org

Show headers Download Go to

Full URL

https://apiu.sanook.com/video-player/screenshot?screenshot-url=https://s.isanook.com/vi/0/ud/2/23/ss/223/4471497.jpg&duration=30

Requested by

Host: www.sanook.com
URL: https://www.sanook.com/video/embed/clip/1537276/?playerType=video-js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

203.151.130.56 Mueang Samut Prakan, Thailand, ASN4618 (INET-TH-AS Internet Thailand Company Limited, TH),

Reverse DNS

56.130.151.203.sta.inet.co.th

Software

nginx / Express

Resource Hash

0b8957b41a0f8972ab50ec3c4ff92fff08f2f5dd19f3d4b8166aa6c723e6d82c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains;

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 28 Jun 2023 05:03:26 GMT
Strict-Transport-Security: max-age=15724800; includeSubDomains;
Content-Encoding: br
U-API-Cache-Status: HIT
X-Powered-By: Express
X-Cache-Status: HIT
Transfer-Encoding: chunked
Connection: keep-alive
Server: nginx
ETag: W/"2ee-7SujNuFx+DtjBYNQ+BpIcEWzyCA"
Vary: Accept-Encoding, Origin
Access-Control-Allow-Methods: GET, POST, OPTIONS, HEAD
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: https://www.sanook.com
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range,XPURGE,Authorization

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame 80D7
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEN2_CPu3xg6JeABO2fdypvY&google_cver=1

43 B
180 B

2349ms
137ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEN2_CPu3xg6JeABO2fdypvY&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPW01AIQlfyX1QQY7af47gEwAQ&v=APEucNXy5X2ozdkDyztgnCuhqGDmR6DumnCDMtL63BmQXAIISMwonVKWlnE-828_kEWnvTKrILl9BlRVmJTbtma5yDQ_mGJXEg
Protocol: H2
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 28 Jun 2023 05:03:27 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 28 Jun 2023 05:03:25 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEN2_CPu3xg6JeABO2fdypvY&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 295
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 80D7
Redirect Chain

https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=MDA0YTFiOWUtZWFmNi0yZDg5LWYwOTgtOGQ4NzcxNjNhNDM5

170 B
188 B

157ms
157ms

Image
image/png

142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=MDA0YTFiOWUtZWFmNi0yZDg5LWYwOTgtOGQ4NzcxNjNhNDM5

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPW01AIQlfyX1QQY7af47gEwAQ&v=APEucNXy5X2ozdkDyztgnCuhqGDmR6DumnCDMtL63BmQXAIISMwonVKWlnE-828_kEWnvTKrILl9BlRVmJTbtma5yDQ_mGJXEg

Protocol

Server

142.250.74.194 Staten Island, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 28 Jun 2023 05:03:28 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Wed, 28 Jun 2023 05:03:27 GMT
content-encoding: gzip
via: 1.1 google
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
content-type: image/gif
location: https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=MDA0YTFiOWUtZWFmNi0yZDg5LWYwOTgtOGQ4NzcxNjNhNDM5
p3p: CP="CUR ADM OUR NOR STA NID"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2

200

um
sync.teads.tv/ Frame 80D7
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm
https://sync.teads.tv/um?eid=3&uid=CAESEOXkEtgBGc6zIzI__68KnZk&google_cver=1

23 B
163 B

3484ms
238ms

Image
image/gif

104.75.89.75
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um?eid=3&uid=CAESEOXkEtgBGc6zIzI__68KnZk&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPW01AIQlfyX1QQY7af47gEwAQ&v=APEucNXy5X2ozdkDyztgnCuhqGDmR6DumnCDMtL63BmQXAIISMwonVKWlnE-828_kEWnvTKrILl9BlRVmJTbtma5yDQ_mGJXEg
Protocol: H2
Server: 104.75.89.75 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-75-89-75.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.10 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

expires: Wed, 28 Jun 2023 05:03:28 GMT
pragma: no-cache
date: Wed, 28 Jun 2023 05:03:28 GMT
cache-control: max-age=0, no-cache, no-store
server: akka-http/10.2.10
content-length: 23
content-type: image/gif

Redirect headers

pragma: no-cache
date: Wed, 28 Jun 2023 05:03:25 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://sync.teads.tv/um?eid=3&uid=CAESEOXkEtgBGc6zIzI__68KnZk&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 281
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 80D7
Redirect Chain

https://sync.teads.tv/um?eid=3&uid=&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_hm=ZTE1YzBlZTctNjU4MC00Mzk5LTlmN2YtZTM2NDBiZWYwMmU0

170 B
188 B

156ms
155ms

Image
image/png

142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_hm=ZTE1YzBlZTctNjU4MC00Mzk5LTlmN2YtZTM2NDBiZWYwMmU0

Requested by

Protocol

Server

142.250.74.194 Staten Island, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 28 Jun 2023 05:03:28 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 28 Jun 2023 05:03:28 GMT
server: akka-http/10.2.10
content-type: text/html; charset=UTF-8
location: https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_hm=ZTE1YzBlZTctNjU4MC00Mzk5LTlmN2YtZTM2NDBiZWYwMmU0
cache-control: max-age=0, no-cache, no-store
content-length: 189
expires: Wed, 28 Jun 2023 05:03:28 GMT

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame 221E
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEN2_CPu3xg6JeABO2fdypvY&google_cver=1

43 B
106 B

2612ms
138ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEN2_CPu3xg6JeABO2fdypvY&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPW01AIQlfyX1QQY68D47gEwAQ&v=APEucNVlXj0MRJiF1ejQHTeVYjp2AUTUf0aata1OVSegLEfrr-Se96SfJ1o2L43IrnduO3DV80_5BOUoSYqEsYb4HM0HHYS4nQ
Protocol: H2
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 28 Jun 2023 05:03:27 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 28 Jun 2023 05:03:25 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEN2_CPu3xg6JeABO2fdypvY&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 295
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 221E
Redirect Chain

https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=MDA0YTFiOWUtZWFmNi0yZDg5LWYwOTgtOGQ4NzcxNjNhNDM5

170 B
188 B

157ms
157ms

Image
image/png

142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=MDA0YTFiOWUtZWFmNi0yZDg5LWYwOTgtOGQ4NzcxNjNhNDM5

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPW01AIQlfyX1QQY68D47gEwAQ&v=APEucNVlXj0MRJiF1ejQHTeVYjp2AUTUf0aata1OVSegLEfrr-Se96SfJ1o2L43IrnduO3DV80_5BOUoSYqEsYb4HM0HHYS4nQ

Protocol

Server

142.250.74.194 Staten Island, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 28 Jun 2023 05:03:28 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Wed, 28 Jun 2023 05:03:27 GMT
content-encoding: gzip
via: 1.1 google
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
content-type: image/gif
location: https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=MDA0YTFiOWUtZWFmNi0yZDg5LWYwOTgtOGQ4NzcxNjNhNDM5
p3p: CP="CUR ADM OUR NOR STA NID"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2

200

um
sync.teads.tv/ Frame 221E
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm
https://sync.teads.tv/um?eid=3&uid=CAESEOXkEtgBGc6zIzI__68KnZk&google_cver=1

23 B
163 B

3491ms
246ms

Image
image/gif

104.75.89.75
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um?eid=3&uid=CAESEOXkEtgBGc6zIzI__68KnZk&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPW01AIQlfyX1QQY68D47gEwAQ&v=APEucNVlXj0MRJiF1ejQHTeVYjp2AUTUf0aata1OVSegLEfrr-Se96SfJ1o2L43IrnduO3DV80_5BOUoSYqEsYb4HM0HHYS4nQ
Protocol: H2
Server: 104.75.89.75 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-75-89-75.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.10 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

expires: Wed, 28 Jun 2023 05:03:28 GMT
pragma: no-cache
date: Wed, 28 Jun 2023 05:03:28 GMT
cache-control: max-age=0, no-cache, no-store
server: akka-http/10.2.10
content-length: 23
content-type: image/gif

Redirect headers

pragma: no-cache
date: Wed, 28 Jun 2023 05:03:25 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://sync.teads.tv/um?eid=3&uid=CAESEOXkEtgBGc6zIzI__68KnZk&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 281
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 221E
Redirect Chain

https://sync.teads.tv/um?eid=3&uid=&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_hm=ZTE1YzBlZTctNjU4MC00Mzk5LTlmN2YtZTM2NDBiZWYwMmU0

170 B
188 B

169ms
163ms

Image
image/png

142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_hm=ZTE1YzBlZTctNjU4MC00Mzk5LTlmN2YtZTM2NDBiZWYwMmU0

Requested by

Protocol

Server

142.250.74.194 Staten Island, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 28 Jun 2023 05:03:28 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 28 Jun 2023 05:03:28 GMT
server: akka-http/10.2.10
content-type: text/html; charset=UTF-8
location: https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_hm=ZTE1YzBlZTctNjU4MC00Mzk5LTlmN2YtZTM2NDBiZWYwMmU0
cache-control: max-age=0, no-cache, no-store
content-length: 189
expires: Wed, 28 Jun 2023 05:03:28 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame F8C5 0
0 375ms
172ms Fetch
image/gif 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstinUUA2qPpgTl7MJnl2JYdZdd02mwGFUU7SLlOkQUU18y6Ybst0VYkYdSERWzmQMiEsZaGaxIfufiwu-CorTEkoq9RtNv8l8jvDunZ0qL3_FT0Z7PPmiij5VGsLxcgvlWSGQ5siDlHfHxHdtBSRqVZFrnWI5sqJmL59IgMpdhqpfrt-R-YFhTXHcSuu7hlMFi92EP5EcxS7Jw3Yx7PJo5fTE7olBW8Qy1Ff2rSXSvFzc_lqQd9ZbqL-NhVARnBhJ1XMBRXA_xSpIYdsDf-wUTOThRsw_1BbzCT5dTJeSB5_ivi_xMmVOn5bWm5uUuG--8BQkD2VgrSS1t0I81uJk64wHHwy26V9Ye228CJPDEqnS1aOU4&sai=AMfl-YQcoJumZm3--jgsJzRJgrWP8Pe0yFMYaqu4kxBmQ3Ql9koouYHrZEg-3WS42zOprINNoBhfypuAz1fOf7BDkV3Yb00t3CmReBIFA3lb8B0tkeaeNBqMZtZq7rfIeJqY5UT2hEpivqct_3X5HvY8nck&sig=Cg0ArKJSzDqRdOlYEgEVEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 05:03:25 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Wed, 28 Jun 2023 05:03:25 GMT

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ Frame F8C5 107 B
165 B 143ms
140ms Script
application/javascript 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.sanook.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306220101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 05:03:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame F8C5 981 KB
98 KB 249ms
248ms XHR
text/plain 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1211229934582422&correlator=4467505033557102&eid=31072020%2C31068367&output=ldjh&gdfp_req=1&vrg=202306220101&ptt=17&impl=fif&us_privacy=1---&iu_parts=21927187246%2C55034_Sanook_1x1&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=1&adks=178697795&didk=607409652&sfv=1-0-40&sc=1&cookie=ID%3Df3ec93754cb0ebb8%3AT%3D1687928603%3ART%3D1687928603%3AS%3DALNI_MZQaDx_gU9Ge1UdkydbXkTUYiHTjQ&gpic=UID%3D00000c34a6f6ee85%3AT%3D1687928603%3ART%3D1687928603%3AS%3DALNI_MYOVWWmUs-bV0dtkpGRqhJTSMB8Ew&abxe=1&dt=1687928605097&lmt=1687928605&dlt=1687928604035&idt=988&adxs=-12245933&adys=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=ks9rcflbrxx2&oid=2&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&nhd=1&url=https%3A%2F%2Fwww.sanook.com%2Fwomen%2F220941%2F&ref=https%3A%2F%2Fwww.sanook.com%2Fwomen%2F220941%2F&top=https%3A%2F%2Fwww.sanook.com%2Fwomen%2F220941%2F&frm=23&vis=1&psz=0x0&msz=0x0&fws=256&ohw=0&ea=0&ga_vid=1184271674.1687928600&ga_sid=1687928605&ga_hid=57881353&ga_fc=true&a3p=EhoKDWNyd2RjbnRybC5uZXQSABj4koqDkDFIABIZCgpwdWJjaWQub3JnGOSMioOQMUgAUgIIahIdCg5lc3AuY3JpdGVvLmNvbRiViYqDkDFIAFICCGQSFAoFb3BlbngYlYmKg5AxSABSAghkEhkKCnVpZGFwaS5jb20YlomKg5AxSABSAghkEsIBCghydGJob3VzZRKsAVR3RUtLUE9uR3phSXRsaW0vc0thOWNlRHFsMTJjVGx1b3F2NGtKdzcrOFd1bmNRV0owR0ZYSk44RkFBRWs4SjVyWkNESWdWNldiTXo2VDF1L3I2NHJIMFgvZ0tOSTh4SGJEYi8zSHBpVDRBRmZheS8yLzVTN0FXVlhvbDRqcTJMbFQzeVRzdDRXZDgzMGFrZzVPdHdVUUIwcytoZy9xM1hZKzNDSGJpSDlFbz0Yz5KKg5AxSAASGwoMaWQ1LXN5bmMuY29tGJSQioOQMUgAUgIIag..

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306220101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

cafe /

Resource Hash

c5744a04814bc4e9e1769833ce70a9121110dff54a3d5dd49b02596b1a3719ed

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 05:03:25 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 99974
x-xss-protection: 0
google-lineitem-id: 5849485604
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138373690262
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.sanook.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame F8C5 15 KB
11 KB 719ms
186ms XHR
application/json 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202306220101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306220101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

70856a63a96ee2c09aa20e62da18169425647aadc2b96612cace247c7014a461

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 05:03:25 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11268
x-xss-protection: 0

GET
H2 200 container.html Show response
5594b4fd3b464788e361638398c3f62b.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 861E 6 KB
3 KB 181ms
164ms Document
text/html 142.250.186.161
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://5594b4fd3b464788e361638398c3f62b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306220101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.161 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f1.1e100.net

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.sanook.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: ka-GE,ka;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 28 Jun 2023 05:03:25 GMT
expires: Thu, 27 Jun 2024 05:03:25 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 pd Show response
google-bidout-d.openx.net/w/1.0/ Frame 9E44 520 B
757 B 7800ms
208ms Document
text/html 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Requested by: Host: oa.openxcdn.net
URL: https://oa.openxcdn.net/esp.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: f1c8ce41ae8b88605c4c5fb570282b57d3033d090e073ec9f5809cfcdee32f22

Request headers

Referer: https://www.sanook.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: ka-GE,ka;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: gzip
content-length: 331
content-type: text/html
date: Wed, 28 Jun 2023 05:03:32 GMT
p3p: CP="CUR ADM OUR NOR STA NID"
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
via: 1.1 google

POST
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 96A0 0
56 B 192ms
168ms Ping
image/gif 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=4802629453213&version=m202301230201

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://7b396d131b51a631f1f56b13a95d7996.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 28 Jun 2023 05:03:25 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 96A0 0
56 B 188ms
148ms Ping
image/gif 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=4802629453213&version=m202301230201&ct=77&x=1&cor=2053284010352760600

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://7b396d131b51a631f1f56b13a95d7996.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 28 Jun 2023 05:03:25 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 96A0 15 KB
11 KB 176ms
176ms Script
text/javascript 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DRxAFpXSkx5DUm5qxic4RLMArcgHqj1xYjcLt3sqhTh2SZjHJP8Q1DW2Pws1NQcK-SK7OqF-mrPpu5IM1jVN5jZBZ5zkW396NsYn6BxZWfnb7XKFnMvFSzq4NOlGTmRdlQsH0wEMMEr2pbiXlKUNMmlj0-9mijA_2oUQQQfS3V50sm3zg&cry=1&dbm_d=AKAmf-CaRzRYflIW7fs0SOEGGrrXlhXlv1GIOuPGZJLIMXheFM1Yk7zMpKBdj27oXZoVQTNhYbs0XpGjFNsOWH8Fe6g9oIKNY7hYHy1lkfLWm2lBdyzReHqCJZrDq4ABiM-eEH_Izrix6KMGTYb67tNAFswqfC0QdCR4Hjo-662hOPE1p73RLEUW-BzGWpO2WAJ2KGqrRqrD3xGShJzCd9b0971O6X9tRqfr0rrVfOIh_KuWLdD9O3yoXhfahVMmt6aF6DLeyP8hcEoKZshZHoa4JL36KqaqfBehQsvYkF4j9sjmAzIdfCuXzi1tYyi-rgmWgbo9Ig--nbM06Al7qMSwa28bAir4CyJRC1mfbZknrdW1jjtpX6Z_yKT2MhSWbfsmaFgWIoNDN0NibLxseuR0FFf9erKySjNVdaAOgsfFKVVAwQcLmNfI0YM5JWUMppEiyvXdrzR4J-V8DGJx1igVAIVNoqG6Z9SXelwSZtx5afs_mRkXcoKWUqGuszjVD_wNDMofI6O79I7x5C1-VWQyMB_RTFY_qmvpPBoo7rjTggMTsmD8BgLBDJ4BWdSaKR8rGxsTNea5CdxiRpIik_zreSMVOBYEAlCMMH8Z_NVPf772G6v0Hm6EzjOyB_KSGjM9d6Dy5GMIjg8fihyQMVNopqvvVdn0k7kj5NKGFqIyartTg_BKRZIOIK6AlWhT7rAbKPld2WSyrfSqQoovvjAA_k-Qwk48tGirnahre8TSfz9hV6n4h-umfwRB8ZRJe4vXtDfGgVmutJaJzN9RI1iVhI6cgYoYaYzEYNilTShy1ajNX6X2ZALqfh_kQCWm4Y9j5GzNEIJdS6pqpGFYbAK5RCZqhrBW0dAQTUJAgymAjL0VfPUmzyvnFnPo5Gm4wrtAneJ1iS9xduMV6V4Cn8WU8X4qMQjJDmGkiVBihZqlvlxvBaJprcJ1hYnYqZjauWuNIXbXHEqiA3D-Zgr8I2VCU4g7AVlQwaChd9ef6gnxAoFU8n7Zsbvo1Moq1y2fj-klNx7NHyaNpL3Jjk0peJYTmRw1Z6_UoyebAeBKJGMvPrcCEveY4bj2-yit_btJK9lxUz-Ffp-1VJ42uatioNMvhZyUn-OIL1cUDdVimvIJ0xk96XfptsAKPBDSfxpnHuVAyWbjckWs3XukZzWB65Jn0SUB_T2-GJ02D7Q8IVqKlkeNvkRPEBIrtWfCr663WMzVvt5BL21VxN3udDT8INYyqXX79NaUn6_SnVChxk7M_eaQ9mQpi2yrJWkRUtxoDUUT0TJGnNmbbIVl3v3smdvDP4SQmE5Xn5KzTlpb5nRigW9-ASum31Nw-UC9JlfGTQEAaGyO2L4fsslumYqRrGV65jDI6yp1hzfEPq-eVLmn0ifCwe55mJC3FBBn1gnSSUqlHFqBx9StDj-M0c401QNeaQA5RiwkZa4oifeYxwxW56PlatlBBZxrgWquaNHG2L4iM91Htded4u4NEk7Ghl10W8WXiFhin9HsgfOSBvSiJV5YpegLP1v500--r8LWcxN2DnPjldZeBQOO7QwsJXj2-N7FjenYvjJVponsds8rZ4EwspNG5GMOBsbGPgW8IzsFk02q-xKMkY6ZkpGZVXQKrCGv9yTx_06JmldWDB6ZWSHnSzJE4LqWcUl5IGlrlsos8p8AADzCMy9JS3ia3EE-a_ZAjJxWfquqHSLOtrY39IVkABHGG-J05IuZgk1TSOBMAGV9cFoNLofX4uzOcB1KVvNBqRc1Sr18z3Hs2H_vbEw9N5er7DZYfZuDfuvXWVLG-YkDv4IPbsaNOQWYYSQZDV_xg0gSC8_nxGgV8V_k_NIQQg1K1GkO-299GRQ_I6T0JdeumRBFVOBGH0uHcQDE0dL0ZyRT8g652wcPyuTDzxNYd_RMkOm7J_hrJ74g_zXNDZA99wuVqRFjsajhfVXxIw_OkDOR0k6nZKhDnv3DkJ9UVNx1cSxR8iX9SlozjJ5Bxi3S8v2SGGmh9wZuBJZGOxlU82qYHqoSgqca29CPp3cmXqgPg-EqR_F0GSO1ht-R9wBwBITXKZeUotEd2cyWoeVe-XKChHog3qB6xlC_DS5mRZgoWE7j8FqxDUBIGjqqRMEKW6zTn-JVWkC444g-zLvpsc0PpnIq6g6CdpEHKK15wmptmjFSm-xfBhXSoGT176keBwfBfAJGRc2-Xm-RxhSoOJ-tLd1wfKqFuD46K0nnjc2ZPmsSFe_AcI08H8q6vUG_Xnurn5CfBx9qKoqunFCRwBXdC86ZpP2C7o6cN0iQU1taNHGq-WoO79TKiyjNUk7s5qypvdkFyeylI2LKR8QIdC0xwjOyWs_hVbwpmLZT_bKIHiJNiT0fVNCZYArMG_cFXdIf-Vw3A4y2oHOoX1FLWEas0iLfOfz2IYsW8CG8JbebnJvTONP4Sz_7mBtGx6qNhlUKyVwAlXs3IJtxCTNcdiu-C-KxJ5TR9H3tJU6PXbin22i0jhzH3RAxfqXBqV3hgVwwY1CPO6w7GTRxLiOdzEGlAVVD78bTX5iVI0xKEWqMYkVnBsvKximVMqA9VLv2VZAZuMIUoM8CsGNqiLoG0Wg2TIAT_3xZsDlVtdsZZxcHvDQMtH45DeYD7sZmvHvIy686NGRI9AtjSrQTb4G2svl0rbN4txLPhpJtZz1vEjzbFprxvP86KSQbb55msmHcVM5RXHBgctM0EUTZnX0efFcjMWkmwMnZOUU5H0jx0DCu3yzsm1gwQLyfWwvJ89MBBDfRPdcWpX98D6TrQcz7bd6uPnuRmZXjgRvitmLMLCOg7DiKD6Lf7HK1C7YSpa-hCKULQWlx1yFxk1vunA0lXX1dcPRriqMJliKVB9ylt6hNGHtHj7OLFC8PSqU65KTfyyYAWUgf9B_3nG87BeEN-zcTFXq1vrF9041F47OZ5lR0zTiEdQTzJxD-TsY-PzkPMp2YC9MqjiOZTb_jsr4Ov9pwnWI0RiAf2ueaSagcrqMPKpxVQfXuN935GbpFO7kcdrNHeOOH4JlHWConrJ3XsEiLQZloZMNyqkn8r42n59BYC_6i9TUh86Xf1Dgmp_OEFWeKIGdm-QZa-2YBhnM6DyjDaaGplVdJR0mwrd4Mm01xJOd-b-A1wAZ8Lcm96URqnsBpYuDdtK56-SHPFsPBFPpimOmBpcZ0pu3MvU5zb75xGRv9DxJCqFJdHahOUduf1HL4EKKvpYLv2hGV_a3Yg-IZ1qRau54gG2PiJ6ZpYlZGgW1LzIq7q40KWrqq-w_3RjZM9ghM_EQF1BZ8Z2p8N6BNJxrCNDbkRSSAIPuqDZCF8_4mtK63I7AGqO0sKfutnS00Gnpx-Z3ZWbTKm-aaELjr4yZfdVuIGXdKz9PYUVYxFfaGr1ynxJw0MEMzyO9YjpIbEKd48SlMyG_sh5uW6edGUHE-QfiuqUkDfwu5PTnV5riuPl_FX9IAOGYUDMX5FmStwzGwcPMzK7Xad6AbF8MTLy9Dip_avS8BCnHHgOxQsCU6GMpfuY13EhYzRkoYjxhCMXrzrDZlLTw8pl8rE5pL2HS7c5ZHvnhMfQzqXMfUjnVzeVrlMMKFMTbTfNT6l1SSCMGOxFMmrt8wAkXoSiU1JNZr614OMv54QLoPUqeOxL1BjpyWhzVKRNm3ee5KxUpHab2YUHNJ2Jd6d1Tan8oA8hOM0dnxznO8lDDIxp9HGlC94G_luMnkeFqYJVDaiBU2dZKsKuxsS9aB6HqQYiW_Uq6ZPTZ82raqn9w6r2IacHD80_ie7nILr0ZVnpc9XwoDB28S86mlFDyQoEPqGR0exhCir1DggpiCH5nmtJHlOjyHF2hLI7m_LleA_vjvb-KNprzZk27e7dG_Rp2xB5iy91VUc0AcHKpUTjBDLYqljSyVTrg_Kh2-VWbEAu0ZlyywWfGUr1HoEv52SFMgazV75vpVV2GbgLGspP09vn9k9REgsmOXIrYnpsQ4ncJX5AoX0FzwxgYzdLmxe6ADWGD_rqQBD44lImGlbC2nYFbxvVx3PcG4HaoMjFD3-MSrXuPtPC-mRqKQhubImOYbcs04XPZAHBV2IEAI2FjYClaEKyQ8FpakAnTbjff2bmJWjQY2ormMlqLb1KfIH3NSKgNTTDJauvUlLx3XFW8Xb191d8TPVHhDHhLrs7HJLxRil605s1i_sWViToKA1JYH0ADexyg-ey_SLMwuhxU_qoK-qSpLyCrnMluN9NODU6qbxHMIeQbcPOKJAOxLbNbbOpOpUFpDLfoyIyyA65J9M7mfkfJRzdr0nADDG2MhgjIajHmT&cid=CAQSTgBygQiDJ56_gquPsRlz7hP49SYMRK-4GuAmnhKnSiQ5iPlpnjjdAW6vadoblW5fKIGp44qjRnI02NIMt_Xt8um7IxhmoZS3snEIn0TsRhgB&dv3_ver=m202301230201&rfl=https%3A%2F%2Fwww.sanook.com%2F&ds=l&xdt=1&iif=1&cor=2053284010352760600&adk=4020099329&idt=560&cac=0&dtd=190

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s06-in-f130.1e100.net

Software

cafe /

Resource Hash

942b68d6949df5bcfc841a758a03e7b2dd3a4680a079411282fc149496bd1bd0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://7b396d131b51a631f1f56b13a95d7996.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 28 Jun 2023 05:03:25 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11486
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame C0E5 0
0 177ms
177ms Fetch
image/gif 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu9W2NjUPUK4bEo9bVZ9qJ95AwC7_Fl9CPwUwOdQzpQCwgGMKHoPlDD5FSNeaE7TU4AsJR9aiTSR16X5VqN9UoCr5bSoJGrQARwDZQV-5ugWSyC3D1TeVJC_hRGOLOGXc3P01G_sZXhZGvjEq24XW8aeOKD3_IfCmw-0HBdJyLKS34ERMWGeLZBJJyi68bJBFGRhY-W7xrHwugEz_EZYrtcO-RFT53eyokcDy5dMty7_nsuIEO6Af3CyXmeHxADG7O3_WIBLFgJQFgot88re7Y8NuzRV-wGgz9cLz6a0cBJtGr_6nj6AC3-CyICORdl2f1SM-_6dqLIXT3NDw&sai=AMfl-YQ2kk5GSRmupufhaGaVVWBnAUow4Kvl1bf51ZZ7-psYIFJA_ykF0sT9mNytS92kw39VDl8SaZ29EZOEiAdXd6nzAHdd5cvJnA4goR67VaCnku-q1BKqgw4Isl9Jgyo&sig=Cg0ArKJSzJoVCjcxrssNEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: www.sanook.com
URL: https://www.sanook.com/women/220941/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 05:03:25 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/3.3.1/ Frame C0E5 85 KB
30 KB 403ms
131ms Script
text/javascript 142.250.185.234
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306220101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.234 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f10.1e100.net

Software

sffe /

Resource Hash

160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Jun 2023 07:58:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 75918
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30399
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 26 Jun 2024 07:58:07 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame C0E5 179 KB
56 KB 140ms
139ms Script
text/javascript 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306220101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

sffe /

Resource Hash

cdd152da46fe3cee3e804d967f5dead6756bfb9698b157766bbbdc0ab5ce9b0c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 05:03:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57261
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1687779365227900"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 28 Jun 2023 05:03:25 GMT

GET
H3 200 px.gif
fundingchoicesmessages.google.com/img/ 43 B
68 B 155ms
153ms Image
image/gif 142.250.181.238
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fundingchoicesmessages.google.com/img/px.gif?ch=1&rn=8.485818066058936

Requested by

Host: www.sanook.com
URL: https://www.sanook.com/women/220941/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.238 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f14.1e100.net

Software

ESF /

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport, script-src 'report-sample' 'nonce-OH1b9NtoR7B_v2KJ2jqj2Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 05:03:25 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport, script-src 'report-sample' 'nonce-OH1b9NtoR7B_v2KJ2jqj2Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport/allowlist
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: image/gif
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 px.gif
fundingchoicesmessages.google.com/img/ 43 B
68 B 156ms
154ms Image
image/gif 142.250.181.238
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fundingchoicesmessages.google.com/img/px.gif?ch=2&rn=3.6520456091302353

Requested by

Host: www.sanook.com
URL: https://www.sanook.com/women/220941/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.238 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f14.1e100.net

Software

ESF /

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport, script-src 'report-sample' 'nonce-tQUO1g9gmFYs6u3MssrRDg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 05:03:25 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport, script-src 'report-sample' 'nonce-tQUO1g9gmFYs6u3MssrRDg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport/allowlist
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: image/gif
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2

200

rtb-h
sync.taboola.com/sg/supershiprtb-display-network/1/ Frame E1B5
Redirect Chain

https://tg.socdm.com/aux/idsync?proto=taboola
https://sync.taboola.com/sg/supershiprtb-display-network/1/rtb-h?taboola_hm=ZJu-HsCo8YQAAMZjauQAAAAA

0
230 B

177ms
176ms

Image
text/plain

141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.taboola.com/sg/supershiprtb-display-network/1/rtb-h?taboola_hm=ZJu-HsCo8YQAAMZjauQAAAAA
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/women/220941/
Protocol: H2
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: ka-GE,ka;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 05:03:28 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 82105

Redirect headers

X-SO-Cluster-ID: 0
Date: Wed, 28 Jun 2023 05:03:26 GMT
X-SO-LB-Data: {"ban":false,"clean_query":"\/aux\/idsync?proto=taboola","cluster_id":0,"gdpr":false,"ipv4":"91.239.206.181","key":"ZJu-HsCo8YQAAMZjauQAAAAA","privacy_sensitive":false,"uid":"","upstream_id":"m-ad374"}
X-SO-Key: ZJu-HsCo8YQAAMZjauQAAAAA
Server: nginx
X-SO-Upstream-ID: m-ad374
P3P: CP="See also http://www.scaleout.jp/privacy/"
Location: https://sync.taboola.com/sg/supershiprtb-display-network/1/rtb-h?taboola_hm=ZJu-HsCo8YQAAMZjauQAAAAA
Cache-Control: private
X-SO-HostName: m-ad374.dc4p.scaleout.jp
Connection: keep-alive
X-SO-Ads-Time: 3
Content-Length: 0
X-SO-LB-Hostname: m-tgng32.dc4p.scaleout.jp
X-SO-IP: 91.239.206.181

GET su
ih.adscale.de/ Frame E1B5 0
0

GET
H2 200 sync
ssbsync.smartadserver.com/api/ Frame E1B5 0
0 1497ms
140ms Image
text/html 185.86.139.94
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssbsync.smartadserver.com/api/sync?callerId=4
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/women/220941/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.139.94 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: ka-GE,ka;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2

200

/
sync.taboola.com/sg/rubiconvideo-network/1/rtb-h/ Frame E1B5
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=16698
https://sync.taboola.com/sg/rubiconvideo-network/1/rtb-h/?taboola_hm=LJF93ZXG-28-F2IS

0
230 B

154ms
153ms

Image
text/plain

141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.taboola.com/sg/rubiconvideo-network/1/rtb-h/?taboola_hm=LJF93ZXG-28-F2IS
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/women/220941/
Protocol: H2
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: ka-GE,ka;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 05:03:26 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 82113

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://sync.taboola.com/sg/rubiconvideo-network/1/rtb-h/?taboola_hm=LJF93ZXG-28-F2IS
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 4cdacfaa68e4ab216fffbcc107c5b898
Expires: 0

GET
H2

200

/
sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/ Frame E1B5
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/taboola/3c291396-702d-4cf3-a32f-583610550673-tuctb95449a?gdpr=0&gdpr_consent=&us_privacy=
https://sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/?taboola_hm=y-R6TEUxJE2oTkXuPfhssW4UChCASbL_HyiEpDVw--~A

0
230 B

151ms
150ms

Image
text/plain

141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/?taboola_hm=y-R6TEUxJE2oTkXuPfhssW4UChCASbL_HyiEpDVw--~A
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/women/220941/
Protocol: H2
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: ka-GE,ka;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 05:03:26 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 82118

Redirect headers

date: Wed, 28 Jun 2023 05:03:25 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/?taboola_hm=y-R6TEUxJE2oTkXuPfhssW4UChCASbL_HyiEpDVw--~A
content-length: 0

GET
H2

200

/
sync.taboola.com/sg/baidurtb-network/1/rtb-h/ Frame E1B5
Redirect Chain

https://trace.mediago.io/ju/cs/taboola
https://sync.taboola.com/sg/baidurtb-network/1/rtb-h/?taboola_hm=de70c12a0de8c81bf5bd620daa879a2b

0
231 B

151ms
150ms

Image
text/plain

141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.taboola.com/sg/baidurtb-network/1/rtb-h/?taboola_hm=de70c12a0de8c81bf5bd620daa879a2b
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/women/220941/
Protocol: H2
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: ka-GE,ka;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 05:03:33 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 82120

Redirect headers

location: https://sync.taboola.com/sg/baidurtb-network/1/rtb-h/?taboola_hm=de70c12a0de8c81bf5bd620daa879a2b
date: Wed, 28 Jun 2023 05:03:33 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8
content-type: text/plain; charset=utf-8

GET
H2

200

/
trc.taboola.com/sg/google-network/1/rtb-h/ Frame E1B5
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_cm&google_sc
https://trc.taboola.com/sg/google-network/1/rtb-h/?taboola_hm=CAESEGuw0xANak14z7Ctifu_Ouk&google_cver=1

0
283 B

217ms
216ms

Image
text/plain

151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc.taboola.com/sg/google-network/1/rtb-h/?taboola_hm=CAESEGuw0xANak14z7Ctifu_Ouk&google_cver=1
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/women/220941/
Protocol: H2
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: ka-GE,ka;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 80
date: Wed, 28 Jun 2023 05:03:26 GMT
via: 1.1 varnish
x-served-by: cache-mxp6942-MXP
server: nginx
x-timer: S1687928606.104178,VS0,VE80
x-fastly-to-nlb-rtt: 75876
x-cache: MISS
accept-ranges: bytes
content-length: 0
x-service-version: v2
x-cache-hits: 0

Redirect headers

pragma: no-cache
date: Wed, 28 Jun 2023 05:03:25 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://trc.taboola.com/sg/google-network/1/rtb-h/?taboola_hm=CAESEGuw0xANak14z7Ctifu_Ouk&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 304
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 Pug
simage2.pubmatic.com/AdServer/ Frame E1B5 42 B
95 B 152ms
146ms Image
image/gif 185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw&piggybackCookie=3c291396-702d-4cf3-a32f-583610550673-tuctb95449a:$UID
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/women/220941/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: ka-GE,ka;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type: image/gif; charset=utf-8
date: Wed, 28 Jun 2023 05:03:25 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame E1B5
Redirect Chain

https://sync.taboola.com/sg/google-network/1/rtb/?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dtaboola_dbm%26google_sc%26gdpr%3D0%26gdpr_consent%3D&orig=trc
https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_sc&gdpr=0&gdpr_consent=&google_hm=3c291396-702d-4cf3-a32f-583610550673-tuctb95449a

170 B
188 B

146ms
146ms

Image
image/png

142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_sc&gdpr=0&gdpr_consent=&google_hm=3c291396-702d-4cf3-a32f-583610550673-tuctb95449a

Requested by

Host: www.sanook.com
URL: https://www.sanook.com/women/220941/

Protocol

Server

142.250.74.194 Staten Island, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 28 Jun 2023 05:03:26 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_sc&gdpr=0&gdpr_consent=&google_hm=3c291396-702d-4cf3-a32f-583610550673-tuctb95449a
date: Wed, 28 Jun 2023 05:03:25 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 82120

GET
H2

200

/
trc.taboola.com/sg/thetradedesk-network/1/rtb-h/ Frame E1B5
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=054f32o&ttd_tpi=1
https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=afa44a28-be32-4884-b7e2-2e84609cee3b

0
68 B

226ms
225ms

Image
text/plain

151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=afa44a28-be32-4884-b7e2-2e84609cee3b
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/women/220941/
Protocol: H2
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: ka-GE,ka;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 79
date: Wed, 28 Jun 2023 05:03:26 GMT
via: 1.1 varnish
x-served-by: cache-mxp6942-MXP
server: nginx
x-timer: S1687928606.117253,VS0,VE79
x-fastly-to-nlb-rtt: 77392
x-cache: MISS
accept-ranges: bytes
content-length: 0
x-service-version: v2
x-cache-hits: 0

Redirect headers

pragma: no-cache
date: Wed, 28 Jun 2023 05:03:25 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=afa44a28-be32-4884-b7e2-2e84609cee3b
content-type: text/html
cache-control: private,no-cache, must-revalidate
content-length: 239

GET merge
ce.lijit.com/ Frame E1B5 0
0

GET
H2 200 rtset
bh.contextweb.com/bh/ Frame E1B5 49 B
863 B 463ms
139ms Image
image/gif 208.93.169.131
WEBMD-IDC1-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bh.contextweb.com/bh/rtset?do=add&pid=553204&ev=3c291396-702d-4cf3-a32f-583610550673-tuctb95449a

Requested by

Host: www.sanook.com
URL: https://www.sanook.com/women/220941/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

208.93.169.131 , United States, ASN46244 (WEBMD-IDC1-AS, US),

Reverse DNS

Software

Jetty(10.0.14) /

Resource Hash

d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: ka-GE,ka;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=15768000
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
server: Jetty(10.0.14)
content-language: ka-GE
content-type: image/gif
p3p: policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control: private, max-age=0, no-cache, no-store
cw-server: bh-deployment-6d945594b4-dvgsm
expires: -1

GET /
rtb-csync.smartadserver.com/redir/ Frame E1B5 0
0

GET
H2

200

/
sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/ Frame E1B5
Redirect Chain

https://dis.criteo.com/dis/usersync.aspx?r=29&p=282&cp=taboolaortb&cu=1&url=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fcriteortb-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%40%40CRITEO_USERID%40%40
https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=68e2a8ac-8599-4772-855c-0e91b71cefbb

0
230 B

191ms
150ms

Image
text/plain

141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=68e2a8ac-8599-4772-855c-0e91b71cefbb
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/women/220941/
Protocol: H2
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: ka-GE,ka;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 05:03:26 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 82118

Redirect headers

pragma: no-cache
date: Wed, 28 Jun 2023 05:03:25 GMT
x-errorlevel: 0
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location: https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=68e2a8ac-8599-4772-855c-0e91b71cefbb
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 535974
content-length: 0
expires: Wed, 28 Jun 2023 00:00:00 GMT

GET
H/1.1

404

264.gif
id5-sync.com/k/ Frame E1B5
Redirect Chain

https://id5-sync.com/s/464/9.gif?puid=3c291396-702d-4cf3-a32f-583610550673-tuctb95449a&gdpr=0&gdpr_consent=&callback=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fid5-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D...
https://id5-sync.com/c/464/464/7/1.gif?puid=3c291396-702d-4cf3-a32f-583610550673-tuctb95449a&gdpr=0&gdpr_consent=&us_privacy=
https://match.adsrvr.org/track/cmf/generic?ttd_pid=8h9u11h&ttd_tpi=1&gdpr=0&gdpr_consent=
https://id5-sync.com/k/264.gif?puid=afa44a28-be32-4884-b7e2-2e84609cee3b&ttl=%%TTL%%

43 B
43 B

134ms
132ms

Image
text/html

141.95.98.65
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://id5-sync.com/k/264.gif?puid=afa44a28-be32-4884-b7e2-2e84609cee3b&ttl=%%TTL%%

Requested by

Host: www.sanook.com
URL: https://www.sanook.com/women/220941/

Protocol

HTTP/1.1

Server

141.95.98.65 , France, ASN16276 (OVH, FR),

Reverse DNS

ns3216659.ip-141-95-98.eu

Software

Resource Hash

5f789ccae156b160492d89a6146b1974d15128790b74abb995d8e89fa44cde5e

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: ka-GE,ka;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 05:03:29 GMT
content-encoding: gzip
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: origin,access-control-request-method,access-control-request-headers,accept-encoding
transfer-encoding: chunked
content-type: text/html;charset=utf-8

Redirect headers

pragma: no-cache
date: Wed, 28 Jun 2023 05:03:29 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://id5-sync.com/k/264.gif?puid=afa44a28-be32-4884-b7e2-2e84609cee3b&ttl=%%TTL%%
content-type: text/html
cache-control: private,no-cache, must-revalidate
content-length: 199

GET
H2

200

rtb-h
sync-t1.taboola.com/sg/bidswitch-network/1/ Frame E1B5
Redirect Chain

https://x.bidswitch.net/sync?ssp=taboola&gdpr=0&gdpr_consent=&us_privacy=
https://rtb.mfadsrvr.com/sync?ssp=bidswitch&bidswitch_ssp_id=taboola&bsw_user_id=da905178-8959-4a60-8e7c-b68c63e97565&gdpr=0&gdpr_consent=&us_privacy=
https://rtb.mfadsrvr.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=taboola&bsw_user_id=da905178-8959-4a60-8e7c-b68c63e97565&gdpr=0&gdpr_consent=&us_privacy=
https://x.bidswitch.net/sync?dsp_id=250&expires=14&user_id=4b9190a7-07b6-4cfc-a942-c8cb27729ca1&ssp=taboola&gdpr=0
https://sync-t1.taboola.com/sg/bidswitch-network/1/rtb-h?taboola_hm=da905178-8959-4a60-8e7c-b68c63e97565&gdpr=0&gdpr_consent=&gdpr_pd=&us_privacy=

0
230 B

157ms
157ms

Image
text/plain

141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync-t1.taboola.com/sg/bidswitch-network/1/rtb-h?taboola_hm=da905178-8959-4a60-8e7c-b68c63e97565&gdpr=0&gdpr_consent=&gdpr_pd=&us_privacy=
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/women/220941/
Protocol: H2
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: ka-GE,ka;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 05:03:28 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 82111

Redirect headers

location: //sync-t1.taboola.com/sg/bidswitch-network/1/rtb-h?taboola_hm=da905178-8959-4a60-8e7c-b68c63e97565&gdpr=0&gdpr_consent=&gdpr_pd=&us_privacy=
date: Wed, 28 Jun 2023 05:03:28 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H2

200

rtb-h
match.taboola.com/sg/mediaforcebidder-network/1/ Frame E1B5
Redirect Chain

https://rtb.mfadsrvr.com/sync?ssp=taboola
https://rtb.mfadsrvr.com/ul_cb/sync?ssp=taboola
https://sync.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=54fe82f7-829a-48e9-86d9-b0203c7762b3
https://match.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=54fe82f7-829a-48e9-86d9-b0203c7762b3&tbid=3c291396-702d-4cf3-a32f-583610550673-tuctb95449a&query=taboola_hm%3D54fe82f7-829a-...

0
68 B

166ms
159ms

Image
text/plain

151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=54fe82f7-829a-48e9-86d9-b0203c7762b3&tbid=3c291396-702d-4cf3-a32f-583610550673-tuctb95449a&query=taboola_hm%3D54fe82f7-829a-48e9-86d9-b0203c7762b3&isDirect=0
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/women/220941/
Protocol: H2
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: ka-GE,ka;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-cache-hits: 0
date: Wed, 28 Jun 2023 05:03:28 GMT
via: 1.1 varnish
server: nginx
x-timer: S1687928609.954007,VS0,VE26
x-cache: MISS
accept-ranges: bytes
content-length: 0
x-served-by: cache-mxp6942-MXP

Redirect headers

location: https://match.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=54fe82f7-829a-48e9-86d9-b0203c7762b3&tbid=3c291396-702d-4cf3-a32f-583610550673-tuctb95449a&query=taboola_hm%3D54fe82f7-829a-48e9-86d9-b0203c7762b3&isDirect=0
date: Wed, 28 Jun 2023 05:03:28 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 82105

GET
H2 200 sd
u.openx.net/w/1.0/ Frame E1B5 43 B
273 B 1668ms
148ms Image
image/gif 34.98.64.218
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://u.openx.net/w/1.0/sd?id=543998486&val=3c291396-702d-4cf3-a32f-583610550673-tuctb95449a&gdpr=0&gdpr_consent=
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/women/220941/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: ka-GE,ka;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 28 Jun 2023 05:03:27 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2

200

xuid
eb2.3lift.com/ Frame E1B5
Redirect Chain

https://eb2.3lift.com/xuid?mid=7772&xuid=3c291396-702d-4cf3-a32f-583610550673-tuctb95449a&dongle=tbla&gdpr=0&gdpr_consent=&us_privacy=
https://eb2.3lift.com/xuid?ld=1&mid=7772&xuid=3c291396-702d-4cf3-a32f-583610550673-tuctb95449a&dongle=tbla&gdpr=0&cmp_cs=&us_privacy=

37 B
354 B

175ms
174ms

Image
image/gif

13.248.245.213
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?ld=1&mid=7772&xuid=3c291396-702d-4cf3-a32f-583610550673-tuctb95449a&dongle=tbla&gdpr=0&cmp_cs=&us_privacy=
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/women/220941/
Protocol: H2
Server: 13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: ka-GE,ka;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type: image/gif
date: Wed, 28 Jun 2023 05:03:28 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location: /xuid?ld=1&mid=7772&xuid=3c291396-702d-4cf3-a32f-583610550673-tuctb95449a&dongle=tbla&gdpr=0&cmp_cs=&us_privacy=
date: Wed, 28 Jun 2023 05:03:27 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H2

204

rtb-h
sync.taboola.com/sg/stackadaptrtb-network/1/ Frame E1B5
Redirect Chain

https://sync.srv.stackadapt.com/sync?nid=140
https://sync.taboola.com/sg/stackadaptrtb-network/1/rtb-h?taboola_hm=Lty_i4_-UTl6oP4k4aSluFvvzrU

0
221 B

154ms
153ms

Image
text/plain

141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.taboola.com/sg/stackadaptrtb-network/1/rtb-h?taboola_hm=Lty_i4_-UTl6oP4k4aSluFvvzrU
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/women/220941/
Protocol: H2
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: ka-GE,ka;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 05:03:29 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 82109

Redirect headers

Location: https://sync.taboola.com/sg/stackadaptrtb-network/1/rtb-h?taboola_hm=Lty_i4_-UTl6oP4k4aSluFvvzrU
Date: Wed, 28 Jun 2023 05:03:29 GMT
Connection: keep-alive
Content-Length: 119
Content-Type: text/html; charset=utf-8

GET
H2 200 sync
t.adx.opera.com/ Frame E1B5 35 B
466 B 3569ms
223ms Image
image/gif 82.145.213.8
NO-OPERA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t.adx.opera.com/sync?vendor=60151&uid=3c291396-702d-4cf3-a32f-583610550673-tuctb95449a
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/women/220941/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 82.145.213.8 , Norway, ASN39832 (NO-OPERA, NO),
Reverse DNS: n-sysadmin-jumpbox-03.feednews.opera.technology
Software: nginx /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language: ka-GE,ka;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 28 Jun 2023 05:03:31 GMT
server: nginx
access-control-allow-methods: POST, GET
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, accept, origin, Cache-Control, X-Requested-With
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2

200

/
sync-t1.taboola.com/sg/openxrtb-network/1/rtb-h/ Frame E1B5
Redirect Chain

https://u.openx.net/w/1.0/cm?gdpr=0&gdpr_consent=&ph=295bf259-a378-4089-aae8-a2a995ba8627&id=37f45540-fa88-4005-bf73-8a7ac39467e3&r=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fopenxrtb-network%2F1%2Fr...
https://sync-t1.taboola.com/sg/openxrtb-network/1/rtb-h/?gdpr=0&us_privacy=1---&orig=video&taboola_hm=ab1f2b77-c980-427a-97d6-d6b81afcceed

0
230 B

155ms
154ms

Image
text/plain

141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync-t1.taboola.com/sg/openxrtb-network/1/rtb-h/?gdpr=0&us_privacy=1---&orig=video&taboola_hm=ab1f2b77-c980-427a-97d6-d6b81afcceed
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/women/220941/
Protocol: H2
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: ka-GE,ka;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 05:03:28 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 82105

Redirect headers

date: Wed, 28 Jun 2023 05:03:27 GMT
content-encoding: gzip
via: 1.1 google
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
content-type: image/gif
location: https://sync-t1.taboola.com/sg/openxrtb-network/1/rtb-h/?gdpr=0&us_privacy=1---&orig=video&taboola_hm=ab1f2b77-c980-427a-97d6-d6b81afcceed
p3p: CP="CUR ADM OUR NOR STA NID"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2

200

/
sync.taboola.com/sg/centrortb-network/1/rtb-h/ Frame E1B5
Redirect Chain

https://pixel-sync.sitescout.com/dmp/pixelSync?nid=121&0&&us_privacy=&redir=
https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=121&0&&us_privacy=&redir=
https://sync.taboola.com/sg/centrortb-network/1/rtb-h/?taboola_hm=eaf7987f-1ab0-414f-a31f-66e7537a6763-649bbf24-4745

0
230 B

150ms
150ms

Image
text/plain

141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.taboola.com/sg/centrortb-network/1/rtb-h/?taboola_hm=eaf7987f-1ab0-414f-a31f-66e7537a6763-649bbf24-4745
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/women/220941/
Protocol: H2
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: ka-GE,ka;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 05:03:32 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 82116

Redirect headers

pragma: no-cache
date: Wed, 28 Jun 2023 05:03:31 GMT
server: A
p3p: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location: https://sync.taboola.com/sg/centrortb-network/1/rtb-h/?taboola_hm=eaf7987f-1ab0-414f-a31f-66e7537a6763-649bbf24-4745
cache-control: max-age=0,no-cache,no-store
content-length: 0
expires: Tue, 11 Oct 1977 12:34:56 GMT

GET
H2 200 cds-pips.js Show response
cdn.taboola.com/scripts/ 3 KB
2 KB 144ms
137ms Script
application/javascript 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/scripts/cds-pips.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230627-7-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 3e7d49f24d56db02c7baca8ae3a17555c2e527571450e8c24c77b453407e267a

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: z5FoayaLm_Bvew3pbkytkoHczFCvkPwT
content-encoding: gzip
via: 1.1 varnish
date: Wed, 28 Jun 2023 05:03:25 GMT
x-amz-request-id: H94FJWAASNXACN8Y
age: 818
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 1340
x-amz-id-2: 8WdH+xczaFe1eqbP6uhBtmeiAXrbpYFeRAWQ5dFgC6C272jCeuos7M3xJKCXQ+u1QBjnGzDHVZQ=
x-served-by: cache-mxp6942-MXP
last-modified: Wed, 12 Oct 2022 13:57:57 GMT
server: AmazonS3
x-timer: S1687928606.746162,VS0,VE0
etag: "383fa66d2a0a09f4a6e64a9593ad43bb"
vary: Accept-Encoding
content-type: application/javascript
abp: 87
access-control-allow-origin: *
cache-control: private, max-age=3600
accept-ranges: bytes
x-cache-hits: 2166

GET
H2 200 fraud-detect.js Show response
cdn.taboola.com/scripts/ 121 B
390 B 140ms
139ms Script
application/javascript 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/scripts/fraud-detect.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230627-7-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 392c32f20b9f867852a946a6ed1c5e21476df9619083548b6585d80a3b5f9bd4

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: vOXBAr_FxKHpU348.XTQhP6DWnVyKple
content-encoding: gzip
via: 1.1 varnish
date: Wed, 28 Jun 2023 05:03:25 GMT
x-amz-request-id: 30CY49K8XHP39FSW
age: 21315
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 125
x-amz-id-2: 7aQGNHaCtIjELai7pC4skDDPaj4Y+Gv9U+t+GrOiet4J8UDvIP3fxIDax5ORl6I8THMkCxTjFg0=
x-served-by: cache-mxp6942-MXP
last-modified: Thu, 15 Dec 2022 16:50:08 GMT
server: AmazonS3
x-timer: S1687928606.746144,VS0,VE0
etag: "f7a185d92ac2162dc0bc36c5d7ef7dfe"
vary: Accept-Encoding
content-type: application/javascript
abp: 40
access-control-allow-origin: *
cache-control: private,max-age=14400
accept-ranges: bytes
x-cache-hits: 14889

GET
H2 200 eidf.es5.js Show response
cdn.taboola.com/scripts/ 17 KB
7 KB 139ms
138ms Script
application/javascript 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/scripts/eidf.es5.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230627-7-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 12b5eaccd8a9d81a6a12512566d2b72aa7c100b4a261a08ee6aae4679a9e36b4

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: 3979WkHCSLO5cQCJAWoE4w7tW4Dv40AW
content-encoding: gzip
via: 1.1 varnish
date: Wed, 28 Jun 2023 05:03:25 GMT
x-amz-request-id: E0K3EADYPH4DYY6V
age: 25857
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 6467
x-amz-id-2: o84c2xeVrQDatJK5eXb5G91D+ix4Rc43AkKKvwz6enw4FiKp4x48sJSXDujLJwZa9RBWxK/kpqA=
x-served-by: cache-mxp6942-MXP
last-modified: Sun, 02 Apr 2023 13:49:08 GMT
server: AmazonS3
x-timer: S1687928606.746188,VS0,VE0
etag: "2fdf3e79d5e851201a0d52a886453d8b"
vary: Accept-Encoding
content-type: application/javascript
abp: 75
access-control-allow-origin: *
cache-control: private,max-age=14400
accept-ranges: bytes
x-cache-hits: 5020

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 7A4B 0
20 B 164ms
164ms Ping
image/gif 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=3878319327705&version=m202301230201

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://7b396d131b51a631f1f56b13a95d7996.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 28 Jun 2023 05:03:25 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 7A4B 0
20 B 164ms
164ms Ping
image/gif 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=3878319327705&version=m202301230201&ct=77&x=1&cor=4616080017104061000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://7b396d131b51a631f1f56b13a95d7996.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 28 Jun 2023 05:03:25 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 7A4B 15 KB
11 KB 159ms
157ms Script
text/javascript 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AwM0l4vcx4LQ0FmZp0D29Xoa7hyqMgSDOgae7PfTI48WtHyBtsqthLh9Y7FSfrONKZ1zx0XLhr8Zr2gTj5xD-rWKqlVuCXIfLDvduhjDsAglggSCFOLeLej0XuRktLNTp-pcPwzbhXrQz0e24oIMiRClcowNH_gl_28L9jDuRZCz1IjLs&cry=1&dbm_d=AKAmf-CRZrfTKdBV9XVmJTdQWPsZahVHHo3TLtHB9ODEAsRYm7_tzRlKdjsLK58DFnoczuuXKeKJMHMwOwlzf1R_M5xkI_bJc2_f-4xGLXKs0T0iv7fzTXbylS8i54uAapIsRU3TUyVOMG9-OV6C-xqYuZppsI-QMM_ZOdA_TWyr_0Vie5boC6BLw9lWLXd1LUpyGD_bfKRXjou_-4HwtmBFb2saHP7GoqO8vDKVDbVdgm8Ovyt1FdU3SPcWbCUmcRfnr9poA-wBnoiyj73w6AC9kh-IeVamim8MndP1NLvavF_g_IZJq_P5trtm4_bR4dRK_Voeu66NM2bpoP9NYfYZmmDqLfK9TAm8Hi052eyVaJjakOfdIfq_hvYdRGSqv0RF3TziEAnu1Ik8oIL0N4A78XCApf8gcaeeoPvjFJzkN91Hnsz8LNboybYhJAkzfZ1LW9E71a5jQX7gyxNQ9Uw1dwjs65G6qD1J9FoTJoJ4o6HoCFCK1udYCIhs8uMbyaBT9FqjX4ZVkTbGDYzNZGcSii4UMl96CvP0q5V-twv8T8xPRg1M6sK_pmTNz1DppgogMXwAQylYLLzHel4Nn7xlTZjPfkd0XGytZWg6ZC4Pvp8RzBvHTMAwB5YsFemjdbiPkXYu1Q1WOFRcz4wGNUui7r8QSZ1Qrupvs3Dbyokc3LXfu0Tof03un1uoUeTFbJHx6lLJpwY-rrVOaahuHLKELV7rPK_ExisIWJcsLmQZOs3_uKPqTG9X01A7TrLlKErstgbA2wDhMPYi7KpFCyGrEUYB9ZMo_5RztuwCNfOLjtIY4WW71fsv6Fx1x20sehtT1kOvKDN1DjynpDWaSMWjlmfaggm6gi2XfFvylly4XjQwbVMQ2H2t7DoQGdP8_vwl9fOxvF9lVH76do2gnvknmn5Q00wdBZrVrxti95OwDiNIJnkldv_tVhOj2NWuF_fTzZF4uTJ07DDQYg2G98MxMr_U9PIv75DblmDjFQhW9FpmjWUh0RPDeixAndQdt4k_JNmNEUsbYLUAlUXvPWYUV7kB5KfH5t4Q9Y6mglVO_eW3rh285D07P3TjaLqHUrVa6j6ZfcuOAYcoblNvG2_kqZoQO8garFiXmmplmhTv_-D6lG9MPp4NlJ9UUbr7arEczGqaxHZVJ0MPJws0LQ-TSSounqu8kw5YH41MLCkXK1yTbXUY5Ug2bSbBEE8dhxYFuoCUJVbyKNzmMC4qwzl4_fTfzsSTvDoGIPvrlXsh00RKsEM-YDM-0Uz90mkGBYtxppKIjGQpWUrFm8tIarXGuP2Q03ii3YmnAv1ZicdwBf0nGyAz49EAwDsD5EZI6KAp2lt7sQAb4iKyXhZcpSWywt5T3mjLSZbzM9ts6S0uxbL_EUr74WQ2A3l6UAJ5X4lxEwkrW6tMLuhrzc3pUPlPcwvZY9e24qDvRZr7rACqv6kyJvvWcj3yH0tsWQLgZprUIjxIQZoC0iyDlsA0WYB-6JX50gMg4880bZhVKhZfZNyi8LWIbJd_K3cvWLlInXWrhP3Qo0QKmByrr-nd74peGXakww6-PKNtuBbMz43hF1pDzLI-IWSuRWJ6Qu4Qbrqp8Y617E1oZAOXGO6I85ZAfZb2V-ez3hV3_cBlB5E4_P4a_-1W61gaJoEG1pva5efaJ-GynN6siEYBBWL845087ly9s2Kxuq7eBEfivu7COW8qkcsBirMhAemL-UfJ2-4zscFMatvgjnRs_lUrivURHS16kRiGKT7lj8W-TPxiXpX2Pa78kE3hc2eeXM24_zLT_XxqOkFsnWX9QF2Cvc7FFI3EK3CgVVGmSVtaI8sfEN11REzYS-UtWt9gBVEL5UKSpKB4AHkfcaUPgiwGVgH2Q2WBvzhbIEzAi5lMDDmNHwJf9b2wtNalGbgQzqRamMlpi2Uia-pTgpMdGoOWitaF_nOqERlaLm130DZjKLTyWOiYBlyMNXhvhF1C93ME_79gZjq8XjUyuE1Og_oByN_qDwJQtoZO64dplCaJv9QWfxVE-vMeJuSDapNe3ZTwccnrRZEOneKPta-EKSqOtmtyn1H3aZ15AqHebRXDCBWXCvefFwD84mHaY5Thx645iqQc5EmcFgvfgEckCsKEHdb4kgGz72JeJhyhRS-iGS3a54PSMudYF42mgpBtFuQeWGAlX4VSo6LxB5spHTPP6kZ6wpvSsXIvpyyIrw_PXpMw1tlVd5jx9zoHbCJLcB_TY7orG0MlnTvgzksdlszYL7JGGHot2Ltf47T5XnTbEm3fTopBxpNNoawYxBHoxTcr8cxNTkVQ-1PvPmgqQBihETvEPIzNg9O16zhOcxvOQSarRgBfPhLGRMUjkKWwSQ92UJ61gGeKUQEw0jBxsH3NqKWS5WfQNkq-Z-iteTXDkaGZHo7hhLiGAnyWyM_LjyljBJ0BB95fqOB9ECHb-juezBiMyFN7H3hIBMIbXPFy9w_Z_JGRCxVgkk0pDUYtvEqYvb3c93OoNDHzb6m6-mUmYnwrIZua537MkBq9O9UPwhC0qHTLO0CFJ8Cuuv9KrdPCvuSXnD8mZGM4euMKVhYP0l454jeUXJ4gXovUL6_A3hKeOjGqv5p5pGmQSkN23tAHBOdcxvio04ZqoYyPdLj4FaHPsbT8dqM07_9HrwEBEGv3EzjENV8QJPhmrnYe6Q4aJV2tolQ5cE8CiYmVr2sr2RPy3OMVrUhust6oNuK_FaCsEnF6FOM864NG0FdosCLhA84mrH5R8elxA3M34_Qm06v7fGhZDg2uQJrmE0yOuLCxYT559ZPXJ4MEBjWZDRHrmxBFvm7EQF5Tz0_CTVTGjBF7ZGYyFwc91bSoyTDL0Jv6uMlTX002CZw4hXUMH2UftZYyGAQmw1HuSjEp07p4bLSX-NrLDFLWeqtvZfMLqxYObger9_jGWyDdlYKtq1tZ6rYdj4E3jDt1Z_tjhqXVGuIYxErGgPObQMU4RNBHzqbZZaJQ5yl3k2PPdq6IIB6-fE7IhwoRWRWYWaUq_bbxt0Znpvy01MyU5LDPmYZgug5b16gZ79rc-Qlbd69fiIm201ohSizDHpFmkSnUgYy6-RrQEz9btmsL2FUoHiyZ3xUMFMObvayg2jCulHnRC4B8uVbiEptMLaEgG3N_fPIL5i3XNcoXMxEnRAwfNtR1yhufHhE2bKhzpmpTSfNOVsLO7Qn_K5hXCNGEEPR8H4c6-U9-eLOVn80J2xuBXjn6-P5QWYp_PgSKT6WZynITJ_CPdP9-T1wNl1d2sBimTPyCobdzLiyjkJtWTS4HGKcqtdrVUSjm8z3b5xjQz5bcVyrBG_Nt9Vc3yz1oDEHvKnQqOx797lTiUi5aLuYt56fl61Ccu3DNnnFE5EkVM4CUc-e6HtI5x4auVNYeeuTnUHI08eP5fRxv8GgwSILE9IaBasYhoyhI-0VYJSh4gkYK00A5TX43a0BpB4NTIq7ThJ0Rdq4gs-M4kW4DgJCRWIGhUlT87i_aEPKH998NCV_eEZ7UU6HkUAtTItYRWhcE4QbU1kENjc5BziVygh3b0QaJfFdqFfRScrhONGZpPkkMZvSzClIq6_iMjsPi-qFI4Wf_hapqeyExp-KHhE3-LocxzcUCUZWIDAjpLdPe_8SPKrkHMaNoST5WTxBLEH22OwtrDUlvou-_6pqY7qZDbEYxn6OQApcHLZ7Bifg7f3OjtwdN_SonnSo1YygW9LSSVBLkqsxS8mMDpmFbtOKOUprAU_OvHMI2sxywppvAY9ZDQAUZMJ-QpCUYVC6WpltHd9LuXSrlA_MzREzBT-n5AKn31B8PXvOu46WmxFGvstjxSxb2K04xkjKvjHnxz1NGBzO2H3OfhlT_htj9B2KnK6Q-JaF_vHxrbTqZYZ1rry8asJVujIM0L0LExWpKn-UkizNX28WRhtzFB5meWYhZaw9yRJrHopKyNytlxeYnfm9uQ7oIVxnKXbZqcoURChLEXJ7Sy66VVzntMjWGRtqpQ4e8iglintcp2eqhExSP3gi2kTKvSWivXQ8cU2kl_OenYIqNy4kjrxbRRNzZsVoKivnORCxKuPy7yxML2dvbk3d8dFPjNh--Y0fb45WYDgROrbiuSwYU92ZGLV3BFBykRtIotftYzdh-RD9whTkgFLtT1NuTdlXY3R2uf1DefDVRyyaaPlNRDixJ3Pddb1-vobmdNgkbfBBJq4qQZxcdBX8I4u9Gz2HMUyzRn-sBIyJGAcSiT857P6pGkNkhxItmA6-ygupgzwxD7wv5Dq2SeiwvPP2uLKeVEgyT6vx76Vub1CqUuDSOj1v89pwleg&cid=CAQSTgBygQiDCKqtqHFgy8FqIWtXWzDmakn57wWMvpCaaIjRp6kBArBcdgBjgatL3XkGqaQQOvglPFL2BWrrm__AfGSSXtqIlOyH70SO15-_7hgB&dv3_ver=m202301230201&rfl=https%3A%2F%2Fwww.sanook.com%2F&ds=l&xdt=1&iif=1&cor=4616080017104061000&adk=2975593758&idt=546&cac=0&dtd=3

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s06-in-f130.1e100.net

Software

cafe /

Resource Hash

e17cd97b32de1227d3b69099d7d14166d1c8b61e453a8cd134913a803f08b9e3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://7b396d131b51a631f1f56b13a95d7996.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 28 Jun 2023 05:03:25 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11433
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 0642 0
20 B 164ms
164ms Ping
image/gif 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=580699787413&version=m202301230201

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://7b396d131b51a631f1f56b13a95d7996.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 28 Jun 2023 05:03:25 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 0642 0
20 B 164ms
163ms Ping
image/gif 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=580699787413&version=m202301230201&ct=77&x=1&cor=303992262618112260

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://7b396d131b51a631f1f56b13a95d7996.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 28 Jun 2023 05:03:25 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 0642 15 KB
11 KB 168ms
167ms Script
text/javascript 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DsAFkv1fMZwho3Sk_tnQKTbBKhge7Bo5VNif5ELegIWSSWeuvhP3PHlTKFbfZAxa7AaJn4eyBjf55M4qfRlCYNF86abS_jqf2rnImOHyKSmIptQxPMluM3KSPqrRkvxvo9hcXlnb95Mj4CEZmsVxOPUNTbKwjuY_yv9I0x_PqrGUzuoV8&cry=1&dbm_d=AKAmf-DGu9yh_mPYWq8bTnc0UAILXCaDQgbx86YlSLUYVODBh7ayCL79XVRrD5w5MXjQy06X0-hYqMSDrNwi9OY8fZ1MMX2FIHYLjo4_F5Whnr03LvYOB2rXOAWXbcPZ1Ip1LGhhuJOoWqw75KQ92bmhrgJKUxKesddoPX-aNM7Z-88iKtx9q3suRgNddiGnxLnzH4UIEjkZUopasxCMNw_G4k6IWcEobm2NXDxgmgBxbbr_aHPOVLLENGK4PFsErtOW5qPJJlRgvDAVw15oP6iPnGWk2up31l7V_S_dxCfcUIdRzkebd7tr7xYt1KUh56U9aJggQoSF1muzNK8yZm9MfAqfNXlCvhu4asX18tA-1vkO7KMaOQtoa6c8yHrpkNexGePNUOdXsiWyDommwb_HF8SalzxWBKANAgf6Ubv6xSaIIfdRfhLtDMsrODX3ke42yvg7HCWD71r1t3iOOIO7gNNMeTSEn32zw8SQ4mpcV_DptRkRlK8hBxehLFSmdNEtt7KJKdVpVt-26_hfRnU3GMhXe4xAHQjMRu-qy6TE5GiQrM1w-q3C0psKmmSORTnZU5qCtn5ZWwF2fNfgk-1nlO9I_bXIxeRTU4b7IXIoAgDIveCsEuXxK4TdTxdLTYbrxwm_vT60MZyVLpfKfaj_ij4U3RX7lJYMACeZUugdAw7out5O5nxJ_kxR5zvuBM4h84VLW6quIruDd0pQmJ2XwJnXjsrusPBXbSJ7DkfH2fepPeso5RA_OGIT0TsmYKNHySLMpNjAUOxnxo15xUXycA4RdZ_na5dco7v6KfyOILEl-GaP47fCFwnrq-6xQRrsqE6YJu1l7fF4IzO9VsPBdye5jQA472NhpF3wBsItM5wp038LMZ3Sag_ksTz5_eGKI_mdYxrQDYb6aHt-xKxKfzRdUaMXzn0Mr95rbHwIkGwVUSAAEv6pqe-ZALpqLK5UJnET5jnNqFskBY_xIdYvTOq-5oIj5TrD9QeUt6pFS5IKksMFToGNiXGoRVhN22F20uBCjFnwkF_XU7_AZHtRmZbt6D1vU4U-IYSzWP74tNhoEiA15_S013vKhvF0lJTnuUgSVHbiAL7y7hW5HLZtqX0Er-8M2QDpl8S_r_vfCNYJ_JyC0pKbwdCFie7F6hfzMFb5rc3ojOSJ8vKr9jwetW_sqB5Q4orwTkEvuKobD9zaWun4ukh4YjGcrnuMK2NsfRaCZQL1LvVtRorC4OErmTQ5ZALBCx_8M4wwU-UmAFjBEus8HtaLWILtJidRwABelXvkD_kx773HCoIqn29hDOWBUMtrsF5x6DbVkJ-JcFddwUS9fiDaxkU520f9mwK7A1PFd4ZEMTnReLjkD3UNMBX7gYKRNP7HAezDfp3wNEegu4ow12GuZ6kqVOcdV-bfWv_QVO6h2mz5r3G8NGC7Bg9bhsvVDJptZJRFvfxUNlckIR952dF8OMm1k_lMnL5xeIBTEkFeTxcV0YULx0yXiZqTMnv5LwO5KMmfC5VWlxHN51hSrx9bL89aWi34KqbxSyfcOH-SoaqNNRov-Jdh6bFwwLtNan8vaGrrf0nib7XBuEvzPDDH0K12kmg0nO-McuYYhQN1PEmmc4-N6buMbIgEJFnLjNikau9C2EJShqhfjB3orJr6AC6T02tFBwvfUG3dqjYf6E8c02_kPjRCMtVR1W2xWIOd9EBTd9KWJMw9u38qBZYqX-oEZi8dd74qM62FQjwy3FLJ_lOcIqi2USjEj0TK3yALRkwXglmvGczMQ4ETN9RPrM-bfJ5kIxD4z6dna8S_yJwHFQzPMkeeHRps0G-bVYSZDW3cmDvXjB7bkxe_X-uv_tC6kxHdfbYCXU4A99h_g9AUsK6SEWJhkCJbMczVdB_Bacjhdj-RD3Q1_tYu0p6rREfBLnn9p2SLtIXzXGkeDfbLO58VXrvD89HrgL2TfWzJK1U7PRdSDLAYR0DR6l1DkK0ep_0xLKXCkLhOB67IF_2AQFyBpr7ivtBcOSSLmAfTQ0LOqrUE_dlHWyU-C6Et9j3iwPSUCMqjWWwpi6ipReoJFY4gyPZAWEANDg_ibqaW2cMjr5mPCFyqWsLtwQBgs_r9tvXISEE_3DjIvfzFu5_pvZreccYj7MSsaGVNH2nuuF2CGnBKwX3nYQ7MGXZxGhCIc5w2wtTkoV-w0teQGAW_vGd0cH5r-nd8RJHdN2YiK8ouGpk-sLYWFe8QNpQacJfyMiuBDwAKSpobjAvTx3fnDNGxEICMeefLOq2M4G1Zv1lUjrBb-gkDvEwbULH6NNklsZHEKPCD33UdslpZ1x1sass95B4AdDFpIIn6TCZ6373gaOllAWYw7a9ei3RyePsxymztzB7WtX3OuJQAvD7mXhmpPA5AdKMLE6WlZIYuw7ZcBm5-vXNiARFANoeg9opdZhESNQRNPpXViuHFyd7sDRPR5F4MS7uFnmYMD9iMxEvUTqTfPEhYrBacuewZpM_Gslfije9ljr5s-UaOqZ4hqbZql3MStT007DnNX0QSMF21wdAA0JNDLki8PZS92MQpzRP9k3_nYN-rLoJxFgKSmpPp7NkqMFK_JO9tIzsg5Qcxf9GCib-gacEcvk-cr1xeCfZ-vcQxniaLxeeBcVo4_qMeVJW7SQqa9r-zHQJRdvIh-DHTZmhZFv5SU9as-h7ny58y1ODWbXwJmGomxs2oZXcvPm5EvYqSMIJakP7MugNrq9p8g6XLluR15Wc1UMkZJL2ZDaT-1eBbaUUjMheu1I8GUNdLr-s7wGGdPW1Qfh0fwQKZ_ReeOKesr5BQIyMg3Bs4buUtZt-7u5a1DvionBsjTpne5-EEM2fRvPhlWmjCXIJ2lu2cg5rWIV53wZ3rUwt3HUwsn_eKTHqM3EoPEMO2gOY5KiwbybMyi3_PMuhYnUczd5sTweax3idtVbswr40VqNuyWNdHhRFv_T_uOP2KooozSNyeXOo2jEYFy7LZ80QU-e8XLyIrMl3qxkmddN8Zi1b6QgKiy8h0L6QgIMh3RQ_7R5EnqTcddiSHHom64_T7dIJ1vt42XSlz1ZXcm3R8KD7yRuDC60p-yRDFd4cxy6ph3OTkSTax9XrR4iRBMClp5GzimVkv-stC1-kn2c0rACxYp4sWRI_p7FCxwWbxWcYxcEDRabmWRBPv-AZvZsE6b5LjWHxzgzeb1S6EQUt20Ca59FC49a_WyLGEo1oGvTL-gLgmdkGoVXululfXtoiAVtfDaEWSooUyex3JiH4LLXkXvZn-TZaF8-vtGo6t39uDCO5ApWGmfNs54zJG18Qe8bMriTmNUruH4HML5TCkF7nuYqgD011uCCvsf44OvRLPLjbdAdyiSb9BVsNwIG3KSosFbuiFQEo_60tbr2VwZPcijDFl6aEQrnhx8oLY8hbaDPWnvGa3fX-UjFU6-IHD9nQ5AYU9gcfBKmpeAgvxymWxDGFC_0Y1dJ0x7kmfbKJOCWc041fFnrGIoTVz6o1NBKTm4WHxgUm2A4EuvlYxxx-8OjVanbZrRmh0QkVhgD0YrCVOURRG983ukerCks1JB_JnAXA6-rwviHVmxgB04elCVxpMLI7qhROokw9xvx_auBzVHdQaatWjPhfogKfrlWGLbr1ZjczHOIDV_3kufHjBctAzsP1iztFgk0QdG3vRh5fGcjM8E0GNWyzvK0h586_SfVZfdcdrBpjBIGU-mbQjEa8-4eXhpCQww7fxe0YUlaxo27aS8lgAN6YCRiUvNizYm3ggu9uvFKG9P_1qsCr--wEyi_jegIi4-cLB9qx4dINuEZ6oJuVL6w9VuoGkTVvLe_rajyH89eLl8ZQfPM-h0BPBKlhdVb8RXYEWfh9HQCGrY8H13HYv8Fc-n01UK8KepZ_1zhT4q9v9wmVilZsRmB93O8fm9pEJgNMMTadgBePUTKb7u0mxcWZm5sKMDpojtopljg1FlZvDPQqx341klA07Fo4w6cQ9B6AGoCj4UI7RnHRqhiiHe66KXhoSgn13uOYQ3Lhl8ddzSUbfSKX9olCpk052vBMW0RkIkTI-5UG3d7whaQAGnTg0GWOGq-tpT3CQxV3ztYWoHXSlwG_hcCj6WxxsGeq3c5xHPEmPrecpFNPiE4DuEdb2OO0qm9b0oWJ1nwrc-ir1GXjsS9VORmZKMqI-VAz1bIXV-LsxIOpTxVkYpmYTffuhyeQZDcZIKlKrefVDr7c8Fhd3AmWI1cGNwG256HmAC37fmudJlDyU7d7OdmA1ZUtIzMjCdVziLKQXc3Rh9qbpGFO2EeQwb3HKU8o7&cid=CAQSTgBygQiDsHxQLQvw4GugA-9FUZrLnPzpimeUKI6a7qdfzx2LeSXgfko2yCrSYZVzYoqtU1XZuPXs4EKP5vMgw27k87zdWFjKGAQX3R5IOBgB&dv3_ver=m202301230201&rfl=https%3A%2F%2Fwww.sanook.com%2F&ds=l&xdt=1&iif=1&cor=303992262618112260&adk=531095043&idt=551&cac=0&dtd=4

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s06-in-f130.1e100.net

Software

cafe /

Resource Hash

e53d8bed4c59c8998739795602f58569641716f1cea236777964c1771e0b2b02

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://7b396d131b51a631f1f56b13a95d7996.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 28 Jun 2023 05:03:25 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11200
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

OPTIONS
H2 200 json
gum.criteo.com/sid/ Frame 0
0 1439ms
134ms Preflight
application/json 178.250.1.11
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.sanook.com%2F&domain=www.sanook.com&cw=1&pbt=1&lsw=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://www.sanook.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: https://www.sanook.com
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-type: application/json; charset=utf-8
date: Wed, 28 Jun 2023 05:03:26 GMT
expires: 0
pragma: no-cache
server: Kestrel
server-processing-duration-in-ticks: 192574
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 json Show response
gum.criteo.com/sid/ 2 B
387 B 136ms
136ms XHR
application/json 178.250.1.11
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.sanook.com%2F&domain=www.sanook.com&cw=1&pbt=1&lsw=1

Requested by

Host: www.sanook.com
URL: https://www.sanook.com/women/220941/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://www.sanook.com/
accept-language: ka-GE,ka;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

pragma: no-cache
date: Wed, 28 Jun 2023 05:03:27 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.sanook.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 192011
expires: 0

POST
H/1.1 200 prebid Show response
id5-sync.com/api/config/ 135 B
543 B 132ms
131ms XHR
application/json 141.95.98.65
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/api/config/prebid

Requested by

Host: www.sanook.com
URL: https://www.sanook.com/women/220941/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

141.95.98.65 , France, ASN16276 (OVH, FR),

Reverse DNS

ns3216659.ip-141-95-98.eu

Software

Resource Hash

0b55ec4e5aa91ac70224085c402a372fcdd954dd4df3229b7de7efbfa86cff3c

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://www.sanook.com/
accept-language: ka-GE,ka;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.sanook.com
date: Wed, 28 Jun 2023 05:03:25 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding: chunked
content-type: application/json;charset=UTF-8

GET envelope
api.rlcdn.com/api/identity/ 0
0

GET
H2 200 id Show response
id.crwdcntrl.net/ 152 B
819 B 188ms
171ms XHR
application/json 52.211.103.124
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://id.crwdcntrl.net/id
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/women/220941/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.211.103.124 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-211-103-124.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: beb5cbf247c248eddca04f11beaac4736b3ba2f3b551357e96a2a9dca4ea1a59

Request headers

Referer: https://www.sanook.com/
accept-language: ka-GE,ka;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 28 Jun 2023 05:03:25 GMT
server: Jetty(9.4.38.v20210224)
content-type: application/json;charset=utf-8
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: https://www.sanook.com
cache-control: no-cache
x-server: 10.45.11.217
access-control-allow-credentials: true
content-length: 152
expires: 0

GET
H2 200 rid Show response
match.adsrvr.org/track/ 108 B
649 B 193ms
193ms XHR
application/json 15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://match.adsrvr.org/track/rid?ttd_pid=pubmatic&fmt=json
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/women/220941/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 65eef217d443cecde982c7be5248ec37c06e91602cd401712072bd6e89136e7f

Request headers

Referer: https://www.sanook.com/
accept-language: ka-GE,ka;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 28 Jun 2023 05:03:25 GMT
x-aspnet-version: 4.0.30319
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.sanook.com
cache-control: private
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length: 108
expires: Fri, 28 Jul 2023 05:03:25 GMT

POST
H2 200 wl Show response
t.pubmatic.com/ 17 B
181 B 1584ms
196ms XHR
text/plain 185.64.189.226
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://t.pubmatic.com/wl?pubid=155976
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/women/220941/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.226 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: 0d111d61901004eafd87c672f12f6cd54b3c376513aa672bf58100506dfe76f5

Request headers

Referer: https://www.sanook.com/
accept-language: ka-GE,ka;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Wed, 28 Jun 2023 05:03:27 GMT
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://www.sanook.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 17
expires: 0

POST
H2 200 wl Show response
t.pubmatic.com/ 17 B
93 B 1595ms
207ms XHR
text/plain 185.64.189.226
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://t.pubmatic.com/wl?pubid=155976
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/women/220941/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.226 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: 0d111d61901004eafd87c672f12f6cd54b3c376513aa672bf58100506dfe76f5

Request headers

Referer: https://www.sanook.com/
accept-language: ka-GE,ka;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Wed, 28 Jun 2023 05:03:27 GMT
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://www.sanook.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 17
expires: 0

GET
H3 200 bridge3.578.0_en.html Show response
imasdk.googleapis.com/js/core/ Frame C6D2 709 KB
226 KB 131ms
130ms Document
text/html 142.250.184.202
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.578.0_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.202 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f10.1e100.net

Software

sffe /

Resource Hash

4895c44118a86780663c6e877b78922dda0ddb83051b4b1d22ed786415868af1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.sanook.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: ka-GE,ka;q=0.9

Response headers

accept-ranges: bytes
age: 80480
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 231472
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy: cross-origin
date: Tue, 27 Jun 2023 06:42:05 GMT
expires: Wed, 26 Jun 2024 06:42:05 GMT
last-modified: Wed, 07 Jun 2023 16:35:26 GMT
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 client.js Show response
s0.2mdn.net/instream/video/ Frame 7130 44 KB
16 KB 166ms
164ms Script
text/javascript 142.250.185.166
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/instream/video/client.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.166 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f6.1e100.net

Software

sffe /

Resource Hash

d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 05:03:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16746
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 28 Jun 2023 05:03:28 GMT

POST
H2 200 wl Show response
t.pubmatic.com/ 17 B
93 B 1538ms
196ms XHR
text/plain 185.64.189.226
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://t.pubmatic.com/wl?pubid=155976
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/women/220941/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.226 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: 0d111d61901004eafd87c672f12f6cd54b3c376513aa672bf58100506dfe76f5

Request headers

Referer: https://www.sanook.com/
accept-language: ka-GE,ka;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Wed, 28 Jun 2023 05:03:27 GMT
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://www.sanook.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 17
expires: 0

POST
H2 200 wl Show response
t.pubmatic.com/ 17 B
93 B 1549ms
207ms XHR
text/plain 185.64.189.226
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://t.pubmatic.com/wl?pubid=155976
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/women/220941/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.226 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: 0d111d61901004eafd87c672f12f6cd54b3c376513aa672bf58100506dfe76f5

Request headers

Referer: https://www.sanook.com/
accept-language: ka-GE,ka;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Wed, 28 Jun 2023 05:03:27 GMT
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://www.sanook.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 17
expires: 0

POST
H2 204 csi
csi.gstatic.com/ Frame 6932 0
234 B 3194ms
144ms Ping
image/gif 216.239.32.3
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=1~ljf93zjo&c=2183950661435&slotId=1091975330717.5&qqid=CJvj34aY5f8CFaWW_Qcdpw8D-Q&fb=outstream-lima&sei=44729911%2C44730425%2C44730426%2C44752538%2C75259414%2C420706098&nsei=44714510%2C72811302%2C75259405%2C75259407%2C75259408%2C318491509%2C447279544&bi=outstream
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230516_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 216.239.32.3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://7b396d131b51a631f1f56b13a95d7996.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 28 Jun 2023 05:03:28 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 6932 15 KB
16 KB 400ms
130ms Font
font/woff2 172.217.16.195
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700,500,400,300

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.195 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f3.1e100.net

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://7b396d131b51a631f1f56b13a95d7996.safeframe.googlesyndication.com
accept-language: ka-GE,ka;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Jun 2023 17:04:15 GMT
x-content-type-options: nosniff
age: 302351
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 23 Jun 2024 17:04:15 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 6932 15 KB
15 KB 468ms
200ms Font
font/woff2 172.217.16.195
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700,500,400,300

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.195 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f3.1e100.net

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://7b396d131b51a631f1f56b13a95d7996.safeframe.googlesyndication.com
accept-language: ka-GE,ka;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Jun 2023 03:30:27 GMT
x-content-type-options: nosniff
age: 351179
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 23 Jun 2024 03:30:27 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 6932 0
20 B 168ms
167ms Image
image/gif 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=osv-info&clickstring=CaeQXG7-bZNvpOKWt9u8Pp5-MyA-j0ObUcMn4wd_WEMCNtwEQASAAYI3y0gOCARdjYS1wdWItNjE2NzIzODcxMjcyOTAzMsgBBeACAKgDAcgDAqoElQJP0AVm_UXrhSyKBF6xcSZcPLkhtRly-pcqOvSCWjNT4pnGky-MM6g0fI8YnQDtb1CKzPavdtPtgdBoSYzjQD1ADwuBcFeKtsCTIwN_ts4OacrKtFgUk3KQ0Fzm3gQ8du906CrFwhEn0eKV99Az7nG1omLEq2valb-znInsITptazPkmXuynRXzHi9bCN_4fFPx2-ukg-7RLrUrWM4sUU6Nywzz_Oeu7qfX9f-zWTwr9K65TwLdAWn1-czScDCk_n-UsNK9tyemOrmmtZFTAWD6p_4HcDp7I_FOQdW3mFgJPKYEAWVkBL7ELzzmFc0A6rIbh0lCEyIfZHvF_ziv9-m06X5YzFHCtZh0puHatfd5Y44XPSAf4AQBgAby5djI3bq-_qYBoAYqqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIEgiAYRABMgKKAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB&eventType=clickstring&clientTime=1687928605830&ai=CaeQXG7-bZNvpOKWt9u8Pp5-MyA-j0ObUcMn4wd_WEMCNtwEQASAAYI3y0gOCARdjYS1wdWItNjE2NzIzODcxMjcyOTAzMsgBBeACAKgDAcgDAqoElQJP0AVm_UXrhSyKBF6xcSZcPLkhtRly-pcqOvSCWjNT4pnGky-MM6g0fI8YnQDtb1CKzPavdtPtgdBoSYzjQD1ADwuBcFeKtsCTIwN_ts4OacrKtFgUk3KQ0Fzm3gQ8du906CrFwhEn0eKV99Az7nG1omLEq2valb-znInsITptazPkmXuynRXzHi9bCN_4fFPx2-ukg-7RLrUrWM4sUU6Nywzz_Oeu7qfX9f-zWTwr9K65TwLdAWn1-czScDCk_n-UsNK9tyemOrmmtZFTAWD6p_4HcDp7I_FOQdW3mFgJPKYEAWVkBL7ELzzmFc0A6rIbh0lCEyIfZHvF_ziv9-m06X5YzFHCtZh0puHatfd5Y44XPSAf4AQBgAby5djI3bq-_qYBoAYqqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIEgiAYRABMgKKAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB

Requested by

Host: 7b396d131b51a631f1f56b13a95d7996.safeframe.googlesyndication.com
URL: https://7b396d131b51a631f1f56b13a95d7996.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://7b396d131b51a631f1f56b13a95d7996.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 28 Jun 2023 05:03:25 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame 6932 0
54 B 3181ms
145ms Ping
image/gif 216.239.32.3
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=2~ljf93zpj&c=2183950661435&slotId=1091975330717.5&qqid=CJvj34aY5f8CFaWW_Qcdpw8D-Q&fb=outstream-lima&ulv=1&cll=0&met.4=arp_a_s.1k2&vast_v=4.0&lima_p_ich=0&lima_p_icu=0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230516_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 216.239.32.3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://7b396d131b51a631f1f56b13a95d7996.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 28 Jun 2023 05:03:28 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 vast Show response
dspmedia.eskimi.com/ Frame 6932 9 KB
3 KB 1702ms
147ms XHR
text/xml 92.62.130.178
BALTNETA Customer...

General

Check archive.org

Show headers Download Go to

Full URL: https://dspmedia.eskimi.com/vast?e=WDK6dtvhiPrTxSO7laLcPF4AvwD7aXAmi72knCZL7ooCmBpCifW4CTvDttJyCfqoMS_JIZbIfGsoTXcHwkijXeddADD9cNQQyjJvz6oHmHSyfvuVKaTaZMKV8ZOP_MnojKpxd-ewsbVOfj9dEgyuAgY_6ThitmVG2mWLNJbcCgjNZrr3MoigDrA4taknUIdRAPdlPu6eTXDs4OkDGaRYvDFtvFUKf1VHQ39WTMs1mZfrMvLIhpBricnxcX2-64LXUWDIL8y9DgDMDZtjxr55tkR7zPIOsyru3J8rvWmKHWovaz3XwvrYFkbQ_b6TaIMj5OgDmMU5uHUkl3_J-R8_YNFeakkNd5xfPo7__8cmbcot0gka-dMRAJW2e7p_GDhjqLJtsJnLYvWJrVjXdVtvktIr8IXsYWuzzvxX60EbNEpLx1Ydd0ta8hFseivWglmOwM_FRHyX5KY9_UdcJGMLk35f9JNdodc_-z3gFaMD6jhZqvBl0PaBeWwr937EQ6A9zizY_47mPqkyyAAvwvr1Ihf4Uxzlq_YlSyOzDUgG-q3H1GTkjaBWHZbOu2vQYapUXqwqiYppW42AqfE3ejDYEc8Tj6ZiHrZM0nFtAON3r-PSb7PFHTfbLINbrFHG_l9ncZoNzk8hx-vKXOgGU93s_fd6sWmwj6CmVUi9q0CPVp4IDtJwegMu-oW89DDOjYsPStjEPaM-VBrbp2VyM5lcsD-meIDv3-J_0WAUVoHLSEPST2PLnUmWVbIyvEpFO9pvV0edgUizgNzdZSDpAC611HT6U1xA0SkIJUqYglpto5SO3SCOBtQxwTVvxIIkDtadgW-BARa3r0DyHOAXNdqVQYS0X1ZHq1V6LKhyWHVw5Gz91XDFHJM-wWusxpioIUUl&p=ZJu_GwAONNsH_ZalAAMPp3sSuUyjnDyoAthDJw&cb=799066699
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230516_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 92.62.130.178 Kaunas, Lithuania, ASN15440 (BALTNETA Customers AS, LT),
Reverse DNS
Software: nginx /
Resource Hash: b8bee454b11f0a4a8007466999ae2acb69f484d534a78aba6ea8585c2d9be60a

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://7b396d131b51a631f1f56b13a95d7996.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: https://7b396d131b51a631f1f56b13a95d7996.safeframe.googlesyndication.com
date: Wed, 28 Jun 2023 05:03:27 GMT
content-encoding: gzip
access-control-allow-credentials: true
server: nginx
vary: Accept-Encoding
content-type: text/xml; charset=UTF-8

GET
H2 200 OvaMediaPlayer.js Show response
vidstat.taboola.com/vpaid/vPlayer/player/v15.2.9/ 445 KB
83 KB 144ms
144ms Script
application/javascript 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v15.2.9/OvaMediaPlayer.js
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/32_9_1/infra/cmTagWIDGET_ITEM.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3-br /
Resource Hash: 0ef96616448b6a5a85f613193f68ad3f98957f5e2dde7fc4cab40d6c2e417238

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-meta-mtime: 1687597267
date: Wed, 28 Jun 2023 05:03:26 GMT
via: 1.1 varnish
content-encoding: br
x-amz-request-id: J5MQ1BK9YWZVAMXC
age: 331266
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-meta-ctime: 1687597282
x-amz-meta-mode: 33188
content-length: 84989
x-amz-id-2: vvXM+wzywQ6lI2iZzxTFPuT5VLQ5MWHQ5zRgKLLINe44kyKO49+PbkfesO7J2/M5RoCfIcqhEUg=
x-served-by: cache-mxp6942-MXP
last-modified: Sat, 24 Jun 2023 09:01:23 GMT
server: AmazonS3-br
x-timer: S1687928606.054731,VS0,VE0
etag: "77c5190f6dfc562a1e0c9f7810afec20"
x-amz-meta-uid: 0
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
x-amz-meta-gid: 0
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
access-control-allow-headers: *
x-cache-hits: 189716

GET
H2 200 sync Show response
am-match.taboola.com/ Frame FC80 674 B
759 B 152ms
151ms Document
text/html 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://am-match.taboola.com/sync?dast=V8GoQCLAbM_EDMOI-yeBGY-YGYcR5l8SoAAABgYED8AAlZlhOHx-Zwq5Yz11q0HC7cwtVy41YMFxaLbeLZTVajISAhy3Li8NgcbtVy5lqLlsOFW7habtyK4cJisU08u8lqNAUfxnKZDGqBhGX2-w4KyunpMbsMoqLrbbE7nGbPG5Cg6XT4XPd63e931zzsfr_XrvG7_bq_22X3SyaD5WixlwMAAACAB_____8QAAAAACIAAAAASAAAAACgEFDh34LABQAAAAAM_____xoAnjgc0MVpdnqe_gAAAAAAAgAAAIAEAEHHWgkAC6yqE___________MQboM29k_P___98w6AHw4APgQQgAAIDHEISc4s36AvJ3IgWbRRgBAAAA2Hp3rj0ySSeoWFT5___vtwJwBQAgIBFA7G8ji-6gxFsYAAAAgTEL9LD4_WaHXeN3u8z_________v5n_M_9ohEyEH9MIzUSxq_kFBABY8wsIAMBG3QAAvAmAE3QIWjEYrM5ArlazAwAAAHDn____Xw_IeJyT5XAyHIwsq8XMNvIYdqvlZrFYjGYTy8jl2x5DJtxNjnbe2z4hwjL7fQcF5fT0mF0GUdH1ttgdTrPnID5oGJaTQTQ_E7YYrSaTzXI4Wy4mg-FoOBrtjwAuB2giBsvlZLKY7Faj1Wgz3I1mgwUSiMEEUbRoMFmNRpPFZLgaTVaz5WK32yCKVq1mo81guJpNZrvdajgYLkcjNGGL0Woy2SyHs-ViMhiOhqPREMHMxrJcbJaztW4wGblFG5tnrfBMZm7VcDNbDFarwWy3WYteH9PFuRqNlgsvEgzw2IvkaZFOVDbPcLgybUyb5cS42lgmu81mMlzYhpOFxTMyDiZiieZkkU5kl33H45wsh5PhYGRZLWa2kcewWy03i8ViNJtYRi7fvrOxLBeb5WytG0xGbtHG5lkrPJOZWzXczBaD1Wow223WotfHdHGuRqPlwt-YDXfLyXA2mOwbs-FuORnOBpN9h87wXX3ORs_lYO7IvOHS2We0OQ0Kl8HinapX32hndhD9pkWnTKZWFnRGv9_v9_v9fr_f7zdoPQezQeF7Hv7C6WN5Loez0YPYoFDEEsFFOtE87H6_1yKWKE0X6USv-7tddr9kMliOFhOxRHC6SCeil_F0Uf-RQy7mks1yLhnM5orhYpUAAAAAAAAAACzBJNNNAAAAAJwMZLac7VbrdBCj2Wg0WC0XwANcgC5gEAAAAAAAgF3NiNxuaXxSW8Uae8xgHna_32tlABCC2cw2-4wg1mq1rAEAAAhgAwAACOCmG28CVKG4_____3EAAABk5NADAAAQ3wcE9MSFUi_8yK8gFovBaP8AVIi1Wq1uN9ZqtQA!&excid=22&docw=0&cijs=1&nlb=false
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/32_9_1/infra/cmTagWIDGET_ITEM.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: c489134cd8282e379ab7e6aa10e0292038bd696b17554fd03251b59d1a840bdd

Request headers

Referer: https://www.sanook.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: ka-GE,ka;q=0.9

Response headers

content-type: text/html;charset=ISO-8859-1
date: Wed, 28 Jun 2023 05:03:26 GMT
machineid: 3401
server: nginx

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame F8C5 17 KB
6 KB 150ms
150ms Script
text/javascript 142.250.186.161
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306220101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.161 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f1.1e100.net

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 05:03:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 28 Jun 2023 05:03:26 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 6932 0
0 173ms
173ms Fetch
text/html 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CuPESG7-bZNvpOKWt9u8Pp5-MyA-j0ObUcMn4wd_WEMCNtwEQASAAYI3y0gOCARdjYS1wdWItNjE2NzIzODcxMjcyOTAzMsgBBeACAKgDAaoEkgJP0AVm_UXrhSyKBF6xcSZcPLkhtRly-pcqOvSCWjNT4pnGky-MM6g0fI8YnQDtb1CKzPavdtPtgdBoSYzjQD1ADwuBcFeKtsCTIwN_ts4OacrKtFgUk3KQ0Fzm3gQ8du906CrFwhEn0eKV99Az7nG1omLEq2valb-znInsITptazPkmXuynRXzHi9bCN_4fFPx2-ukg-7RLrUrWM4sUU6Nywzz_Oeu7qfX9f-zWTwr9K65TwLdAWn1-czScDCk_n-UsNK9tyemOrmmtZFTAWD6p_4HcDp7I_FOQdW3mFgJPKYEAWVkBL7ELzzmFY8CyyDLd_kK05IMgauFKsCh1uNz41BARaMK9U2Gb8r2rSWsy8bX4AQBgAby5djI3bq-_qYBoAYqqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIEgiAYRABMgKKAjoCgEBIvf3BOoAKA_oLAggBgAwB0BUBgBcBshccChoSFHB1Yi02MTY3MjM4NzEyNzI5MDMyGPeBEA&sigh=56ujBUg6FFk&uach_m=[UACH]&cid=CAQSTgBygQiDebscbBkGvfT3w5kodLkWIEp-_M9xD_zatG3G_8YxA8g51uDZfi9CcejtlHHWiRKopYq62nUsNa2yY0L62z6BOCMAo7Oa_O9mYBgB&vt=10
Requested by: Host: 7b396d131b51a631f1f56b13a95d7996.safeframe.googlesyndication.com
URL: https://7b396d131b51a631f1f56b13a95d7996.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s11-in-f2.1e100.net
Software: /
Resource Hash

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://7b396d131b51a631f1f56b13a95d7996.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 1B0D 1 KB
643 B 132ms
131ms Document
text/html 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: 7b396d131b51a631f1f56b13a95d7996.safeframe.googlesyndication.com
URL: https://7b396d131b51a631f1f56b13a95d7996.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://7b396d131b51a631f1f56b13a95d7996.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: ka-GE,ka;q=0.9

Response headers

age: 50344
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 27 Jun 2023 15:04:22 GMT
etag: 48472445140208031
expires: Wed, 28 Jun 2023 15:04:22 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 96A0 41 KB
13 KB 135ms
134ms Script
text/javascript 142.250.186.161
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DRxAFpXSkx5DUm5qxic4RLMArcgHqj1xYjcLt3sqhTh2SZjHJP8Q1DW2Pws1NQcK-SK7OqF-mrPpu5IM1jVN5jZBZ5zkW396NsYn6BxZWfnb7XKFnMvFSzq4NOlGTmRdlQsH0wEMMEr2pbiXlKUNMmlj0-9mijA_2oUQQQfS3V50sm3zg&cry=1&dbm_d=AKAmf-CaRzRYflIW7fs0SOEGGrrXlhXlv1GIOuPGZJLIMXheFM1Yk7zMpKBdj27oXZoVQTNhYbs0XpGjFNsOWH8Fe6g9oIKNY7hYHy1lkfLWm2lBdyzReHqCJZrDq4ABiM-eEH_Izrix6KMGTYb67tNAFswqfC0QdCR4Hjo-662hOPE1p73RLEUW-BzGWpO2WAJ2KGqrRqrD3xGShJzCd9b0971O6X9tRqfr0rrVfOIh_KuWLdD9O3yoXhfahVMmt6aF6DLeyP8hcEoKZshZHoa4JL36KqaqfBehQsvYkF4j9sjmAzIdfCuXzi1tYyi-rgmWgbo9Ig--nbM06Al7qMSwa28bAir4CyJRC1mfbZknrdW1jjtpX6Z_yKT2MhSWbfsmaFgWIoNDN0NibLxseuR0FFf9erKySjNVdaAOgsfFKVVAwQcLmNfI0YM5JWUMppEiyvXdrzR4J-V8DGJx1igVAIVNoqG6Z9SXelwSZtx5afs_mRkXcoKWUqGuszjVD_wNDMofI6O79I7x5C1-VWQyMB_RTFY_qmvpPBoo7rjTggMTsmD8BgLBDJ4BWdSaKR8rGxsTNea5CdxiRpIik_zreSMVOBYEAlCMMH8Z_NVPf772G6v0Hm6EzjOyB_KSGjM9d6Dy5GMIjg8fihyQMVNopqvvVdn0k7kj5NKGFqIyartTg_BKRZIOIK6AlWhT7rAbKPld2WSyrfSqQoovvjAA_k-Qwk48tGirnahre8TSfz9hV6n4h-umfwRB8ZRJe4vXtDfGgVmutJaJzN9RI1iVhI6cgYoYaYzEYNilTShy1ajNX6X2ZALqfh_kQCWm4Y9j5GzNEIJdS6pqpGFYbAK5RCZqhrBW0dAQTUJAgymAjL0VfPUmzyvnFnPo5Gm4wrtAneJ1iS9xduMV6V4Cn8WU8X4qMQjJDmGkiVBihZqlvlxvBaJprcJ1hYnYqZjauWuNIXbXHEqiA3D-Zgr8I2VCU4g7AVlQwaChd9ef6gnxAoFU8n7Zsbvo1Moq1y2fj-klNx7NHyaNpL3Jjk0peJYTmRw1Z6_UoyebAeBKJGMvPrcCEveY4bj2-yit_btJK9lxUz-Ffp-1VJ42uatioNMvhZyUn-OIL1cUDdVimvIJ0xk96XfptsAKPBDSfxpnHuVAyWbjckWs3XukZzWB65Jn0SUB_T2-GJ02D7Q8IVqKlkeNvkRPEBIrtWfCr663WMzVvt5BL21VxN3udDT8INYyqXX79NaUn6_SnVChxk7M_eaQ9mQpi2yrJWkRUtxoDUUT0TJGnNmbbIVl3v3smdvDP4SQmE5Xn5KzTlpb5nRigW9-ASum31Nw-UC9JlfGTQEAaGyO2L4fsslumYqRrGV65jDI6yp1hzfEPq-eVLmn0ifCwe55mJC3FBBn1gnSSUqlHFqBx9StDj-M0c401QNeaQA5RiwkZa4oifeYxwxW56PlatlBBZxrgWquaNHG2L4iM91Htded4u4NEk7Ghl10W8WXiFhin9HsgfOSBvSiJV5YpegLP1v500--r8LWcxN2DnPjldZeBQOO7QwsJXj2-N7FjenYvjJVponsds8rZ4EwspNG5GMOBsbGPgW8IzsFk02q-xKMkY6ZkpGZVXQKrCGv9yTx_06JmldWDB6ZWSHnSzJE4LqWcUl5IGlrlsos8p8AADzCMy9JS3ia3EE-a_ZAjJxWfquqHSLOtrY39IVkABHGG-J05IuZgk1TSOBMAGV9cFoNLofX4uzOcB1KVvNBqRc1Sr18z3Hs2H_vbEw9N5er7DZYfZuDfuvXWVLG-YkDv4IPbsaNOQWYYSQZDV_xg0gSC8_nxGgV8V_k_NIQQg1K1GkO-299GRQ_I6T0JdeumRBFVOBGH0uHcQDE0dL0ZyRT8g652wcPyuTDzxNYd_RMkOm7J_hrJ74g_zXNDZA99wuVqRFjsajhfVXxIw_OkDOR0k6nZKhDnv3DkJ9UVNx1cSxR8iX9SlozjJ5Bxi3S8v2SGGmh9wZuBJZGOxlU82qYHqoSgqca29CPp3cmXqgPg-EqR_F0GSO1ht-R9wBwBITXKZeUotEd2cyWoeVe-XKChHog3qB6xlC_DS5mRZgoWE7j8FqxDUBIGjqqRMEKW6zTn-JVWkC444g-zLvpsc0PpnIq6g6CdpEHKK15wmptmjFSm-xfBhXSoGT176keBwfBfAJGRc2-Xm-RxhSoOJ-tLd1wfKqFuD46K0nnjc2ZPmsSFe_AcI08H8q6vUG_Xnurn5CfBx9qKoqunFCRwBXdC86ZpP2C7o6cN0iQU1taNHGq-WoO79TKiyjNUk7s5qypvdkFyeylI2LKR8QIdC0xwjOyWs_hVbwpmLZT_bKIHiJNiT0fVNCZYArMG_cFXdIf-Vw3A4y2oHOoX1FLWEas0iLfOfz2IYsW8CG8JbebnJvTONP4Sz_7mBtGx6qNhlUKyVwAlXs3IJtxCTNcdiu-C-KxJ5TR9H3tJU6PXbin22i0jhzH3RAxfqXBqV3hgVwwY1CPO6w7GTRxLiOdzEGlAVVD78bTX5iVI0xKEWqMYkVnBsvKximVMqA9VLv2VZAZuMIUoM8CsGNqiLoG0Wg2TIAT_3xZsDlVtdsZZxcHvDQMtH45DeYD7sZmvHvIy686NGRI9AtjSrQTb4G2svl0rbN4txLPhpJtZz1vEjzbFprxvP86KSQbb55msmHcVM5RXHBgctM0EUTZnX0efFcjMWkmwMnZOUU5H0jx0DCu3yzsm1gwQLyfWwvJ89MBBDfRPdcWpX98D6TrQcz7bd6uPnuRmZXjgRvitmLMLCOg7DiKD6Lf7HK1C7YSpa-hCKULQWlx1yFxk1vunA0lXX1dcPRriqMJliKVB9ylt6hNGHtHj7OLFC8PSqU65KTfyyYAWUgf9B_3nG87BeEN-zcTFXq1vrF9041F47OZ5lR0zTiEdQTzJxD-TsY-PzkPMp2YC9MqjiOZTb_jsr4Ov9pwnWI0RiAf2ueaSagcrqMPKpxVQfXuN935GbpFO7kcdrNHeOOH4JlHWConrJ3XsEiLQZloZMNyqkn8r42n59BYC_6i9TUh86Xf1Dgmp_OEFWeKIGdm-QZa-2YBhnM6DyjDaaGplVdJR0mwrd4Mm01xJOd-b-A1wAZ8Lcm96URqnsBpYuDdtK56-SHPFsPBFPpimOmBpcZ0pu3MvU5zb75xGRv9DxJCqFJdHahOUduf1HL4EKKvpYLv2hGV_a3Yg-IZ1qRau54gG2PiJ6ZpYlZGgW1LzIq7q40KWrqq-w_3RjZM9ghM_EQF1BZ8Z2p8N6BNJxrCNDbkRSSAIPuqDZCF8_4mtK63I7AGqO0sKfutnS00Gnpx-Z3ZWbTKm-aaELjr4yZfdVuIGXdKz9PYUVYxFfaGr1ynxJw0MEMzyO9YjpIbEKd48SlMyG_sh5uW6edGUHE-QfiuqUkDfwu5PTnV5riuPl_FX9IAOGYUDMX5FmStwzGwcPMzK7Xad6AbF8MTLy9Dip_avS8BCnHHgOxQsCU6GMpfuY13EhYzRkoYjxhCMXrzrDZlLTw8pl8rE5pL2HS7c5ZHvnhMfQzqXMfUjnVzeVrlMMKFMTbTfNT6l1SSCMGOxFMmrt8wAkXoSiU1JNZr614OMv54QLoPUqeOxL1BjpyWhzVKRNm3ee5KxUpHab2YUHNJ2Jd6d1Tan8oA8hOM0dnxznO8lDDIxp9HGlC94G_luMnkeFqYJVDaiBU2dZKsKuxsS9aB6HqQYiW_Uq6ZPTZ82raqn9w6r2IacHD80_ie7nILr0ZVnpc9XwoDB28S86mlFDyQoEPqGR0exhCir1DggpiCH5nmtJHlOjyHF2hLI7m_LleA_vjvb-KNprzZk27e7dG_Rp2xB5iy91VUc0AcHKpUTjBDLYqljSyVTrg_Kh2-VWbEAu0ZlyywWfGUr1HoEv52SFMgazV75vpVV2GbgLGspP09vn9k9REgsmOXIrYnpsQ4ncJX5AoX0FzwxgYzdLmxe6ADWGD_rqQBD44lImGlbC2nYFbxvVx3PcG4HaoMjFD3-MSrXuPtPC-mRqKQhubImOYbcs04XPZAHBV2IEAI2FjYClaEKyQ8FpakAnTbjff2bmJWjQY2ormMlqLb1KfIH3NSKgNTTDJauvUlLx3XFW8Xb191d8TPVHhDHhLrs7HJLxRil605s1i_sWViToKA1JYH0ADexyg-ey_SLMwuhxU_qoK-qSpLyCrnMluN9NODU6qbxHMIeQbcPOKJAOxLbNbbOpOpUFpDLfoyIyyA65J9M7mfkfJRzdr0nADDG2MhgjIajHmT&cid=CAQSTgBygQiDJ56_gquPsRlz7hP49SYMRK-4GuAmnhKnSiQ5iPlpnjjdAW6vadoblW5fKIGp44qjRnI02NIMt_Xt8um7IxhmoZS3snEIn0TsRhgB&dv3_ver=m202301230201&rfl=https%3A%2F%2Fwww.sanook.com%2F&ds=l&xdt=1&iif=1&cor=2053284010352760600&adk=4020099329&idt=560&cac=0&dtd=190

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.161 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f1.1e100.net

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://7b396d131b51a631f1f56b13a95d7996.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Jun 2023 13:52:35 GMT
content-encoding: br
x-content-type-options: nosniff
age: 54651
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13692
x-xss-protection: 0
last-modified: Sun, 25 Jun 2023 02:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 26 Jun 2024 13:52:35 GMT

GET
H/1.1 200 v1 Show response
lb.eu-1-id5-sync.com/lb/ 33 B
401 B 647ms
132ms XHR
application/json 162.19.138.83
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://lb.eu-1-id5-sync.com/lb/v1

Requested by

Host: www.sanook.com
URL: https://www.sanook.com/women/220941/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.83 Frankfurt am Main, Germany, ASN16276 (OVH, FR),

Reverse DNS

ns31532338.ip-162-19-138.eu

Software

Resource Hash

736b2c4b73505c1d470f24657e5fad5ac3da245c41a9734ba6241e8a9daa7bef

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://www.sanook.com/
accept-language: ka-GE,ka;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.sanook.com
date: Wed, 28 Jun 2023 05:03:26 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding: chunked
content-type: application/json;charset=UTF-8

GET
H2 206 blackScreen5.mp4
vidstatb.taboola.com/vid/ 89 KB
89 KB 161ms
160ms Media
video/mp4 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vidstatb.taboola.com/vid/blackScreen5.mp4
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/women/220941/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 0407dafc112212a135d1aa4dd9b40ba0208c6bb6b1959f5535af093254189d66

Request headers

Referer: https://www.sanook.com/
Accept-Encoding: identity;q=1, *;q=0
accept-language: ka-GE,ka;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range: bytes=0-

Response headers

x-amz-meta-mtime: 1497790207
date: Wed, 28 Jun 2023 05:03:28 GMT
via: 1.1 1a3a682cf8d843fe52f3224f60584fac.cloudfront.net (CloudFront), 1.1 varnish
x-amz-cf-pop: MXP64-C1
age: 962914
x-cache: Hit from cloudfront, HIT
Content-Range: bytes 0-90783/90784
x-amz-meta-mode: 33188
Content-Length: 90784
x-served-by: cache-mxp6942-MXP
last-modified: Sun, 02 Jul 2017 20:40:57 GMT
server: AmazonS3
x-timer: S1687928609.880275,VS0,VE0
etag: "b2b087fe4ae638c533731c347fcd4df8"
x-amz-meta-uid: 0
access-control-allow-methods: GET, OPTIONS, HEAD
x-amz-meta-gid: 0
content-type: video/mp4
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
access-control-allow-headers: *
x-amz-cf-id: Fr7HowXM-yDrL3QOCMXEgtHD4_DD4oO_zXSggn0QqPq3ih2Kuw7ceg==
x-cache-hits: 222321

GET
DATA 200
OK truncated
/ Frame 6932 218 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 724e580198448dffa92f0ce0a492872fede68b841786ff45bee69a7114ec15a2

Request headers

accept-language: ka-GE,ka;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 7130 42 B
174 B 166ms
165ms Fetch
image/gif 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvNODqmtTS2dHba1_mk6ILIz_fsHWf428CljCH51IwubBedZxgxY4KOwSh9FiPIaVcJ73ikDLvXru-VTlIjgswnjXpEHZKUJlqiNHGGBqWQK9WfzzvF&sig=Cg0ArKJSzBFA8s_ymuIEEAE&id=lidar2&mcvt=1080&p=1078,1200,1303,1600&mtos=0,0,1080,1080,1080&tos=0,0,1080,0,0&v=20230626&bin=7&avms=nio&bs=1600,1200&mc=0.54&vu=1&app=0&itpl=19&adk=2732521762&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1687928604197&rpt=788&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 28 Jun 2023 05:03:26 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxVHCTrFmlrfmskY_zgtLgTT9Fp7d7ph-fGNX0qXkP25BxGhKNm7JxAxQHTyq_ziBchrj0qr8gn6dqQh8HfyUlXFnYxNO7FWoGrPfygRLSWkuxGLXQi1Igc6N35iU1kz0Zu5LQfEpw== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 421ms
154ms XHR
text/html 142.250.181.238
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxVHCTrFmlrfmskY_zgtLgTT9Fp7d7ph-fGNX0qXkP25BxGhKNm7JxAxQHTyq_ziBchrj0qr8gn6dqQh8HfyUlXFnYxNO7FWoGrPfygRLSWkuxGLXQi1Igc6N35iU1kz0Zu5LQfEpw==

Requested by

Host: www.sanook.com
URL: https://www.sanook.com/women/220941/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.238 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f14.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-PkG-gUrSYvtfrTz-D3KSMw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.sanook.com/
accept-language: ka-GE,ka;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 28 Jun 2023 05:03:26 GMT
content-security-policy: script-src 'report-sample' 'nonce-PkG-gUrSYvtfrTz-D3KSMw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
access-control-allow-origin: https://www.sanook.com
access-control-allow-methods: POST, GET, OPTIONS
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 html5.js Show response
dsp.adviad.com/v1/ Frame 96A0 14 KB
4 KB 444ms
140ms Script
application/javascript 104.21.234.8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://dsp.adviad.com/v1/html5.js?v=2023.06.28
Requested by: Host: 7b396d131b51a631f1f56b13a95d7996.safeframe.googlesyndication.com
URL: https://7b396d131b51a631f1f56b13a95d7996.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.234.8 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 15fac2fdbb8af0c07f9f4ad320112b4e93508afb4e9d53ea474cf400f20b7734

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://7b396d131b51a631f1f56b13a95d7996.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 05:03:26 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 31 May 2023 14:11:07 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 3794
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mIgdQZD91VJnFIBpNjDVxiREBZwe6Gt4TwaPdqabzG6HO3nmbXY475s6yo2Wh96THqFfWx5Qp6s4VKXr4Dw5bgqCnp%2BwwFUwyIsjrJ34N5oH7Vby0Xm21YtF3dcaQpfz8Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=1800
cf-ray: 7de3621e6e762bcf-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame CFDC 1 KB
643 B 130ms
129ms Document
text/html 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: 7b396d131b51a631f1f56b13a95d7996.safeframe.googlesyndication.com
URL: https://7b396d131b51a631f1f56b13a95d7996.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://7b396d131b51a631f1f56b13a95d7996.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: ka-GE,ka;q=0.9

Response headers

age: 50344
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 27 Jun 2023 15:04:22 GMT
etag: 48472445140208031
expires: Wed, 28 Jun 2023 15:04:22 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 96A0 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b7605b0250e59534bee9ac378c7b01556496f8abeca4aed73d27747c9f0dbd4e

Request headers

accept-language: ka-GE,ka;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

POST
H2 200 wl Show response
t.pubmatic.com/ 17 B
93 B 1240ms
202ms XHR
text/plain 185.64.189.226
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://t.pubmatic.com/wl?pubid=155976
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/women/220941/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.226 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: 0d111d61901004eafd87c672f12f6cd54b3c376513aa672bf58100506dfe76f5

Request headers

Referer: https://www.sanook.com/
accept-language: ka-GE,ka;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Wed, 28 Jun 2023 05:03:27 GMT
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://www.sanook.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 17
expires: 0

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 7A4B 41 KB
13 KB 137ms
136ms Script
text/javascript 142.250.186.161
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AwM0l4vcx4LQ0FmZp0D29Xoa7hyqMgSDOgae7PfTI48WtHyBtsqthLh9Y7FSfrONKZ1zx0XLhr8Zr2gTj5xD-rWKqlVuCXIfLDvduhjDsAglggSCFOLeLej0XuRktLNTp-pcPwzbhXrQz0e24oIMiRClcowNH_gl_28L9jDuRZCz1IjLs&cry=1&dbm_d=AKAmf-CRZrfTKdBV9XVmJTdQWPsZahVHHo3TLtHB9ODEAsRYm7_tzRlKdjsLK58DFnoczuuXKeKJMHMwOwlzf1R_M5xkI_bJc2_f-4xGLXKs0T0iv7fzTXbylS8i54uAapIsRU3TUyVOMG9-OV6C-xqYuZppsI-QMM_ZOdA_TWyr_0Vie5boC6BLw9lWLXd1LUpyGD_bfKRXjou_-4HwtmBFb2saHP7GoqO8vDKVDbVdgm8Ovyt1FdU3SPcWbCUmcRfnr9poA-wBnoiyj73w6AC9kh-IeVamim8MndP1NLvavF_g_IZJq_P5trtm4_bR4dRK_Voeu66NM2bpoP9NYfYZmmDqLfK9TAm8Hi052eyVaJjakOfdIfq_hvYdRGSqv0RF3TziEAnu1Ik8oIL0N4A78XCApf8gcaeeoPvjFJzkN91Hnsz8LNboybYhJAkzfZ1LW9E71a5jQX7gyxNQ9Uw1dwjs65G6qD1J9FoTJoJ4o6HoCFCK1udYCIhs8uMbyaBT9FqjX4ZVkTbGDYzNZGcSii4UMl96CvP0q5V-twv8T8xPRg1M6sK_pmTNz1DppgogMXwAQylYLLzHel4Nn7xlTZjPfkd0XGytZWg6ZC4Pvp8RzBvHTMAwB5YsFemjdbiPkXYu1Q1WOFRcz4wGNUui7r8QSZ1Qrupvs3Dbyokc3LXfu0Tof03un1uoUeTFbJHx6lLJpwY-rrVOaahuHLKELV7rPK_ExisIWJcsLmQZOs3_uKPqTG9X01A7TrLlKErstgbA2wDhMPYi7KpFCyGrEUYB9ZMo_5RztuwCNfOLjtIY4WW71fsv6Fx1x20sehtT1kOvKDN1DjynpDWaSMWjlmfaggm6gi2XfFvylly4XjQwbVMQ2H2t7DoQGdP8_vwl9fOxvF9lVH76do2gnvknmn5Q00wdBZrVrxti95OwDiNIJnkldv_tVhOj2NWuF_fTzZF4uTJ07DDQYg2G98MxMr_U9PIv75DblmDjFQhW9FpmjWUh0RPDeixAndQdt4k_JNmNEUsbYLUAlUXvPWYUV7kB5KfH5t4Q9Y6mglVO_eW3rh285D07P3TjaLqHUrVa6j6ZfcuOAYcoblNvG2_kqZoQO8garFiXmmplmhTv_-D6lG9MPp4NlJ9UUbr7arEczGqaxHZVJ0MPJws0LQ-TSSounqu8kw5YH41MLCkXK1yTbXUY5Ug2bSbBEE8dhxYFuoCUJVbyKNzmMC4qwzl4_fTfzsSTvDoGIPvrlXsh00RKsEM-YDM-0Uz90mkGBYtxppKIjGQpWUrFm8tIarXGuP2Q03ii3YmnAv1ZicdwBf0nGyAz49EAwDsD5EZI6KAp2lt7sQAb4iKyXhZcpSWywt5T3mjLSZbzM9ts6S0uxbL_EUr74WQ2A3l6UAJ5X4lxEwkrW6tMLuhrzc3pUPlPcwvZY9e24qDvRZr7rACqv6kyJvvWcj3yH0tsWQLgZprUIjxIQZoC0iyDlsA0WYB-6JX50gMg4880bZhVKhZfZNyi8LWIbJd_K3cvWLlInXWrhP3Qo0QKmByrr-nd74peGXakww6-PKNtuBbMz43hF1pDzLI-IWSuRWJ6Qu4Qbrqp8Y617E1oZAOXGO6I85ZAfZb2V-ez3hV3_cBlB5E4_P4a_-1W61gaJoEG1pva5efaJ-GynN6siEYBBWL845087ly9s2Kxuq7eBEfivu7COW8qkcsBirMhAemL-UfJ2-4zscFMatvgjnRs_lUrivURHS16kRiGKT7lj8W-TPxiXpX2Pa78kE3hc2eeXM24_zLT_XxqOkFsnWX9QF2Cvc7FFI3EK3CgVVGmSVtaI8sfEN11REzYS-UtWt9gBVEL5UKSpKB4AHkfcaUPgiwGVgH2Q2WBvzhbIEzAi5lMDDmNHwJf9b2wtNalGbgQzqRamMlpi2Uia-pTgpMdGoOWitaF_nOqERlaLm130DZjKLTyWOiYBlyMNXhvhF1C93ME_79gZjq8XjUyuE1Og_oByN_qDwJQtoZO64dplCaJv9QWfxVE-vMeJuSDapNe3ZTwccnrRZEOneKPta-EKSqOtmtyn1H3aZ15AqHebRXDCBWXCvefFwD84mHaY5Thx645iqQc5EmcFgvfgEckCsKEHdb4kgGz72JeJhyhRS-iGS3a54PSMudYF42mgpBtFuQeWGAlX4VSo6LxB5spHTPP6kZ6wpvSsXIvpyyIrw_PXpMw1tlVd5jx9zoHbCJLcB_TY7orG0MlnTvgzksdlszYL7JGGHot2Ltf47T5XnTbEm3fTopBxpNNoawYxBHoxTcr8cxNTkVQ-1PvPmgqQBihETvEPIzNg9O16zhOcxvOQSarRgBfPhLGRMUjkKWwSQ92UJ61gGeKUQEw0jBxsH3NqKWS5WfQNkq-Z-iteTXDkaGZHo7hhLiGAnyWyM_LjyljBJ0BB95fqOB9ECHb-juezBiMyFN7H3hIBMIbXPFy9w_Z_JGRCxVgkk0pDUYtvEqYvb3c93OoNDHzb6m6-mUmYnwrIZua537MkBq9O9UPwhC0qHTLO0CFJ8Cuuv9KrdPCvuSXnD8mZGM4euMKVhYP0l454jeUXJ4gXovUL6_A3hKeOjGqv5p5pGmQSkN23tAHBOdcxvio04ZqoYyPdLj4FaHPsbT8dqM07_9HrwEBEGv3EzjENV8QJPhmrnYe6Q4aJV2tolQ5cE8CiYmVr2sr2RPy3OMVrUhust6oNuK_FaCsEnF6FOM864NG0FdosCLhA84mrH5R8elxA3M34_Qm06v7fGhZDg2uQJrmE0yOuLCxYT559ZPXJ4MEBjWZDRHrmxBFvm7EQF5Tz0_CTVTGjBF7ZGYyFwc91bSoyTDL0Jv6uMlTX002CZw4hXUMH2UftZYyGAQmw1HuSjEp07p4bLSX-NrLDFLWeqtvZfMLqxYObger9_jGWyDdlYKtq1tZ6rYdj4E3jDt1Z_tjhqXVGuIYxErGgPObQMU4RNBHzqbZZaJQ5yl3k2PPdq6IIB6-fE7IhwoRWRWYWaUq_bbxt0Znpvy01MyU5LDPmYZgug5b16gZ79rc-Qlbd69fiIm201ohSizDHpFmkSnUgYy6-RrQEz9btmsL2FUoHiyZ3xUMFMObvayg2jCulHnRC4B8uVbiEptMLaEgG3N_fPIL5i3XNcoXMxEnRAwfNtR1yhufHhE2bKhzpmpTSfNOVsLO7Qn_K5hXCNGEEPR8H4c6-U9-eLOVn80J2xuBXjn6-P5QWYp_PgSKT6WZynITJ_CPdP9-T1wNl1d2sBimTPyCobdzLiyjkJtWTS4HGKcqtdrVUSjm8z3b5xjQz5bcVyrBG_Nt9Vc3yz1oDEHvKnQqOx797lTiUi5aLuYt56fl61Ccu3DNnnFE5EkVM4CUc-e6HtI5x4auVNYeeuTnUHI08eP5fRxv8GgwSILE9IaBasYhoyhI-0VYJSh4gkYK00A5TX43a0BpB4NTIq7ThJ0Rdq4gs-M4kW4DgJCRWIGhUlT87i_aEPKH998NCV_eEZ7UU6HkUAtTItYRWhcE4QbU1kENjc5BziVygh3b0QaJfFdqFfRScrhONGZpPkkMZvSzClIq6_iMjsPi-qFI4Wf_hapqeyExp-KHhE3-LocxzcUCUZWIDAjpLdPe_8SPKrkHMaNoST5WTxBLEH22OwtrDUlvou-_6pqY7qZDbEYxn6OQApcHLZ7Bifg7f3OjtwdN_SonnSo1YygW9LSSVBLkqsxS8mMDpmFbtOKOUprAU_OvHMI2sxywppvAY9ZDQAUZMJ-QpCUYVC6WpltHd9LuXSrlA_MzREzBT-n5AKn31B8PXvOu46WmxFGvstjxSxb2K04xkjKvjHnxz1NGBzO2H3OfhlT_htj9B2KnK6Q-JaF_vHxrbTqZYZ1rry8asJVujIM0L0LExWpKn-UkizNX28WRhtzFB5meWYhZaw9yRJrHopKyNytlxeYnfm9uQ7oIVxnKXbZqcoURChLEXJ7Sy66VVzntMjWGRtqpQ4e8iglintcp2eqhExSP3gi2kTKvSWivXQ8cU2kl_OenYIqNy4kjrxbRRNzZsVoKivnORCxKuPy7yxML2dvbk3d8dFPjNh--Y0fb45WYDgROrbiuSwYU92ZGLV3BFBykRtIotftYzdh-RD9whTkgFLtT1NuTdlXY3R2uf1DefDVRyyaaPlNRDixJ3Pddb1-vobmdNgkbfBBJq4qQZxcdBX8I4u9Gz2HMUyzRn-sBIyJGAcSiT857P6pGkNkhxItmA6-ygupgzwxD7wv5Dq2SeiwvPP2uLKeVEgyT6vx76Vub1CqUuDSOj1v89pwleg&cid=CAQSTgBygQiDCKqtqHFgy8FqIWtXWzDmakn57wWMvpCaaIjRp6kBArBcdgBjgatL3XkGqaQQOvglPFL2BWrrm__AfGSSXtqIlOyH70SO15-_7hgB&dv3_ver=m202301230201&rfl=https%3A%2F%2Fwww.sanook.com%2F&ds=l&xdt=1&iif=1&cor=4616080017104061000&adk=2975593758&idt=546&cac=0&dtd=3

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.161 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f1.1e100.net

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://7b396d131b51a631f1f56b13a95d7996.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Jun 2023 13:52:35 GMT
content-encoding: br
x-content-type-options: nosniff
age: 54651
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13692
x-xss-protection: 0
last-modified: Sun, 25 Jun 2023 02:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 26 Jun 2024 13:52:35 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 0642 41 KB
13 KB 168ms
167ms Script
text/javascript 142.250.186.161
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DsAFkv1fMZwho3Sk_tnQKTbBKhge7Bo5VNif5ELegIWSSWeuvhP3PHlTKFbfZAxa7AaJn4eyBjf55M4qfRlCYNF86abS_jqf2rnImOHyKSmIptQxPMluM3KSPqrRkvxvo9hcXlnb95Mj4CEZmsVxOPUNTbKwjuY_yv9I0x_PqrGUzuoV8&cry=1&dbm_d=AKAmf-DGu9yh_mPYWq8bTnc0UAILXCaDQgbx86YlSLUYVODBh7ayCL79XVRrD5w5MXjQy06X0-hYqMSDrNwi9OY8fZ1MMX2FIHYLjo4_F5Whnr03LvYOB2rXOAWXbcPZ1Ip1LGhhuJOoWqw75KQ92bmhrgJKUxKesddoPX-aNM7Z-88iKtx9q3suRgNddiGnxLnzH4UIEjkZUopasxCMNw_G4k6IWcEobm2NXDxgmgBxbbr_aHPOVLLENGK4PFsErtOW5qPJJlRgvDAVw15oP6iPnGWk2up31l7V_S_dxCfcUIdRzkebd7tr7xYt1KUh56U9aJggQoSF1muzNK8yZm9MfAqfNXlCvhu4asX18tA-1vkO7KMaOQtoa6c8yHrpkNexGePNUOdXsiWyDommwb_HF8SalzxWBKANAgf6Ubv6xSaIIfdRfhLtDMsrODX3ke42yvg7HCWD71r1t3iOOIO7gNNMeTSEn32zw8SQ4mpcV_DptRkRlK8hBxehLFSmdNEtt7KJKdVpVt-26_hfRnU3GMhXe4xAHQjMRu-qy6TE5GiQrM1w-q3C0psKmmSORTnZU5qCtn5ZWwF2fNfgk-1nlO9I_bXIxeRTU4b7IXIoAgDIveCsEuXxK4TdTxdLTYbrxwm_vT60MZyVLpfKfaj_ij4U3RX7lJYMACeZUugdAw7out5O5nxJ_kxR5zvuBM4h84VLW6quIruDd0pQmJ2XwJnXjsrusPBXbSJ7DkfH2fepPeso5RA_OGIT0TsmYKNHySLMpNjAUOxnxo15xUXycA4RdZ_na5dco7v6KfyOILEl-GaP47fCFwnrq-6xQRrsqE6YJu1l7fF4IzO9VsPBdye5jQA472NhpF3wBsItM5wp038LMZ3Sag_ksTz5_eGKI_mdYxrQDYb6aHt-xKxKfzRdUaMXzn0Mr95rbHwIkGwVUSAAEv6pqe-ZALpqLK5UJnET5jnNqFskBY_xIdYvTOq-5oIj5TrD9QeUt6pFS5IKksMFToGNiXGoRVhN22F20uBCjFnwkF_XU7_AZHtRmZbt6D1vU4U-IYSzWP74tNhoEiA15_S013vKhvF0lJTnuUgSVHbiAL7y7hW5HLZtqX0Er-8M2QDpl8S_r_vfCNYJ_JyC0pKbwdCFie7F6hfzMFb5rc3ojOSJ8vKr9jwetW_sqB5Q4orwTkEvuKobD9zaWun4ukh4YjGcrnuMK2NsfRaCZQL1LvVtRorC4OErmTQ5ZALBCx_8M4wwU-UmAFjBEus8HtaLWILtJidRwABelXvkD_kx773HCoIqn29hDOWBUMtrsF5x6DbVkJ-JcFddwUS9fiDaxkU520f9mwK7A1PFd4ZEMTnReLjkD3UNMBX7gYKRNP7HAezDfp3wNEegu4ow12GuZ6kqVOcdV-bfWv_QVO6h2mz5r3G8NGC7Bg9bhsvVDJptZJRFvfxUNlckIR952dF8OMm1k_lMnL5xeIBTEkFeTxcV0YULx0yXiZqTMnv5LwO5KMmfC5VWlxHN51hSrx9bL89aWi34KqbxSyfcOH-SoaqNNRov-Jdh6bFwwLtNan8vaGrrf0nib7XBuEvzPDDH0K12kmg0nO-McuYYhQN1PEmmc4-N6buMbIgEJFnLjNikau9C2EJShqhfjB3orJr6AC6T02tFBwvfUG3dqjYf6E8c02_kPjRCMtVR1W2xWIOd9EBTd9KWJMw9u38qBZYqX-oEZi8dd74qM62FQjwy3FLJ_lOcIqi2USjEj0TK3yALRkwXglmvGczMQ4ETN9RPrM-bfJ5kIxD4z6dna8S_yJwHFQzPMkeeHRps0G-bVYSZDW3cmDvXjB7bkxe_X-uv_tC6kxHdfbYCXU4A99h_g9AUsK6SEWJhkCJbMczVdB_Bacjhdj-RD3Q1_tYu0p6rREfBLnn9p2SLtIXzXGkeDfbLO58VXrvD89HrgL2TfWzJK1U7PRdSDLAYR0DR6l1DkK0ep_0xLKXCkLhOB67IF_2AQFyBpr7ivtBcOSSLmAfTQ0LOqrUE_dlHWyU-C6Et9j3iwPSUCMqjWWwpi6ipReoJFY4gyPZAWEANDg_ibqaW2cMjr5mPCFyqWsLtwQBgs_r9tvXISEE_3DjIvfzFu5_pvZreccYj7MSsaGVNH2nuuF2CGnBKwX3nYQ7MGXZxGhCIc5w2wtTkoV-w0teQGAW_vGd0cH5r-nd8RJHdN2YiK8ouGpk-sLYWFe8QNpQacJfyMiuBDwAKSpobjAvTx3fnDNGxEICMeefLOq2M4G1Zv1lUjrBb-gkDvEwbULH6NNklsZHEKPCD33UdslpZ1x1sass95B4AdDFpIIn6TCZ6373gaOllAWYw7a9ei3RyePsxymztzB7WtX3OuJQAvD7mXhmpPA5AdKMLE6WlZIYuw7ZcBm5-vXNiARFANoeg9opdZhESNQRNPpXViuHFyd7sDRPR5F4MS7uFnmYMD9iMxEvUTqTfPEhYrBacuewZpM_Gslfije9ljr5s-UaOqZ4hqbZql3MStT007DnNX0QSMF21wdAA0JNDLki8PZS92MQpzRP9k3_nYN-rLoJxFgKSmpPp7NkqMFK_JO9tIzsg5Qcxf9GCib-gacEcvk-cr1xeCfZ-vcQxniaLxeeBcVo4_qMeVJW7SQqa9r-zHQJRdvIh-DHTZmhZFv5SU9as-h7ny58y1ODWbXwJmGomxs2oZXcvPm5EvYqSMIJakP7MugNrq9p8g6XLluR15Wc1UMkZJL2ZDaT-1eBbaUUjMheu1I8GUNdLr-s7wGGdPW1Qfh0fwQKZ_ReeOKesr5BQIyMg3Bs4buUtZt-7u5a1DvionBsjTpne5-EEM2fRvPhlWmjCXIJ2lu2cg5rWIV53wZ3rUwt3HUwsn_eKTHqM3EoPEMO2gOY5KiwbybMyi3_PMuhYnUczd5sTweax3idtVbswr40VqNuyWNdHhRFv_T_uOP2KooozSNyeXOo2jEYFy7LZ80QU-e8XLyIrMl3qxkmddN8Zi1b6QgKiy8h0L6QgIMh3RQ_7R5EnqTcddiSHHom64_T7dIJ1vt42XSlz1ZXcm3R8KD7yRuDC60p-yRDFd4cxy6ph3OTkSTax9XrR4iRBMClp5GzimVkv-stC1-kn2c0rACxYp4sWRI_p7FCxwWbxWcYxcEDRabmWRBPv-AZvZsE6b5LjWHxzgzeb1S6EQUt20Ca59FC49a_WyLGEo1oGvTL-gLgmdkGoVXululfXtoiAVtfDaEWSooUyex3JiH4LLXkXvZn-TZaF8-vtGo6t39uDCO5ApWGmfNs54zJG18Qe8bMriTmNUruH4HML5TCkF7nuYqgD011uCCvsf44OvRLPLjbdAdyiSb9BVsNwIG3KSosFbuiFQEo_60tbr2VwZPcijDFl6aEQrnhx8oLY8hbaDPWnvGa3fX-UjFU6-IHD9nQ5AYU9gcfBKmpeAgvxymWxDGFC_0Y1dJ0x7kmfbKJOCWc041fFnrGIoTVz6o1NBKTm4WHxgUm2A4EuvlYxxx-8OjVanbZrRmh0QkVhgD0YrCVOURRG983ukerCks1JB_JnAXA6-rwviHVmxgB04elCVxpMLI7qhROokw9xvx_auBzVHdQaatWjPhfogKfrlWGLbr1ZjczHOIDV_3kufHjBctAzsP1iztFgk0QdG3vRh5fGcjM8E0GNWyzvK0h586_SfVZfdcdrBpjBIGU-mbQjEa8-4eXhpCQww7fxe0YUlaxo27aS8lgAN6YCRiUvNizYm3ggu9uvFKG9P_1qsCr--wEyi_jegIi4-cLB9qx4dINuEZ6oJuVL6w9VuoGkTVvLe_rajyH89eLl8ZQfPM-h0BPBKlhdVb8RXYEWfh9HQCGrY8H13HYv8Fc-n01UK8KepZ_1zhT4q9v9wmVilZsRmB93O8fm9pEJgNMMTadgBePUTKb7u0mxcWZm5sKMDpojtopljg1FlZvDPQqx341klA07Fo4w6cQ9B6AGoCj4UI7RnHRqhiiHe66KXhoSgn13uOYQ3Lhl8ddzSUbfSKX9olCpk052vBMW0RkIkTI-5UG3d7whaQAGnTg0GWOGq-tpT3CQxV3ztYWoHXSlwG_hcCj6WxxsGeq3c5xHPEmPrecpFNPiE4DuEdb2OO0qm9b0oWJ1nwrc-ir1GXjsS9VORmZKMqI-VAz1bIXV-LsxIOpTxVkYpmYTffuhyeQZDcZIKlKrefVDr7c8Fhd3AmWI1cGNwG256HmAC37fmudJlDyU7d7OdmA1ZUtIzMjCdVziLKQXc3Rh9qbpGFO2EeQwb3HKU8o7&cid=CAQSTgBygQiDsHxQLQvw4GugA-9FUZrLnPzpimeUKI6a7qdfzx2LeSXgfko2yCrSYZVzYoqtU1XZuPXs4EKP5vMgw27k87zdWFjKGAQX3R5IOBgB&dv3_ver=m202301230201&rfl=https%3A%2F%2Fwww.sanook.com%2F&ds=l&xdt=1&iif=1&cor=303992262618112260&adk=531095043&idt=551&cac=0&dtd=4

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.161 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f1.1e100.net

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://7b396d131b51a631f1f56b13a95d7996.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Jun 2023 13:52:35 GMT
content-encoding: br
x-content-type-options: nosniff
age: 54651
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13692
x-xss-protection: 0
last-modified: Sun, 25 Jun 2023 02:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 26 Jun 2024 13:52:35 GMT

POST
H2 200 wl Show response
t.pubmatic.com/ 17 B
93 B 1174ms
197ms XHR
text/plain 185.64.189.226
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://t.pubmatic.com/wl?pubid=155976
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/women/220941/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.226 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: 0d111d61901004eafd87c672f12f6cd54b3c376513aa672bf58100506dfe76f5

Request headers

Referer: https://www.sanook.com/
accept-language: ka-GE,ka;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Wed, 28 Jun 2023 05:03:27 GMT
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://www.sanook.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 17
expires: 0

POST
H2 200 wl Show response
t.pubmatic.com/ 17 B
93 B 1179ms
203ms XHR
text/plain 185.64.189.226
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://t.pubmatic.com/wl?pubid=155976
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/women/220941/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.226 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: 0d111d61901004eafd87c672f12f6cd54b3c376513aa672bf58100506dfe76f5

Request headers

Referer: https://www.sanook.com/
accept-language: ka-GE,ka;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Wed, 28 Jun 2023 05:03:27 GMT
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://www.sanook.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 17
expires: 0

GET
H2 200 / Show response
pips.taboola.com/ 4 B
121 B 124ms
122ms XHR
text/plain 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://pips.taboola.com/
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/women/220941/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Varnish /
Resource Hash: fb329000228cc5a24c264c57139de8bf854fc86fc18bf1c04ab61a2b5cb4b921

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-served-by: cache-sof1510021-SOF
date: Wed, 28 Jun 2023 05:03:26 GMT
via: 1.1 varnish
server: Varnish
access-control-allow-methods: GET
x-cache: HIT
access-control-allow-origin: https://www.sanook.com
cache-control: no-store
accept-ranges: bytes
content-length: 4
retry-after: 0
x-cache-hits: 0

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame C0E5 0
0 169ms
168ms Fetch
image/gif 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstV3WBjI34_WSA1k3wiuIG7mi5emQYfseuMJvvEUkMXUVyAXnx1DIjRAkHHe6U0yOltsSTp3EJQ-WJ2cXIW5VV3WgzgCimqjPcxxRjMBIijmctAMEwEzXimGALMeZ4WrLU15PcCZlLG_oRX32zIxK34ahOY60V8R9Ys4G_2mH9P6Y5_-XScZPJdev8_Mw3xwOoH8ibLpZSqCJVm63cy2-IhhAArH5S0o9Z3KZsuPj5UxUYr6_paMmHZBJZjsVTuj0ZiQaFcq2csb8w6ZsFmtv0wXSdX17oqSjNt0kdlbBf4doMjw6MdCSphKVPQ1NYFZj-WIX81GF6Db4ivRvBy&sai=AMfl-YS1LzWqW_vSwbYfVPFLaJWHwdST5270GyB49c0qGec90z32XmP2Z3fJigm_98BoNBA-qEZg3xglD1KXkYme-H1JFqk_hWvEHdrfCbCnPExPZK1YGAymSECWQ4ib5vk&sig=Cg0ArKJSzLHBZ4Z_TbsjEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 05:03:26 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Wed, 28 Jun 2023 05:03:26 GMT

GET
H2 200 html5.js Show response
dsp.adviad.com/v1/ Frame 7A4B 14 KB
4 KB 271ms
139ms Script
application/javascript 104.21.234.8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://dsp.adviad.com/v1/html5.js?v=2023.06.28
Requested by: Host: 7b396d131b51a631f1f56b13a95d7996.safeframe.googlesyndication.com
URL: https://7b396d131b51a631f1f56b13a95d7996.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.234.8 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 15fac2fdbb8af0c07f9f4ad320112b4e93508afb4e9d53ea474cf400f20b7734

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://7b396d131b51a631f1f56b13a95d7996.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 05:03:26 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 31 May 2023 14:11:07 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 3794
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qjU5sCmclTk9Kr%2Bt72Od4dBUV%2FiQ3%2FmLCqwF7yfwQLZ69doPui9d6vHhs1fYkAsrYAKps0ncI2v5ZdK8gxeRfIL%2BQPxFrkCxm3o4JmsNnVMZ%2B0VdihtEdf%2F%2BG1CELpQhRA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=1800
cf-ray: 7de3621e6e792bcf-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 5DFA 1 KB
643 B 132ms
131ms Document
text/html 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: 7b396d131b51a631f1f56b13a95d7996.safeframe.googlesyndication.com
URL: https://7b396d131b51a631f1f56b13a95d7996.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://7b396d131b51a631f1f56b13a95d7996.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: ka-GE,ka;q=0.9

Response headers

age: 50344
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 27 Jun 2023 15:04:22 GMT
etag: 48472445140208031
expires: Wed, 28 Jun 2023 15:04:22 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 7A4B 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 802e46397eb62312956c4d3774d57e7a6ce4d6327d5bba368b785446aa8135c4

Request headers

accept-language: ka-GE,ka;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 html5.js Show response
dsp.adviad.com/v1/ Frame 0642 14 KB
4 KB 251ms
145ms Script
application/javascript 104.21.234.8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://dsp.adviad.com/v1/html5.js?v=2023.06.28
Requested by: Host: 7b396d131b51a631f1f56b13a95d7996.safeframe.googlesyndication.com
URL: https://7b396d131b51a631f1f56b13a95d7996.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.234.8 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 15fac2fdbb8af0c07f9f4ad320112b4e93508afb4e9d53ea474cf400f20b7734

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://7b396d131b51a631f1f56b13a95d7996.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 05:03:26 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 31 May 2023 14:11:07 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 3794
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RvbbQ2AbgiMV75XWlUm6pM%2FhQPiBhslHtDiPFKztCd5D3zZCvBTBAQjNMdW9mh1vM%2FMx6Lwxfx0Ga0PlZp5xXBFHyUtGuwbNV1Ml6Y%2Flof2rk83O8ORZYuMShfQibLHYpg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=1800
cf-ray: 7de3621e6e7a2bcf-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 2B21 1 KB
643 B 132ms
132ms Document
text/html 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: 7b396d131b51a631f1f56b13a95d7996.safeframe.googlesyndication.com
URL: https://7b396d131b51a631f1f56b13a95d7996.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://7b396d131b51a631f1f56b13a95d7996.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: ka-GE,ka;q=0.9

Response headers

age: 50344
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 27 Jun 2023 15:04:22 GMT
etag: 48472445140208031
expires: Wed, 28 Jun 2023 15:04:22 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 0642 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 86c7f6fa0f971de2762b826418bc12223047820b2d27d34d066c96084079914f

Request headers

accept-language: ka-GE,ka;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H2

200

rtb-h
sync-t1.taboola.com/sg/bidswitch-network/1/ Frame FC80
Redirect Chain

https://x.bidswitch.net/sync?gdpr=0&us_privacy=1---&ssp=taboola
https://rtb.mfadsrvr.com/sync?ssp=bidswitch&bidswitch_ssp_id=taboola&bsw_user_id=da905178-8959-4a60-8e7c-b68c63e97565&gdpr=0&gdpr_consent=&us_privacy=1---
https://rtb.mfadsrvr.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=taboola&bsw_user_id=da905178-8959-4a60-8e7c-b68c63e97565&gdpr=0&gdpr_consent=&us_privacy=1---
https://x.bidswitch.net/sync?dsp_id=250&expires=14&user_id=54fe82f7-829a-48e9-86d9-b0203c7762b3&ssp=taboola&gdpr=0&us_privacy=1---
https://sync-t1.taboola.com/sg/bidswitch-network/1/rtb-h?taboola_hm=da905178-8959-4a60-8e7c-b68c63e97565&gdpr=0&gdpr_consent=&gdpr_pd=&us_privacy=1---

0
230 B

155ms
155ms

Image
text/plain

141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync-t1.taboola.com/sg/bidswitch-network/1/rtb-h?taboola_hm=da905178-8959-4a60-8e7c-b68c63e97565&gdpr=0&gdpr_consent=&gdpr_pd=&us_privacy=1---
Requested by: Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V8GoQCLAbM_EDMOI-yeBGY-YGYcR5l8SoAAABgYED8AAlZlhOHx-Zwq5Yz11q0HC7cwtVy41YMFxaLbeLZTVajISAhy3Li8NgcbtVy5lqLlsOFW7habtyK4cJisU08u8lqNAUfxnKZDGqBhGX2-w4KyunpMbsMoqLrbbE7nGbPG5Cg6XT4XPd63e931zzsfr_XrvG7_bq_22X3SyaD5WixlwMAAACAB_____8QAAAAACIAAAAASAAAAACgEFDh34LABQAAAAAM_____xoAnjgc0MVpdnqe_gAAAAAAAgAAAIAEAEHHWgkAC6yqE___________MQboM29k_P___98w6AHw4APgQQgAAIDHEISc4s36AvJ3IgWbRRgBAAAA2Hp3rj0ySSeoWFT5___vtwJwBQAgIBFA7G8ji-6gxFsYAAAAgTEL9LD4_WaHXeN3u8z_________v5n_M_9ohEyEH9MIzUSxq_kFBABY8wsIAMBG3QAAvAmAE3QIWjEYrM5ArlazAwAAAHDn____Xw_IeJyT5XAyHIwsq8XMNvIYdqvlZrFYjGYTy8jl2x5DJtxNjnbe2z4hwjL7fQcF5fT0mF0GUdH1ttgdTrPnID5oGJaTQTQ_E7YYrSaTzXI4Wy4mg-FoOBrtjwAuB2giBsvlZLKY7Faj1Wgz3I1mgwUSiMEEUbRoMFmNRpPFZLgaTVaz5WK32yCKVq1mo81guJpNZrvdajgYLkcjNGGL0Woy2SyHs-ViMhiOhqPREMHMxrJcbJaztW4wGblFG5tnrfBMZm7VcDNbDFarwWy3WYteH9PFuRqNlgsvEgzw2IvkaZFOVDbPcLgybUyb5cS42lgmu81mMlzYhpOFxTMyDiZiieZkkU5kl33H45wsh5PhYGRZLWa2kcewWy03i8ViNJtYRi7fvrOxLBeb5WytG0xGbtHG5lkrPJOZWzXczBaD1Wow223WotfHdHGuRqPlwt-YDXfLyXA2mOwbs-FuORnOBpN9h87wXX3ORs_lYO7IvOHS2We0OQ0Kl8HinapX32hndhD9pkWnTKZWFnRGv9_v9_v9fr_f7zdoPQezQeF7Hv7C6WN5Loez0YPYoFDEEsFFOtE87H6_1yKWKE0X6USv-7tddr9kMliOFhOxRHC6SCeil_F0Uf-RQy7mks1yLhnM5orhYpUAAAAAAAAAACzBJNNNAAAAAJwMZLac7VbrdBCj2Wg0WC0XwANcgC5gEAAAAAAAgF3NiNxuaXxSW8Uae8xgHna_32tlABCC2cw2-4wg1mq1rAEAAAhgAwAACOCmG28CVKG4_____3EAAABk5NADAAAQ3wcE9MSFUi_8yK8gFovBaP8AVIi1Wq1uN9ZqtQA!&excid=22&docw=0&cijs=1&nlb=false
Protocol: H2
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://am-match.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 05:03:29 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 82107

Redirect headers

location: //sync-t1.taboola.com/sg/bidswitch-network/1/rtb-h?taboola_hm=da905178-8959-4a60-8e7c-b68c63e97565&gdpr=0&gdpr_consent=&gdpr_pd=&us_privacy=1---
date: Wed, 28 Jun 2023 05:03:28 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H/1.1 200
OK usync.html Show response
eus.rubiconproject.com/ Frame FBEC 281 B
554 B 671ms
145ms Document
text/html 23.37.42.132
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=0&us_privacy=1---
Requested by: Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V8GoQCLAbM_EDMOI-yeBGY-YGYcR5l8SoAAABgYED8AAlZlhOHx-Zwq5Yz11q0HC7cwtVy41YMFxaLbeLZTVajISAhy3Li8NgcbtVy5lqLlsOFW7habtyK4cJisU08u8lqNAUfxnKZDGqBhGX2-w4KyunpMbsMoqLrbbE7nGbPG5Cg6XT4XPd63e931zzsfr_XrvG7_bq_22X3SyaD5WixlwMAAACAB_____8QAAAAACIAAAAASAAAAACgEFDh34LABQAAAAAM_____xoAnjgc0MVpdnqe_gAAAAAAAgAAAIAEAEHHWgkAC6yqE___________MQboM29k_P___98w6AHw4APgQQgAAIDHEISc4s36AvJ3IgWbRRgBAAAA2Hp3rj0ySSeoWFT5___vtwJwBQAgIBFA7G8ji-6gxFsYAAAAgTEL9LD4_WaHXeN3u8z_________v5n_M_9ohEyEH9MIzUSxq_kFBABY8wsIAMBG3QAAvAmAE3QIWjEYrM5ArlazAwAAAHDn____Xw_IeJyT5XAyHIwsq8XMNvIYdqvlZrFYjGYTy8jl2x5DJtxNjnbe2z4hwjL7fQcF5fT0mF0GUdH1ttgdTrPnID5oGJaTQTQ_E7YYrSaTzXI4Wy4mg-FoOBrtjwAuB2giBsvlZLKY7Faj1Wgz3I1mgwUSiMEEUbRoMFmNRpPFZLgaTVaz5WK32yCKVq1mo81guJpNZrvdajgYLkcjNGGL0Woy2SyHs-ViMhiOhqPREMHMxrJcbJaztW4wGblFG5tnrfBMZm7VcDNbDFarwWy3WYteH9PFuRqNlgsvEgzw2IvkaZFOVDbPcLgybUyb5cS42lgmu81mMlzYhpOFxTMyDiZiieZkkU5kl33H45wsh5PhYGRZLWa2kcewWy03i8ViNJtYRi7fvrOxLBeb5WytG0xGbtHG5lkrPJOZWzXczBaD1Wow223WotfHdHGuRqPlwt-YDXfLyXA2mOwbs-FuORnOBpN9h87wXX3ORs_lYO7IvOHS2We0OQ0Kl8HinapX32hndhD9pkWnTKZWFnRGv9_v9_v9fr_f7zdoPQezQeF7Hv7C6WN5Loez0YPYoFDEEsFFOtE87H6_1yKWKE0X6USv-7tddr9kMliOFhOxRHC6SCeil_F0Uf-RQy7mks1yLhnM5orhYpUAAAAAAAAAACzBJNNNAAAAAJwMZLac7VbrdBCj2Wg0WC0XwANcgC5gEAAAAAAAgF3NiNxuaXxSW8Uae8xgHna_32tlABCC2cw2-4wg1mq1rAEAAAhgAwAACOCmG28CVKG4_____3EAAABk5NADAAAQ3wcE9MSFUi_8yK8gFovBaP8AVIi1Wq1uN9ZqtQA!&excid=22&docw=0&cijs=1&nlb=false
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.37.42.132 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-37-42-132.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://am-match.taboola.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: ka-GE,ka;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Wed, 28 Jun 2023 05:03:27 GMT
ETag: "403b9-119-5ec73a0a33d00"
Last-Modified: Wed, 02 Nov 2022 02:30:44 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

GET
H2

200

/ Show response
sync-t1.taboola.com/sg/openxrtb-network/1/rtb-h/ Frame 6961
Redirect Chain

https://us-u.openx.net/w/1.0/cm?gdpr=0&us_privacy=1---&id=37f45540-fa88-4005-bf73-8a7ac39467e3&r=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fopenxrtb-network%2F1%2Frtb-h%2F%3Fgdpr%3D0%26us_privacy%3D1...
https://sync-t1.taboola.com/sg/openxrtb-network/1/rtb-h/?gdpr=0&us_privacy=1---&orig=video&taboola_hm=ab1f2b77-c980-427a-97d6-d6b81afcceed

0
230 B

150ms
150ms

Document
text/plain

141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://sync-t1.taboola.com/sg/openxrtb-network/1/rtb-h/?gdpr=0&us_privacy=1---&orig=video&taboola_hm=ab1f2b77-c980-427a-97d6-d6b81afcceed
Requested by: Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V8GoQCLAbM_EDMOI-yeBGY-YGYcR5l8SoAAABgYED8AAlZlhOHx-Zwq5Yz11q0HC7cwtVy41YMFxaLbeLZTVajISAhy3Li8NgcbtVy5lqLlsOFW7habtyK4cJisU08u8lqNAUfxnKZDGqBhGX2-w4KyunpMbsMoqLrbbE7nGbPG5Cg6XT4XPd63e931zzsfr_XrvG7_bq_22X3SyaD5WixlwMAAACAB_____8QAAAAACIAAAAASAAAAACgEFDh34LABQAAAAAM_____xoAnjgc0MVpdnqe_gAAAAAAAgAAAIAEAEHHWgkAC6yqE___________MQboM29k_P___98w6AHw4APgQQgAAIDHEISc4s36AvJ3IgWbRRgBAAAA2Hp3rj0ySSeoWFT5___vtwJwBQAgIBFA7G8ji-6gxFsYAAAAgTEL9LD4_WaHXeN3u8z_________v5n_M_9ohEyEH9MIzUSxq_kFBABY8wsIAMBG3QAAvAmAE3QIWjEYrM5ArlazAwAAAHDn____Xw_IeJyT5XAyHIwsq8XMNvIYdqvlZrFYjGYTy8jl2x5DJtxNjnbe2z4hwjL7fQcF5fT0mF0GUdH1ttgdTrPnID5oGJaTQTQ_E7YYrSaTzXI4Wy4mg-FoOBrtjwAuB2giBsvlZLKY7Faj1Wgz3I1mgwUSiMEEUbRoMFmNRpPFZLgaTVaz5WK32yCKVq1mo81guJpNZrvdajgYLkcjNGGL0Woy2SyHs-ViMhiOhqPREMHMxrJcbJaztW4wGblFG5tnrfBMZm7VcDNbDFarwWy3WYteH9PFuRqNlgsvEgzw2IvkaZFOVDbPcLgybUyb5cS42lgmu81mMlzYhpOFxTMyDiZiieZkkU5kl33H45wsh5PhYGRZLWa2kcewWy03i8ViNJtYRi7fvrOxLBeb5WytG0xGbtHG5lkrPJOZWzXczBaD1Wow223WotfHdHGuRqPlwt-YDXfLyXA2mOwbs-FuORnOBpN9h87wXX3ORs_lYO7IvOHS2We0OQ0Kl8HinapX32hndhD9pkWnTKZWFnRGv9_v9_v9fr_f7zdoPQezQeF7Hv7C6WN5Loez0YPYoFDEEsFFOtE87H6_1yKWKE0X6USv-7tddr9kMliOFhOxRHC6SCeil_F0Uf-RQy7mks1yLhnM5orhYpUAAAAAAAAAACzBJNNNAAAAAJwMZLac7VbrdBCj2Wg0WC0XwANcgC5gEAAAAAAAgF3NiNxuaXxSW8Uae8xgHna_32tlABCC2cw2-4wg1mq1rAEAAAhgAwAACOCmG28CVKG4_____3EAAABk5NADAAAQ3wcE9MSFUi_8yK8gFovBaP8AVIi1Wq1uN9ZqtQA!&excid=22&docw=0&cijs=1&nlb=false
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://am-match.taboola.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: ka-GE,ka;q=0.9

Response headers

access-control-allow-credentials: true
date: Wed, 28 Jun 2023 05:03:27 GMT
server: nginx
x-fastly-to-nlb-rtt: 82112

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: gzip
content-length: 0
content-type: text/html
date: Wed, 28 Jun 2023 05:03:27 GMT
location: https://sync-t1.taboola.com/sg/openxrtb-network/1/rtb-h/?gdpr=0&us_privacy=1---&orig=video&taboola_hm=ab1f2b77-c980-427a-97d6-d6b81afcceed
p3p: CP="CUR ADM OUR NOR STA NID"
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
via: 1.1 google

GET
H2 204 / Show response
cds.taboola.com/ 0
82 B 928ms
222ms XHR
text/plain 141.226.224.32
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cds.taboola.com/?uid=3c291396-702d-4cf3-a32f-583610550673-tuctb95449a&mbl=ZmFsc2U=
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/women/220941/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.224.32 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
date: Wed, 28 Jun 2023 05:03:27 GMT
cache-control: no-store
server: nginx

GET i.match
a.tribalfusion.com/ Frame 1B0D 0
0

GET google
fksnk.com/cs/ Frame 1B0D 0
0

GET
H2

200

cookiematch.aspx
dis.criteo.com/dis/rtb/google/ Frame 1B0D
Redirect Chain

https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DPUSH_DATA&...
https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_hm=k-cchr4a_0rk5yiGPqAc9r8zvk5GwL4OA4biPfCw&google_push=PUSH_DATA
https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&google_error=5

43 B
369 B

152ms
152ms

Image
image/gif

178.250.1.9
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&google_error=5

Requested by

Host: www.sanook.com
URL: https://www.sanook.com/women/220941/

Protocol

Server

178.250.1.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 28 Jun 2023 05:03:26 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 116428
timing-allow-origin: *
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 28 Jun 2023 05:03:26 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&google_error=5
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 274
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 1B0D
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEN-Wvz70I8Y0JaBzvdTX2DY&google_cver=1&googl...
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEN-Wvz70I8Y0JaBzvdTX2DY&google_hm=ZJu_HshRkwND67zR-rCKogAAFIoAAAAB&google_nid=index&google_push=ATf1kGMxD8xBH5Dw0iK3TBdaXUGZ7fGdqbMRT...

170 B
188 B

142ms
141ms

Image
image/png

142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEN-Wvz70I8Y0JaBzvdTX2DY&google_hm=ZJu_HshRkwND67zR-rCKogAAFIoAAAAB&google_nid=index&google_push=ATf1kGMxD8xBH5Dw0iK3TBdaXUGZ7fGdqbMRTmCyOHNfEX8JYsL255icEKQx9TW_BYebBlUAFV825mB3avGFAnMXtjdgFfGCef4

Requested by

Host: www.sanook.com
URL: https://www.sanook.com/women/220941/

Protocol

Server

142.250.74.194 Staten Island, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 28 Jun 2023 05:03:34 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 28 Jun 2023 05:03:34 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEN-Wvz70I8Y0JaBzvdTX2DY&google_hm=ZJu_HshRkwND67zR-rCKogAAFIoAAAAB&google_nid=index&google_push=ATf1kGMxD8xBH5Dw0iK3TBdaXUGZ7fGdqbMRTmCyOHNfEX8JYsL255icEKQx9TW_BYebBlUAFV825mB3avGFAnMXtjdgFfGCef4
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=500
Content-Length: 0
Expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 1B0D
Redirect Chain

https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEBPJuZzO3UKncI_IFmY2_G4&google_cver=1&google_push=ATf1kGPkxe6mGyIGsGKpjQbf_sh6QofDCnIqyCisFCOy5wyFGrlbt6o1oddgGUBpH9gzIrBU-3-ScYQJX_PnL7mJu...
https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEBPJuZzO3UKncI_IFmY2_G4&google_cver=1&google_push=ATf1kGPkxe6mGyIGsGKpjQbf_sh6QofDCnIqyCisFCOy5wyFGrlbt6o1oddgGUBpH9gzIrBU-3-ScYQJX_PnL7mJu...
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=ATf1kGPkxe6mGyIGsGKpjQbf_sh6QofDCnIqyCisFCOy5wyFGrlbt6o1oddgGUBpH9gzIrBU-3-ScYQJX_PnL7mJuoFSLtCOV80&google_hm=G47vKGZHoca7oem-QF2XJZ-F

170 B
188 B

141ms
139ms

Image
image/png

142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=ATf1kGPkxe6mGyIGsGKpjQbf_sh6QofDCnIqyCisFCOy5wyFGrlbt6o1oddgGUBpH9gzIrBU-3-ScYQJX_PnL7mJuoFSLtCOV80&google_hm=G47vKGZHoca7oem-QF2XJZ-F

Requested by

Host: www.sanook.com
URL: https://www.sanook.com/women/220941/

Protocol

Server

142.250.74.194 Staten Island, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 28 Jun 2023 05:03:29 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Wed, 28 Jun 2023 05:03:28 GMT
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Location: https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=ATf1kGPkxe6mGyIGsGKpjQbf_sh6QofDCnIqyCisFCOy5wyFGrlbt6o1oddgGUBpH9gzIrBU-3-ScYQJX_PnL7mJuoFSLtCOV80&google_hm=G47vKGZHoca7oem-QF2XJZ-F
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap2sea1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 1B0D
Redirect Chain

https://sync.inmobi.com/gob?google_gid=CAESEFVyuJY76B3goxKtlc6lO-w&google_cver=1&google_push=ATf1kGP-s_-AFfjSHulEeHiLLmbiZZyFLNApjak2SGY8aAQ9of0XTg7Wf0Xit-0BiuIuWU4qotb_vi3vTiZ1AsLv5Xx_GfILRAul
https://id5-sync.com/i/495/0.gif?gdpr_consent=&gdpr=&callback=https%3A%2F%2Fsync.inmobi.com%2FgobRedirectFromId5%3Fid%3D%7BID5UID%7D%26google_push%3DATf1kGP-s_-AFfjSHulEeHiLLmbiZZyFLNApjak2SGY8aAQ9...
https://id5-sync.com/c/495/0/0/1.gif?gdpr=0&gdpr_consent=&us_privacy=
https://sync.inmobi.com/gobRedirectFromId5?id=ID5-c9eaRG2HIFb_vMBPmNDz_fi5ONP2kEcm0Tp00OBseQ&google_push=ATf1kGP-s_-AFfjSHulEeHiLLmbiZZyFLNApjak2SGY8aAQ9of0XTg7Wf0Xit-0BiuIuWU4qotb_vi3vTiZ1AsLv5Xx_...
https://cm.g.doubleclick.net/pixel?google_hm=tfx-S_-2ieF2h5YqGTcM&google_push=ATf1kGP-s_-AFfjSHulEeHiLLmbiZZyFLNApjak2SGY8aAQ9of0XTg7Wf0Xit-0BiuIuWU4qotb_vi3vTiZ1AsLv5Xx_GfILRAul&google_nid=inmobi_...

170 B
188 B

140ms
140ms

Image
image/png

142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_hm=tfx-S_-2ieF2h5YqGTcM&google_push=ATf1kGP-s_-AFfjSHulEeHiLLmbiZZyFLNApjak2SGY8aAQ9of0XTg7Wf0Xit-0BiuIuWU4qotb_vi3vTiZ1AsLv5Xx_GfILRAul&google_nid=inmobi_new_eb

Requested by

Host: www.sanook.com
URL: https://www.sanook.com/women/220941/

Protocol

Server

142.250.74.194 Staten Island, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 28 Jun 2023 05:03:30 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Wed, 28 Jun 2023 05:03:29 GMT
content-security-policy: default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; includeSubDomains
x-permitted-cross-domain-policies: none
referrer-policy: no-referrer
expect-ct: max-age=0
x-dns-prefetch-control: off
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=utf-8
location: https://cm.g.doubleclick.net/pixel?google_hm=tfx-S_-2ieF2h5YqGTcM&google_push=ATf1kGP-s_-AFfjSHulEeHiLLmbiZZyFLNApjak2SGY8aAQ9of0XTg7Wf0Xit-0BiuIuWU4qotb_vi3vTiZ1AsLv5Xx_GfILRAul&google_nid=inmobi_new_eb
x-download-options: noopen
vary: Accept
content-length: 225
x-xss-protection: 0

GET
H2

200

report
sync.teads.tv/um/ Frame 1B0D
Redirect Chain

https://sync.teads.tv/um?ssb_provider_id=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEJeq6EEtL6dN...
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=ZTE1YzBlZTctNjU4MC00Mzk5LTlmN2YtZTM2NDBiZWYwMmU0&google_push=ATf1kGN1LylHjwKWDiYwcj-7qjAJtJlW-lfMKzumrWsYo2PlW0DLcFcKomyT9duOo5Mvy...
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab

23 B
163 B

167ms
167ms

Image
image/gif

104.75.89.75
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/women/220941/
Protocol: H2
Server: 104.75.89.75 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-75-89-75.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.10 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

expires: Wed, 28 Jun 2023 05:03:29 GMT
pragma: no-cache
date: Wed, 28 Jun 2023 05:03:29 GMT
cache-control: max-age=0, no-cache, no-store
server: akka-http/10.2.10
content-length: 23
content-type: image/gif

Redirect headers

pragma: no-cache
date: Wed, 28 Jun 2023 05:03:28 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 260
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 1B0D 0
12 B 139ms
138ms Image
text/html 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LyK6thYROx29ISplHujKIKVb3ixK0aFxR3UGsesTEP4OG33gRY_AhosURYtxpLU1aon4c_WcM

Requested by

Host: 7b396d131b51a631f1f56b13a95d7996.safeframe.googlesyndication.com
URL: https://7b396d131b51a631f1f56b13a95d7996.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.74.194 Staten Island, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 05:03:26 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame BD09 13 KB
5 KB 131ms
130ms Document
text/html 142.250.186.161
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.161 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f1.1e100.net

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.sanook.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: ka-GE,ka;q=0.9

Response headers

accept-ranges: bytes
age: 69899
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 27 Jun 2023 09:38:27 GMT
expires: Wed, 26 Jun 2024 09:38:27 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe
www.google.com/recaptcha/api2/ Frame 104F 783 B
0 143ms
143ms Document
text/html 142.250.186.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f4.1e100.net

Software

GSE /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-w_YnmtiTgU5QrknTOGYJ1A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.sanook.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: ka-GE,ka;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 512
content-security-policy: script-src 'report-sample' 'nonce-w_YnmtiTgU5QrknTOGYJ1A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 28 Jun 2023 05:03:26 GMT
expires: Wed, 28 Jun 2023 05:03:26 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 608B 22 KB
8 KB 131ms
131ms Document
text/html 142.250.186.161
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.161 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f1.1e100.net

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://7b396d131b51a631f1f56b13a95d7996.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: ka-GE,ka;q=0.9

Response headers

accept-ranges: bytes
age: 54345
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 27 Jun 2023 13:57:41 GMT
expires: Wed, 26 Jun 2024 13:57:41 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET google
fksnk.com/cs/ Frame CFDC 0
0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame CFDC
Redirect Chain

https://ads.travelaudience.com/google_pixel?google_gid=CAESEMHJYT-1yHYj3jWg-G5TtFs&google_cver=1&google_push=ATf1kGPWuTINlczGAvOSADTAvte2E5cSXqAy-vojQ5t2LcYpVE40fa5e0XoHzoguTabvGsVKQviv2AFBpDO892gJ...
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=Uhq26dEVRQmQHYaVag6XZQ2&google_push=ATf1kGPWuTINlczGAvOSADTAvte2E5cSXqAy-vojQ5t2LcYpVE40fa5e0XoHzoguTabvGsVKQviv2AFBpDO892gJspk4vORH8-8

170 B
188 B

141ms
140ms

Image
image/png

142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=Uhq26dEVRQmQHYaVag6XZQ2&google_push=ATf1kGPWuTINlczGAvOSADTAvte2E5cSXqAy-vojQ5t2LcYpVE40fa5e0XoHzoguTabvGsVKQviv2AFBpDO892gJspk4vORH8-8

Requested by

Host: www.sanook.com
URL: https://www.sanook.com/women/220941/

Protocol

Server

142.250.74.194 Staten Island, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 28 Jun 2023 05:03:30 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Wed, 28 Jun 2023 05:03:30 GMT
via: 1.1 google
x-engine-version: 0.0.0
server: nginx/1.21.6
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR LAW CUR DEV PSA PSD IVA OUR BUS UNI COM NAV INT CNT LOC"
location: https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=Uhq26dEVRQmQHYaVag6XZQ2&google_push=ATf1kGPWuTINlczGAvOSADTAvte2E5cSXqAy-vojQ5t2LcYpVE40fa5e0XoHzoguTabvGsVKQviv2AFBpDO892gJspk4vORH8-8
x-host: tde-deliveryengine-production-7c97bc8457-rvnlw
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET gcm
a.c.appier.net/ Frame CFDC 0
0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame CFDC
Redirect Chain

https://rtb.openx.net/sync/dds?google_gid=CAESENs9Kx_VOLKWta7v-Eprn98&google_cver=1&google_push=ATf1kGNWBoJH9L3rLb-IQ1ts0WDrnhTXOQXIRBOAd6w3D2p1ZGokmc-2IRsFFZCLgtuw3wN9AAp9SUCvgR_kff3KDPCAbes--frH
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=ATf1kGNWBoJH9L3rLb-IQ1ts0WDrnhTXOQXIRBOAd6w3D2p1ZGokmc-2IRsFFZCLgtuw3wN9AAp9SUCvgR_kff3KDPCAbes--frH&google_hm=83NCaIoHygMDDJuJaJhQ4w==

170 B
188 B

140ms
140ms

Image
image/png

142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=ATf1kGNWBoJH9L3rLb-IQ1ts0WDrnhTXOQXIRBOAd6w3D2p1ZGokmc-2IRsFFZCLgtuw3wN9AAp9SUCvgR_kff3KDPCAbes--frH&google_hm=83NCaIoHygMDDJuJaJhQ4w==

Requested by

Host: www.sanook.com
URL: https://www.sanook.com/women/220941/

Protocol

Server

142.250.74.194 Staten Island, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 28 Jun 2023 05:03:34 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 28 Jun 2023 05:03:34 GMT
via: 1.1 google
content-type: text/html; charset=utf-8
location: https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=ATf1kGNWBoJH9L3rLb-IQ1ts0WDrnhTXOQXIRBOAd6w3D2p1ZGokmc-2IRsFFZCLgtuw3wN9AAp9SUCvgR_kff3KDPCAbes--frH&google_hm=83NCaIoHygMDDJuJaJhQ4w==
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 229

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame CFDC
Redirect Chain

https://match.360yield.com/match/ebda?google_gid=CAESECHM-OGmB7h8dfNyGRdX0P4&google_cver=1&google_push=ATf1kGN2kiaoWUwwILW1DHEQprIW4iIxHktZqGF6U1B3XXCHDmjVcZ2KnMlDuaHCopKlpoGf5QEt9WySbg67kt2CJ39JL9...
https://match.360yield.com/ul_cb/match/ebda?google_gid=CAESECHM-OGmB7h8dfNyGRdX0P4&google_cver=1&google_push=ATf1kGN2kiaoWUwwILW1DHEQprIW4iIxHktZqGF6U1B3XXCHDmjVcZ2KnMlDuaHCopKlpoGf5QEt9WySbg67kt2C...
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=0haToNo0TNmBjJ0D2W0ofg&google_push=ATf1kGN2kiaoWUwwILW1DHEQprIW4iIxHktZqGF6U1B3XXCHDmjVcZ2KnMlDuaHCopKlpoGf5QEt9WySbg67kt2...

170 B
188 B

143ms
140ms

Image
image/png

142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=0haToNo0TNmBjJ0D2W0ofg&google_push=ATf1kGN2kiaoWUwwILW1DHEQprIW4iIxHktZqGF6U1B3XXCHDmjVcZ2KnMlDuaHCopKlpoGf5QEt9WySbg67kt2CJ39JL9SYua8B

Requested by

Host: www.sanook.com
URL: https://www.sanook.com/women/220941/

Protocol

Server

142.250.74.194 Staten Island, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 28 Jun 2023 05:03:30 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=0haToNo0TNmBjJ0D2W0ofg&google_push=ATf1kGN2kiaoWUwwILW1DHEQprIW4iIxHktZqGF6U1B3XXCHDmjVcZ2KnMlDuaHCopKlpoGf5QEt9WySbg67kt2CJ39JL9SYua8B
access-control-allow-origin: *
date: Wed, 28 Jun 2023 05:03:30 GMT
content-type: text/plain
content-length: 0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame CFDC
Redirect Chain

https://cs.media.net/cksync?type=g&google_gid=CAESEF9KdXJpojQbNJ3ZXZWaxXI&google_cver=1&google_push=ATf1kGPrRz8m6CmnbpdA4MKahqNx__TzCS5tixudjux-hXXp1BmBIgARKzUVYvsw-8GgXAtFegT2oMZqHTAxBIjDRZnf4lgCQM7i
https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=MzMwOTMwMjE0NDI2NzcwNzAwMFYxMA%3d%3d&mn_hm=MzMwOTMwMjE0NDI2NzcwNzAwMFYxMA%3d%3d&google_sc=1&google_push=ATf1kGPrRz8m6CmnbpdA4MKahqNx__T...

170 B
188 B

141ms
141ms

Image
image/png

142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=MzMwOTMwMjE0NDI2NzcwNzAwMFYxMA%3d%3d&mn_hm=MzMwOTMwMjE0NDI2NzcwNzAwMFYxMA%3d%3d&google_sc=1&google_push=ATf1kGPrRz8m6CmnbpdA4MKahqNx__TzCS5tixudjux-hXXp1BmBIgARKzUVYvsw-8GgXAtFegT2oMZqHTAxBIjDRZnf4lgCQM7i&gdpr=&gdpr_consent=

Requested by

Host: www.sanook.com
URL: https://www.sanook.com/women/220941/

Protocol

Server

142.250.74.194 Staten Island, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 28 Jun 2023 05:03:34 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 28 Jun 2023 05:03:34 GMT
Server: Apache
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
Location: https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=MzMwOTMwMjE0NDI2NzcwNzAwMFYxMA%3d%3d&mn_hm=MzMwOTMwMjE0NDI2NzcwNzAwMFYxMA%3d%3d&google_sc=1&google_push=ATf1kGPrRz8m6CmnbpdA4MKahqNx__TzCS5tixudjux-hXXp1BmBIgARKzUVYvsw-8GgXAtFegT2oMZqHTAxBIjDRZnf4lgCQM7i&gdpr=&gdpr_consent=
Content-Type: text/html
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 154
x-mnet-hl2: E
Expires: Wed, 28 Jun 2023 05:03:34 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame CFDC
Redirect Chain

https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEA3LWyN0lS8qRh7EnQYOwe4&google_cver=1&google_push=ATf1kGMxBos3PJQfQoEHR8HcPm3apThog8hb5TGnVo7IfpwnbvtjKYxnnZI6AeqxgtMfTXa8jf...
https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS0uYXZrRFUxRTJ1SEZWNkJFZkF6S1RUUU9WUl9wYXdSTH5B&google_push=ATf1kGMxBos3PJQfQoEHR8HcPm3apThog8hb5TGnVo7IfpwnbvtjKYxnn...

170 B
188 B

141ms
140ms

Image
image/png

142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS0uYXZrRFUxRTJ1SEZWNkJFZkF6S1RUUU9WUl9wYXdSTH5B&google_push=ATf1kGMxBos3PJQfQoEHR8HcPm3apThog8hb5TGnVo7IfpwnbvtjKYxnnZI6AeqxgtMfTXa8jfdCQ89xkIneMVjG60N2wewfHtZXkA

Requested by

Host: 7b396d131b51a631f1f56b13a95d7996.safeframe.googlesyndication.com
URL: https://7b396d131b51a631f1f56b13a95d7996.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.74.194 Staten Island, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 28 Jun 2023 05:03:26 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS0uYXZrRFUxRTJ1SEZWNkJFZkF6S1RUUU9WUl9wYXdSTH5B&google_push=ATf1kGMxBos3PJQfQoEHR8HcPm3apThog8hb5TGnVo7IfpwnbvtjKYxnnZI6AeqxgtMfTXa8jfdCQ89xkIneMVjG60N2wewfHtZXkA
date: Wed, 28 Jun 2023 05:03:26 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.57
age: 0
content-length: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame CFDC 0
12 B 147ms
146ms Image
text/html 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LBhxEMtaS09WnAmFxlsD4If9aSS1UZ7MakVUyM1rmiOvRiNSfGd9ZrISyY6fk3xiZBST-0vA

Requested by

Host: 7b396d131b51a631f1f56b13a95d7996.safeframe.googlesyndication.com
URL: https://7b396d131b51a631f1f56b13a95d7996.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.74.194 Staten Island, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 05:03:26 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 68B4 22 KB
8 KB 139ms
137ms Document
text/html 142.250.186.161
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.161 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f1.1e100.net

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://7b396d131b51a631f1f56b13a95d7996.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: ka-GE,ka;q=0.9

Response headers

accept-ranges: bytes
age: 54345
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 27 Jun 2023 13:57:41 GMT
expires: Wed, 26 Jun 2024 13:57:41 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 348D 22 KB
8 KB 149ms
149ms Document
text/html 142.250.186.161
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.161 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f1.1e100.net

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://7b396d131b51a631f1f56b13a95d7996.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: ka-GE,ka;q=0.9

Response headers

accept-ranges: bytes
age: 54345
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 27 Jun 2023 13:57:41 GMT
expires: Wed, 26 Jun 2024 13:57:41 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET i.match
a.tribalfusion.com/ Frame 5DFA 0
0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 5DFA
Redirect Chain

https://match.adsrvr.org/track/cmf/google?google_gid=CAESEEWZhh8e_r67qEhNOzyiQtc&google_cver=1&google_push=ATf1kGMyNtCLAs7X5Rq-Avyjhn9652xZYEdy7dB-UHkMjKq5ZqdTsJs39jKr-WQySNYi1wzCvZv2feeiuILp6aLF9M...
https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_hm=YWZhNDRhMjgtYmUzMi00ODg0LWI3ZTItMmU4NDYwOWNlZTNi&google_push&gdpr=0&gdpr_consent=&ttd_tdid=afa44a28-be32-4884-b7e2-2e84609cee3b

170 B
188 B

140ms
139ms

Image
image/png

142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_hm=YWZhNDRhMjgtYmUzMi00ODg0LWI3ZTItMmU4NDYwOWNlZTNi&google_push&gdpr=0&gdpr_consent=&ttd_tdid=afa44a28-be32-4884-b7e2-2e84609cee3b

Requested by

Host: 7b396d131b51a631f1f56b13a95d7996.safeframe.googlesyndication.com
URL: https://7b396d131b51a631f1f56b13a95d7996.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.74.194 Staten Island, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 28 Jun 2023 05:03:26 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 28 Jun 2023 05:03:26 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_hm=YWZhNDRhMjgtYmUzMi00ODg0LWI3ZTItMmU4NDYwOWNlZTNi&google_push&gdpr=0&gdpr_consent=&ttd_tdid=afa44a28-be32-4884-b7e2-2e84609cee3b
content-type: text/html
cache-control: private,no-cache, must-revalidate
content-length: 423

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 5DFA
Redirect Chain

https://rtb.openx.net/sync/dds?google_gid=CAESENs9Kx_VOLKWta7v-Eprn98&google_cver=1&google_push=ATf1kGMZsyFf7orKw5OwvVNV8syANHvQxrwwGH3XcfD1219_XSlVzojIsPveT73ZN9zcpjNt9qNsyomT-jXx-wZkPHSEruqhNvU
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=ATf1kGMZsyFf7orKw5OwvVNV8syANHvQxrwwGH3XcfD1219_XSlVzojIsPveT73ZN9zcpjNt9qNsyomT-jXx-wZkPHSEruqhNvU&google_hm=83NCaIoHygMDDJuJaJhQ4w==

170 B
188 B

141ms
141ms

Image
image/png

142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=ATf1kGMZsyFf7orKw5OwvVNV8syANHvQxrwwGH3XcfD1219_XSlVzojIsPveT73ZN9zcpjNt9qNsyomT-jXx-wZkPHSEruqhNvU&google_hm=83NCaIoHygMDDJuJaJhQ4w==

Requested by

Host: www.sanook.com
URL: https://www.sanook.com/women/220941/

Protocol

Server

142.250.74.194 Staten Island, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 28 Jun 2023 05:03:34 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 28 Jun 2023 05:03:34 GMT
via: 1.1 google
content-type: text/html; charset=utf-8
location: https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=ATf1kGMZsyFf7orKw5OwvVNV8syANHvQxrwwGH3XcfD1219_XSlVzojIsPveT73ZN9zcpjNt9qNsyomT-jXx-wZkPHSEruqhNvU&google_hm=83NCaIoHygMDDJuJaJhQ4w==
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 228

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 5DFA
Redirect Chain

https://b1sync.zemanta.com/usersync/googleadx/?google_gid=CAESEETeUTUOg5zAFOYBwv7F5TA&google_cver=1&google_push=ATf1kGMIQylbf34xYxmb738KsJ2Y4IdrtY75IXPdWoTHVywx1OPuu9zcs-nh6ATrmoSZC-n8M41mx5dA5di4d...
https://b1sync.zemanta.com/usersync/googleadx/?google_cver=1&google_gid=CAESEETeUTUOg5zAFOYBwv7F5TA&google_push=ATf1kGMIQylbf34xYxmb738KsJ2Y4IdrtY75IXPdWoTHVywx1OPuu9zcs-nh6ATrmoSZC-n8M41mx5dA5di4d...
https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=ATf1kGMIQylbf34xYxmb738KsJ2Y4IdrtY75IXPdWoTHVywx1OPuu9zcs-nh6ATrmoSZC-n8M41mx5dA5di4d8FmYI7DsNzvn6A&google_hm=M3k5X0IzYU1jNGlhdnJrb...

170 B
188 B

182ms
182ms

Image
image/png

142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=ATf1kGMIQylbf34xYxmb738KsJ2Y4IdrtY75IXPdWoTHVywx1OPuu9zcs-nh6ATrmoSZC-n8M41mx5dA5di4d8FmYI7DsNzvn6A&google_hm=M3k5X0IzYU1jNGlhdnJrbm9fYzc=

Requested by

Host: 7b396d131b51a631f1f56b13a95d7996.safeframe.googlesyndication.com
URL: https://7b396d131b51a631f1f56b13a95d7996.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.74.194 Staten Island, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 28 Jun 2023 05:03:28 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 28 Jun 2023 05:03:28 GMT
Content-Type: text/html; charset=utf-8
Location: https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=ATf1kGMIQylbf34xYxmb738KsJ2Y4IdrtY75IXPdWoTHVywx1OPuu9zcs-nh6ATrmoSZC-n8M41mx5dA5di4d8FmYI7DsNzvn6A&google_hm=M3k5X0IzYU1jNGlhdnJrbm9fYzc=
P3p: CP="We do not support P3P header."
Cache-Control: no-cache, no-store, must-revalidate
Content-Length: 235
Expires: Thu, 01 Dec 1994 16:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 5DFA
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=QlBrtUaZQkiNweXBWkin6Q%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...

170 B
188 B

143ms
143ms

Image
image/png

142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=QlBrtUaZQkiNweXBWkin6Q%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=ATf1kGPBD02FzotrWpkhSsvao3iN5xJjs5IPim-OSRxMzrxfuwg5xRrCDHb-a4K728qW9zn8pligpfLlj5nj9SkRht-jqoiQLN4

Requested by

Host: 7b396d131b51a631f1f56b13a95d7996.safeframe.googlesyndication.com
URL: https://7b396d131b51a631f1f56b13a95d7996.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.74.194 Staten Island, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 28 Jun 2023 05:03:26 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=QlBrtUaZQkiNweXBWkin6Q%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=ATf1kGPBD02FzotrWpkhSsvao3iN5xJjs5IPim-OSRxMzrxfuwg5xRrCDHb-a4K728qW9zn8pligpfLlj5nj9SkRht-jqoiQLN4
date: Wed, 28 Jun 2023 05:03:26 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 5DFA
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEPij_7ps0vEWwEWFMPWvTCA&google_cver=1&google_push=ATf1kGMnXOHI_qbqIZL0UEZvqxlTj3BhJjZaOjUmkHlTIIIirwd8Ry_nhwSWu4jVW7wDlvn_C9_...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEpGOTNaWEctMjgtRjJJUw==&google_push=ATf1kGMnXOHI_qbqIZL0UEZvqxlTj3BhJjZaOjUmkHlTIIIirwd8Ry_nhwSWu4jVW7wDlvn_C9_BQyiWiT92f_MXNX1IyNwGuoQ

170 B
188 B

140ms
140ms

Image
image/png

142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEpGOTNaWEctMjgtRjJJUw==&google_push=ATf1kGMnXOHI_qbqIZL0UEZvqxlTj3BhJjZaOjUmkHlTIIIirwd8Ry_nhwSWu4jVW7wDlvn_C9_BQyiWiT92f_MXNX1IyNwGuoQ

Requested by

Host: 7b396d131b51a631f1f56b13a95d7996.safeframe.googlesyndication.com
URL: https://7b396d131b51a631f1f56b13a95d7996.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.74.194 Staten Island, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 28 Jun 2023 05:03:26 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEpGOTNaWEctMjgtRjJJUw==&google_push=ATf1kGMnXOHI_qbqIZL0UEZvqxlTj3BhJjZaOjUmkHlTIIIirwd8Ry_nhwSWu4jVW7wDlvn_C9_BQyiWiT92f_MXNX1IyNwGuoQ
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 4cdacfaa68e4ab216fffbcc107c5b898
Expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 5DFA
Redirect Chain

https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEH2qkCMRF7BASqbua03ble8&google_cver=1&google_push=ATf1kGOSjDK7TrLd2fl7vWzUT_N20Ir2jv7IF3qLa-4T3kyCAadpA3mB4cwC02Kx-di4j_jqfXsj6QGaZd_fWZtB...
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_hm=fe54e09d&google_redir=https%3A%2F%2Fs.ad.smaato.net%2Fc%2F%3FadExInit%3Dg&google_push=ATf1kGOSjDK7TrLd2fl7vWzUT_N20Ir2jv7IF3qLa-4T3kyC...

170 B
188 B

140ms
140ms

Image
image/png

142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_hm=fe54e09d&google_redir=https%3A%2F%2Fs.ad.smaato.net%2Fc%2F%3FadExInit%3Dg&google_push=ATf1kGOSjDK7TrLd2fl7vWzUT_N20Ir2jv7IF3qLa-4T3kyCAadpA3mB4cwC02Kx-di4j_jqfXsj6QGaZd_fWZtBIsq3kK6OoA

Requested by

Host: www.sanook.com
URL: https://www.sanook.com/women/220941/

Protocol

Server

142.250.74.194 Staten Island, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 28 Jun 2023 05:03:34 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Wed, 28 Jun 2023 05:03:34 GMT
via: 1.1 f212784a4dc77817b66a91a042658fa6.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: MUC50-P2
x-cache: FunctionGeneratedResponse from cloudfront
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_hm=fe54e09d&google_redir=https%3A%2F%2Fs.ad.smaato.net%2Fc%2F%3FadExInit%3Dg&google_push=ATf1kGOSjDK7TrLd2fl7vWzUT_N20Ir2jv7IF3qLa-4T3kyCAadpA3mB4cwC02Kx-di4j_jqfXsj6QGaZd_fWZtBIsq3kK6OoA
cache-control: no-cache, must-revalidate
content-length: 0
x-amz-cf-id: MDdgUpfUxfKxlcxaFPul3N5u9BTaR3Ul5WUuAh_R7NA2UfYkvn3j5w==

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 5DFA 0
12 B 147ms
138ms Image
text/html 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LmV2jUq6dl8ZUqfW7uzyvX7GQ2K94CiHMqNGRQdSv1Kh1H7Mj6pVvMIVsv8W0oxw97IuPB

Requested by

Host: 7b396d131b51a631f1f56b13a95d7996.safeframe.googlesyndication.com
URL: https://7b396d131b51a631f1f56b13a95d7996.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.74.194 Staten Island, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 05:03:26 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 2B21
Redirect Chain

https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEH5fTVsKzEGfyazRfbKwB_Y&google_cver=1&google_push=ATf1kGOfKqNMDcIRtJLbywd3Ch3Vo9myUv4CEdDMqmNt46O7I9dEr2XEOLCP_mZFWHgcAF75rcNZUZDh98Ip-C2ToBIY...
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=ATf1kGOfKqNMDcIRtJLbywd3Ch3Vo9myUv4CEdDMqmNt46O7I9dEr2XEOLCP_mZFWHgcAF75rcNZUZDh98Ip-C2ToBIYzVIxXHi8&google_hm=2pBReIlZSmCOfLaMY-l1ZQ==

170 B
188 B

142ms
142ms

Image
image/png

142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=ATf1kGOfKqNMDcIRtJLbywd3Ch3Vo9myUv4CEdDMqmNt46O7I9dEr2XEOLCP_mZFWHgcAF75rcNZUZDh98Ip-C2ToBIYzVIxXHi8&google_hm=2pBReIlZSmCOfLaMY-l1ZQ==

Requested by

Host: 7b396d131b51a631f1f56b13a95d7996.safeframe.googlesyndication.com
URL: https://7b396d131b51a631f1f56b13a95d7996.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.74.194 Staten Island, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 28 Jun 2023 05:03:26 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: //cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=ATf1kGOfKqNMDcIRtJLbywd3Ch3Vo9myUv4CEdDMqmNt46O7I9dEr2XEOLCP_mZFWHgcAF75rcNZUZDh98Ip-C2ToBIYzVIxXHi8&google_hm=2pBReIlZSmCOfLaMY-l1ZQ==
date: Wed, 28 Jun 2023 05:03:26 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H2

200

cookiematch.aspx
dis.criteo.com/dis/rtb/google/ Frame 2B21
Redirect Chain

https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DPUSH_DATA&...
https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_hm=k-cchr4a_0rk5yiGPqAc9r8zvk5GwL4OA4biPfCw&google_push=PUSH_DATA
https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&google_error=5

43 B
369 B

147ms
147ms

Image
image/gif

178.250.1.9
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&google_error=5

Requested by

Host: 7b396d131b51a631f1f56b13a95d7996.safeframe.googlesyndication.com
URL: https://7b396d131b51a631f1f56b13a95d7996.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

178.250.1.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 28 Jun 2023 05:03:26 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 123723
timing-allow-origin: *
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 28 Jun 2023 05:03:26 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&google_error=5
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 274
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 2B21
Redirect Chain

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEAmyonzz7eUJ0I7v-uTlRyE&google_cver=1&google_push=ATf1kGPzW1aIpwdzrLTkP56ptZByufTEkTL2MtcXkD70TDxBzZK6YZjinrjJo0b9lyTsY831dErktY9i...
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEAmyonzz7eUJ0I7v-uTlRyE&google_cver=1&google_push=ATf1kGPzW1aIpwdzrLTkP56ptZByufTEkTL2MtcXkD70TDxBzZK6YZjinrjJo0b9lyTsY831dEr...
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MzA3NzI4NDMzODgyNTA4MjgzMw&google_push=ATf1kGPzW1aIpwdzrLTkP56ptZByufTEkTL2MtcXkD70TDxBzZK6YZjinrjJo0b9lyTsY831dErktY...

170 B
188 B

140ms
140ms

Image
image/png

142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MzA3NzI4NDMzODgyNTA4MjgzMw&google_push=ATf1kGPzW1aIpwdzrLTkP56ptZByufTEkTL2MtcXkD70TDxBzZK6YZjinrjJo0b9lyTsY831dErktY9iZrAYjtQfERJaEcUNmu4

Requested by

Host: www.sanook.com
URL: https://www.sanook.com/women/220941/

Protocol

Server

142.250.74.194 Staten Island, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 28 Jun 2023 05:03:32 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 28 Jun 2023 05:03:32 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MzA3NzI4NDMzODgyNTA4MjgzMw&google_push=ATf1kGPzW1aIpwdzrLTkP56ptZByufTEkTL2MtcXkD70TDxBzZK6YZjinrjJo0b9lyTsY831dErktY9iZrAYjtQfERJaEcUNmu4
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 2B21
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=QlBrtUaZQkiNweXBWkin6Q%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...

170 B
188 B

142ms
141ms

Image
image/png

142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=QlBrtUaZQkiNweXBWkin6Q%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=ATf1kGMHxZwuZJG6-LK3WmGjTfRLOFEJjWcOEAT7Smsw0BMZaKkYUZa07xt2McLqaDUQHRmALoWI-Jhfh5g0Hu6Mg-zAtCkEapB5

Requested by

Host: 7b396d131b51a631f1f56b13a95d7996.safeframe.googlesyndication.com
URL: https://7b396d131b51a631f1f56b13a95d7996.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.74.194 Staten Island, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 28 Jun 2023 05:03:26 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=QlBrtUaZQkiNweXBWkin6Q%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=ATf1kGMHxZwuZJG6-LK3WmGjTfRLOFEJjWcOEAT7Smsw0BMZaKkYUZa07xt2McLqaDUQHRmALoWI-Jhfh5g0Hu6Mg-zAtCkEapB5
date: Wed, 28 Jun 2023 05:03:25 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 2B21
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEN-Wvz70I8Y0JaBzvdTX2DY&google_cver=1&googl...
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEN-Wvz70I8Y0JaBzvdTX2DY&google_hm=ZJu_HshRkwND67zR-rCKowAAFIoAAAIB&google_nid=index&google_push=ATf1kGMUlyj1tAfslcJa30ZUz3DLKSqzlGSbd...

170 B
188 B

141ms
140ms

Image
image/png

142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEN-Wvz70I8Y0JaBzvdTX2DY&google_hm=ZJu_HshRkwND67zR-rCKowAAFIoAAAIB&google_nid=index&google_push=ATf1kGMUlyj1tAfslcJa30ZUz3DLKSqzlGSbdqHlXPwNC7GQqpoJv_OzdB58UD3IQpNppLjP8eOY7q0sA1I_m_ZJccAX7j540kT2

Requested by

Host: www.sanook.com
URL: https://www.sanook.com/women/220941/

Protocol

Server

142.250.74.194 Staten Island, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 28 Jun 2023 05:03:34 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 28 Jun 2023 05:03:34 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEN-Wvz70I8Y0JaBzvdTX2DY&google_hm=ZJu_HshRkwND67zR-rCKowAAFIoAAAIB&google_nid=index&google_push=ATf1kGMUlyj1tAfslcJa30ZUz3DLKSqzlGSbdqHlXPwNC7GQqpoJv_OzdB58UD3IQpNppLjP8eOY7q0sA1I_m_ZJccAX7j540kT2
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=499
Content-Length: 0
Expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 2B21
Redirect Chain

https://ssbsync.smartadserver.com/api/sync?callerId=3&google_gid=CAESEKLsNc9JukXBPQp3gleGcfc&google_cver=1&google_push=ATf1kGNuikBSKCZZVW9uehL4Nsh62P-m-3pzdN7Slpv-W-L8WJ3IJ_3F9LOx6irjOHo8QIcQrjykIf...
https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_push=ATf1kGNuikBSKCZZVW9uehL4Nsh62P-m-3pzdN7Slpv-W-L8WJ3IJ_3F9LOx6irjOHo8QIcQrjykIfo4JUXX0ZX9ZX23pqkJZfo&google_hm=NDg1MTk3MDU...

170 B
188 B

174ms
174ms

Image
image/png

142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_push=ATf1kGNuikBSKCZZVW9uehL4Nsh62P-m-3pzdN7Slpv-W-L8WJ3IJ_3F9LOx6irjOHo8QIcQrjykIfo4JUXX0ZX9ZX23pqkJZfo&google_hm=NDg1MTk3MDUxOTc3NzM3NDE4Nw%3D%3D

Requested by

Host: 7b396d131b51a631f1f56b13a95d7996.safeframe.googlesyndication.com
URL: https://7b396d131b51a631f1f56b13a95d7996.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.74.194 Staten Island, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 28 Jun 2023 05:03:28 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_push=ATf1kGNuikBSKCZZVW9uehL4Nsh62P-m-3pzdN7Slpv-W-L8WJ3IJ_3F9LOx6irjOHo8QIcQrjykIfo4JUXX0ZX9ZX23pqkJZfo&google_hm=NDg1MTk3MDUxOTc3NzM3NDE4Nw%3D%3D
date: Wed, 28 Jun 2023 05:03:26 GMT
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 2B21
Redirect Chain

https://sync.inmobi.com/gob?google_gid=CAESEFVyuJY76B3goxKtlc6lO-w&google_cver=1&google_push=ATf1kGNHJqqF9nO9HCcwIjR4rdk0ccy4uirVPtJdeTHEIm5fHtRNT8Qo5m78ceGLCAbMYaNLhxhJFQ3YuDZqsgh_fVd-ovId-Z9f
https://id5-sync.com/i/495/0.gif?gdpr_consent=&gdpr=&callback=https%3A%2F%2Fsync.inmobi.com%2FgobRedirectFromId5%3Fid%3D%7BID5UID%7D%26google_push%3DATf1kGNHJqqF9nO9HCcwIjR4rdk0ccy4uirVPtJdeTHEIm5f...
https://id5-sync.com/c/495/0/0/1.gif?gdpr=0&gdpr_consent=&us_privacy=
https://sync.inmobi.com/gobRedirectFromId5?id=ID5-aafebufalghcuT5kWcNiCzLwjK8N9c83vzcs-uCDSw&google_push=ATf1kGNHJqqF9nO9HCcwIjR4rdk0ccy4uirVPtJdeTHEIm5fHtRNT8Qo5m78ceGLCAbMYaNLhxhJFQ3YuDZqsgh_fVd-...
https://cm.g.doubleclick.net/pixel?google_hm=GLZkNWykUmBBtjzWoHXD&google_push=ATf1kGNHJqqF9nO9HCcwIjR4rdk0ccy4uirVPtJdeTHEIm5fHtRNT8Qo5m78ceGLCAbMYaNLhxhJFQ3YuDZqsgh_fVd-ovId-Z9f&google_nid=inmobi_...

170 B
188 B

144ms
143ms

Image
image/png

142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_hm=GLZkNWykUmBBtjzWoHXD&google_push=ATf1kGNHJqqF9nO9HCcwIjR4rdk0ccy4uirVPtJdeTHEIm5fHtRNT8Qo5m78ceGLCAbMYaNLhxhJFQ3YuDZqsgh_fVd-ovId-Z9f&google_nid=inmobi_new_eb

Requested by

Host: www.sanook.com
URL: https://www.sanook.com/women/220941/

Protocol

Server

142.250.74.194 Staten Island, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 28 Jun 2023 05:03:29 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Wed, 28 Jun 2023 05:03:29 GMT
content-security-policy: default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; includeSubDomains
x-permitted-cross-domain-policies: none
referrer-policy: no-referrer
expect-ct: max-age=0
x-dns-prefetch-control: off
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=utf-8
location: https://cm.g.doubleclick.net/pixel?google_hm=GLZkNWykUmBBtjzWoHXD&google_push=ATf1kGNHJqqF9nO9HCcwIjR4rdk0ccy4uirVPtJdeTHEIm5fHtRNT8Qo5m78ceGLCAbMYaNLhxhJFQ3YuDZqsgh_fVd-ovId-Z9f&google_nid=inmobi_new_eb
x-download-options: noopen
vary: Accept
content-length: 225
x-xss-protection: 0

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 2B21 0
12 B 146ms
138ms Image
text/html 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IeehcULozkwwTpkc_rxABA-QDVZI_zqKVZw7WRtWbNzpQsqEd-M2npcfGA18YaJ8Mjka7F9w

Requested by

Host: 7b396d131b51a631f1f56b13a95d7996.safeframe.googlesyndication.com
URL: https://7b396d131b51a631f1f56b13a95d7996.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.74.194 Staten Island, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 05:03:26 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2 200 / Show response
cdn.adviad.com/storage/2023/06/25/c0be70244b48e8fce79eeaa6eb1227dc/ Frame D0C5 84 KB
20 KB 152ms
142ms Document
text/html 104.21.234.8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.adviad.com/storage/2023/06/25/c0be70244b48e8fce79eeaa6eb1227dc/

Requested by

Host: dsp.adviad.com
URL: https://dsp.adviad.com/v1/html5.js?v=2023.06.28

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.21.234.8 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

74b02f64bf100884aaa1d74667fed86903494b62ce149e8ac3b29cdb20a24184

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://7b396d131b51a631f1f56b13a95d7996.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: ka-GE,ka;q=0.9

Response headers

age: 233859
alt-svc: h3=":443"; ma=86400
cache-control: public, max-age=304800
cf-cache-status: HIT
cf-ray: 7de3621f6f332bcf-FRA
content-encoding: br
content-type: text/html
date: Wed, 28 Jun 2023 05:03:26 GMT
last-modified: Sat, 24 Jun 2023 12:15:40 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eXlIzsavUYPwyiOQzVVzFj8aqemm698K9o7Kly8IGYz%2BL27U9o8s%2BJghwrVBd6X3QEA%2Bs6R%2FD%2BA7Ki4kU62WGh%2FOxLxZMteLxzu9TqH4tvaRfl9o1O4qavCmwo%2BCq0rZDw%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=15724800; includeSubDomains
vary: Accept-Encoding

GET
H2 200 / Show response
cdn.adviad.com/storage/2023/06/25/b7b5f39eb05a1aa165484f1f53be78c1/ Frame FA05 84 KB
20 KB 173ms
170ms Document
text/html 104.21.234.8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.adviad.com/storage/2023/06/25/b7b5f39eb05a1aa165484f1f53be78c1/

Requested by

Host: dsp.adviad.com
URL: https://dsp.adviad.com/v1/html5.js?v=2023.06.28

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.21.234.8 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2d80e664e546141cb614f2a3c70ed734157998b06c5aa35c7766fbfabea96b08

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://7b396d131b51a631f1f56b13a95d7996.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: ka-GE,ka;q=0.9

Response headers

age: 233832
alt-svc: h3=":443"; ma=86400
cache-control: public, max-age=304800
cf-cache-status: HIT
cf-ray: 7de3621f6f322bcf-FRA
content-encoding: br
content-type: text/html
date: Wed, 28 Jun 2023 05:03:26 GMT
last-modified: Sat, 24 Jun 2023 14:11:18 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jkykgct7r%2FpeFhzunV1bak%2B3pTQNuePgWFXEc5lBX4zxxKlGOvG5GsZJZ8Sr9Or3s2ddHt0Alr3A56LaHlUYVBhs9%2BmV6oPUy21TfsrxJhOfiEKJoNA46oKMj4xmi2fSUA%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=15724800; includeSubDomains
vary: Accept-Encoding

GET
H2 200 / Show response
cdn.adviad.com/storage/2023/06/25/b7b5f39eb05a1aa165484f1f53be78c1/ Frame 109D 84 KB
20 KB 188ms
187ms Document
text/html 104.21.234.8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.adviad.com/storage/2023/06/25/b7b5f39eb05a1aa165484f1f53be78c1/

Requested by

Host: dsp.adviad.com
URL: https://dsp.adviad.com/v1/html5.js?v=2023.06.28

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.21.234.8 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2d80e664e546141cb614f2a3c70ed734157998b06c5aa35c7766fbfabea96b08

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://7b396d131b51a631f1f56b13a95d7996.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: ka-GE,ka;q=0.9

Response headers

age: 233832
alt-svc: h3=":443"; ma=86400
cache-control: public, max-age=304800
cf-cache-status: HIT
cf-ray: 7de3621f9f652bcf-FRA
content-encoding: br
content-type: text/html
date: Wed, 28 Jun 2023 05:03:26 GMT
last-modified: Sat, 24 Jun 2023 14:11:18 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=k2zWDH%2F36Y%2BC26LOI8y6hTaonVBJ6wThMIW%2BRi8mXvmeBg93qIedh43N46PG8wqRvMhb6EkpdphZ3A5A19y8n1YbJHv0ueZiY9emtx%2F4stsNHqbV2KumertOc%2BmzVnF5dQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=15724800; includeSubDomains
vary: Accept-Encoding

POST
H/1.1 200 617.json Show response
id5-sync.com/g/v2/ 598 B
1 KB 2382ms
132ms XHR
application/json 141.95.98.65
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/g/v2/617.json

Requested by

Host: www.sanook.com
URL: https://www.sanook.com/women/220941/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

141.95.98.65 , France, ASN16276 (OVH, FR),

Reverse DNS

ns3216659.ip-141-95-98.eu

Software

Resource Hash

4df807f913ad793ba717713bb65f51aa8eb93f88d4df87c1a763ef62205be0b4

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://www.sanook.com/
accept-language: ka-GE,ka;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 28 Jun 2023 05:03:28 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding: chunked
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://www.sanook.com
p3p: CP="CAO PSA OUR"
access-control-allow-credentials: true

GET
H2 200 Enabler.js Show response
s0.2mdn.net/ads/studio/ Frame D0C5 139 KB
48 KB 1719ms
197ms Script
text/javascript 142.250.185.166
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/Enabler.js

Requested by

Host: cdn.adviad.com
URL: https://cdn.adviad.com/storage/2023/06/25/c0be70244b48e8fce79eeaa6eb1227dc/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.166 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f6.1e100.net

Software

sffe /

Resource Hash

c3ec5fd82b2b5642bcd2bb6f6db113306135239c684e8b41ee971aaeeb436d84

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://cdn.adviad.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 04:53:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 625
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48652
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 21:28:49 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 28 Jun 2023 05:08:03 GMT

GET activeview
pagead2.googlesyndication.com/pcs/ Frame F8C5 0
0

GET activeview
pagead2.googlesyndication.com/pcs/ Frame C0E5 0
0

GET
H2 200 jquery-3.2.1.min.js Show response
code.jquery.com/ 85 KB
30 KB 451ms
136ms Script
application/javascript 69.16.175.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-3.2.1.min.js
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/women/220941/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 69.16.175.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: tlb.hwcdn.net
Software: nginx /
Resource Hash: 87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 05:03:29 GMT
content-encoding: gzip
last-modified: Fri, 12 Aug 2022 13:47:02 GMT
server: nginx
etag: W/"62f659d6-15283"
vary: Accept-Encoding
x-hw: 1687928609.dop228.ve1.t,1687928609.cds239.ve1.hn,1687928609.cds220.ve1.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 30125

GET check
rtbdemand.apiip.net/api/ 0
0

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ 236 KB
58 KB 3549ms
225ms Script
application/javascript 108.138.1.25
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/women/220941/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.1.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-1-25.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 6cdf5b8d8528713b5a7b3fae738d27e6107afa0cc3a8e691a9d612303f6dfd7a

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 04:58:16 GMT
content-encoding: gzip
via: 1.1 ec85113c6ed859938b3fcfa19bc035f8.cloudfront.net (CloudFront), 1.1 002af2e4f72157b8b4bd2de012b5b57c.cloudfront.net (CloudFront)
last-modified: Thu, 15 Jun 2023 18:14:54 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P1, FRA56-P6
age: 317
etag: W/"7c6a36eb4b73f6b7cf4a63a33418a2c9"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: public, max-age=3600
x-amz-cf-id: RBdE6qwk3gRReQXf01B5LchDPzob0H36zrzXnUKqAhAfIhXwVNEzlg==

GET
H2 200 Enabler.js Show response
s0.2mdn.net/ads/studio/ Frame FA05 139 KB
48 KB 1748ms
290ms Script
text/javascript 142.250.185.166
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/Enabler.js

Requested by

Host: cdn.adviad.com
URL: https://cdn.adviad.com/storage/2023/06/25/b7b5f39eb05a1aa165484f1f53be78c1/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.166 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f6.1e100.net

Software

sffe /

Resource Hash

c3ec5fd82b2b5642bcd2bb6f6db113306135239c684e8b41ee971aaeeb436d84

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://cdn.adviad.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 04:53:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 625
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48652
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 21:28:49 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 28 Jun 2023 05:08:03 GMT

GET
H2 200 Enabler.js Show response
s0.2mdn.net/ads/studio/ Frame 109D 139 KB
48 KB 1755ms
344ms Script
text/javascript 142.250.185.166
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/Enabler.js

Requested by

Host: cdn.adviad.com
URL: https://cdn.adviad.com/storage/2023/06/25/b7b5f39eb05a1aa165484f1f53be78c1/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.166 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f6.1e100.net

Software

sffe /

Resource Hash

c3ec5fd82b2b5642bcd2bb6f6db113306135239c684e8b41ee971aaeeb436d84

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://cdn.adviad.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 04:53:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 625
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48652
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 21:28:49 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 28 Jun 2023 05:08:03 GMT

GET
H2 200 SPug Show response
simage4.pubmatic.com/AdServer/ Frame 56F3 0
48 B 159ms
150ms Script
text/plain 198.47.127.20
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage4.pubmatic.com/AdServer/SPug?partnerID=155976&gdpr=0&gdpr_consent=&us_privacy=1---
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=155976
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 198.47.127.20 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 05:03:26 GMT
cache-control: no-store, no-cache, private
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H3 200 IQSFUkhUGxVfAIopecFKbiTYCckszFTcFsmN0yEW6wM.js Show response
pagead2.googlesyndication.com/bg/ Frame 608B 38 KB
14 KB 133ms
131ms Script
text/javascript 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/IQSFUkhUGxVfAIopecFKbiTYCckszFTcFsmN0yEW6wM.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

sffe /

Resource Hash

2104855248541b155f008a2979c14a6e24d809c92ccc54dc16c98dd32116eb03

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Jun 2023 06:29:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 167660
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14804
x-xss-protection: 0
last-modified: Mon, 19 Jun 2023 09:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 25 Jun 2024 06:29:06 GMT

GET
H3 200 IQSFUkhUGxVfAIopecFKbiTYCckszFTcFsmN0yEW6wM.js Show response
pagead2.googlesyndication.com/bg/ Frame 68B4 38 KB
14 KB 148ms
145ms Script
text/javascript 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/IQSFUkhUGxVfAIopecFKbiTYCckszFTcFsmN0yEW6wM.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

sffe /

Resource Hash

2104855248541b155f008a2979c14a6e24d809c92ccc54dc16c98dd32116eb03

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Jun 2023 06:29:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 167660
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14804
x-xss-protection: 0
last-modified: Mon, 19 Jun 2023 09:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 25 Jun 2024 06:29:06 GMT

GET
H3 200 IQSFUkhUGxVfAIopecFKbiTYCckszFTcFsmN0yEW6wM.js Show response
pagead2.googlesyndication.com/bg/ Frame 348D 38 KB
14 KB 183ms
180ms Script
text/javascript 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/IQSFUkhUGxVfAIopecFKbiTYCckszFTcFsmN0yEW6wM.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

sffe /

Resource Hash

2104855248541b155f008a2979c14a6e24d809c92ccc54dc16c98dd32116eb03

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Jun 2023 06:29:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 167660
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14804
x-xss-protection: 0
last-modified: Mon, 19 Jun 2023 09:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 25 Jun 2024 06:29:06 GMT

GET
H2 200 a.js Show response
p.adlooxtracking.com/gpt/ 8 KB
4 KB 1440ms
132ms Script
text/javascript 34.107.231.31
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://p.adlooxtracking.com/gpt/a.js

Requested by

Host: www.sanook.com
URL: https://www.sanook.com/women/220941/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.107.231.31 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

31.231.107.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

7ca7a1e30027e42d510cd253b29f1b9f505c04b9af48c9ed20804d9d8006faff

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 04:38:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 google
server: nginx
age: 1519
etag: W/"81c857a6c52da1ca7444f198bd33b2ea"
last-modified: Tue, 22 Nov 2022 17:41:01 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public,max-age=3600
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3703

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame FBEC 34 KB
10 KB 172ms
171ms Script
text/html 23.37.42.132
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=0&us_privacy=1---
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.37.42.132 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-37-42-132.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: bbb7002392343b953914d18e2a7d8af24b5bf3da6bdaeffad52b10633ac1592f

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=0&us_privacy=1---
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 28 Jun 2023 05:03:28 GMT
Content-Encoding: gzip
Last-Modified: Tue, 27 Jun 2023 07:33:56 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=8966
Connection: keep-alive
Content-Length: 10112
Expires: Wed, 28 Jun 2023 07:32:54 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame 6932 0
54 B 438ms
147ms Ping
image/gif 216.239.32.3
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=3~ljf93zpy&c=2183950661435&slotId=1091975330717.5&qqid=CJvj34aY5f8CFaWW_Qcdpw8D-Q&fb=outstream-lima&vast_v=3.0&vmfc=10&vhc=0&icc=1&icrh=0&icri=0&icrs=1&icru=0&icp=AdChoices&icdi=15x15
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230516_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 216.239.32.3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://7b396d131b51a631f1f56b13a95d7996.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 28 Jun 2023 05:03:28 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 adchoice_logo_15x15_v2.png
dsp-media.eskimi.com/upload/wl/eskimi/ Frame 6932 360 B
832 B 1099ms
542ms Image
image/png 169.150.247.37
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsp-media.eskimi.com/upload/wl/eskimi/adchoice_logo_15x15_v2.png?_=2.1.0.9
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/women/220941/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 169.150.247.37 , United States, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-169-150-247-37.datapacket.com
Software: BunnyCDN-DE1-1080 /
Resource Hash: 04dd17131968a07c34224fb2e34a25d3bdd06fed40c6025f20ecdfc9e6eff2a0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://7b396d131b51a631f1f56b13a95d7996.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

cdn-requestpullsuccess: True
date: Wed, 28 Jun 2023 05:03:29 GMT
cdn-edgestorageid: 755
cdn-cachedat: 06/16/2023 07:15:44
cdn-pullzone: 692289
content-length: 360
last-modified: Tue, 28 Feb 2023 09:21:44 GMT
server: BunnyCDN-DE1-1080
cdn-proxyver: 1.03
cdn-requestpullcode: 200
etag: "63fdc7a8-168"
content-type: image/png
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: ce2848ff-13c5-49e5-873d-af24ad423612
cache-control: public, max-age=31536000
cdn-requestid: 7b44857d19e126f7d4ffba8c7710971c
accept-ranges: bytes
cdn-requestcountrycode: GE
cdn-status: 200
expires: Sat, 15 Jun 2024 07:15:44 GMT

GET
H3 200 get.ad Show response
fundingchoicesmessages.google.com/f/AGSKWxUpcHkDlb8YiXtPzgQI7yRSrbN8rAFx7z4K2AjZqzlgzYz26D-gOzYfrzv3y0g2P6MqvuKrDibot_kTydWWBGqJsC8_rNJArpmaQBztHaQBQSxrbvsYzBWcx1Nm3NEf6fZk2nHB2KxGj2jQJEN4RTqJwcM4c... 54 B
109 B 157ms
157ms Script
application/javascript 142.250.181.238
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxUpcHkDlb8YiXtPzgQI7yRSrbN8rAFx7z4K2AjZqzlgzYz26D-gOzYfrzv3y0g2P6MqvuKrDibot_kTydWWBGqJsC8_rNJArpmaQBztHaQBQSxrbvsYzBWcx1Nm3NEf6fZk2nHB2KxGj2jQJEN4RTqJwcM4cjg53vfR16mWNCJEhMo0IPn7AE2coK1x/__adengine_/rail_ad_/sponsers.cgi/ad/superbanner./get.ad?

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.IcufQILESpc.es5.O/d=1/exm=kernel_loader,loader_js_executable,web_iab_ccpa_signal_executable/ed=1/rs=AJlcJMzkUJbcjmH2GjuAJfdqmg32pcxH-Q/m=ad_blocking_detection_executable

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.238 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f14.1e100.net

Software

ESF /

Resource Hash

0c15bfd08232823d9669b87651b41e086f88cdeb6638c952ee8216ef3bc58b0a

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-sVceWqTP6GL4zls4FGr-ow' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 05:03:28 GMT
content-security-policy: script-src 'report-sample' 'nonce-sVceWqTP6GL4zls4FGr-ow' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 show_companion_ad.js Show response
pagead2.googlesyndication.com/pagead/ 51 KB
17 KB 147ms
146ms Script
text/javascript 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/show_companion_ad.js?fcd=true

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.IcufQILESpc.es5.O/d=1/exm=kernel_loader,loader_js_executable,web_iab_ccpa_signal_executable/ed=1/rs=AJlcJMzkUJbcjmH2GjuAJfdqmg32pcxH-Q/m=ad_blocking_detection_executable

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

13196d718f448e479eb932c6f6f8ec259f79474c272a67628027b1dc5127bd01

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 04:51:03 GMT
content-encoding: br
x-content-type-options: nosniff
age: 745
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 17543
x-xss-protection: 0
server: cafe
etag: 12274173466756436365
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=3600
timing-allow-origin: *
expires: Wed, 28 Jun 2023 05:51:03 GMT

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxVHCTrFmlrfmskY_zgtLgTT9Fp7d7ph-fGNX0qXkP25BxGhKNm7JxAxQHTyq_ziBchrj0qr8gn6dqQh8HfyUlXFnYxNO7FWoGrPfygRLSWkuxGLXQi1Igc6N35iU1kz0Zu5LQfEpw==

Requested by

Host: www.sanook.com
URL: https://www.sanook.com/women/220941/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.238 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f14.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-bEbszcWzPQmbtI_28mTYKw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.sanook.com/
accept-language: ka-GE,ka;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 28 Jun 2023 05:03:28 GMT
content-security-policy: script-src 'report-sample' 'nonce-bEbszcWzPQmbtI_28mTYKw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://www.sanook.com
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 PugMaster Show response
image6.pubmatic.com/AdServer/ Frame 3FF2 3 KB
3 KB 149ms
148ms Script
text/html 185.64.190.78
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=72925617&p=155976&s=0&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=1---
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=155976
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: 1f45b3cb70dbd5ad242b7d9e086f8b44939740aff0f169067aeb7259e353b490

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type: text/html; charset=UTF-8
date: Wed, 28 Jun 2023 05:03:27 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H2 200 PugMaster Show response
image6.pubmatic.com/AdServer/ Frame 3DB0 3 KB
3 KB 146ms
146ms Script
text/html 185.64.190.78
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=40821358&p=155976&s=0&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=1---
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=155976
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: 1f45b3cb70dbd5ad242b7d9e086f8b44939740aff0f169067aeb7259e353b490

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type: text/html; charset=UTF-8
date: Wed, 28 Jun 2023 05:03:28 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H2 200 PugMaster Show response
image6.pubmatic.com/AdServer/ Frame 0D28 3 KB
3 KB 157ms
157ms Script
text/html 185.64.190.78
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=8925562&p=155976&s=0&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=1---
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=155976
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: 1f45b3cb70dbd5ad242b7d9e086f8b44939740aff0f169067aeb7259e353b490

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type: text/html; charset=UTF-8
date: Wed, 28 Jun 2023 05:03:27 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 35E6 0
0 179ms
176ms Fetch
image/gif 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu1DGggjEfeMVMI2p5b43y3IzavVlOaLwK8NFdiU_Xg4yVZCzPyNX_hTOTionpDKhkMTTqUUvkNVN-DXDDjAVqn_zpsPlnbGyy8NNv0ZABFj-7gBVMX8HRqhiYWAaJX4Wgvh6hRD6ltKvgKmB_B2M54Efh6dkETP1W38UcCtwQOCofVclCauaxFZ9J4gvyVgZcuSLqXDiZVaBq70tyyZyeWYIzbBbblsrf_IUwkU_a9itpiy8puAns8r-yodSKoZx9d4P8IObfXLei6wcNyrtOBgpDKAhGHpg3VFdRxj7Zi3VCQoXIXzYRjd4_SKmDh8YevBWHIJKVj6H_-8bWOlYGcQNEsw17SWZHC8AB-4N1s&sai=AMfl-YSlhEYbqtf7200NEyHXmA7msF2pOrXNw55mWziHwBv2jzoLr413kSFrY1JphU3__aAeEFBjNHEbhDkvPPXvbJGUJZmsOSmkulGu6OYK3fL-3LvEQ0c6yfVTuU6cO0jtShIE6mcxNmb6D3pdmhvNN5A&sig=Cg0ArKJSzKOUiHnkWfALEAE&uach_m=[UACH]&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 05:03:28 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Wed, 28 Jun 2023 05:03:28 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 96A0 42 B
64 B 179ms
175ms Fetch
image/gif 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjss83AJj-V8aEgR7mNjROyWAQQjAPJzJbhH3eHILgS0-Re2JYikna-c42hUtz0QURImP3-TtTuEMG_89MP2WUQBAruA8-m-4SWdj3_PBPC1JGZCM9zy_pKF8ma1Chtom&sai=AMfl-YTMXb5STt4kxlrxhVdvESZSTySwucR-yuwqtLH3DrLlJfJHjzWqSLmv9G9jy22SFN-ifFXqpBIwvPDUw8LwiP7LpPhvYRs_LDcBWhmAuZxH9iNQrXHqTTt0Lr_Mhb59tvYDFfcdqdkjzqsOCUYA&sig=Cg0ArKJSzM4re2zhH7XEEAE&cid=CAQSTgBygQiDJ56_gquPsRlz7hP49SYMRK-4GuAmnhKnSiQ5iPlpnjjdAW6vadoblW5fKIGp44qjRnI02NIMt_Xt8um7IxhmoZS3snEIn0TsRhgB&id=lidar2&mcvt=2451&p=0,436,90,1164&mtos=2451,2451,2451,2451,2451&tos=2451,0,0,0,0&v=20230626&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=20&adk=2779983359&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1687928604289&rpt=1832&isd=0&lsd=0&met=ce&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://7b396d131b51a631f1f56b13a95d7996.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 28 Jun 2023 05:03:28 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 7A4B 42 B
64 B 176ms
174ms Fetch
image/gif 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstPcm8LQRuYfFY8dRQO14jmQkLZITbXTRrldNXZoqt5PRcMcvxn-3ymPYCRbKFjISzU3Tj_ZNh2tXQuYgmLHmNV43uOiZGQebb2MN2yeNpJajUUCyvJgsvzVybK9eK6&sai=AMfl-YRULRFKG3Ij68roTFRV1AKCQ7_idZrTxNTotxQOpasOEwz4_TwzdLyOXKBxdLvoHnef2nvif5nx--BI557wyAGdDZy_in2FtgEhpjNOYv0kCoZdKYOwC6u_6yP_Gj6gy8-4G0K2zTS2ltWFam9n&sig=Cg0ArKJSzJ6FzWEdeBEcEAE&cid=CAQSTgBygQiDCKqtqHFgy8FqIWtXWzDmakn57wWMvpCaaIjRp6kBArBcdgBjgatL3XkGqaQQOvglPFL2BWrrm__AfGSSXtqIlOyH70SO15-_7hgB&id=lidar2&mcvt=2353&p=649,1065,899,1365&mtos=2353,2353,2353,2353,2353&tos=2353,0,0,0,0&v=20230626&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=20&adk=1198679254&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1687928604555&rpt=1730&isd=0&lsd=0&met=ce&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://7b396d131b51a631f1f56b13a95d7996.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 28 Jun 2023 05:03:28 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 0642 42 B
64 B 175ms
172ms Fetch
image/gif 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvK1mM8xxJ2dq3_c9VL9SopgZJ7lmOTLDuyuNXUY1AK2AGaL8IVF6B5zpcz6E9eNRoNZW3UwtlFJAlhgsQhizXGyWYUIbaoGK_UUnBZ9dME4N-j0Tmk9G6jAWUeNjiE&sai=AMfl-YQ8C_PMRpYF7twlTMj4BcmybcdoPxf2KAfxOc1QMprg4FQTAB7sMWrIgTtM-Key94XQb53et4FrjgmLpzEffcOfrZFP3YfeVs5C4Plz466Su0fek04cGSudCHHh-NxqB7w4fxyq6sqe0nzAaM0w&sig=Cg0ArKJSzGf4SBpLGXJ1EAE&cid=CAQSTgBygQiDsHxQLQvw4GugA-9FUZrLnPzpimeUKI6a7qdfzx2LeSXgfko2yCrSYZVzYoqtU1XZuPXs4EKP5vMgw27k87zdWFjKGAQX3R5IOBgB&id=lidar2&mcvt=2254&p=1023,235,1113,963&mtos=2254,2254,2254,2254,2254&tos=2254,0,0,0,0&v=20230626&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=20&adk=1547059643&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1687928604505&rpt=1814&isd=0&lsd=0&met=ce&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://7b396d131b51a631f1f56b13a95d7996.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 28 Jun 2023 05:03:28 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame 6932 0
54 B 376ms
147ms Ping
image/gif 216.239.32.3
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=4~ljf941u6&c=2183950661435&slotId=1091975330717.5&qqid=CJvj34aY5f8CFaWW_Qcdpw8D-Q&fb=outstream-lima&gpm_i=10&gpm_c=10&gpm_a=10&smb=1000&br=833&mt=video%2Fmp4&vs=320x568&msm=1&aits=0&webm=5&vp9=0&vamt=video%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fwebm%2Cvideo%2Fwebm%2Cvideo%2Fwebm%2Cvideo%2Fwebm%2Cvideo%2Fwebm&hvmf=false&vms=1&bit=0&hcn=0&met.4=arp_a_e.3oh&umsem=0&ape=1&ple=1
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230516_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 216.239.32.3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://7b396d131b51a631f1f56b13a95d7996.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 28 Jun 2023 05:03:28 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 206 103995_vast_040a8f2ead8d6ef378fa47e36dd398cf_b1c50c226489ccbb0a7f2.mp4
dsp-media.eskimi.com/upload/ Frame 6932 47 KB
0 942ms
463ms Media
video/mp4 169.150.247.37
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL

https://dsp-media.eskimi.com/upload/103995_vast_040a8f2ead8d6ef378fa47e36dd398cf_b1c50c226489ccbb0a7f2.mp4

Requested by

Host: www.sanook.com
URL: https://www.sanook.com/women/220941/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

169.150.247.37 , United States, ASN60068 (CDN77 ^_^, GB),

Reverse DNS

unn-169-150-247-37.datapacket.com

Software

BunnyCDN-DE1-1080 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://7b396d131b51a631f1f56b13a95d7996.safeframe.googlesyndication.com/
Accept-Encoding: identity;q=1, *;q=0
accept-language: ka-GE,ka;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range: bytes=0-

Response headers

cdn-requestpullsuccess: True
date: Wed, 28 Jun 2023 05:03:29 GMT
x-content-type-options: nosniff
cdn-edgestorageid: 723
Content-Range: bytes 0-629272/629273
cdn-cachedat: 06/14/2023 23:17:39
cdn-pullzone: 692289
Content-Length: 629273
last-modified: Wed, 14 Jun 2023 14:21:57 GMT
server: BunnyCDN-DE1-1080
cdn-proxyver: 1.03
cdn-requestpullcode: 200
etag: "6489cd05-99a19"
content-type: video/mp4
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: ce2848ff-13c5-49e5-873d-af24ad423612
cache-control: public, max-age=31536000
cdn-requestid: 7669d422d643c3a7256e3cc7179fb911
cdn-requestcountrycode: GE
cdn-status: 200
expires: Thu, 13 Jun 2024 23:17:39 GMT

GET
H2

200

/
sync.taboola.com/sg/rubiconvideo-network/1/rtb-h/ Frame FBEC
Redirect Chain

https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=16698&gdpr=0&us_privacy=1---&gdpr=0&us_privacy=1---&khaos=LJF93ZXG-28-F2IS
https://sync.taboola.com/sg/rubiconvideo-network/1/rtb-h/?taboola_hm=LJF93ZXG-28-F2IS&gdpr=0&us_privacy=1---

0
230 B

150ms
150ms

Image
text/plain

141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.taboola.com/sg/rubiconvideo-network/1/rtb-h/?taboola_hm=LJF93ZXG-28-F2IS&gdpr=0&us_privacy=1---
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=0&us_privacy=1---
Protocol: H2
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 05:03:30 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 82114

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://sync.taboola.com/sg/rubiconvideo-network/1/rtb-h/?taboola_hm=LJF93ZXG-28-F2IS&gdpr=0&us_privacy=1---
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 9ef75ea4f1dd62e53c52f84d8070c378
Expires: 0

POST
H3 204 collect
analytics.google.com/g/ Frame 6010 0
17 B 150ms
149ms Ping
text/plain 216.239.38.181
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-M0RYDTKBFK&gtm=45je36q0&_p=338464037&cid=1184271674.1687928600&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AEA&_s=2&dl=https%3A%2F%2Fwww.sanook.com%2Fvideo%2Fembed%2Fclip%2F1537276%2F%3FplayerType%3Dvideo-js&sid=1687928600&sct=1&seg=1&dr=https%3A%2F%2Fwww.sanook.com%2Fwomen%2F220941%2F&dt=%E0%B8%94%E0%B8%B9%E0%B8%94%E0%B8%A7%E0%B8%87%E0%B8%9B%E0%B8%A3%E0%B8%B0%E0%B8%88%E0%B8%B3%E0%B8%AA%E0%B8%B1%E0%B8%9B%E0%B8%94%E0%B8%B2%E0%B8%AB%E0%B9%8C%2016-30%20%E0%B8%A1%E0%B8%B4%E0%B8%96%E0%B8%B8%E0%B8%99%E0%B8%B2%E0%B8%A2%E0%B8%99%202566%20%3AEmbed%20Video&en=scroll&ep.content_editor=newsgroup&ep.content_source=newsgroup&ep.content_category=mystery&ep.user_session_id=1687928603196.9xvpsbfz&ep.content_tag_primary=%E0%B8%84%E0%B8%A5%E0%B8%B4%E0%B8%9B%E0%B8%99%E0%B9%88%E0%B8%B2%E0%B8%AA%E0%B8%99%E0%B9%83%E0%B8%88&ep.content_tag_secondary=%E0%B8%94%E0%B8%A7%E0%B8%87%E0%B8%9B%E0%B8%A3%E0%B8%B0%E0%B8%88%E0%B8%B3%E0%B8%AA%E0%B8%B1%E0%B8%9B%E0%B8%94%E0%B8%B2%E0%B8%AB%E0%B9%8C&ep.content_unique_id=1537276&ep.content_editorial_type=user%20generated%20content%20(ugc)&ep.content_number_of_characters=37&ep.content_channel=video&ep.content_page_format=embedplayer&ep.content_tags=%E0%B8%84%E0%B8%A5%E0%B8%B4%E0%B8%9B%E0%B8%99%E0%B9%88%E0%B8%B2%E0%B8%AA%E0%B8%99%E0%B9%83%E0%B8%88%2C%E0%B8%94%E0%B8%A7%E0%B8%87%E0%B8%9B%E0%B8%A3%E0%B8%B0%E0%B8%88%E0%B8%B3%E0%B8%AA%E0%B8%B1%E0%B8%9B%E0%B8%94%E0%B8%B2%E0%B8%AB%E0%B9%8C%2C%E0%B8%94%E0%B8%B9%E0%B8%94%E0%B8%A7%E0%B8%87%2CHoriscope%20Clip&ep.content_type=video&ep.adblock_tracker=false&ep.article_read=1&epn.user_non_personalized_ads=2&epn.percent_scrolled=90
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-M0RYDTKBFK&l=dataLayer&cx=c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 216.239.38.181 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 28 Jun 2023 05:03:29 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.sanook.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxVHCTrFmlrfmskY_zgtLgTT9Fp7d7ph-fGNX0qXkP25BxGhKNm7JxAxQHTyq_ziBchrj0qr8gn6dqQh8HfyUlXFnYxNO7FWoGrPfygRLSWkuxGLXQi1Igc6N35iU1kz0Zu5LQfEpw==

Requested by

Host: www.sanook.com
URL: https://www.sanook.com/women/220941/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.238 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f14.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-eggJPvoGplTO0lG4CZj6gw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.sanook.com/
accept-language: ka-GE,ka;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 28 Jun 2023 05:03:29 GMT
content-security-policy: script-src 'report-sample' 'nonce-eggJPvoGplTO0lG4CZj6gw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
access-control-allow-origin: https://www.sanook.com
access-control-allow-methods: POST, GET, OPTIONS
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2

200

match Show response
c1.adform.net/serving/cookie/ Frame 0087
Redirect Chain

https://c1.adform.net/serving/cookie/match?party=14&cid=42506BB5-4699-4248-8DC1-E5C15A48A7E9&gdpr=0&gdpr_consent=
https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=42506BB5-4699-4248-8DC1-E5C15A48A7E9&gdpr=0&gdpr_consent=

35 B
599 B

166ms
165ms

Document
image/gif

37.157.6.243
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=42506BB5-4699-4248-8DC1-E5C15A48A7E9&gdpr=0&gdpr_consent=

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=155976

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.243 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: ka-GE,ka;q=0.9

Response headers

accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: no-cache, no-store, must-revalidate, no-transform
content-type: image/gif
date: Wed, 28 Jun 2023 05:03:32 GMT
expires: -1
pragma: no-cache
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains

Redirect headers

accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: no-cache, no-store, must-revalidate, no-transform
content-length: 0
date: Wed, 28 Jun 2023 05:03:32 GMT
expires: -1
location: https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=42506BB5-4699-4248-8DC1-E5C15A48A7E9&gdpr=0&gdpr_consent=
pragma: no-cache
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains

GET
H2

200

b9pj45k4 Show response
sync-tm.everesttech.net/ct/upi/pid/ Frame CB67
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_con...
https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_...

85 B
228 B

237ms
234ms

Document
image/png

151.101.2.49
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=&_test=ZJu-IQAAAOpvzgAz
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=155976
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.2.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Jetty(9.4.35.v20201120) /
Resource Hash: acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: ka-GE,ka;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
cache-control: no-cache
content-length: 85
content-type: image/png
date: Wed, 28 Jun 2023 05:03:29 GMT
p3p: CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
pragma: no-cache
server: Jetty(9.4.35.v20201120)
via: 1.1 varnish
x-cache: MISS
x-cache-hits: 0
x-served-by: cache-mxp6948-MXP
x-timer: S1687928610.639197,VS0,VE101

Redirect headers

accept-ranges: bytes
access-control-allow-origin: *
cache-control: no-cache
content-length: 0
date: Wed, 28 Jun 2023 05:03:29 GMT
location: https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=&_test=ZJu-IQAAAOpvzgAz
p3p: CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
pragma: no-cache
server: Jetty(9.4.35.v20201120)
via: 1.1 varnish
x-cache: MISS
x-cache-hits: 0
x-served-by: cache-mxp6948-MXP
x-timer: S1687928609.391197,VS0,VE101

GET
H2 200 bridge Show response
cm.adgrx.com/ Frame 8957 0
221 B 550ms
147ms Document
text/plain 72.251.241.204
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=155976
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 72.251.241.204 Amsterdam, Netherlands, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software: Cowboy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: ka-GE,ka;q=0.9

Response headers

access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, proxy-revalidate
content-length: 0
date: Wed, 28 Jun 2023 05:03:29 GMT
expires: Thu, 23 Sep 2004 17:42:04 GMT
p3p: CP="NOI OTC OTP OUR NOR"
pragma: no-cache
server: Cowboy
x-realserver-nx: ams-delivery-6

GET
H2

200

Pug Show response
image2.pubmatic.com/AdServer/ Frame 54A5
Redirect Chain

https://cm-supply-web.gammaplatform.com/adx/usersyncsupply?pid=7&t=pixel
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTkmdGw9NDMyMDA=&piggybackCookie=1vda61ii92um

42 B
307 B

141ms
138ms

Document
image/gif

198.47.127.205
GTT-BACKBONE GTT

General

Check archive.org

Show headers Download Go to

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTkmdGw9NDMyMDA=&piggybackCookie=1vda61ii92um
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=155976
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 198.47.127.205 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: ka-GE,ka;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Wed, 28 Jun 2023 05:03:30 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

accept-encoding: utf-8
cache-control: no-cache, no-store
content-length: 0
date: Wed, 28 Jun 2023 05:03:30 GMT
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTkmdGw9NDMyMDA=&piggybackCookie=1vda61ii92um
lws: 38
strict-transport-security: max-age=31536000; includeSubDomains
time-ms: 0

GET
H2 200 cm Show response
ipac.ctnsnet.com/int/ Frame 0D7F 43 B
203 B 2168ms
141ms Document
image/gif 35.186.193.173
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ipac.ctnsnet.com/int/cm?exc=14&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=[user_id]
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=155976
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.193.173 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 173.193.186.35.bc.googleusercontent.com
Software: Apache-Coyote/1.1 /
Resource Hash: 98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: ka-GE,ka;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-length: 43
content-type: image/gif
date: Wed, 28 Jun 2023 05:03:30 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: CP="NOI DSP COR NID CUR OUR NOR"
pragma: no-cache
server: Apache-Coyote/1.1
via: 1.1 google

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame DFE7
Redirect Chain

https://csync.loopme.me/?pubid=11331&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={viewer_token}
https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}

0
74 B

146ms
145ms

Document
text/html

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=155976
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: ka-GE,ka;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Wed, 28 Jun 2023 05:03:28 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

content-length: 0
date: Wed, 28 Jun 2023 05:03:30 GMT
location: https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
server: _

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame D738
Redirect Chain

https://ad.mrtnsvr.com/sync/pubmatic?gdpr=0&gdpr_consent=
https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0NTgmdGw9MTI5NjAw%26piggybackCookie%3D%23PM_USER_ID%26gdpr...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTgmdGw9MTI5NjAw&piggybackCookie=42506BB5-4699-4248-8DC1-E5C15A48A7E9&gdpr=0&gdpr_consent=

42 B
97 B

151ms
150ms

Document
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTgmdGw9MTI5NjAw&piggybackCookie=42506BB5-4699-4248-8DC1-E5C15A48A7E9&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=155976
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: ka-GE,ka;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Wed, 28 Jun 2023 05:03:32 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

content-length: 0
content-type: text/html; charset=UTF-8
date: Wed, 28 Jun 2023 05:03:31 GMT
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTgmdGw9MTI5NjAw&piggybackCookie=42506BB5-4699-4248-8DC1-E5C15A48A7E9&gdpr=0&gdpr_consent=
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H/1.1 200
OK cookiesync Show response
core.iprom.net/ Frame 0BFB 43 B
279 B 2274ms
131ms Document
image/gif 195.5.165.20
IPROM-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://core.iprom.net/cookiesync?gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=155976
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 195.5.165.20 , Slovenia, ASN44968 (IPROM-AS, SI),
Reverse DNS
Software: /
Resource Hash: 98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: ka-GE,ka;q=0.9

Response headers

Connection: close
Content-Length: 43
Content-Type: image/gif
Date: Wed, 28 Jun 2023 05:03:31 GMT
Vary: Accept-Encoding
X-adserver-worker: erebus-cd2781e2430f@version_1.557v3
X-core-time: 0ms
X-server-arch: v2

GET i.match
a.tribalfusion.com/ Frame 8780 0
0

GET
H2

200

Pug Show response
image2.pubmatic.com/AdServer/ Frame 2592
Redirect Chain

https://green.erne.co/pubmatic/cm?gdpr=0&gdpr_consent=
https://pixel-eu.onaudience.com/?partner=270&smartmap=1&gdpr=0&gdpr_consent=&redirect=image2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%26piggybackCookie%3D%25...
https://sync.crwdcntrl.net/map/c=14544/tp=BIDB/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel-eu.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%24%7Bgdpr%7D%26red...
https://pixel-eu.onaudience.com/?partner=104&icm&cver&mapped=7b6ef12cee5319d15451f11f38c32124&gdpr=0&redirect=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI4OD...
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=kODCF8PznWTjaaXagQbhTSbM&gdpr=0&gdpr_consent=

42 B
202 B

139ms
137ms

Document
image/gif

198.47.127.205
GTT-BACKBONE GTT

General

Check archive.org

Show headers Download Go to

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=kODCF8PznWTjaaXagQbhTSbM&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=155976
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 198.47.127.205 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: ka-GE,ka;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Wed, 28 Jun 2023 05:03:31 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

content-length: 0
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=kODCF8PznWTjaaXagQbhTSbM&gdpr=0&gdpr_consent=

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame 28FE
Redirect Chain

https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent=
https://sync.1rx.io/usersync2/pubmatic?zcc=1&cb=1687928611380
https://ad.turn.com/r/cs?pid=45&rndcb=2215955616
https://sync.1rx.io/usersync/turn/8328107424253339475?dspret=1&gdpr=&gdpr_consent=&us_privacy=
https://sync.targeting.unrulymedia.com/csync/RX-605987e8-8e92-48ec-9109-eef3cab2fa93-003?redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA%...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-605987e8-8e92-48ec-9109-eef3cab2fa93-003

42 B
97 B

152ms
152ms

Document
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-605987e8-8e92-48ec-9109-eef3cab2fa93-003
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=155976
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: ka-GE,ka;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Wed, 28 Jun 2023 05:03:32 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

content-type: text/html
date: Wed, 28 Jun 2023 05:03:32 GMT
etag: RX605987e88e9248ec9109eef3cab2fa93003
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-605987e8-8e92-48ec-9109-eef3cab2fa93-003
p3p: CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"

GET
H/1.1 204
No Content pub
matching.truffle.bid/sync/ Frame 5D96 0
0 1431ms
132ms Document
text/plain 23.88.86.2
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://matching.truffle.bid/sync/pub?sid=161&suid=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NDQmdGw9MjAxNjA=&piggybackCookie=$UID

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=155976

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

23.88.86.2 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.2.86.88.23.clients.your-server.de

Software

nginx/1.23.1 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: ka-GE,ka;q=0.9

Response headers

Connection: keep-alive
Date: Wed, 28 Jun 2023 05:03:30 GMT
Server: nginx/1.23.1
Strict-Transport-Security: max-age=15768000

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame CCF8
Redirect Chain

https://um.simpli.fi/pm_match?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:7E612F18E5434AC5AE4AC517E1E74AFD&gdpr=0&gdpr_consent=

1 B
53 B

146ms
145ms

Document
text/html

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:7E612F18E5434AC5AE4AC517E1E74AFD&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=155976
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: ka-GE,ka;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 1
content-type: text/html; charset=utf-8
date: Wed, 28 Jun 2023 05:03:29 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
cache-control: no-cache
content-length: 142
content-type: text/html
date: Wed, 28 Jun 2023 05:03:29 GMT
expires: Tue, 27 Jun 2023 05:03:29 GMT
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:7E612F18E5434AC5AE4AC517E1E74AFD&gdpr=0&gdpr_consent=
server: openresty
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff

GET
H2 200 mw
mwzeom.zeotap.com/ Frame 3FF2 95 B
439 B 1373ms
140ms Image
image/png 104.22.25.87
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mwzeom.zeotap.com/mw?zpartnerid=1384&env=mWeb&gdpr=0&gdpr_consent=&cid=42506BB5-4699-4248-8DC1-E5C15A48A7E9

Requested by

Host: www.sanook.com
URL: https://www.sanook.com/women/220941/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.22.25.87 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 05:03:30 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
strict-transport-security: max-age=2592000; includeSubDomains; preload
vary: Origin
content-type: image/png
access-control-allow-origin: https://ads.pubmatic.com
access-control-allow-credentials: true
cf-ray: 7de362366cc42dcf-TBS
access-control-allow-headers: *
content-length: 95

GET
H/1.1

200
OK

info2
uipglob.semasio.net/pubmatic/1/ Frame 3FF2
Redirect Chain

https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=42506BB5-4699-4248-8DC1-E5C15A48A7E9&sInitiator=external&gdpr=0&gdpr_consent=
https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=42506BB5-4699-4248-8DC1-E5C15A48A7E9&sInitiator=external&gdpr=0&gdpr_consent=

42 B
603 B

435ms
146ms

Image
image/gif

77.243.51.121
NETIC-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=42506BB5-4699-4248-8DC1-E5C15A48A7E9&sInitiator=external&gdpr=0&gdpr_consent=
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/women/220941/
Protocol: HTTP/1.1
Server: 77.243.51.121 , Denmark, ASN42697 (NETIC-AS, DK),
Reverse DNS
Software: /
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 28 Jun 2023 05:03:39 GMT
frontend-id: 8
p3p: policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
content-type: image/gif
uip-response-status: Ok
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
access-control-allow-origin: *
content-length: 42
routing-server-id: -1
expires: Sat, 01 Jan 2011 12:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 28 Jun 2023 05:03:39 GMT
frontend-id: 0
p3p: policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
location: /pubmatic/1/info2?sType=sync&sExtCookieId=42506BB5-4699-4248-8DC1-E5C15A48A7E9&sInitiator=external&gdpr=0&gdpr_consent=
uip-response-status: Ok
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
access-control-allow-origin: *
content-length: 0
routing-server-id: -1
expires: Sat, 01 Jan 2011 12:00:00 GMT

GET
H2

200

mw
mwzeom.zeotap.com/ Frame 3FF2
Redirect Chain

https://pixel.onaudience.com/?partner=214&mapped=42506BB5-4699-4248-8DC1-E5C15A48A7E9&gdpr=0&gdpr_consent=
https://spl.zeotap.com/?zdid=1332&zcluid=e771f140bf994c89
https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=c52fb549-65d1-45c5-7fa5-4f344063ed70&reqId=e7fe82a3-59f9-4db7-50a6-c965b693822a&zclui...
https://mwzeom.zeotap.com/mw?google_gid=CAESEGhLOFf2sfMf27h94KX0hpY&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=c52fb549-65d1-45c5-7fa5-4f344063ed70&reqId=e7fe82a3-59f9-4db7-50a6-c96...

95 B
177 B

147ms
143ms

Image
image/png

104.22.25.87
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mwzeom.zeotap.com/mw?google_gid=CAESEGhLOFf2sfMf27h94KX0hpY&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=c52fb549-65d1-45c5-7fa5-4f344063ed70&reqId=e7fe82a3-59f9-4db7-50a6-c965b693822a&zcluid=e771f140bf994c89&zdid=1332

Requested by

Host: www.sanook.com
URL: https://www.sanook.com/women/220941/

Protocol

Server

104.22.25.87 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 05:03:32 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
strict-transport-security: max-age=2592000; includeSubDomains; preload
vary: Origin
content-type: image/png
access-control-allow-origin: https://ads.pubmatic.com
access-control-allow-credentials: true
cf-ray: 7de362417b442dcf-TBS
access-control-allow-headers: *
content-length: 95

Redirect headers

pragma: no-cache
date: Wed, 28 Jun 2023 05:03:31 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://mwzeom.zeotap.com/mw?google_gid=CAESEGhLOFf2sfMf27h94KX0hpY&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=c52fb549-65d1-45c5-7fa5-4f344063ed70&reqId=e7fe82a3-59f9-4db7-50a6-c965b693822a&zcluid=e771f140bf994c89&zdid=1332
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 469
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame 3FF2
Redirect Chain

https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent=
https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=3&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=eaf7987f-1ab0-414f-a31f-66e7537a6763-649bbf24-4745&gdpr=0&gdpr_consent=

42 B
265 B

141ms
140ms

Image
image/gif

198.47.127.205
GTT-BACKBONE GTT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=eaf7987f-1ab0-414f-a31f-66e7537a6763-649bbf24-4745&gdpr=0&gdpr_consent=
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/women/220941/
Protocol: H2
Server: 198.47.127.205 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type: image/gif; charset=utf-8
date: Wed, 28 Jun 2023 05:03:31 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Wed, 28 Jun 2023 05:03:32 GMT
server: A
p3p: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=eaf7987f-1ab0-414f-a31f-66e7537a6763-649bbf24-4745&gdpr=0&gdpr_consent=
cache-control: max-age=0,no-cache,no-store
content-length: 0
expires: Tue, 11 Oct 1977 12:34:56 GMT

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame 3FF2
Redirect Chain

https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:7fef221a-1c7d-4195-9178-8820603dd4c1&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw

42 B
95 B

150ms
150ms

Image
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:7fef221a-1c7d-4195-9178-8820603dd4c1&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/women/220941/
Protocol: H2
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type: image/gif; charset=utf-8
date: Wed, 28 Jun 2023 05:03:31 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Location: https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:7fef221a-1c7d-4195-9178-8820603dd4c1&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Date: Wed, 28 Jun 2023 05:03:31 GMT
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=5, max=3000
Content-Length: 0
P3P: policyref="/w3c/p3p.xml", CP="DSP NON LAW OUR CUR DEVo PSAo PSDo IND STA NAV COM INT"

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame 3FF2
Redirect Chain

https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=5765200872278922785

42 B
95 B

156ms
150ms

Image
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=5765200872278922785
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/women/220941/
Protocol: H2
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type: image/gif; charset=utf-8
date: Wed, 28 Jun 2023 05:03:33 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date: Wed, 28 Jun 2023 05:03:33 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 91.239.206.181; 91.239.206.181; 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: ca6c2ace-e38f-49f5-88f3-e32db87b7bfd
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=5765200872278922785
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxVHCTrFmlrfmskY_zgtLgTT9Fp7d7ph-fGNX0qXkP25BxGhKNm7JxAxQHTyq_ziBchrj0qr8gn6dqQh8HfyUlXFnYxNO7FWoGrPfygRLSWkuxGLXQi1Igc6N35iU1kz0Zu5LQfEpw==

Requested by

Host: www.sanook.com
URL: https://www.sanook.com/women/220941/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.238 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f14.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-_lahFtpQ-9OAaYvwipSBEQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.sanook.com/
accept-language: ka-GE,ka;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 28 Jun 2023 05:03:29 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-_lahFtpQ-9OAaYvwipSBEQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://www.sanook.com
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxVHCTrFmlrfmskY_zgtLgTT9Fp7d7ph-fGNX0qXkP25BxGhKNm7JxAxQHTyq_ziBchrj0qr8gn6dqQh8HfyUlXFnYxNO7FWoGrPfygRLSWkuxGLXQi1Igc6N35iU1kz0Zu5LQfEpw==

Requested by

Host: www.sanook.com
URL: https://www.sanook.com/women/220941/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.238 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f14.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-HsByLukuKNF-BwfMwTbknw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.sanook.com/
accept-language: ka-GE,ka;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 28 Jun 2023 05:03:29 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-HsByLukuKNF-BwfMwTbknw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
access-control-allow-origin: https://www.sanook.com
access-control-allow-methods: POST, GET, OPTIONS
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 AGSKWxVaDwp97xlAZKb1gTNqNT_KTOTp5imXNrXbS2ivPymJ3VNA9-MnhsedGPyiEH1NuYUYKxed0f-_EvboZv9tq5MhUd6FDkMqi40zASZIGrE1SVGVlS6FEftsu9hy-rT58cAAUXNdCQ== Show response
fundingchoicesmessages.google.com/f/ 3 KB
2 KB 180ms
180ms Script
application/javascript 142.250.181.238
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxVaDwp97xlAZKb1gTNqNT_KTOTp5imXNrXbS2ivPymJ3VNA9-MnhsedGPyiEH1NuYUYKxed0f-_EvboZv9tq5MhUd6FDkMqi40zASZIGrE1SVGVlS6FEftsu9hy-rT58cAAUXNdCQ==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNjg3OTI4NjA5LDQyMDAwMDAwXSxudWxsLG51bGwsbnVsbCxbbnVsbCxbNywxMCw2XSxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCwxXSwiaHR0cHM6Ly93d3cuc2Fub29rLmNvbS93b21lbi8yMjA5NDEvIixudWxsLFtbOCwiSWN1ZlFJTEVTcGMiXSxbOSwiZW4tVVMiXSxbMTYsIlsxLDEsMV0iXSxbMTksIjIiXV1d

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.238 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f14.1e100.net

Software

ESF /

Resource Hash

fb0b7f80bdd77b5081047d7bccf6f1d6b484b111db13f6d6ebfa19885613a626

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-iqkxOwAFSP9zBLqE-iMImQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 05:03:29 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-iqkxOwAFSP9zBLqE-iMImQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 mw
mwzeom.zeotap.com/ Frame 3DB0 95 B
234 B 1378ms
154ms Image
image/png 104.22.25.87
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mwzeom.zeotap.com/mw?zpartnerid=1384&env=mWeb&gdpr=0&gdpr_consent=&cid=42506BB5-4699-4248-8DC1-E5C15A48A7E9

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=155976

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.22.25.87 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 05:03:30 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
strict-transport-security: max-age=2592000; includeSubDomains; preload
vary: Origin
content-type: image/png
access-control-allow-origin: https://ads.pubmatic.com
access-control-allow-credentials: true
cf-ray: 7de362366cc52dcf-TBS
access-control-allow-headers: *
content-length: 95

GET
H/1.1

200
OK

info2
uipglob.semasio.net/pubmatic/1/ Frame 3DB0
Redirect Chain

https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=42506BB5-4699-4248-8DC1-E5C15A48A7E9&sInitiator=external&gdpr=0&gdpr_consent=
https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=42506BB5-4699-4248-8DC1-E5C15A48A7E9&sInitiator=external&gdpr=0&gdpr_consent=

42 B
604 B

311ms
148ms

Image
image/gif

77.243.51.121
NETIC-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=42506BB5-4699-4248-8DC1-E5C15A48A7E9&sInitiator=external&gdpr=0&gdpr_consent=
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/women/220941/
Protocol: HTTP/1.1
Server: 77.243.51.121 , Denmark, ASN42697 (NETIC-AS, DK),
Reverse DNS
Software: /
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 28 Jun 2023 05:03:39 GMT
frontend-id: 12
p3p: policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
content-type: image/gif
uip-response-status: Ok
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
access-control-allow-origin: *
content-length: 42
routing-server-id: -1
expires: Sat, 01 Jan 2011 12:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 28 Jun 2023 05:03:39 GMT
frontend-id: 12
p3p: policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
location: /pubmatic/1/info2?sType=sync&sExtCookieId=42506BB5-4699-4248-8DC1-E5C15A48A7E9&sInitiator=external&gdpr=0&gdpr_consent=
uip-response-status: Ok
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
access-control-allow-origin: *
content-length: 0
routing-server-id: -1
expires: Sat, 01 Jan 2011 12:00:00 GMT

GET
H2

200

52799
stags.bluekai.com/site/ Frame 3DB0
Redirect Chain

https://pixel.onaudience.com/?partner=214&mapped=42506BB5-4699-4248-8DC1-E5C15A48A7E9&gdpr=0&gdpr_consent=
https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=33487fbd3a089494/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%...
https://pixel.onaudience.com/?partner=104&icm&cver&mapped=7b6ef12cee5319d15451f11f38c32124&gdpr=0
https://pixel.onaudience.com/?partner=282&icm&cver&gdpr=0&smartmap=1&redirect=stags.bluekai.com%2Fsite%2F52799%3Fid%3D%25m
https://stags.bluekai.com/site/52799?id=8accbb1a521eef32

62 B
429 B

562ms
275ms

Image
image/gif

2.18.160.221
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://stags.bluekai.com/site/52799?id=8accbb1a521eef32
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/women/220941/
Protocol: H2
Server: 2.18.160.221 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-160-221.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
date: Wed, 28 Jun 2023 05:03:32 GMT
content-length: 62
content-type: image/gif

Redirect headers

location: https://stags.bluekai.com/site/52799?id=8accbb1a521eef32
content-length: 0

GET
H2

200

match Show response
c1.adform.net/serving/cookie/ Frame C382
Redirect Chain

https://c1.adform.net/serving/cookie/match?party=14&cid=42506BB5-4699-4248-8DC1-E5C15A48A7E9&gdpr=0&gdpr_consent=
https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=42506BB5-4699-4248-8DC1-E5C15A48A7E9&gdpr=0&gdpr_consent=

35 B
591 B

165ms
164ms

Document
image/gif

37.157.6.243
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=42506BB5-4699-4248-8DC1-E5C15A48A7E9&gdpr=0&gdpr_consent=

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=155976

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.243 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: ka-GE,ka;q=0.9

Response headers

accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: no-cache, no-store, must-revalidate, no-transform
content-type: image/gif
date: Wed, 28 Jun 2023 05:03:32 GMT
expires: -1
pragma: no-cache
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains

Redirect headers

accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: no-cache, no-store, must-revalidate, no-transform
content-length: 0
date: Wed, 28 Jun 2023 05:03:32 GMT
expires: -1
location: https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=42506BB5-4699-4248-8DC1-E5C15A48A7E9&gdpr=0&gdpr_consent=
pragma: no-cache
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame 3DB0
Redirect Chain

https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent=
https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=3&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=eaf7987f-1ab0-414f-a31f-66e7537a6763-649bbf24-4745&gdpr=0&gdpr_consent=

42 B
265 B

139ms
139ms

Image
image/gif

198.47.127.205
GTT-BACKBONE GTT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=eaf7987f-1ab0-414f-a31f-66e7537a6763-649bbf24-4745&gdpr=0&gdpr_consent=
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/women/220941/
Protocol: H2
Server: 198.47.127.205 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type: image/gif; charset=utf-8
date: Wed, 28 Jun 2023 05:03:31 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Wed, 28 Jun 2023 05:03:31 GMT
server: A
p3p: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=eaf7987f-1ab0-414f-a31f-66e7537a6763-649bbf24-4745&gdpr=0&gdpr_consent=
cache-control: max-age=0,no-cache,no-store
content-length: 0
expires: Tue, 11 Oct 1977 12:34:56 GMT

GET
H2

200

b9pj45k4 Show response
sync-tm.everesttech.net/ct/upi/pid/ Frame 759B
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_con...
https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_...

85 B
168 B

136ms
133ms

Document
image/png

151.101.2.49
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=&_test=ZJu-IQAVD0uuqQBL
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=155976
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.2.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Jetty(9.4.35.v20201120) /
Resource Hash: acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: ka-GE,ka;q=0.9

Response headers

accept-ranges: bytes
age: 12
cache-control: no-cache
content-length: 85
content-type: image/png
date: Wed, 28 Jun 2023 05:03:29 GMT
pragma: no-cache
server: Jetty(9.4.35.v20201120)
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 28
x-served-by: cache-mxp6948-MXP
x-timer: S1687928610.639012,VS0,VE0

Redirect headers

accept-ranges: bytes
access-control-allow-origin: *
cache-control: no-cache
content-length: 0
date: Wed, 28 Jun 2023 05:03:29 GMT
location: https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=&_test=ZJu-IQAVD0uuqQBL
p3p: CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
pragma: no-cache
server: Jetty(9.4.35.v20201120)
via: 1.1 varnish
x-cache: MISS
x-cache-hits: 0
x-served-by: cache-mxp6948-MXP
x-timer: S1687928609.391179,VS0,VE100

GET
H2 200 bridge Show response
cm.adgrx.com/ Frame 7E8F 0
220 B 493ms
149ms Document
text/plain 72.251.241.204
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=155976
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 72.251.241.204 Amsterdam, Netherlands, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software: Cowboy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: ka-GE,ka;q=0.9

Response headers

access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, proxy-revalidate
content-length: 0
date: Wed, 28 Jun 2023 05:03:29 GMT
expires: Thu, 23 Sep 2004 17:42:04 GMT
p3p: CP="NOI OTC OTP OUR NOR"
pragma: no-cache
server: Cowboy
x-realserver-nx: ams-delivery-6

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame 3DB0
Redirect Chain

https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:4c257309-1168-4e9c-a40b-942a7ed9cc59&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw

42 B
95 B

147ms
145ms

Image
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:4c257309-1168-4e9c-a40b-942a7ed9cc59&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/women/220941/
Protocol: H2
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type: image/gif; charset=utf-8
date: Wed, 28 Jun 2023 05:03:32 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Location: https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:4c257309-1168-4e9c-a40b-942a7ed9cc59&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Date: Wed, 28 Jun 2023 05:03:31 GMT
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=5, max=2999
Content-Length: 0
P3P: policyref="/w3c/p3p.xml", CP="DSP NON LAW OUR CUR DEVo PSAo PSDo IND STA NAV COM INT"

GET
H2

200

Pug Show response
image2.pubmatic.com/AdServer/ Frame ACB2
Redirect Chain

https://cm-supply-web.gammaplatform.com/adx/usersyncsupply?pid=7&t=pixel
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTkmdGw9NDMyMDA=&piggybackCookie=pcntjmjbmkh9

42 B
231 B

149ms
148ms

Document
image/gif

198.47.127.205
GTT-BACKBONE GTT

General

Check archive.org

Show headers Download Go to

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTkmdGw9NDMyMDA=&piggybackCookie=pcntjmjbmkh9
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=155976
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 198.47.127.205 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: ka-GE,ka;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Wed, 28 Jun 2023 05:03:30 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

accept-encoding: utf-8
cache-control: no-cache, no-store
content-length: 0
date: Wed, 28 Jun 2023 05:03:32 GMT
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTkmdGw9NDMyMDA=&piggybackCookie=pcntjmjbmkh9
lws: 123
strict-transport-security: max-age=31536000; includeSubDomains
time-ms: 0

GET
H2 200 cm Show response
ipac.ctnsnet.com/int/ Frame 40D5 43 B
369 B 2114ms
140ms Document
image/gif 35.186.193.173
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ipac.ctnsnet.com/int/cm?exc=14&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=[user_id]
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=155976
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.193.173 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 173.193.186.35.bc.googleusercontent.com
Software: Apache-Coyote/1.1 /
Resource Hash: 98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: ka-GE,ka;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-length: 43
content-type: image/gif
date: Wed, 28 Jun 2023 05:03:31 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: CP="NOI DSP COR NID CUR OUR NOR"
pragma: no-cache
server: Apache-Coyote/1.1
via: 1.1 google

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame C62D
Redirect Chain

https://csync.loopme.me/?pubid=11331&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={viewer_token}
https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}

0
74 B

147ms
147ms

Document
text/html

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=155976
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: ka-GE,ka;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Wed, 28 Jun 2023 05:03:30 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

content-length: 0
date: Wed, 28 Jun 2023 05:03:30 GMT
location: https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
server: _

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame 4D19
Redirect Chain

https://ad.mrtnsvr.com/sync/pubmatic?gdpr=0&gdpr_consent=
https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0NTgmdGw9MTI5NjAw%26piggybackCookie%3D%23PM_USER_ID%26gdpr...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTgmdGw9MTI5NjAw&piggybackCookie=42506BB5-4699-4248-8DC1-E5C15A48A7E9&gdpr=0&gdpr_consent=

42 B
364 B

150ms
148ms

Document
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTgmdGw9MTI5NjAw&piggybackCookie=42506BB5-4699-4248-8DC1-E5C15A48A7E9&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=155976
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: ka-GE,ka;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Wed, 28 Jun 2023 05:03:32 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

content-length: 0
content-type: text/html; charset=UTF-8
date: Wed, 28 Jun 2023 05:03:30 GMT
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTgmdGw9MTI5NjAw&piggybackCookie=42506BB5-4699-4248-8DC1-E5C15A48A7E9&gdpr=0&gdpr_consent=
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET cookiesync
core.iprom.net/ Frame 91A5 0
0

GET i.match
a.tribalfusion.com/ Frame 6F29 0
0

GET
H2

200

Pug Show response
image2.pubmatic.com/AdServer/ Frame B5FF
Redirect Chain

https://green.erne.co/pubmatic/cm?gdpr=0&gdpr_consent=
https://pixel-eu.onaudience.com/?partner=270&smartmap=1&gdpr=0&gdpr_consent=&redirect=image2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%26piggybackCookie%3D%25...
https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=6870c14f802cf9ad/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel-eu.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%...
https://pixel-eu.onaudience.com/?partner=104&icm&cver&mapped=7b6ef12cee5319d15451f11f38c32124&gdpr=0&redirect=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI4OD...
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=H1I2i050USTajbWMSaXjMRgQ&gdpr=0&gdpr_consent=

42 B
280 B

139ms
138ms

Document
image/gif

198.47.127.205
GTT-BACKBONE GTT

General

Check archive.org

Show headers Download Go to

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=H1I2i050USTajbWMSaXjMRgQ&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=155976
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 198.47.127.205 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: ka-GE,ka;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Wed, 28 Jun 2023 05:03:32 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

content-length: 0
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=H1I2i050USTajbWMSaXjMRgQ&gdpr=0&gdpr_consent=

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame 360F
Redirect Chain

https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent=
https://sync.1rx.io/usersync2/pubmatic?zcc=1&cb=1687928611381
https://ad.turn.com/r/cs?pid=45&rndcb=3494956149
https://sync.1rx.io/usersync/turn/8328107424253339475?dspret=1&gdpr=&gdpr_consent=&us_privacy=
https://sync.targeting.unrulymedia.com/csync/RX-605987e8-8e92-48ec-9109-eef3cab2fa93-003?redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA%...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-605987e8-8e92-48ec-9109-eef3cab2fa93-003

42 B
254 B

148ms
148ms

Document
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-605987e8-8e92-48ec-9109-eef3cab2fa93-003
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=155976
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: ka-GE,ka;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Wed, 28 Jun 2023 05:03:32 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

content-type: text/html
date: Wed, 28 Jun 2023 05:03:32 GMT
etag: RX605987e88e9248ec9109eef3cab2fa93003
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-605987e8-8e92-48ec-9109-eef3cab2fa93-003
p3p: CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"

GET
H/1.1 204
No Content pub
matching.truffle.bid/sync/ Frame 64AC 0
0 1508ms
139ms Document
text/plain 23.88.86.2
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://matching.truffle.bid/sync/pub?sid=161&suid=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NDQmdGw9MjAxNjA=&piggybackCookie=$UID

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=155976

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

23.88.86.2 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.2.86.88.23.clients.your-server.de

Software

nginx/1.23.1 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: ka-GE,ka;q=0.9

Response headers

Connection: keep-alive
Date: Wed, 28 Jun 2023 05:03:30 GMT
Server: nginx/1.23.1
Strict-Transport-Security: max-age=15768000

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame 3DB0
Redirect Chain

https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=5765200872278922785

42 B
95 B

155ms
149ms

Image
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=5765200872278922785
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/women/220941/
Protocol: H2
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type: image/gif; charset=utf-8
date: Wed, 28 Jun 2023 05:03:33 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date: Wed, 28 Jun 2023 05:03:33 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 91.239.206.181; 91.239.206.181; 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: 37640f9f-3903-4b9f-b4a7-5d97f421d4e7
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=5765200872278922785
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame 0ED1
Redirect Chain

https://um.simpli.fi/pm_match?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:7E612F18E5434AC5AE4AC517E1E74AFD&gdpr=0&gdpr_consent=

1 B
53 B

166ms
163ms

Document
text/html

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:7E612F18E5434AC5AE4AC517E1E74AFD&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=155976
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: ka-GE,ka;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 1
content-type: text/html; charset=utf-8
date: Wed, 28 Jun 2023 05:03:29 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
cache-control: no-cache
content-length: 142
content-type: text/html
date: Wed, 28 Jun 2023 05:03:29 GMT
expires: Tue, 27 Jun 2023 05:03:29 GMT
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:7E612F18E5434AC5AE4AC517E1E74AFD&gdpr=0&gdpr_consent=
server: openresty
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff

GET
H2 200 mw
mwzeom.zeotap.com/ Frame 0D28 95 B
234 B 1293ms
142ms Image
image/png 104.22.25.87
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mwzeom.zeotap.com/mw?zpartnerid=1384&env=mWeb&gdpr=0&gdpr_consent=&cid=42506BB5-4699-4248-8DC1-E5C15A48A7E9

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=155976

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.22.25.87 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 05:03:30 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
strict-transport-security: max-age=2592000; includeSubDomains; preload
vary: Origin
content-type: image/png
access-control-allow-origin: https://ads.pubmatic.com
access-control-allow-credentials: true
cf-ray: 7de362366cc62dcf-TBS
access-control-allow-headers: *
content-length: 95

GET
H/1.1

200
OK

info2
uipglob.semasio.net/pubmatic/1/ Frame 0D28
Redirect Chain

https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=42506BB5-4699-4248-8DC1-E5C15A48A7E9&sInitiator=external&gdpr=0&gdpr_consent=
https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=42506BB5-4699-4248-8DC1-E5C15A48A7E9&sInitiator=external&gdpr=0&gdpr_consent=

42 B
604 B

267ms
148ms

Image
image/gif

77.243.51.121
NETIC-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=42506BB5-4699-4248-8DC1-E5C15A48A7E9&sInitiator=external&gdpr=0&gdpr_consent=
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/women/220941/
Protocol: HTTP/1.1
Server: 77.243.51.121 , Denmark, ASN42697 (NETIC-AS, DK),
Reverse DNS
Software: /
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 28 Jun 2023 05:03:39 GMT
frontend-id: 15
p3p: policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
content-type: image/gif
uip-response-status: Ok
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
access-control-allow-origin: *
content-length: 42
routing-server-id: -1
expires: Sat, 01 Jan 2011 12:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 28 Jun 2023 05:03:39 GMT
frontend-id: 6
p3p: policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
location: /pubmatic/1/info2?sType=sync&sExtCookieId=42506BB5-4699-4248-8DC1-E5C15A48A7E9&sInitiator=external&gdpr=0&gdpr_consent=
uip-response-status: Ok
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
access-control-allow-origin: *
content-length: 0
routing-server-id: -1
expires: Sat, 01 Jan 2011 12:00:00 GMT

GET
H/1.1

200
OK

/
pixel.onaudience.com/ Frame 0D28
Redirect Chain

https://pixel.onaudience.com/?partner=214&mapped=42506BB5-4699-4248-8DC1-E5C15A48A7E9&gdpr=0&gdpr_consent=
https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=0
https://pixel.onaudience.com/?partner=147&mapped=afa44a28-be32-4884-b7e2-2e84609cee3b&icm&gdpr=0&gdpr_consent=&cver

35 B
248 B

265ms
139ms

Image
image/gif

141.94.171.216
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.onaudience.com/?partner=147&mapped=afa44a28-be32-4884-b7e2-2e84609cee3b&icm&gdpr=0&gdpr_consent=&cver
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/women/220941/
Protocol: HTTP/1.1
Server: 141.94.171.216 , France, ASN16276 (OVH, FR),
Reverse DNS: pikafka-eu-10.cloudy.ovh
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-length: 35
content-type: image/gif

Redirect headers

pragma: no-cache
date: Wed, 28 Jun 2023 05:03:32 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://pixel.onaudience.com/?partner=147&mapped=afa44a28-be32-4884-b7e2-2e84609cee3b&icm&gdpr=0&gdpr_consent=&cver
content-type: text/html
cache-control: private,no-cache, must-revalidate
content-length: 261

GET
H2

200

match Show response
c1.adform.net/serving/cookie/ Frame CF4F
Redirect Chain

https://c1.adform.net/serving/cookie/match?party=14&cid=42506BB5-4699-4248-8DC1-E5C15A48A7E9&gdpr=0&gdpr_consent=
https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=42506BB5-4699-4248-8DC1-E5C15A48A7E9&gdpr=0&gdpr_consent=

35 B
591 B

167ms
166ms

Document
image/gif

37.157.6.243
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=42506BB5-4699-4248-8DC1-E5C15A48A7E9&gdpr=0&gdpr_consent=

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=155976

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.243 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: ka-GE,ka;q=0.9

Response headers

accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: no-cache, no-store, must-revalidate, no-transform
content-type: image/gif
date: Wed, 28 Jun 2023 05:03:32 GMT
expires: -1
pragma: no-cache
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains

Redirect headers

accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: no-cache, no-store, must-revalidate, no-transform
content-length: 0
date: Wed, 28 Jun 2023 05:03:32 GMT
expires: -1
location: https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=42506BB5-4699-4248-8DC1-E5C15A48A7E9&gdpr=0&gdpr_consent=
pragma: no-cache
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame 0D28
Redirect Chain

https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent=
https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=3&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=eaf7987f-1ab0-414f-a31f-66e7537a6763-649bbf24-4745&gdpr=0&gdpr_consent=

42 B
264 B

140ms
140ms

Image
image/gif

198.47.127.205
GTT-BACKBONE GTT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=eaf7987f-1ab0-414f-a31f-66e7537a6763-649bbf24-4745&gdpr=0&gdpr_consent=
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/women/220941/
Protocol: H2
Server: 198.47.127.205 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type: image/gif; charset=utf-8
date: Wed, 28 Jun 2023 05:03:32 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Wed, 28 Jun 2023 05:03:31 GMT
server: A
p3p: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=eaf7987f-1ab0-414f-a31f-66e7537a6763-649bbf24-4745&gdpr=0&gdpr_consent=
cache-control: max-age=0,no-cache,no-store
content-length: 0
expires: Tue, 11 Oct 1977 12:34:56 GMT

GET
H2

200

b9pj45k4 Show response
sync-tm.everesttech.net/ct/upi/pid/ Frame BCAF
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_con...
https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_...

85 B
147 B

137ms
134ms

Document
image/png

151.101.2.49
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=&_test=ZJu-IQADG4Fv3AAz
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=155976
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.2.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Jetty(9.4.35.v20201120) /
Resource Hash: acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: ka-GE,ka;q=0.9

Response headers

accept-ranges: bytes
age: 12
cache-control: no-cache
content-length: 85
content-type: image/png
date: Wed, 28 Jun 2023 05:03:29 GMT
pragma: no-cache
server: Jetty(9.4.35.v20201120)
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 29
x-served-by: cache-mxp6948-MXP
x-timer: S1687928610.639202,VS0,VE0

Redirect headers

accept-ranges: bytes
access-control-allow-origin: *
cache-control: no-cache
content-length: 0
date: Wed, 28 Jun 2023 05:03:29 GMT
location: https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=&_test=ZJu-IQADG4Fv3AAz
p3p: CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
pragma: no-cache
server: Jetty(9.4.35.v20201120)
via: 1.1 varnish
x-cache: MISS
x-cache-hits: 0
x-served-by: cache-mxp6948-MXP
x-timer: S1687928609.391167,VS0,VE101

GET
H2 200 bridge Show response
cm.adgrx.com/ Frame 5FBB 0
220 B 420ms
150ms Document
text/plain 72.251.241.204
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=155976
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 72.251.241.204 Amsterdam, Netherlands, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software: Cowboy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: ka-GE,ka;q=0.9

Response headers

access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, proxy-revalidate
content-length: 0
date: Wed, 28 Jun 2023 05:03:29 GMT
expires: Thu, 23 Sep 2004 17:42:04 GMT
p3p: CP="NOI OTC OTP OUR NOR"
pragma: no-cache
server: Cowboy
x-realserver-nx: ams-delivery-6

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame 0D28
Redirect Chain

https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:945e7e9f-6780-4798-a233-349853bec454&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw

42 B
95 B

146ms
145ms

Image
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:945e7e9f-6780-4798-a233-349853bec454&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/women/220941/
Protocol: H2
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type: image/gif; charset=utf-8
date: Wed, 28 Jun 2023 05:03:32 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Location: https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:945e7e9f-6780-4798-a233-349853bec454&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Date: Wed, 28 Jun 2023 05:03:32 GMT
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=5, max=2998
Content-Length: 0
P3P: policyref="/w3c/p3p.xml", CP="DSP NON LAW OUR CUR DEVo PSAo PSDo IND STA NAV COM INT"

GET
H2

200

Pug Show response
image2.pubmatic.com/AdServer/ Frame CE7B
Redirect Chain

https://cm-supply-web.gammaplatform.com/adx/usersyncsupply?pid=7&t=pixel
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTkmdGw9NDMyMDA=&piggybackCookie=6jn4bzc6a1r8

42 B
309 B

141ms
141ms

Document
image/gif

198.47.127.205
GTT-BACKBONE GTT

General

Check archive.org

Show headers Download Go to

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTkmdGw9NDMyMDA=&piggybackCookie=6jn4bzc6a1r8
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=155976
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 198.47.127.205 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: ka-GE,ka;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Wed, 28 Jun 2023 05:03:31 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

accept-encoding: utf-8
cache-control: no-cache, no-store
content-length: 0
date: Wed, 28 Jun 2023 05:03:31 GMT
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTkmdGw9NDMyMDA=&piggybackCookie=6jn4bzc6a1r8
lws: 126
strict-transport-security: max-age=31536000; includeSubDomains
time-ms: 0

GET
H2 200 cm Show response
ipac.ctnsnet.com/int/ Frame 4660 43 B
203 B 2038ms
141ms Document
image/gif 35.186.193.173
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ipac.ctnsnet.com/int/cm?exc=14&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=[user_id]
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=155976
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.193.173 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 173.193.186.35.bc.googleusercontent.com
Software: Apache-Coyote/1.1 /
Resource Hash: 98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: ka-GE,ka;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-length: 43
content-type: image/gif
date: Wed, 28 Jun 2023 05:03:30 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: CP="NOI DSP COR NID CUR OUR NOR"
pragma: no-cache
server: Apache-Coyote/1.1
via: 1.1 google

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame C63B
Redirect Chain

https://csync.loopme.me/?pubid=11331&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={viewer_token}
https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}

0
74 B

146ms
146ms

Document
text/html

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=155976
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: ka-GE,ka;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Wed, 28 Jun 2023 05:03:30 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

content-length: 0
date: Wed, 28 Jun 2023 05:03:30 GMT
location: https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
server: _

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame A5AE
Redirect Chain

https://ad.mrtnsvr.com/sync/pubmatic?gdpr=0&gdpr_consent=
https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0NTgmdGw9MTI5NjAw%26piggybackCookie%3D%23PM_USER_ID%26gdpr...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTgmdGw9MTI5NjAw&piggybackCookie=42506BB5-4699-4248-8DC1-E5C15A48A7E9&gdpr=0&gdpr_consent=

42 B
97 B

152ms
150ms

Document
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTgmdGw9MTI5NjAw&piggybackCookie=42506BB5-4699-4248-8DC1-E5C15A48A7E9&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=155976
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: ka-GE,ka;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Wed, 28 Jun 2023 05:03:32 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

content-length: 0
content-type: text/html; charset=UTF-8
date: Wed, 28 Jun 2023 05:03:30 GMT
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTgmdGw9MTI5NjAw&piggybackCookie=42506BB5-4699-4248-8DC1-E5C15A48A7E9&gdpr=0&gdpr_consent=
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET cookiesync
core.iprom.net/ Frame CA54 0
0

GET i.match
a.tribalfusion.com/ Frame DBBD 0
0

GET
H2

200

Pug Show response
image2.pubmatic.com/AdServer/ Frame 6C34
Redirect Chain

https://green.erne.co/pubmatic/cm?gdpr=0&gdpr_consent=
https://pixel-eu.onaudience.com/?partner=270&smartmap=1&gdpr=0&gdpr_consent=&redirect=image2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%26piggybackCookie%3D%25...
https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=e771f140bf994c89/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel-eu.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%...
https://pixel-eu.onaudience.com/?partner=104&icm&cver&mapped=7b6ef12cee5319d15451f11f38c32124&gdpr=0&redirect=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI4OD...
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=kODCF8PznTTbMbWahMRRWjSR&gdpr=0&gdpr_consent=

42 B
202 B

139ms
138ms

Document
image/gif

198.47.127.205
GTT-BACKBONE GTT

General

Check archive.org

Show headers Download Go to

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=kODCF8PznTTbMbWahMRRWjSR&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=155976
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 198.47.127.205 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: ka-GE,ka;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Wed, 28 Jun 2023 05:03:32 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

content-length: 0
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=kODCF8PznTTbMbWahMRRWjSR&gdpr=0&gdpr_consent=

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame A7D5
Redirect Chain

https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent=
https://sync.1rx.io/usersync2/pubmatic?zcc=1&cb=1687928611383
https://ad.turn.com/r/cs?pid=45&rndcb=6574296872
https://sync.1rx.io/usersync/turn/8328107424253339475?dspret=1&gdpr=&gdpr_consent=&us_privacy=
https://sync.targeting.unrulymedia.com/csync/RX-605987e8-8e92-48ec-9109-eef3cab2fa93-003?redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA%...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-605987e8-8e92-48ec-9109-eef3cab2fa93-003

42 B
333 B

153ms
152ms

Document
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-605987e8-8e92-48ec-9109-eef3cab2fa93-003
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=155976
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: ka-GE,ka;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Wed, 28 Jun 2023 05:03:31 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

content-type: text/html
date: Wed, 28 Jun 2023 05:03:32 GMT
etag: RX605987e88e9248ec9109eef3cab2fa93003
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-605987e8-8e92-48ec-9109-eef3cab2fa93-003
p3p: CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"

GET
H/1.1 204
No Content pub
matching.truffle.bid/sync/ Frame 564E 0
0 1592ms
137ms Document
text/plain 23.88.86.2
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://matching.truffle.bid/sync/pub?sid=161&suid=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NDQmdGw9MjAxNjA=&piggybackCookie=$UID

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=155976

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

23.88.86.2 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.2.86.88.23.clients.your-server.de

Software

nginx/1.23.1 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: ka-GE,ka;q=0.9

Response headers

Connection: keep-alive
Date: Wed, 28 Jun 2023 05:03:30 GMT
Server: nginx/1.23.1
Strict-Transport-Security: max-age=15768000

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame 0D28
Redirect Chain

https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=5765200872278922785

42 B
95 B

153ms
147ms

Image
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=5765200872278922785
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/women/220941/
Protocol: H2
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type: image/gif; charset=utf-8
date: Wed, 28 Jun 2023 05:03:33 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date: Wed, 28 Jun 2023 05:03:33 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 91.239.206.181; 91.239.206.181; 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: c5673259-1339-43f1-9a8d-59db2dbced7a
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=5765200872278922785
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame 33AC
Redirect Chain

https://um.simpli.fi/pm_match?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:7E612F18E5434AC5AE4AC517E1E74AFD&gdpr=0&gdpr_consent=

1 B
53 B

146ms
146ms

Document
text/html

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:7E612F18E5434AC5AE4AC517E1E74AFD&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=155976
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: ka-GE,ka;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 1
content-type: text/html; charset=utf-8
date: Wed, 28 Jun 2023 05:03:29 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
cache-control: no-cache
content-length: 142
content-type: text/html
date: Wed, 28 Jun 2023 05:03:29 GMT
expires: Tue, 27 Jun 2023 05:03:29 GMT
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:7E612F18E5434AC5AE4AC517E1E74AFD&gdpr=0&gdpr_consent=
server: openresty
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame FBEC
Redirect Chain

https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&gdpr=0&us_privacy=1---
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=IxIjEy7_Q8WHcu4LTs9efA&rk=usync-na&gdpr=0
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=IxIjEy7_Q8WHcu4LTs9efA&gdpr=0

43 B
479 B

222ms
221ms

Image
image/gif

52.46.155.104
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=IxIjEy7_Q8WHcu4LTs9efA&gdpr=0

Requested by

Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=0&us_privacy=1---

Protocol

HTTP/1.1

Server

52.46.155.104 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 28 Jun 2023 05:03:30 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: MTVPQBFMS4RKRBY2SAHJ
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location: https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=IxIjEy7_Q8WHcu4LTs9efA&gdpr=0
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 4cdacfaa68e4ab216fffbcc107c5b898
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1

200
OK

tap.php
pixel.rubiconproject.com/ Frame FBEC
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc&gdpr=0&us_privacy=1---
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&gdpr=0&put=CAESEPPRg9EuE1JnBKjtGTCB51U&google_cver=1

42 B
723 B

131ms
131ms

Image
image/gif

69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&gdpr=0&put=CAESEPPRg9EuE1JnBKjtGTCB51U&google_cver=1
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=0&us_privacy=1---
Protocol: HTTP/1.1
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 42
X-RPHost: 4cdacfaa68e4ab216fffbcc107c5b898
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma: no-cache
date: Wed, 28 Jun 2023 05:03:29 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&gdpr=0&put=CAESEPPRg9EuE1JnBKjtGTCB51U&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 337
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

tap.php
pixel.rubiconproject.com/ Frame FBEC
Redirect Chain

https://match.adsrvr.org/track/cmf/rubicon?gdpr=0&us_privacy=1---
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=afa44a28-be32-4884-b7e2-2e84609cee3b&gdpr=0&gdpr_consent=&expires=30

42 B
723 B

247ms
133ms

Image
image/gif

69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=afa44a28-be32-4884-b7e2-2e84609cee3b&gdpr=0&gdpr_consent=&expires=30
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=0&us_privacy=1---
Protocol: HTTP/1.1
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 42
X-RPHost: 4cdacfaa68e4ab216fffbcc107c5b898
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma: no-cache
date: Wed, 28 Jun 2023 05:03:29 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=afa44a28-be32-4884-b7e2-2e84609cee3b&gdpr=0&gdpr_consent=&expires=30
content-type: text/html
cache-control: private,no-cache, must-revalidate
content-length: 289

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame FBEC
Redirect Chain

https://token.rubiconproject.com/token?pid=25470&gdpr=0&us_privacy=1---
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TEpGOTNaWEctMjgtRjJJUw==&gdpr=0&us_privacy=1---
https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&gdpr=0&google_gid=CAESEPij_7ps0vEWwEWFMPWvTCA&google_cver=1
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEpGOTNaWEctMjgtRjJJUw==&google_push=&gdpr=0

170 B
188 B

152ms
149ms

Image
image/png

142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEpGOTNaWEctMjgtRjJJUw==&google_push=&gdpr=0

Requested by

Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=0&us_privacy=1---

Protocol

Server

142.250.74.194 Staten Island, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 28 Jun 2023 05:03:31 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEpGOTNaWEctMjgtRjJJUw==&google_push=&gdpr=0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 4cdacfaa68e4ab216fffbcc107c5b898
Expires: 0

GET
H/1.1

200
OK

tap.php
pixel.rubiconproject.com/ Frame FBEC
Redirect Chain

https://token.rubiconproject.com/token?pid=2974&pt=n&a=1&gdpr=0&us_privacy=1---
https://pr-bh.ybp.yahoo.com/sync/rubicon/WqkqBYON2K9GtHsAnkoCHMn5EUdSAgOZEtemQ7w0kco?csrc=&gdpr=0&us_privacy=1---
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-N09JKepE2oLznC4QI8ACEJEMuajDuY.Pujzjyw--~A

42 B
723 B

131ms
130ms

Image
image/gif

69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-N09JKepE2oLznC4QI8ACEJEMuajDuY.Pujzjyw--~A
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=0&us_privacy=1---
Protocol: HTTP/1.1
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 42
X-RPHost: 4cdacfaa68e4ab216fffbcc107c5b898
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

date: Wed, 28 Jun 2023 05:03:31 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-N09JKepE2oLznC4QI8ACEJEMuajDuY.Pujzjyw--~A
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame FBEC
Redirect Chain

https://token.rubiconproject.com/token?pid=2249&pt=n&gdpr=0&us_privacy=1---
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NWI2YjkxNGRmYTBlMjI0ZmU4MGY1OWYwYmYzMGRlMGM4NTNlYTg1OA&gdpr=0&us_privacy=1---

170 B
188 B

144ms
142ms

Image
image/png

142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NWI2YjkxNGRmYTBlMjI0ZmU4MGY1OWYwYmYzMGRlMGM4NTNlYTg1OA&gdpr=0&us_privacy=1---

Requested by

Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=0&us_privacy=1---

Protocol

Server

142.250.74.194 Staten Island, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 28 Jun 2023 05:03:31 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NWI2YjkxNGRmYTBlMjI0ZmU4MGY1OWYwYmYzMGRlMGM4NTNlYTg1OA&gdpr=0&us_privacy=1---
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: de8527bfa1ccfd6c1590da0d3b6cff52
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2

200

setuid
px.ads.linkedin.com/ Frame FBEC
Redirect Chain

https://token.rubiconproject.com/token?pid=36584&gdpr=0&us_privacy=1---
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LJF93ZXG-28-F2IS&gdpr=0&us_privacy=1---

0
515 B

562ms
295ms

Image
text/plain

13.107.42.14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LJF93ZXG-28-F2IS&gdpr=0&us_privacy=1---
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=0&us_privacy=1---
Protocol: H2
Server: 13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 05:03:31 GMT
x-li-pop: afd-prod-ltx1-x
x-msedge-ref: Ref A: 875A162651124968B5ED0E2828CDD699 Ref B: VIEEDGE3417 Ref C: 2023-06-28T05:03:31Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-ltx1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAX/KYFP+2rFxVB+vVnxmg==

Redirect headers

Location: https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LJF93ZXG-28-F2IS&gdpr=0&us_privacy=1---
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: de8527bfa1ccfd6c1590da0d3b6cff52
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1

200
OK

ecm3
aax-eu.amazon-adsystem.com/s/ Frame FBEC
Redirect Chain

https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&gdpr=0&us_privacy=1---
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=eBbUyhMLRyucVzYCTzwr3w&rk=usync-other&gdpr=0
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=eBbUyhMLRyucVzYCTzwr3w&gdpr=0

43 B
479 B

169ms
169ms

Image
image/gif

67.220.228.203
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=eBbUyhMLRyucVzYCTzwr3w&gdpr=0

Requested by

Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=0&us_privacy=1---

Protocol

HTTP/1.1

Server

67.220.228.203 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 28 Jun 2023 05:03:30 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: 80T385222EQPHYSKD35B
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location: https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=eBbUyhMLRyucVzYCTzwr3w&gdpr=0
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 4cdacfaa68e4ab216fffbcc107c5b898
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

POST
H3 204 AGSKWxWn0OBmMQgfpc-A69a1JlNhwJB3RZ0-GE4HeJHB_5HhRvuDZHV91Jqk6tGDa1r5LNa1UvZF_kfn8oQOE_mUXVSEy1kOZqiYQkduDtiA31QY5ZXHr6a-uZVyyT8Den9TgzQLFiN31w== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 157ms
156ms XHR
text/html 142.250.181.238
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxWn0OBmMQgfpc-A69a1JlNhwJB3RZ0-GE4HeJHB_5HhRvuDZHV91Jqk6tGDa1r5LNa1UvZF_kfn8oQOE_mUXVSEy1kOZqiYQkduDtiA31QY5ZXHr6a-uZVyyT8Den9TgzQLFiN31w==

Requested by

Host: www.sanook.com
URL: https://www.sanook.com/women/220941/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.238 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f14.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-UFVesWUVdkLXNm9pceehWg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.sanook.com/
accept-language: ka-GE,ka;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 28 Jun 2023 05:03:29 GMT
content-security-policy: script-src 'report-sample' 'nonce-UFVesWUVdkLXNm9pceehWg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://www.sanook.com
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 608B 0
20 B 176ms
176ms Image
image/gif 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=B78vLHb-bZI6FIZWj3wPEzbWAAgAAAAA4AeAEAg&bg=!ODulO2_NAAYQ3eRoMN07ADkAdvg8WgKjnwe967tShs9jze3jvnKM_hEcahQWGTdmV1zH7Bw92fCtdc8DN-ey0TSjzSXtqjiA89UCAAACeFIAAAAIaAEHmQLnkr-3sGHNQJ_RYQF-6WAqZKiuASTuKM1qsH8QyXWOPpQYOTDMCqvPJIYkQwSwpml_fcK224K9Y8Syf0HKCiwl7_6ASSQIw7LOOhAEfJXraHyWcrcL2mCYI2ZKo5nGQI2WG0IeGe6H6bi3lWiTA9OVr9TC9_tuZ2rTBkTG-04EJzddeL-5tVP8Q5y0X9cDFz2LYsNmRBIu79VI7gkMgNB-gd4pw11bv7UvGeC9plWAynSdQYHV33d_fMNDbZlNr-dGSTykP9H8ZM5_AIeXf7Tv-nFpempspHG7LPht_kubvLOoaxp7_7pKWLjsqf86IOgVaZXVDZP2vBf8e29r9GdoAfWAxZz4I5TUdG2GJlXvKV6hMlIttXCTS5xJxOA3fM4W4P0O_U2rosGdzFvLdXvR95MdBLb-EIlc1AWFPPxMejHgJ3r08R8gEG3hhjh-qRV_heoC8YfK4jkrChcNWQi_ZS-YN6cRAEGrZoF7ypHjD3dyFBhVp0tlAYAV99XqncXjtBzVa40vWAyL6LSClHio9c3JtiAkGzeKu-jbV2TQlzKZEPwDgSHRdtRx1jgnmwYuwWUFS93TEcTKQ1SWvjdCZ9T6uS3BBaTFiJpU8lqWOwjsBeZQK3CNl0XSqMSf8O2OKZP_IWcI4G6YsoOquI5W2ForEddK6s0X_eFchK_STyhAkwNR-3zSTABY7rAVldj-DzJLsuWqJKftBJ1jJwh2HrjUpyJfLQeuyPrnzLHT2pI1ZEd8iOXd3RnPPOUslHDbEMLYTknuWvlCe42XMs9eHyxzxj6asVzPKtEoKda-EIceEZKd-l_yWcOSBDMmj4TZvRKYPjvfKFcyaHb_zuAHAXsn7MzuHjLKOi-iZYwfiDtHlFG_IIYL9V3Wd3rpznUzuR1cNmNN64auZW4-fv1AFTaeaZZGN3ECvFgpEsh82J5GnvXIeHzpBUKhE3estOx8Ct9KdPimKSh0SVPbKm_sCiQvEknan8w

Requested by

Host: www.sanook.com
URL: https://www.sanook.com/women/220941/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 28 Jun 2023 05:03:29 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 348D 0
20 B 169ms
168ms Image
image/gif 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BdzNHHb-bZJHDMqqm9u8PsvKpuA4AAAAAOAHgBAI&bg=!wsGlwZXNAAYQ3eRoMN07ADkAdvg8WtXsWvcKQSldQx0eipl2M6SpSryCxCOY1_fsIjnlyq1qAjj3y31dLdqRPFF-CQSZh7HNvRUCAAACglIAAAACaAEHCgB9p5YAeYO1AFleUghaO1WKpMXDaZhsGR8QsfULoRP5o2BnqCx12UVpi6EpZVCtoN8cBIPsAPvawKdpfhI3Ev1J637SdLCBvOQIY7bj3E3cJcKODwNCT6ySxVSsqJs5RTnbwS0UeM4-wfwaO_kgAM7uqXAwZ4NUn8GYLrXbyMiZAuxC5UXZFj6Na8RTB9g0p_7Im-ymppHvS-T8XaeAR2kf9Vlo-wWjBnRt50k8b8nABFJNOKq3rcdDx1QU8h5Hlgdf4NpvHBbTEPSUCvr-PlP6QqC2xQoIQJYH3R4IBk0lW-18JFTQ4Uzisk3qsmLxqU-WL90BGMhS3Y59G_MslTRUC1qfovkKDEJfifnkmgQHIqQWU6pIitOFZnwEWFgvD2H66VHU1RD5u2Xctgto7XBEYiz_On3xpP1ntJk5RHKW7MLnLaNhDJSWqdzgBa0TOUbrmlQDwNsXu9RFlNGTUojgv2wpxmLCivpn5XiDzpRFassvbdPO3WusPWdrjSYISH1_iut01HAxt2i-SKlk7qq9DZH3OZcQgJfu61p1bu2jcBXRP44mW_AvzmU2fIO59eRmrg8kW3bvpft0BmcF0zhj0WjzfiWwQmgaCqzPzMmEHwQvIlFHFQO-JmruAsVH3L6KNOQA7rQ04DplsXkQ0kqk01AwdZmYVxD0xkoQHx6H7KbPbNhVJbR9D2CF7rsdBgueO9L8c3J8UMHBJOfOTA3_GaaDdkj4PtU0wPSJQ3AlELaeLlUxIM4F4-x7q4P27HDNpV7Xl2Km9X6yn_a621and2Eo3H9jZlYo6PZEIk2HUtx-g2d_VY6V1_iFhBo10Q2lnTOA464jMqI4o8cLNTFlwQsF-BH0wZvCTXiF-oBT3ZaoXEGOflHhw9PqetDBzRpVC0geMEhl2Ru5TeXsCkOgnuEHqpZIxtSyp9FqxgvG3y4pod7UfZeFdTZWSzSetLqnd_MnUjN-VFAKXHoG_fA4tgE2DUSU447WyT2r7_QddU6IO6v1gA5eHwEYMQEcYiTJLm3aW4Hz2kf-kiLEPh3HXrCcpXETPqwkoVva5GqtDWe6PPgqBV0u58YiHpS3QQ7k45toT6oNXSmK-xya0g4zGH-dFyi9uhpXYgBBuWUnDfIrKl8KvYxm9_-A9zmeD-ZNguvl9w-q_X6bGL-z

Requested by

Host: www.sanook.com
URL: https://www.sanook.com/women/220941/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 28 Jun 2023 05:03:29 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 68B4 0
20 B 167ms
167ms Image
image/gif 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BuYZsHb-bZM3gMdCmgAe__qTQCgAAAAA4AeAEAg&bg=!GxilGEzNAAYQ3eRoMN07ADkAdvg8WgbQ0tw9r82ugyKILv8QbS7xFshp-XIpXyEDn3AkhGK7eVsDcZ9S7XH8fUIY9_46T5kkb5ICAAACtFIAAAADaAEHmQLrmuKvCVAO4BcQFq7yX5vYSX8dsTV5e6zsWOUdRcHGZbnjVe9ZOfm43IlXq54YjdHBjSb1dp_adZQQJZpQ6z4kBwN3nKixIBCgAHNNkfCEY2zru5p05hWaXKGBGUpvPy9wmRUPpEFDsh5ZMe3v8_LMD98dUHJ4-7ZrNNno5yKx1_iTs7btrxD_2GI5iEvFi6lQVdKoIaHc1qdkE4eOKT30gsYTVrEvpgWmTLpuCrc8rvfsvshEBaDoRpyQMsTwygKcABqeRHhPdmmQpW86ykczRKNgdQtSAA8t8WozvGOeoqZpY0ESeBqkipnhy798OQjUKRupsXw_pvJ9jbwnERRTOrgyWBgbPrt9WSCtMB_OUsIc14jFUqjE7Vz2QbF3Uc3IiZLuheFcQ459akFz4S-w8Y0uC8pA1kz-X7Ih6Ewvbp8QWXZ54q5QL1M14uNkFfiqPGtRjY3B13irr-ROwOiXfsOqiB9CJU4eLnsKaTthfdwz72Vn-dau6gBpjXtQSH8pj8r_ZJZ6dcPSUdbvZKq3R4txXt0LpwIyRTJasCu6AXj6yn9Mq4RKnHLMdo-T-u7iRn1JWeJkkjkNrF1O0M2jxwJF4qC9cv0B_rO2DTvKZXr9YqSvnLiWzi_S04AywzRsNCvNuXoOjlRpjlpo_i89q5ZSsuYDla5wZwcwMY5mrdY0DZjd0VV99Eg14T8YmlGaFBWU7Z2KSe_z71y-uQK2FTNMqixcuaInprp5YNoj5AO2k5mou2JNzeF-V2eZIwe1nFoIw7y6Kksz7S7pT_LrDUpKPQsgzPztOr_laxpVH8C_H5K4ht6aPjgkBoDePaGOU_qYw1W_zAYTHXcoIpY3HOcKBdIXZWWwh8Q8qPlt6BELA5F01Ia9fI5ku4o8t4vXrWMHfujpmKbg3gqM57WfSkMPWTSszdfckfghy42gf7c4lc6Tf7zOD0Nz25iGQ_04bFhTdSbj7bR_lY1FvchIuwT9ocfrZRmk4Cav

Requested by

Host: www.sanook.com
URL: https://www.sanook.com/women/220941/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 28 Jun 2023 05:03:29 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 VideoBidRequestHandlerServlet Show response
wf.taboola.com/ 3 KB
2 KB 335ms
335ms XHR
application/json 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://wf.taboola.com/VideoBidRequestHandlerServlet?oid=15&width=357&height=200&pubid=208401&tagid=1047981&crid=-1&noaop=3&sortOrderType=0&cb=1687928609653&mimes=5,10,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=2&pv=1529&pt=-1845244211&tz=0&viewable=true&ddast=V8GoQCLAbM_EDMOI-yeBGY-YGYcR5l8SoAAABgYED8AAlZlhOHx-Zwq5Yz11q0HC7cwtVy41YMFxaLbeLZTVajISAhy3Li8NgcbtVy5lqLlsOFW7habtyK4cJisU08u8lqNAUfxnKZDGqBhGX2-w4KyunpMbsMoqLrbbE7nGbPG5Cg6XT4XPd63e931zzsfr_XrvG7_bq_22X3SyaD5WixlwMAAACAB_____8QAAAAACIAAAAASAAAAACgEFDh34LABQAAAAAM_____xoAnjgc0MVpdnqe_gAAAAAAAgAAAIAEAEHHWgkAC6yqE___________MQboM29k_P___98w6AHw4APgQQgAAIDHEISc4s36AvJ3IgWbRRgBAAAA2Hp3rj0ySSeoWFT5___vtwJwBQAgIBFA7G8ji-6gxFsYAAAAgTEL9LD4_WaHXeN3u8z_________v5n_M_9ohEyEH9MIzUSxq_kFBABY8wsIAMBG3QAAvAmAE3QIWjEYrM5ArlazAwAAAHDn____Xw_IeJyT5XAyHIwsq8XMNvIYdqvlZrFYjGYTy8jl2x5DJtxNjnbe2z4hwjL7fQcF5fT0mF0GUdH1ttgdTrPnID5oGJaTQTQ_E7YYrSaTzXI4Wy4mg-FoOBrtjwAuB2giBsvlZLKY7Faj1Wgz3I1mgwUSiMEEUbRoMFmNRpPFZLgaTVaz5WK32yCKVq1mo81guJpNZrvdajgYLkcjNGGL0Woy2SyHs-ViMhiOhqPREMHMxrJcbJaztW4wGblFG5tnrfBMZm7VcDNbDFarwWy3WYteH9PFuRqNlgsvEgzw2IvkaZFOVDbPcLgybUyb5cS42lgmu81mMlzYhpOFxTMyDiZiieZkkU5kl33H45wsh5PhYGRZLWa2kcewWy03i8ViNJtYRi7fvrOxLBeb5WytG0xGbtHG5lkrPJOZWzXczBaD1Wow223WotfHdHGuRqPlwt-YDXfLyXA2mOwbs-FuORnOBpN9h87wXX3ORs_lYO7IvOHS2We0OQ0Kl8HinapX32hndhD9pkWnTKZWFnRGv9_v9_v9fr_f7zdoPQezQeF7Hv7C6WN5Loez0YPYoFDEEsFFOtE87H6_1yKWKE0X6USv-7tddr9kMliOFhOxRHC6SCeil_F0Uf-RQy7mks1yLhnM5orhYpUAAAAAAAAAACzBJNNNAAAAAJwMZLac7VbrdBCj2Wg0WC0XwANcgC5gEAAAAAAAgF3NiNxuaXxSW8Uae8xgHna_32tlABCC2cw2-4wg1mq1rAEAAAhgAwAACOCmG28CVKG4_____3EAAABk5NADAAAQ3wcE9MSFUi_8yK8gFovBaP8AVIi1Wq1uN9ZqtQA!&proto=2,3,5,6&encoded=1&pstn=vforce2&callback=&wfv=1&amp=0&qsz=6&ft=0&pb=0&pagg=1&sd=undefined&ctsldr=0&dtagid=1464405&dpubid=269675&abtst=esv_vB!lvlstst-in2_vB!lvlstst-in2_vB!lvlstst1_vB!nonrv_vA!t45!ufm_vA&mPre=0.033&cirf=https%3A%2F%2Fwww.sanook.com&en=1&panid=202e06318a2544c6c1d73352adfda9fb927a690e944469bca1fcd681882cf7de
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/women/220941/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 943cffc6d85a2eecc6f121949a6aa0010ebceeaddc7fff23372c71c87567aee9

Request headers

Referer: https://www.sanook.com/
accept-language: ka-GE,ka;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type: text/plain

Response headers

x-cache-hits: 0
date: Wed, 28 Jun 2023 05:03:29 GMT
content-encoding: gzip
via: 1.1 varnish
machineid: 1448
x-cache: MISS
x-served-by: cache-mxp6942-MXP
pragma: no-cache
server: nginx
x-timer: S1687928610.729978,VS0,VE197
vary: Accept-Encoding
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.sanook.com
cache-control: no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
access-control-allow-credentials: true
accept-ranges: bytes
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2 206 103995_vast_040a8f2ead8d6ef378fa47e36dd398cf_b1c50c226489ccbb0a7f2.mp4
dsp-media.eskimi.com/upload/ Frame 6932 7 KB
7 KB 176ms
175ms Media
video/mp4 169.150.247.37
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL

https://dsp-media.eskimi.com/upload/103995_vast_040a8f2ead8d6ef378fa47e36dd398cf_b1c50c226489ccbb0a7f2.mp4

Requested by

Host: www.sanook.com
URL: https://www.sanook.com/women/220941/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

169.150.247.37 , United States, ASN60068 (CDN77 ^_^, GB),

Reverse DNS

unn-169-150-247-37.datapacket.com

Software

BunnyCDN-DE1-1080 /

Resource Hash

a68a6a1cb0ae423200a62015c7f0b130fc6d67f3d5c00492649f9f16a648024b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://7b396d131b51a631f1f56b13a95d7996.safeframe.googlesyndication.com/
Accept-Encoding: identity;q=1, *;q=0
accept-language: ka-GE,ka;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range: bytes=622592-

Response headers

cdn-requestpullsuccess: True
date: Wed, 28 Jun 2023 05:03:29 GMT
x-content-type-options: nosniff
cdn-edgestorageid: 723
Content-Range: bytes 622592-629272/629273
cdn-cachedat: 06/14/2023 23:17:39
cdn-pullzone: 692289
Content-Length: 6681
last-modified: Wed, 14 Jun 2023 14:21:57 GMT
server: BunnyCDN-DE1-1080
cdn-proxyver: 1.03
cdn-requestpullcode: 200
etag: "6489cd05-99a19"
content-type: video/mp4
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: ce2848ff-13c5-49e5-873d-af24ad423612
cache-control: public, max-age=31536000
cdn-requestid: 1931f062297c7fdfe364a75362ff7fb0
cdn-requestcountrycode: GE
cdn-status: 200
expires: Thu, 13 Jun 2024 23:17:39 GMT

GET
H2 206 103995_vast_040a8f2ead8d6ef378fa47e36dd398cf_b1c50c226489ccbb0a7f2.mp4
dsp-media.eskimi.com/upload/ Frame 6932 583 KB
584 KB 155ms
155ms Media
video/mp4 169.150.247.37
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL

https://dsp-media.eskimi.com/upload/103995_vast_040a8f2ead8d6ef378fa47e36dd398cf_b1c50c226489ccbb0a7f2.mp4

Requested by

Host: www.sanook.com
URL: https://www.sanook.com/women/220941/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

169.150.247.37 , United States, ASN60068 (CDN77 ^_^, GB),

Reverse DNS

unn-169-150-247-37.datapacket.com

Software

BunnyCDN-DE1-1080 /

Resource Hash

fbfe6b54acb44141865f8871f390e45e3be5738aeb77bfdff8173fba39fd385c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://7b396d131b51a631f1f56b13a95d7996.safeframe.googlesyndication.com/
Accept-Encoding: identity;q=1, *;q=0
accept-language: ka-GE,ka;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range: bytes=32768-

Response headers

cdn-requestpullsuccess: True
date: Wed, 28 Jun 2023 05:03:29 GMT
x-content-type-options: nosniff
cdn-edgestorageid: 723
Content-Range: bytes 32768-629272/629273
cdn-cachedat: 06/14/2023 23:17:39
cdn-pullzone: 692289
Content-Length: 596505
last-modified: Wed, 14 Jun 2023 14:21:57 GMT
server: BunnyCDN-DE1-1080
cdn-proxyver: 1.03
cdn-requestpullcode: 200
etag: "6489cd05-99a19"
content-type: video/mp4
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: ce2848ff-13c5-49e5-873d-af24ad423612
cache-control: public, max-age=31536000
cdn-requestid: 8b6e5c106ab8b304a2a989db60a1b80c
cdn-requestcountrycode: GE
cdn-status: 200
expires: Thu, 13 Jun 2024 23:17:39 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 96A0 0
20 B 170ms
170ms Ping
image/gif 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=4802629453213&version=m202301230201&ct=77&x=1&cor=2053284010352760600

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://7b396d131b51a631f1f56b13a95d7996.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 28 Jun 2023 05:03:30 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 0642 0
20 B 165ms
165ms Ping
image/gif 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=580699787413&version=m202301230201&ct=77&x=1&cor=303992262618112260

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://7b396d131b51a631f1f56b13a95d7996.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 28 Jun 2023 05:03:30 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 7A4B 0
20 B 165ms
164ms Ping
image/gif 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=3878319327705&version=m202301230201&ct=77&x=1&cor=4616080017104061000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://7b396d131b51a631f1f56b13a95d7996.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 28 Jun 2023 05:03:30 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 SPug Show response
simage4.pubmatic.com/AdServer/ Frame 3FF2 0
128 B 152ms
150ms Script
text/plain 198.47.127.20
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage4.pubmatic.com/AdServer/SPug?partnerID=155976&gdpr=0&gdpr_consent=&us_privacy=1---
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=155976
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 198.47.127.20 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 05:03:29 GMT
cache-control: no-store, no-cache, private
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H2 200 SPug Show response
simage4.pubmatic.com/AdServer/ Frame 3DB0 0
48 B 162ms
159ms Script
text/plain 198.47.127.20
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage4.pubmatic.com/AdServer/SPug?partnerID=155976&gdpr=0&gdpr_consent=&us_privacy=1---
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=155976
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 198.47.127.20 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 05:03:29 GMT
cache-control: no-store, no-cache, private
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H2 200 SPug Show response
simage4.pubmatic.com/AdServer/ Frame 0D28 0
128 B 150ms
150ms Script
text/plain 198.47.127.20
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage4.pubmatic.com/AdServer/SPug?partnerID=155976&gdpr=0&gdpr_consent=&us_privacy=1---
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=155976
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 198.47.127.20 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 05:03:30 GMT
cache-control: no-store, no-cache, private
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H2 200 nissanpatrolgeo_2.png
cdn.adviad.com/storage/2023/06/25/c0be70244b48e8fce79eeaa6eb1227dc/ Frame D0C5 5 KB
5 KB 145ms
143ms Image
image/png 104.21.234.8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.adviad.com/storage/2023/06/25/c0be70244b48e8fce79eeaa6eb1227dc/nissanpatrolgeo_2.png

Requested by

Host: www.sanook.com
URL: https://www.sanook.com/women/220941/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.21.234.8 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fc4f0ffd15bb00264d4682dff1d2fa701fe1ab85db6f77dc5a7706d346f22cae

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://cdn.adviad.com/storage/2023/06/25/c0be70244b48e8fce79eeaa6eb1227dc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 05:03:31 GMT
strict-transport-security: max-age=15724800; includeSubDomains
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 233853
alt-svc: h3=":443"; ma=86400
content-length: 5242
last-modified: Wed, 21 Jun 2023 16:27:34 GMT
server: cloudflare
etag: "649324f6-147a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dQ0c2OKmq4IiSdiRHdr88oIxXxrrALtztySkA2BAyie5lJizS%2BjCpnvVMalQVo3IWaqrMWcaxvdm3NaCwN1lgOSS7KsK3Cf76shYz0ftm5x4QKHUkJTH91sZAZcn9LPzOQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=304800
accept-ranges: bytes
cf-ray: 7de3623cff5a2bcf-FRA

GET
H2 200 nissanxtrailgeo_1.png
cdn.adviad.com/storage/2023/06/25/c0be70244b48e8fce79eeaa6eb1227dc/ Frame D0C5 5 KB
5 KB 196ms
195ms Image
image/png 104.21.234.8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.adviad.com/storage/2023/06/25/c0be70244b48e8fce79eeaa6eb1227dc/nissanxtrailgeo_1.png

Requested by

Host: www.sanook.com
URL: https://www.sanook.com/women/220941/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.21.234.8 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

28b7a0f74d6167961091562429f20cae466bc8265e2803a22f99200e89f7c93f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://cdn.adviad.com/storage/2023/06/25/c0be70244b48e8fce79eeaa6eb1227dc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 05:03:31 GMT
strict-transport-security: max-age=15724800; includeSubDomains
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 233853
alt-svc: h3=":443"; ma=86400
content-length: 5078
last-modified: Wed, 21 Jun 2023 16:27:16 GMT
server: cloudflare
etag: "649324e4-13d6"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=B%2Fm53hPo%2BBQsrlRZjZcU5vIgKXhP1GOM%2FTm8uCmm%2FEooSOyYYYIJCpzvsny4UHvE%2F7KZ5ap67lE%2BhtgwNEDItfJCIfYKO1AM0m%2Bd4ldfVuHoSFpOPQP5QTJZTF%2FpviNmfA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=304800
accept-ranges: bytes
cf-ray: 7de3623cff5b2bcf-FRA

GET
H2 200 300x250bg.png
cdn.adviad.com/storage/2023/06/25/c0be70244b48e8fce79eeaa6eb1227dc/ Frame D0C5 23 KB
23 KB 200ms
198ms Image
image/png 104.21.234.8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.adviad.com/storage/2023/06/25/c0be70244b48e8fce79eeaa6eb1227dc/300x250bg.png

Requested by

Host: www.sanook.com
URL: https://www.sanook.com/women/220941/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.21.234.8 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e4780cf7bd83405e6b410c77b2f65a827705c3ae367744211867d5c2fbe24612

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://cdn.adviad.com/storage/2023/06/25/c0be70244b48e8fce79eeaa6eb1227dc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 05:03:31 GMT
strict-transport-security: max-age=15724800; includeSubDomains
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 233853
alt-svc: h3=":443"; ma=86400
content-length: 23685
last-modified: Sat, 24 Jun 2023 11:17:52 GMT
server: cloudflare
etag: "6496d0e0-5c85"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=d4n5BjRo1e3gzPj7GgI75FtQrykzdZXtJ7Ji2JUrZTomhbjQ10iPRcPmh%2Fv0lfhVrOyGKAT7Z%2Fxh8eJq7FrDmIy8lyv5AcuMP51bycZZPvHv9Lzk8l6vtWrG%2FZbrCdPDWw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=304800
accept-ranges: bytes
cf-ray: 7de3623cff5c2bcf-FRA

GET
H2 200 300x250patrol2.png
cdn.adviad.com/storage/2023/06/25/c0be70244b48e8fce79eeaa6eb1227dc/ Frame D0C5 339 KB
340 KB 201ms
200ms Image
image/png 104.21.234.8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.adviad.com/storage/2023/06/25/c0be70244b48e8fce79eeaa6eb1227dc/300x250patrol2.png

Requested by

Host: www.sanook.com
URL: https://www.sanook.com/women/220941/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.21.234.8 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

215f4ef2146f44284e28d5e6334dd7eb736ca0ec7ea148d16d7bf2c45988bdf8

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://cdn.adviad.com/storage/2023/06/25/c0be70244b48e8fce79eeaa6eb1227dc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 05:03:31 GMT
strict-transport-security: max-age=15724800; includeSubDomains
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 233853
alt-svc: h3=":443"; ma=86400
content-length: 347624
last-modified: Sat, 24 Jun 2023 12:12:14 GMT
server: cloudflare
etag: "6496dd9e-54de8"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gTArdBnh%2Fb21WDy%2Brn9viqsYTEx9LpNJt6nsqx6h4eeXMuOs%2B6QOg7i%2B%2FsU%2BB9JiOLKPULxE7UDWOEOYnT7yzsRewcwZk2ns%2FErNGhYVTRfD%2F%2BqtckcMG52Ot7vzbluJmg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=304800
accept-ranges: bytes
cf-ray: 7de3623cff5d2bcf-FRA

GET
H2 200 300x250patrol1.png
cdn.adviad.com/storage/2023/06/25/c0be70244b48e8fce79eeaa6eb1227dc/ Frame D0C5 425 KB
426 KB 202ms
201ms Image
image/png 104.21.234.8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.adviad.com/storage/2023/06/25/c0be70244b48e8fce79eeaa6eb1227dc/300x250patrol1.png

Requested by

Host: www.sanook.com
URL: https://www.sanook.com/women/220941/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.21.234.8 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

856b260e65068aea3b94cdb9e6c2074d9c7a79e9d1dd38b5114dd3a72ea11264

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://cdn.adviad.com/storage/2023/06/25/c0be70244b48e8fce79eeaa6eb1227dc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 05:03:31 GMT
strict-transport-security: max-age=15724800; includeSubDomains
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 233853
alt-svc: h3=":443"; ma=86400
content-length: 435304
last-modified: Sat, 24 Jun 2023 12:12:16 GMT
server: cloudflare
etag: "6496dda0-6a468"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lnETKmAe99gGwst%2BOQ%2FSb%2BsYUss%2FKeF4R1XEXmLZcEq%2FJK%2BPMUVs8uAAqTM7Z1%2FeLXyuYu%2B%2BJEiZWfztzUbBcIX6iSJy6M10xRt7vc2leVppeA4nQq59BXHZexS%2BT6B%2B%2Bw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=304800
accept-ranges: bytes
cf-ray: 7de3623cff5f2bcf-FRA

GET
H2 200 2.jpg
cdn.adviad.com/storage/2023/06/25/c0be70244b48e8fce79eeaa6eb1227dc/ Frame D0C5 132 KB
133 KB 146ms
145ms Image
image/jpeg 104.21.234.8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.adviad.com/storage/2023/06/25/c0be70244b48e8fce79eeaa6eb1227dc/2.jpg

Requested by

Host: www.sanook.com
URL: https://www.sanook.com/women/220941/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.21.234.8 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

97348c353f76a887e0b17194356c30e88de422ceb21c5971c6ab6b13122cc545

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://cdn.adviad.com/storage/2023/06/25/c0be70244b48e8fce79eeaa6eb1227dc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 05:03:31 GMT
strict-transport-security: max-age=15724800; includeSubDomains
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 233853
alt-svc: h3=":443"; ma=86400
content-length: 135215
last-modified: Thu, 22 Jun 2023 09:42:44 GMT
server: cloudflare
etag: "64941794-2102f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4dZb4IWkERXaiJHCuQVXLEPM32wR%2BnY5Zka7swiNXmjXvGSxrTHFM1%2Bz4ea1iUzdI9oxlaYyHtw5HIRbMVVBqUUfyz22Z%2BvysYZi%2BRJJFfd%2FJbBecUjlUcu2%2FQwZQHsiow%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=304800
accept-ranges: bytes
cf-ray: 7de3623cff612bcf-FRA

GET
H2 200 1.jpg
cdn.adviad.com/storage/2023/06/25/c0be70244b48e8fce79eeaa6eb1227dc/ Frame D0C5 183 KB
183 KB 201ms
201ms Image
image/jpeg 104.21.234.8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.adviad.com/storage/2023/06/25/c0be70244b48e8fce79eeaa6eb1227dc/1.jpg

Requested by

Host: www.sanook.com
URL: https://www.sanook.com/women/220941/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.21.234.8 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

23c9a8181bf7dd6670130c3ab66b5ed62fb1056657de6b32525304e31af15922

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://cdn.adviad.com/storage/2023/06/25/c0be70244b48e8fce79eeaa6eb1227dc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 05:03:31 GMT
strict-transport-security: max-age=15724800; includeSubDomains
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 233853
alt-svc: h3=":443"; ma=86400
content-length: 187150
last-modified: Thu, 22 Jun 2023 09:40:28 GMT
server: cloudflare
etag: "6494170c-2db0e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tSwyLvRP4duB%2Bg3jZOz2fRXifAfw%2FJ1QDjDkP4J08HahR%2FuHZnvOiyHfyeDEqsoi1uQrw1%2FShu7dFwtJLiZWpCpk5OiWpLledsli5vtfXMgEKmH9FobO%2FZjijOFPpnjSNw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=304800
accept-ranges: bytes
cf-ray: 7de3623cff622bcf-FRA

GET
H2 200 728x90bg.png
cdn.adviad.com/storage/2023/06/25/b7b5f39eb05a1aa165484f1f53be78c1/ Frame FA05 29 KB
29 KB 200ms
195ms Image
image/png 104.21.234.8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.adviad.com/storage/2023/06/25/b7b5f39eb05a1aa165484f1f53be78c1/728x90bg.png

Requested by

Host: www.sanook.com
URL: https://www.sanook.com/women/220941/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.21.234.8 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3aaf0fa9fd2c6ca4f097f5943e0398408ee52a5d9663cae23b4fdd68e436ef42

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://cdn.adviad.com/storage/2023/06/25/b7b5f39eb05a1aa165484f1f53be78c1/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 05:03:31 GMT
strict-transport-security: max-age=15724800; includeSubDomains
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 233834
alt-svc: h3=":443"; ma=86400
content-length: 29486
last-modified: Sat, 24 Jun 2023 11:29:28 GMT
server: cloudflare
etag: "6496d398-732e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UXCYXHdaINsVT%2Fz%2FToeQFvCDyqnT%2FLhkRH8VQsPFVYyw0DIoOWQMQ8mNPlWwZjxWlPB57xovnMTB0%2BZAfbihJ6k200%2FDquA%2FUE8hmyI4rqGFZ8LNcUqVMdDH%2FQUSeRNYHw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=304800
accept-ranges: bytes
cf-ray: 7de3623d0f6d2bcf-FRA

GET
H2 200 nissanpatrolgeo_2.png
cdn.adviad.com/storage/2023/06/25/b7b5f39eb05a1aa165484f1f53be78c1/ Frame FA05 5 KB
5 KB 199ms
195ms Image
image/png 104.21.234.8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.adviad.com/storage/2023/06/25/b7b5f39eb05a1aa165484f1f53be78c1/nissanpatrolgeo_2.png

Requested by

Host: www.sanook.com
URL: https://www.sanook.com/women/220941/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.21.234.8 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fc4f0ffd15bb00264d4682dff1d2fa701fe1ab85db6f77dc5a7706d346f22cae

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://cdn.adviad.com/storage/2023/06/25/b7b5f39eb05a1aa165484f1f53be78c1/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 05:03:31 GMT
strict-transport-security: max-age=15724800; includeSubDomains
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 233834
alt-svc: h3=":443"; ma=86400
content-length: 5242
last-modified: Wed, 21 Jun 2023 16:27:34 GMT
server: cloudflare
etag: "649324f6-147a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dFcDNcfAv6P1Tdr9SAoEceDDDzlyYGzwzhm%2By74An5SzA1XjJuPxgaVkpSmQNJoDwxwozAvRtjERy9J4XTJ79h2%2BCAXeQo2Gok%2FDUlaZqS8QWqq%2FwkhybkwBPkLkoBSmvg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=304800
accept-ranges: bytes
cf-ray: 7de3623d0f6e2bcf-FRA

GET
H2 200 nissanxtrailgeo_1.png
cdn.adviad.com/storage/2023/06/25/b7b5f39eb05a1aa165484f1f53be78c1/ Frame FA05 5 KB
5 KB 201ms
197ms Image
image/png 104.21.234.8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.adviad.com/storage/2023/06/25/b7b5f39eb05a1aa165484f1f53be78c1/nissanxtrailgeo_1.png

Requested by

Host: www.sanook.com
URL: https://www.sanook.com/women/220941/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.21.234.8 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

28b7a0f74d6167961091562429f20cae466bc8265e2803a22f99200e89f7c93f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://cdn.adviad.com/storage/2023/06/25/b7b5f39eb05a1aa165484f1f53be78c1/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 05:03:31 GMT
strict-transport-security: max-age=15724800; includeSubDomains
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 233834
alt-svc: h3=":443"; ma=86400
content-length: 5078
last-modified: Wed, 21 Jun 2023 16:27:16 GMT
server: cloudflare
etag: "649324e4-13d6"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Tv1ZCa8UJuJGUn8U7HLDGZ4Qx58Lq%2FgUQ9qzeNgNiJ6cEzSVV2Xph6UtbKznjp5TcZ5qdSc%2BGbAIU7lzaUR%2FKGp3McGh29xxvOA0n65LyhE9eSpATs3eXACkrqtWMk2vZg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=304800
accept-ranges: bytes
cf-ray: 7de3623d0f6f2bcf-FRA

GET
H2 200 970x90patrol2.png
cdn.adviad.com/storage/2023/06/25/b7b5f39eb05a1aa165484f1f53be78c1/ Frame FA05 98 KB
99 KB 251ms
247ms Image
image/png 104.21.234.8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.adviad.com/storage/2023/06/25/b7b5f39eb05a1aa165484f1f53be78c1/970x90patrol2.png

Requested by

Host: www.sanook.com
URL: https://www.sanook.com/women/220941/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.21.234.8 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

11d2bdb5484bfb6a7cf3372118314b287d5f1cd8f64e942dce92853b4eeef968

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://cdn.adviad.com/storage/2023/06/25/b7b5f39eb05a1aa165484f1f53be78c1/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 05:03:31 GMT
strict-transport-security: max-age=15724800; includeSubDomains
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 233833
alt-svc: h3=":443"; ma=86400
content-length: 100559
last-modified: Sat, 24 Jun 2023 14:03:02 GMT
server: cloudflare
etag: "6496f796-188cf"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fZmO%2FxrFY4kKePYbLEygXqOR7AZgsV%2Bs%2FXvURjTl%2Bi6VQ7G7%2BwugianjOhOAF5wz%2BxwK%2F8FQoFibBUIz0cGWcuKP%2Brc4owUtFCymOyvcAfmE3JNJ25OWsnnAk%2FeiOK8JAw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=304800
accept-ranges: bytes
cf-ray: 7de3623d6fcb2bcf-FRA

GET
H2 200 970x90patrol1.png
cdn.adviad.com/storage/2023/06/25/b7b5f39eb05a1aa165484f1f53be78c1/ Frame FA05 212 KB
213 KB 281ms
277ms Image
image/png 104.21.234.8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.adviad.com/storage/2023/06/25/b7b5f39eb05a1aa165484f1f53be78c1/970x90patrol1.png

Requested by

Host: www.sanook.com
URL: https://www.sanook.com/women/220941/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.21.234.8 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e57411e4f4b90c5f7fde3904f8a10035a1057945eb0235b99d682a1acd3d0932

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://cdn.adviad.com/storage/2023/06/25/b7b5f39eb05a1aa165484f1f53be78c1/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 05:03:31 GMT
strict-transport-security: max-age=15724800; includeSubDomains
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 233833
alt-svc: h3=":443"; ma=86400
content-length: 217537
last-modified: Sat, 24 Jun 2023 14:02:54 GMT
server: cloudflare
etag: "6496f78e-351c1"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2B8KQOnYyG6KpaeQ5NoOkaekqvfF94EorpCpzOSwIZVdQ6%2BOsOf4JKBZlorUU6MQGIaUFEVZdM1xcYIBkQa7dLUbWpLolDdzWfGIUbOnJlTwtk%2BIIOTYDJV2o3ZD1fCW7Ww%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=304800
accept-ranges: bytes
cf-ray: 7de3623d6fcc2bcf-FRA

GET
H2 200 2.jpg
cdn.adviad.com/storage/2023/06/25/b7b5f39eb05a1aa165484f1f53be78c1/ Frame FA05 87 KB
87 KB 253ms
249ms Image
image/jpeg 104.21.234.8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.adviad.com/storage/2023/06/25/b7b5f39eb05a1aa165484f1f53be78c1/2.jpg

Requested by

Host: www.sanook.com
URL: https://www.sanook.com/women/220941/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.21.234.8 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

23b42d89f560227ed71458d7c74b92caa44de221bb9209c369cec8c75f97f2ce

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://cdn.adviad.com/storage/2023/06/25/b7b5f39eb05a1aa165484f1f53be78c1/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 05:03:31 GMT
strict-transport-security: max-age=15724800; includeSubDomains
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 233834
alt-svc: h3=":443"; ma=86400
content-length: 88938
last-modified: Thu, 22 Jun 2023 10:40:28 GMT
server: cloudflare
etag: "6494251c-15b6a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Oaas%2Bpkrp3%2BkGdU208Cxzgx5LPec83puq7Mpi%2BwBlbY8%2FACcSK82ewW3GNSBo564EOb9izBrPz5gtbYFQM8eyLRKQJ2My%2BQxDwHRHvNoyDwHmK3G%2F%2FHNoVg8Bu%2FREwCHpA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=304800
accept-ranges: bytes
cf-ray: 7de3623d6fcd2bcf-FRA

GET
H2 200 1.jpg
cdn.adviad.com/storage/2023/06/25/b7b5f39eb05a1aa165484f1f53be78c1/ Frame FA05 109 KB
109 KB 253ms
250ms Image
image/jpeg 104.21.234.8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.adviad.com/storage/2023/06/25/b7b5f39eb05a1aa165484f1f53be78c1/1.jpg

Requested by

Host: www.sanook.com
URL: https://www.sanook.com/women/220941/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.21.234.8 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

53b0e6770451c05ca7eaf824e5768e9a5cfc4a47ed325c6f5919599a9cca3568

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://cdn.adviad.com/storage/2023/06/25/b7b5f39eb05a1aa165484f1f53be78c1/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 05:03:31 GMT
strict-transport-security: max-age=15724800; includeSubDomains
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 233833
alt-svc: h3=":443"; ma=86400
content-length: 111221
last-modified: Thu, 22 Jun 2023 10:38:40 GMT
server: cloudflare
etag: "649424b0-1b275"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ShZZ5heGHoXvnpgVQqVR8e2%2Bcw%2FksFyj66cAHEe%2F9JC6%2FdrDmlF%2F3HvN0muBV19FKHsOZq9aNw%2FiV0yitYl0FgsmYXj04tRjCrtcu66tJ7gowM9P0cUCsW4XZe7u2v%2Ba%2Bg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=304800
accept-ranges: bytes
cf-ray: 7de3623d6fcf2bcf-FRA

GET
H2 200 728x90bg.png
cdn.adviad.com/storage/2023/06/25/b7b5f39eb05a1aa165484f1f53be78c1/ Frame 109D 29 KB
29 KB 256ms
253ms Image
image/png 104.21.234.8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.adviad.com/storage/2023/06/25/b7b5f39eb05a1aa165484f1f53be78c1/728x90bg.png

Requested by

Host: cdn.adviad.com
URL: https://cdn.adviad.com/storage/2023/06/25/b7b5f39eb05a1aa165484f1f53be78c1/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.21.234.8 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3aaf0fa9fd2c6ca4f097f5943e0398408ee52a5d9663cae23b4fdd68e436ef42

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://cdn.adviad.com/storage/2023/06/25/b7b5f39eb05a1aa165484f1f53be78c1/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 05:03:31 GMT
strict-transport-security: max-age=15724800; includeSubDomains
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 233834
alt-svc: h3=":443"; ma=86400
content-length: 29486
last-modified: Sat, 24 Jun 2023 11:29:28 GMT
server: cloudflare
etag: "6496d398-732e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=T8KfnKQukGz%2B2Y21UObNbCPvw93H3W3cofXZnhoPikgAMllg%2BdFFPHOZ6DJqMEYAjLctC8O9qFvYwG1FC3Kv7r66j%2Fk8vakbi0iquhE2RdLNKyUtz4GdqzkTcLIZY5uG6g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=304800
accept-ranges: bytes
cf-ray: 7de3623d6fd02bcf-FRA

GET
H2 200 nissanpatrolgeo_2.png
cdn.adviad.com/storage/2023/06/25/b7b5f39eb05a1aa165484f1f53be78c1/ Frame 109D 5 KB
5 KB 253ms
251ms Image
image/png 104.21.234.8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.adviad.com/storage/2023/06/25/b7b5f39eb05a1aa165484f1f53be78c1/nissanpatrolgeo_2.png

Requested by

Host: cdn.adviad.com
URL: https://cdn.adviad.com/storage/2023/06/25/b7b5f39eb05a1aa165484f1f53be78c1/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.21.234.8 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fc4f0ffd15bb00264d4682dff1d2fa701fe1ab85db6f77dc5a7706d346f22cae

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://cdn.adviad.com/storage/2023/06/25/b7b5f39eb05a1aa165484f1f53be78c1/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 05:03:31 GMT
strict-transport-security: max-age=15724800; includeSubDomains
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 233834
alt-svc: h3=":443"; ma=86400
content-length: 5242
last-modified: Wed, 21 Jun 2023 16:27:34 GMT
server: cloudflare
etag: "649324f6-147a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RezxincxjPaDXC1BqvXOlHqUU03HEXUwL1fuISiWZeH1siJig7qFMWKKJQjLni7Hd5LFh1T04NI%2FhLv%2B5bpnNfSik6FZ6bE27CGfTXn8%2FJT4cYKeaKl0EVx9nHRApEEjfw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=304800
accept-ranges: bytes
cf-ray: 7de3623d6fd42bcf-FRA

GET
H2 200 nissanxtrailgeo_1.png
cdn.adviad.com/storage/2023/06/25/b7b5f39eb05a1aa165484f1f53be78c1/ Frame 109D 5 KB
5 KB 257ms
255ms Image
image/png 104.21.234.8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.adviad.com/storage/2023/06/25/b7b5f39eb05a1aa165484f1f53be78c1/nissanxtrailgeo_1.png

Requested by

Host: cdn.adviad.com
URL: https://cdn.adviad.com/storage/2023/06/25/b7b5f39eb05a1aa165484f1f53be78c1/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.21.234.8 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

28b7a0f74d6167961091562429f20cae466bc8265e2803a22f99200e89f7c93f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://cdn.adviad.com/storage/2023/06/25/b7b5f39eb05a1aa165484f1f53be78c1/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 05:03:31 GMT
strict-transport-security: max-age=15724800; includeSubDomains
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 233834
alt-svc: h3=":443"; ma=86400
content-length: 5078
last-modified: Wed, 21 Jun 2023 16:27:16 GMT
server: cloudflare
etag: "649324e4-13d6"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0b6BZ5sJYiaoqq25t5anXdOCJZIAcYPPsgNRHZMJ%2BZ2pp0p1Y0nsHVQwAdeLR69C98T%2B8Vb3QmKgUARI7xFBgyx8x73jpDGCBdj1kgDywNFzC6YRquYA5C27gokWpH282Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=304800
accept-ranges: bytes
cf-ray: 7de3623d6fd52bcf-FRA

GET
H2 200 970x90patrol2.png
cdn.adviad.com/storage/2023/06/25/b7b5f39eb05a1aa165484f1f53be78c1/ Frame 109D 98 KB
99 KB 254ms
251ms Image
image/png 104.21.234.8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.adviad.com/storage/2023/06/25/b7b5f39eb05a1aa165484f1f53be78c1/970x90patrol2.png

Requested by

Host: cdn.adviad.com
URL: https://cdn.adviad.com/storage/2023/06/25/b7b5f39eb05a1aa165484f1f53be78c1/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.21.234.8 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

11d2bdb5484bfb6a7cf3372118314b287d5f1cd8f64e942dce92853b4eeef968

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://cdn.adviad.com/storage/2023/06/25/b7b5f39eb05a1aa165484f1f53be78c1/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 05:03:31 GMT
strict-transport-security: max-age=15724800; includeSubDomains
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 233833
alt-svc: h3=":443"; ma=86400
content-length: 100559
last-modified: Sat, 24 Jun 2023 14:03:02 GMT
server: cloudflare
etag: "6496f796-188cf"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VbbMi2aGW411D8omI1A6JWbcgmHTkbzQtSlSOuZ3cN%2FXPQ8tmbGzr4jw9XukYDzJweOq1d60YeAVQziF4NqBjq64NLDQSb6tLQx9GC146j7%2FR0BrTeTu9ENhLmjiWFwA7A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=304800
accept-ranges: bytes
cf-ray: 7de3623d6fd62bcf-FRA

GET
H2 200 970x90patrol1.png
cdn.adviad.com/storage/2023/06/25/b7b5f39eb05a1aa165484f1f53be78c1/ Frame 109D 212 KB
213 KB 281ms
279ms Image
image/png 104.21.234.8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.adviad.com/storage/2023/06/25/b7b5f39eb05a1aa165484f1f53be78c1/970x90patrol1.png

Requested by

Host: cdn.adviad.com
URL: https://cdn.adviad.com/storage/2023/06/25/b7b5f39eb05a1aa165484f1f53be78c1/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.21.234.8 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e57411e4f4b90c5f7fde3904f8a10035a1057945eb0235b99d682a1acd3d0932

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://cdn.adviad.com/storage/2023/06/25/b7b5f39eb05a1aa165484f1f53be78c1/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 05:03:31 GMT
strict-transport-security: max-age=15724800; includeSubDomains
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 233833
alt-svc: h3=":443"; ma=86400
content-length: 217537
last-modified: Sat, 24 Jun 2023 14:02:54 GMT
server: cloudflare
etag: "6496f78e-351c1"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=f1S0poEKaQ%2FuE6h%2Bk2QPxQoL%2FRQXMfpwAWfnLEm8d4ix%2FMEJneNIUc89%2BAy8pAGpKPDI924bvPTF5VMcFgXqfRgLLtdJ8TJy1Gvpu3kQ8WOVOlCUq6XV%2BuKNfyKf0lj9NQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=304800
accept-ranges: bytes
cf-ray: 7de3623d6fd72bcf-FRA

GET
H2 200 2.jpg
cdn.adviad.com/storage/2023/06/25/b7b5f39eb05a1aa165484f1f53be78c1/ Frame 109D 87 KB
87 KB 281ms
278ms Image
image/jpeg 104.21.234.8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.adviad.com/storage/2023/06/25/b7b5f39eb05a1aa165484f1f53be78c1/2.jpg

Requested by

Host: cdn.adviad.com
URL: https://cdn.adviad.com/storage/2023/06/25/b7b5f39eb05a1aa165484f1f53be78c1/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.21.234.8 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

23b42d89f560227ed71458d7c74b92caa44de221bb9209c369cec8c75f97f2ce

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://cdn.adviad.com/storage/2023/06/25/b7b5f39eb05a1aa165484f1f53be78c1/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 05:03:31 GMT
strict-transport-security: max-age=15724800; includeSubDomains
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 233834
alt-svc: h3=":443"; ma=86400
content-length: 88938
last-modified: Thu, 22 Jun 2023 10:40:28 GMT
server: cloudflare
etag: "6494251c-15b6a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=a0MCGnTk7DW%2F%2BJPnDt6ToUXPY44oSOin50mf8F2sHFAo1uYG1jFwEQjPqO6%2B0ecrnilNJK2IIPpKN6jtJH80O8pm1eVj8kI4DF08UAGzkJynb%2BYYQlin7BS34wEFBBBNeg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=304800
accept-ranges: bytes
cf-ray: 7de3623d6fd82bcf-FRA

GET
H2 200 1.jpg
cdn.adviad.com/storage/2023/06/25/b7b5f39eb05a1aa165484f1f53be78c1/ Frame 109D 109 KB
109 KB 280ms
278ms Image
image/jpeg 104.21.234.8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.adviad.com/storage/2023/06/25/b7b5f39eb05a1aa165484f1f53be78c1/1.jpg

Requested by

Host: cdn.adviad.com
URL: https://cdn.adviad.com/storage/2023/06/25/b7b5f39eb05a1aa165484f1f53be78c1/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.21.234.8 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

53b0e6770451c05ca7eaf824e5768e9a5cfc4a47ed325c6f5919599a9cca3568

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://cdn.adviad.com/storage/2023/06/25/b7b5f39eb05a1aa165484f1f53be78c1/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 05:03:31 GMT
strict-transport-security: max-age=15724800; includeSubDomains
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 233833
alt-svc: h3=":443"; ma=86400
content-length: 111221
last-modified: Thu, 22 Jun 2023 10:38:40 GMT
server: cloudflare
etag: "649424b0-1b275"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eyAXtK3QhcSomMxosud6KrV2ruJPZX6fc0Dc5e2k%2BHKzDpQXIFKzdnW%2Fx0NC4irwaMRAe%2B5A1a11sGkvhIr57ZuMJzp0T0umMenzKrJ8BXqVw0y%2BoC6IusjHZq8Jmfki2w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=304800
accept-ranges: bytes
cf-ray: 7de3623d6fd92bcf-FRA

GET
H2 200 config Show response
c.amazon-adsystem.com/cdn/prod/ 469 B
824 B 134ms
131ms XHR
application/json 108.138.1.25
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fwww.sanook.com&pubid=cd6cddc5-4dca-4d77-9a65-8b894400e772
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/women/220941/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.1.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-1-25.fra56.r.cloudfront.net
Software: Server /
Resource Hash: c84f5c94fec8629693e4bbb5d8c6810bdeee0f88ae60703782c583d3dbcf6469

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 03:19:36 GMT
via: 1.1 002af2e4f72157b8b4bd2de012b5b57c.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA56-P6
age: 6235
x-cache: Hit from cloudfront
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://www.sanook.com
cache-control: max-age=21550, s-maxage=21600
access-control-allow-credentials: true
content-length: 469
x-amz-cf-id: pv75uli_h74Ozgnn3iatRxcY_PwI_C5lqR0JyHlB5qZcea7KPu6pjw==

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ 6 KB
3 KB 402ms
134ms XHR
application/javascript 108.138.1.25
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/women/220941/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.1.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-1-25.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: rBtfgJUMGYsy5fZuQwMAU7hSD.fVdF76
content-encoding: gzip
via: 1.1 1c7275102c069b3b4bff7bcc191ded2e.cloudfront.net (CloudFront)
date: Tue, 27 Jun 2023 09:19:26 GMT
x-amz-cf-pop: FRA56-P6
age: 71048
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Sat, 24 Jun 2023 09:19:11 GMT
server: AmazonS3
etag: W/"a4d296427fc806b21335359e398c025c"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
vary: Accept-Encoding,Origin
x-amz-cf-id: TerVKbJ_mC0YyWhZWNUJNG2j_UKm6KGGtkRC9ix8ELDS0EDGUz-3uQ==

GET
H2 200 id5-api.js Show response
cdn.id5-sync.com/api/1.0/ 101 KB
25 KB 77ms
77ms Script
text/javascript 104.22.53.86
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.id5-sync.com/api/1.0/id5-api.js

Requested by

Host: www.sanook.com
URL: https://www.sanook.com/women/220941/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.22.53.86 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bd08be9cbf5f35486ce3011abc8286e9e2f59ac1de1ff9840377332383263f19

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 05:03:32 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 22 Jun 2023 08:35:03 GMT
server: cloudflare
x-amz-request-id: XR7EF7H6YR40AMPC
age: 287
etag: W/"bb626f116ff54963039a9ea05c53620b"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: text/javascript;charset=utf-8
cache-control: public, max-age=3600
cf-ray: 7de362469a9d2dcd-TBS
x-amz-id-2: QthhWlzIbsBcSm/J02d9Yl+DWHAOQGPi+HbzMFdVNcjbzzR2uhBFXmUd8XnAOCo9OpdSs9YAFVmcPJ0/IVeXXg==

GET
H3

200

sd
us-u.openx.net/w/1.0/ Frame 9E44
Redirect Chain

https://cms.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=0
https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=Z0JnNzMQbzF8QztkZkRzNjBPamN8RmgxZhJSkwxs

43 B
61 B

146ms
145ms

Image
image/gif

34.98.64.218
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=Z0JnNzMQbzF8QztkZkRzNjBPamN8RmgxZhJSkwxs
Requested by: Host: google-bidout-d.openx.net
URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Protocol: H3
Server: 34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://google-bidout-d.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 28 Jun 2023 05:03:33 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location: https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=Z0JnNzMQbzF8QztkZkRzNjBPamN8RmgxZhJSkwxs
date: Wed, 28 Jun 2023 05:03:33 GMT
cache-control: private, no-store, proxy-revalidate
strict-transport-security: max-age=86400
content-length: 0

GET
H2

200

sd
eu-u.openx.net/w/1.0/ Frame 9E44
Redirect Chain

https://c1.adform.net/serving/cookie/match?party=22
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=3077284338825082833

43 B
106 B

151ms
145ms

Image
image/gif

34.98.64.218
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eu-u.openx.net/w/1.0/sd?id=537113484&val=3077284338825082833
Requested by: Host: google-bidout-d.openx.net
URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Protocol: H2
Server: 34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://google-bidout-d.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 28 Jun 2023 05:03:33 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 28 Jun 2023 05:03:33 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://eu-u.openx.net/w/1.0/sd?id=537113484&val=3077284338825082833
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H3

200

sd
us-u.openx.net/w/1.0/ Frame 9E44
Redirect Chain

https://match.adsrvr.org/track/cmf/openx?oxid=2c25c854-2381-732d-e578-d73ebb816a59&gdpr=0
https://us-u.openx.net/w/1.0/sd?id=537072971&val=afa44a28-be32-4884-b7e2-2e84609cee3b&ttd_puid=2c25c854-2381-732d-e578-d73ebb816a59&gdpr=0&gdpr_consent=

43 B
62 B

170ms
165ms

Image
image/gif

34.98.64.218
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072971&val=afa44a28-be32-4884-b7e2-2e84609cee3b&ttd_puid=2c25c854-2381-732d-e578-d73ebb816a59&gdpr=0&gdpr_consent=
Requested by: Host: google-bidout-d.openx.net
URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Protocol: H3
Server: 34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://google-bidout-d.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 28 Jun 2023 05:03:33 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 28 Jun 2023 05:03:33 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://us-u.openx.net/w/1.0/sd?id=537072971&val=afa44a28-be32-4884-b7e2-2e84609cee3b&ttd_puid=2c25c854-2381-732d-e578-d73ebb816a59&gdpr=0&gdpr_consent=
content-type: text/html
cache-control: private,no-cache, must-revalidate
content-length: 335

GET
H3 200 pixel
cm.g.doubleclick.net/ Frame 9E44 170 B
188 B 143ms
143ms Image
image/png 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=MDA0YTFiOWUtZWFmNi0yZDg5LWYwOTgtOGQ4NzcxNjNhNDM5

Requested by

Host: google-bidout-d.openx.net
URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.74.194 Staten Island, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://google-bidout-d.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 28 Jun 2023 05:03:33 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

sd
us-u.openx.net/w/1.0/ Frame 9E44
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEN2_CPu3xg6JeABO2fdypvY&google_cver=1

43 B
61 B

147ms
145ms

Image
image/gif

34.98.64.218
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEN2_CPu3xg6JeABO2fdypvY&google_cver=1
Requested by: Host: google-bidout-d.openx.net
URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Protocol: H3
Server: 34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://google-bidout-d.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 28 Jun 2023 05:03:33 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 28 Jun 2023 05:03:33 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEN2_CPu3xg6JeABO2fdypvY&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 295
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200 v1 Show response
lb.eu-1-id5-sync.com/lb/ 33 B
401 B 391ms
131ms XHR
application/json 162.19.138.83
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://lb.eu-1-id5-sync.com/lb/v1

Requested by

Host: www.sanook.com
URL: https://www.sanook.com/women/220941/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.83 Frankfurt am Main, Germany, ASN16276 (OVH, FR),

Reverse DNS

ns31532338.ip-162-19-138.eu

Software

Resource Hash

19677d061ebecf56a68d8a379c102b114ac5f901cd50873f0d98545e0d6f00ca

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://www.sanook.com/
accept-language: ka-GE,ka;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.sanook.com
date: Wed, 28 Jun 2023 05:03:33 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding: chunked
content-type: application/json;charset=UTF-8

POST
H/1.1 200 984.json Show response
id5-sync.com/g/v2/ 595 B
1 KB 135ms
133ms XHR
application/json 141.95.98.65
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/g/v2/984.json

Requested by

Host: www.sanook.com
URL: https://www.sanook.com/women/220941/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

141.95.98.65 , France, ASN16276 (OVH, FR),

Reverse DNS

ns3216659.ip-141-95-98.eu

Software

Resource Hash

4ffd5f0dfb7b77ede843f2f03f5ca1527ce8d76b70f884ff6dc6861c65652496

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://www.sanook.com/
accept-language: ka-GE,ka;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 28 Jun 2023 05:03:33 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding: chunked
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://www.sanook.com
p3p: CP="CAO PSA OUR"
access-control-allow-credentials: true

POST
H2 200 VideoBidRequestHandlerServlet Show response
am-wf.taboola.com/ 3 KB
2 KB 218ms
210ms XHR
application/json 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://am-wf.taboola.com/VideoBidRequestHandlerServlet?oid=15&width=357&height=200&pubid=208401&tagid=1047981&crid=-1&noaop=3&sortOrderType=0&cb=1687928614657&mimes=5,10,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=3&pv=1529&pt=-1845244211&tz=0&viewable=true&ddast=V8GoQCLAbM_EDMOI-yeBGY-YGYcR5l8SoAAABgYED8AAlZlhOHx-Zwq5Yz11q0HC7cwtVy41YMFxaLbeLZTVajISAhy3Li8NgcbtVy5lqLlsOFW7habtyK4cJisU08u8lqNAUfxnKZDGqBhGX2-w4KyunpMbsMoqLrbbE7nGbPG5Cg6XT4XPd63e931zzsfr_XrvG7_bq_22X3SyaD5WixlwMAAACAB_____8QAAAAACIAAAAASAAAAACgEFDh34LABQAAAAAM_____xoAnjgc0MVpdnqe_gAAAAAAAgAAAIAEAEHHWgkAC6yqE___________MQboM29k_P___98w6AHw4APgQQgAAIDHEISc4s36AvJ3IgWbRRgBAAAA2Hp3rj0ySSeoWFT5___vtwJwBQAgIBFA7G8ji-6gxFsYAAAAgTEL9LD4_WaHXeN3u8z_________v5n_M_9ohEyEH9MIzUSxq_kFBABY8wsIAMBG3QAAvAmAE3QIWjEYrM5ArlazAwAAAHDn____Xw_IeJyT5XAyHIwsq8XMNvIYdqvlZrFYjGYTy8jl2x5DJtxNjnbe2z4hwjL7fQcF5fT0mF0GUdH1ttgdTrPnID5oGJaTQTQ_E7YYrSaTzXI4Wy4mg-FoOBrtjwAuB2giBsvlZLKY7Faj1Wgz3I1mgwUSiMEEUbRoMFmNRpPFZLgaTVaz5WK32yCKVq1mo81guJpNZrvdajgYLkcjNGGL0Woy2SyHs-ViMhiOhqPREMHMxrJcbJaztW4wGblFG5tnrfBMZm7VcDNbDFarwWy3WYteH9PFuRqNlgsvEgzw2IvkaZFOVDbPcLgybUyb5cS42lgmu81mMlzYhpOFxTMyDiZiieZkkU5kl33H45wsh5PhYGRZLWa2kcewWy03i8ViNJtYRi7fvrOxLBeb5WytG0xGbtHG5lkrPJOZWzXczBaD1Wow223WotfHdHGuRqPlwt-YDXfLyXA2mOwbs-FuORnOBpN9h87wXX3ORs_lYO7IvOHS2We0OQ0Kl8HinapX32hndhD9pkWnTKZWFnRGv9_v9_v9fr_f7zdoPQezQeF7Hv7C6WN5Loez0YPYoFDEEsFFOtE87H6_1yKWKE0X6USv-7tddr9kMliOFhOxRHC6SCeil_F0Uf-RQy7mks1yLhnM5orhYpUAAAAAAAAAACzBJNNNAAAAAJwMZLac7VbrdBCj2Wg0WC0XwANcgC5gEAAAAAAAgF3NiNxuaXxSW8Uae8xgHna_32tlABCC2cw2-4wg1mq1rAEAAAhgAwAACOCmG28CVKG4_____3EAAABk5NADAAAQ3wcE9MSFUi_8yK8gFovBaP8AVIi1Wq1uN9ZqtQA!&proto=2,3,5,6&encoded=1&pstn=vforce2&callback=&wfv=1&amp=0&qsz=6&ft=0&pb=0&pagg=1&sd=undefined&ctsldr=0&dtagid=1464405&dpubid=269675&abtst=esv_vB!lvlstst-in2_vB!lvlstst-in2_vB!lvlstst1_vB!nonrv_vA!t45!ufm_vA&mPre=0.033&cirf=https%3A%2F%2Fwww.sanook.com&en=1&panid=202e06318a2544c6c1d73352adfda9fb927a690e944469bca1fcd681882cf7de
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/women/220941/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: 3ca78bd0d073b822d4968dfbc211a029aec31edb2e6994e81326d28f1db4528b

Request headers

Referer: https://www.sanook.com/
accept-language: ka-GE,ka;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type: text/plain

Response headers

pragma: no-cache
date: Wed, 28 Jun 2023 05:03:34 GMT
content-encoding: gzip
server: nginx
machineid: 1404
vary: Accept-Encoding
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.sanook.com
cache-control: no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
access-control-allow-credentials: true
expires: Sat, 26 Jul 1997 05:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: p3.isanook.com
URL: https://p3.isanook.com/sh/0/di/ac/vl/spacer.gif

Domain: p.rfihub.com
URL: https://p.rfihub.com/cm?in=1&pub=20513&ssp=taboola&gdpr=0&gdpr_consent=

Domain: d5p.de17a.com
URL: https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID

Domain: p.rfihub.com
URL: https://p.rfihub.com/cm?pub=224&in=1&getuid=https%3A//image2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D

Domain: match.prod.bidr.io
URL: https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent=

Domain: cr.frontend.weborama.fr
URL: https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=

Domain: a.audrte.com
URL: https://a.audrte.com/match?gdpr=0&gdpr_consent=&p=M1717054901&uid=42506BB5-4699-4248-8DC1-E5C15A48A7E9

Domain: avd.innity.com
URL: https://avd.innity.com/dc/?cl=0&cuid=e58b9e164f0e147e18d71101e94a85bd&cb=1687928604896&douid=&sess=1714085.0.1687928604891&dur=0&ref=https%3A%2F%2Fwww.sanook.com%2Fwomen%2F220941%2F&srf=&pk=&pt=%E2%80%9C%E0%B8%89%E0%B8%B2%E0%B8%81%E0%B8%81%E0%B8%B1%E0%B9%89%E0%B8%99%E0%B9%82%E0%B8%84%E0%B8%A7%E0%B8%B4%E0%B8%94-19%E2%80%9D%20%E0%B8%AD%E0%B8%A2%E0%B8%B2%E0%B8%81%E0%B9%84%E0%B8%94%E0%B9%89%20%E0%B8%97%E0%B8%B3%E0%B9%80%E0%B8%AD%E0%B8%87%20%E0%B8%AB%E0%B8%A3%E0%B8%B7%E0%B8%AD%E0%B8%97%E0%B8%B5%E0%B9%88%E0%B9%84%E0%B8%AB%E0%B8%99%E0%B8%A1%E0%B8%B5%E0%B8%82%E0%B8%B2%E0%B8%A2%E0%B8%9A%E0%B9%89%E0%B8%B2%E0%B8%87&sr=1600x1200&ul=en-US&de=UTF-8&vp=1600x1200

Domain: ih.adscale.de
URL: https://ih.adscale.de/su?gdpr=0&gdpr_consent=&tpid=22688&cburl=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fstroerrtbeur-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D__STROEER_USER_ID__

Domain: ce.lijit.com
URL: https://ce.lijit.com/merge?pid=42&3pid=3c291396-702d-4cf3-a32f-583610550673-tuctb95449a&us_privacy=&gdpr=0&gdpr_consent=

Domain: rtb-csync.smartadserver.com
URL: https://rtb-csync.smartadserver.com/redir/?partnerid=107&partneruserid=3c291396-702d-4cf3-a32f-583610550673-tuctb95449a&gdpr=0&gdpr_consent=

Domain: api.rlcdn.com
URL: https://api.rlcdn.com/api/identity/envelope?pid=1258

Domain: a.tribalfusion.com
URL: https://a.tribalfusion.com/i.match?p=b6&u=CAESEM3Ez90Za2m_c4Nqga2zAnI&google_cver=1&google_push=ATf1kGPIf4LrngDDw-EQUvpi5-nOYagSZ0jl0kBxLyMUktZF73IG_pjq2tf5_fu4QIuNADUmBLGuTRS6oFWAGd1aEhkTZ_-8P1I&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DATf1kGPIf4LrngDDw-EQUvpi5-nOYagSZ0jl0kBxLyMUktZF73IG_pjq2tf5_fu4QIuNADUmBLGuTRS6oFWAGd1aEhkTZ_-8P1I%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24

Domain: fksnk.com
URL: https://fksnk.com/cs/google?google_gid=CAESEBpUXg4FNIytbmY3P-Q4wtk&google_cver=1&google_push=ATf1kGMDVOJ2to_Q7nqS9DQKKbD7G5G1KR8jFsZ5Rtqma2rGHP-jZ6nwEkKjxq7XAvJtf4VYO-QeHK15mOh8AxlhVueT6o_UGCw

Domain: fksnk.com
URL: https://fksnk.com/cs/google?google_gid=CAESEBpUXg4FNIytbmY3P-Q4wtk&google_cver=1&google_push=ATf1kGMw6bpTmIRx6_xFeuAmZrVzLIP3VOaDmln_vkNpKn4qBwHOvYyo7denl3ycJRfBUkUsz5QZ3i4sldd2IvCM-JKlMIPKHrI1

Domain: a.c.appier.net
URL: https://a.c.appier.net/gcm?google_gid=CAESEAnNPRTdYdWdFW8MMjCeets&google_cver=1&google_push=ATf1kGPStr9bkvicFOd3iBJ1t5oFuapeaosqSmojkM5z5-aA8tZrAZGLuFWNXxnyzYpuaD9kiHPPy3Yqpfymdap6WzWSAB50YhWH

Domain: a.tribalfusion.com
URL: https://a.tribalfusion.com/i.match?p=b6&u=CAESEM3Ez90Za2m_c4Nqga2zAnI&google_cver=1&google_push=ATf1kGNxckeuBLyxvCVJu5nnndoU1koTRnYFO6PVCXSB9O_CQYgMeVF4c9-BtD_-Q10ZJ7JCXhkXurolcTqS8s8UheRFk4csVUk&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DATf1kGNxckeuBLyxvCVJu5nnndoU1koTRnYFO6PVCXSB9O_CQYgMeVF4c9-BtD_-Q10ZJ7JCXhkXurolcTqS8s8UheRFk4csVUk%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24

Domain: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstCNy5yymyiUc3Ua1d68B52jzAn_g8iFbauZbR5IPV0H2JWO-Ib5MBeHqMZr6zB2NyK2aemOa0OFh0tXQlnG33uKX_P34KPT38fbGrWyrGpJGYxIRXz&sig=Cg0ArKJSzJxuTjVAwKqLEAE&id=lidartos&mcvt=0&p=0,0,0,0&mtos=0,0,0,0,0&tos=0,0,0,0,0&v=20230626&bin=7&avms=nio&bs=1600,1200&mc=0&vu=1&app=0&itpl=19&adk=1396602897&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=3&r=b&rst=1687928604034&rpt=1024&isd=0&lsd=0&ec=1&met=ce&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Domain: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsva6wLrCVq_rIYfozIOmG5vCGTbJcepeoetqVg1epbAv4FkqSt0dlcfIKPTmlC46sLNuYy9F84LjXKwHrv95erMF7VNyAzqayRsrn_GZnON9P2g_FTq&sig=Cg0ArKJSzK8mfWBbyUqsEAE&id=lidartos&mcvt=0&p=0,0,0,0&mtos=0,0,0,0,0&tos=0,0,0,0,0&v=20230626&bin=7&avms=nio&bs=1600,1200&mc=0&vu=1&app=0&itpl=19&adk=178697795&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=3&r=b&rst=1687928605562&rpt=686&isd=0&lsd=0&ec=1&met=ce&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Domain: rtbdemand.apiip.net
URL: https://rtbdemand.apiip.net/api/check?accessKey=7ef45bac-167a-4aa8-8c99-bc8a28f80bc5

Domain: a.tribalfusion.com
URL: https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}

Domain: core.iprom.net
URL: https://core.iprom.net/cookiesync?gdpr=0&gdpr_consent=

Domain: a.tribalfusion.com
URL: https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}

Domain: core.iprom.net
URL: https://core.iprom.net/cookiesync?gdpr=0&gdpr_consent=

Domain: a.tribalfusion.com
URL: https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}

Verdicts & Comments Add Verdict or Comment

805 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

153 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.sanook.com/women/220941	1969-12-31 23:59:59	Name: verify Value: test
.taboola.com/sanook/	1969-12-31 23:59:59	Name: taboola_session_id Value: v2_cc9298280d251f6dc0759311146b2de7_3c291396-702d-4cf3-a32f-583610550673-tuctb95449a_1687928602_1687928602_CNawjgYQgeA9GL78iYOQMSABKAEwTzj74glAho4QSLLZ2ANQ____________AVgAYABosa_ptcr9986tAXAB
.sanook.com/	1970-01-20 15:01:44	Name: _gcl_au Value: 1.1.710439222.1687928599
.sanook.com/	1969-12-31 23:59:59	Name: _cbclose Value: 1
.sanook.com/	1969-12-31 23:59:59	Name: _cbclose45879 Value: 1
.sanook.com/	1970-01-20 21:37:44	Name: _uid45879 Value: C1C5C918.1
.sanook.com/	1970-01-20 12:52:09	Name: _ctout45879 Value: 1
.sanook.com/	1970-01-20 15:01:44	Name: _fbp Value: fb.1.1687928599267.2034102562
.doubleclick.net/	1970-01-20 22:28:08	Name: IDE Value: AHWqTUmDCooWe0Ouyn0s3Sj2_anYQzJFUXRs-1RABVVf66w7GewG4Kw-KmYHk6jz
.sanook.com/	1970-01-20 21:37:44	Name: sa_optout Value: 2
.sanook.com/	1970-01-20 21:37:44	Name: dc_optout Value: 2
.sanook.com/	1970-01-20 21:37:44	Name: ads_optout Value: 2
.sanook.com/	1970-01-20 12:53:35	Name: _gid Value: GA1.2.1412767983.1687928600
.sanook.com/	1970-01-20 12:52:08	Name: _gat_UA-8147095-6 Value: 1
www.sanook.com/	1970-01-20 13:35:20	Name: _pbjs_userid_consent_data Value: 3524755945110770
.criteo.com/	1970-01-20 22:13:44	Name: uid Value: 68e2a8ac-8599-4772-855c-0e91b71cefbb
.izooto.com/	1970-01-20 22:28:08	Name: IZCID Value: 6e97a442-fbd0-460f-8c26-37d52d010959
.sanook.com/	1970-01-20 22:28:08	Name: _sa Value: SA1.2.1064489419.1687928601
.sanook.com/	1970-01-20 22:13:44	Name: cto_bundle Value: OqbI9F9nd0QweDhGOFQzeW9kSm9CN2xHcjdya0U5ZUVYRW93REZ5d25oQmc2enlaV2pTY2VUVkhkcG5DNmxPUEJYNWFkb3BXSkklMkZVS0lhMVZqaHVGRnJmQTB2R3p1bjlWMjJJQXdqN0J5TCUyQkVqVXVQS2l5clNpZ1IlMkZJYUNGV1h6YnRnbnRJNyUyRnlvbXRqM3hMQlBFZ3k5dUVmdyUzRCUzRA
.scorecardresearch.com/	1970-01-20 22:28:08	Name: UID Value: 1F3fb2cc319303e9fd4a2441687928601
.www.sanook.com/	1970-01-20 12:53:35	Name: freq.5f73e63e47e7040e00000000 Value: 1
.taboola.com/	1970-01-20 21:37:44	Name: t_gid Value: 3c291396-702d-4cf3-a32f-583610550673-tuctb95449a
www.sanook.com/	1970-01-20 21:37:44	Name: trc_cookie_storage Value: taboola%2520global%253Auser-id%3D3c291396-702d-4cf3-a32f-583610550673-tuctb95449a
.sanook.com/	1970-01-20 22:28:08	Name: _ga Value: GA1.1.1184271674.1687928600
.sanook.com/	1970-01-20 22:28:08	Name: _ga_M0RYDTKBFK Value: GS1.1.1687928600.1.1.1687928603.57.0.0
.sanook.com/	1970-01-20 12:52:10	Name: innity.dmp.225.sess Value: 1.1687928603980.1687928603980.1687928603980
.sanook.com/	1970-01-20 12:52:10	Name: innity.dmp.225.sess.id Value: 76488593.225.1687928603980
.sanook.com/	1970-01-20 12:53:35	Name: innity.dmp.cks.innity Value: 1
.teads.tv/	1970-01-20 21:36:18	Name: tt_viewer Value: e15c0ee7-6580-4399-9f7f-e3640bef02e4
.sanook.com/	1970-01-20 22:13:44	Name: __gads Value: ID=f3ec93754cb0ebb8:T=1687928603:RT=1687928603:S=ALNI_MZQaDx_gU9Ge1UdkydbXkTUYiHTjQ
.sanook.com/	1970-01-20 22:13:44	Name: __gpi Value: UID=00000c34a6f6ee85:T=1687928603:RT=1687928603:S=ALNI_MYOVWWmUs-bV0dtkpGRqhJTSMB8Ew
.sanook.com/	1970-01-20 12:52:08	Name: lotame_domain_check Value: sanook.com
.pubmatic.com/	1970-01-20 21:37:44	Name: KADUSERCOOKIE Value: 42506BB5-4699-4248-8DC1-E5C15A48A7E9
.innity.com/	1970-01-20 22:28:08	Name: iUUID Value: e58b9e164f0e147e18d71101e94a85bd
.openx.net/	1970-01-20 21:37:44	Name: i Value: ff89f70d-8a06-4cda-bfae-1fd6dfa659a4\|1687928604
.sanook.com/	1970-01-20 22:28:08	Name: iUUID Value: e58b9e164f0e147e18d71101e94a85bd
.sanook.com/	1970-01-20 12:52:10	Name: innity.dmp.0.sess Value: 1.1687928604891.1687928604891.1687928604891
.sanook.com/	1970-01-20 12:52:10	Name: innity.dmp.0.sess.id Value: 1714085.0.1687928604891
.crwdcntrl.net/	1970-01-20 19:20:56	Name: _cc_dc Value: 1
.crwdcntrl.net/	1970-01-20 19:20:56	Name: _cc_id Value: 7b6ef12cee5319d15451f11f38c32124
.sanook.com/	1970-01-20 19:20:56	Name: _cc_id Value: 7b6ef12cee5319d15451f11f38c32124
avd.innity.com/	1970-01-20 12:53:35	Name: geo Value: AS%3BGeorgia%3BGE%3B%3B%3B
.adsrvr.org/	1970-01-20 21:39:11	Name: TDID Value: afa44a28-be32-4884-b7e2-2e84609cee3b
.yahoo.com/	1970-01-20 21:38:06	Name: A3 Value: d=AQABBB2_m2QCECu-3T75CC9tSLrPDBI8AB8FEgEBAQEQnWSlZEfWPzIB_eMAAA&S=AQAAAvnlh_PL9ou60jwxFh4Gg08
.simpli.fi/	1970-01-20 21:39:11	Name: suid Value: 7E612F18E5434AC5AE4AC517E1E74AFD
.mathtag.com/	1970-01-20 22:18:03	Name: uuid Value: 75ea649b-bf1d-4100-8616-1c08765efb1e
.bidswitch.net/	1970-01-20 21:37:44	Name: c Value: 1687928605
.bidswitch.net/	1970-01-20 21:37:44	Name: tuuid_lu Value: 1687928605
.bidswitch.net/	1970-01-20 21:37:44	Name: tuuid Value: da905178-8959-4a60-8e7c-b68c63e97565
.quantserve.com/	1970-01-20 22:22:23	Name: mc Value: 649bbf1d-5e172-ca946-06d7d
.adnxs.com/	1970-01-20 15:01:44	Name: anj Value: dTM7k!M41.D>6NRF']wIg2GVRhj]iM!]tbPl1M>e)ZlrFUfJ+tGXxpC<_#vc?oomSL!8E_c1]U6Ew+]mX^XC7s!>4P3If)y3KL9D3I?+jdE@AX
.pubmatic.com/	1970-01-20 13:35:20	Name: KRTBCOOKIE_27 Value: 16735-uid:75ea649b-bf1d-4100-8616-1c08765efb1e&KRTB&16736-uid:75ea649b-bf1d-4100-8616-1c08765efb1e&KRTB&23019-uid:75ea649b-bf1d-4100-8616-1c08765efb1e&KRTB&23114-uid:75ea649b-bf1d-4100-8616-1c08765efb1e
.pubmatic.com/	1970-01-20 13:35:20	Name: KRTBCOOKIE_377 Value: 6810-afa44a28-be32-4884-b7e2-2e84609cee3b&KRTB&22918-afa44a28-be32-4884-b7e2-2e84609cee3b&KRTB&22926-afa44a28-be32-4884-b7e2-2e84609cee3b&KRTB&23031-afa44a28-be32-4884-b7e2-2e84609cee3b
.adnxs.com/	1970-01-20 15:01:44	Name: uuid2 Value: 5765200872278922785
.pubmatic.com/	1970-01-20 13:35:20	Name: KRTBCOOKIE_57 Value: 22776-164765543742477328&KRTB&23339-164765543742477328
www.sanook.com/	1970-01-20 12:52:12	Name: _lr_retry_request Value: true
www.sanook.com/	1970-01-20 13:35:20	Name: _lr_env_src_ats Value: false
.amazon-adsystem.com/	1970-01-20 17:21:25	Name: ad-id Value: A8jrA7Macke9tLHB2h1guOM
.amazon-adsystem.com/	1970-01-20 22:28:08	Name: ad-privacy Value: 0
.pubmatic.com/	1970-01-20 13:35:20	Name: KRTBCOOKIE_80 Value: 22987-CAESEPPeSxlv60YU1Rnr-T4FKlY&KRTB&16514-CAESEPPeSxlv60YU1Rnr-T4FKlY&KRTB&23025-CAESEPPeSxlv60YU1Rnr-T4FKlY&KRTB&23386-CAESEPPeSxlv60YU1Rnr-T4FKlY
.dotomi.com/	1970-01-20 12:52:08	Name: DotomiTest Value: 706ecc9f3c241f5f
.crwdcntrl.net/	1970-01-20 19:20:56	Name: _cc_cc Value: "ACZ4XmNQME8yS00zNEpOTTU1NrRMMTQ1MTVMMzRMM7ZINjYyNDJhAIKU2ftlQTQUAABQbApU"
.crwdcntrl.net/	1970-01-20 19:20:56	Name: _cc_aud Value: "ABR4XmNgYGBImb1fFkhBAQAXnAHc"
.turn.com/	1970-01-20 17:11:20	Name: uid Value: 8328107424253339475
.sanook.com/	1970-01-20 12:53:35	Name: panoramaId_expiry Value: 1688015005881
.sanook.com/	1970-01-20 12:53:35	Name: panoramaId Value: 202e06318a2544c6c1d73352adfda9fb927a690e944469bca1fcd681882cf7de
www.sanook.com/	1970-01-20 14:18:32	Name: pubmatic-unifiedid Value: %7B%22TDID%22%3A%22afa44a28-be32-4884-b7e2-2e84609cee3b%22%2C%22TDID_LOOKUP%22%3A%22TRUE%22%2C%22TDID_CREATED_AT%22%3A%222023-05-28T05%3A03%3A25%22%7D
.contextweb.com/	1970-01-20 21:30:32	Name: V Value: xqNLBIFE9zQJ
.contextweb.com/	1970-01-20 21:37:44	Name: pb_rtb_ev Value: 3-1leo\|5Ql.0.3c291396-702d-4cf3-a32f-583610550673-tuctb95449a
bh.contextweb.com/	1969-12-31 23:59:59	Name: INGRESSCOOKIE Value: 80840b26cbace4c5
.rubiconproject.com/	1970-01-20 21:37:44	Name: khaos Value: LJF93ZXG-28-F2IS
.pubmatic.com/	1970-01-20 13:35:20	Name: KRTBCOOKIE_22 Value: 14911-8328107424253339475&KRTB&23150-8328107424253339475
.casalemedia.com/	1970-01-20 15:01:44	Name: CMPS Value: 5258
.casalemedia.com/	1970-01-20 15:01:44	Name: CMPRO Value: 5258
.adfarm1.adition.com/	1970-01-20 15:01:44	Name: UserID1 Value: 7249598160764663957
.pubmatic.com/	1970-01-20 13:35:20	Name: KRTBCOOKIE_32 Value: 11175-AAALVYbJouvsjQNZUo4gAAAAAAA&KRTB&22713-AAALVYbJouvsjQNZUo4gAAAAAAA&KRTB&22715-AAALVYbJouvsjQNZUo4gAAAAAAA
.analytics.yahoo.com/	1970-01-20 21:37:44	Name: IDSYNC Value: "19cx~2cgt:18yx~2cgt"
.pubmatic.com/	1970-01-20 13:35:20	Name: KRTBCOOKIE_1101 Value: 23040-7249598160764663957&KRTB&23369-7249598160764663957
.casalemedia.com/	1970-01-20 21:37:44	Name: CMID Value: ZJu-HshRkwND67zR.rCKowAA
.bidswitch.net/	1970-01-20 12:52:08	Name: google_push Value: ATf1kGOfKqNMDcIRtJLbywd3Ch3Vo9myUv4CEdDMqmNt46O7I9dEr2XEOLCP_mZFWHgcAF75rcNZUZDh98Ip-C2ToBIYzVIxXHi8
.mfadsrvr.com/	1970-01-20 22:28:08	Name: c Value: 1687928606
.socdm.com/	1970-01-20 22:28:08	Name: SOC Value: ZJu-HsCo8YQAAMZjauQAAAAA
.smartadserver.com/	1970-01-20 22:22:22	Name: pid Value: 2898547212336197530
.rqtrk.eu/	1970-01-20 13:02:13	Name: browser_id Value: 1:120cad5c-7dd8-4c46-9b25-99e63f35c0aa
.mfadsrvr.com/	1970-01-20 22:28:08	Name: tuuid Value: 54fe82f7-829a-48e9-86d9-b0203c7762b3
.3lift.com/	1970-01-20 15:01:44	Name: tluid Value: 236773949091720446495
.zemanta.com/	1970-01-20 21:37:44	Name: zuid Value: 3y9_B3aMc4iavrkno_c7
.lijit.com/	1970-01-20 21:37:44	Name: ljt_reader Value: G47vKGZHoca7oem-QF2XJZ-F
.mfadsrvr.com/	1970-01-20 22:28:08	Name: tuuid_lu Value: 1687928608
.mfadsrvr.com/	1970-01-20 22:28:08	Name: ssh Value: !bidswitch,1687928608!taboola,1687928607
.pubmatic.com/	1970-01-20 15:01:44	Name: chkChromeAb67Sec Value: 2
.pubmatic.com/	1970-01-20 12:53:35	Name: pi Value: 155976:4
.pubmatic.com/	1970-01-20 15:01:44	Name: DPSync3 Value: 1689120000%3A235_227_226_219_197_201_245_241
.pubmatic.com/	1970-01-20 15:01:44	Name: SyncRTB3 Value: 1689120000%3A21_3_71_161_54_233_243_204_166_46_13_220_55_165_234_99_56_81_254_7_251_8_22_214_249_238_176_88%7C1693094400%3A69%7C1689206400%3A35%7C1688515200%3A2_223_15%7C1690502400%3A203%7C1688774400%3A63
.pubmatic.com/	1970-01-20 13:35:20	Name: KRTBCOOKIE_466 Value: 16530-da905178-8959-4a60-8e7c-b68c63e97565
sync.srv.stackadapt.com/	1970-01-20 21:37:44	Name: sa-user-id Value: s%3A0-2edcbf8b-8ffe-5139-7aa0-fe24e1a4a5b8.LJWidy%2F4oBUHoO7742tQgwOmqUlHag2fn8youruExsc
sync.srv.stackadapt.com/	1970-01-20 21:37:44	Name: sa-user-id-v2 Value: s%3ALty_i4_-UTl6oP4k4aSluFvvzrU.BlixNVzaZgjf42NWOHSl0CL8Lo%2FD6uwwp3AcBzXo0uo
.srv.stackadapt.com/	1970-01-20 21:37:44	Name: sa-user-id-v2 Value: s%3ALty_i4_-UTl6oP4k4aSluFvvzrU.BlixNVzaZgjf42NWOHSl0CL8Lo%2FD6uwwp3AcBzXo0uo
.pubmatic.com/	1970-01-20 13:35:20	Name: KRTBCOOKIE_860 Value: 16335-Lty_i4_-UTl6oP4k4aSluFvvzrU&KRTB&23334-Lty_i4_-UTl6oP4k4aSluFvvzrU&KRTB&23417-Lty_i4_-UTl6oP4k4aSluFvvzrU&KRTB&23426-Lty_i4_-UTl6oP4k4aSluFvvzrU
.sanook.com/	1970-01-20 21:37:44	Name: FCNEC Value: %5B%5B%22AKsRol9LGmeAUiTWbeNddhxKi4jxT0skcyuRb6JAuBqDpc34uLlVxOD53BU-kR1-fIa2_iBqNsAv_RQZMBlU21zGrLYgGdXrD-FrhyUYlIElB_gE8j4hEoxe9KJAAaAoXXatsTt5NfDkLsvpbiOxlJ9HzFS1jN1Ibw%3D%3D%22%5D%2Cnull%2C%5B%5D%5D
.everesttech.net/	1970-01-20 21:37:44	Name: everest_g_v2 Value: g_surferid~ZJu-IQAAAOpvzgAz
.id5-sync.com/	1970-01-20 15:01:44	Name: id5 Value: 838ae0dc-5509-7492-917e-a8ed048cdbfa#1687928609477#2
.id5-sync.com/	1970-01-20 15:01:44	Name: 3pi Value:
.id5-sync.com/	1970-01-20 12:52:08	Name: cf Value:
.id5-sync.com/	1970-01-20 12:52:08	Name: cip Value:
.id5-sync.com/	1970-01-20 12:52:08	Name: cnac Value:
.id5-sync.com/	1970-01-20 12:52:08	Name: car Value:
.id5-sync.com/	1970-01-20 12:52:08	Name: gdpr Value:
.id5-sync.com/	1970-01-20 12:52:08	Name: callback Value:
.360yield.com/	1970-01-20 15:01:44	Name: tuuid Value: d21693a0-da34-4cd9-818c-9d03d96d287e
.360yield.com/	1970-01-20 15:01:44	Name: tuuid_lu Value: 1687928610
.travelaudience.com/	1970-01-20 22:22:23	Name: _tracker Value: %7B%22UUID%22%3A%22521AB6E9-D115-4509-901D-86956A0E9765%22%7D
.zeotap.com/	1970-01-20 21:37:44	Name: zc Value: c52fb549-65d1-45c5-7fa5-4f344063ed70
.csync.loopme.me/	1970-01-20 15:04:37	Name: viewer_token Value: 2a8ee7f5-ea8f-4d69-a9c4-eefc8c33135b
.gammaplatform.com/	1970-01-20 12:53:35	Name: _aGeoIp Value: JP\|Nagoya
.ctnsnet.com/	1970-01-20 21:37:44	Name: cid_970918ea361a4996a6509077769e1e5a Value: 1
.ctnsnet.com/	1970-01-20 21:37:44	Name: cid_109b3407a06147cead9bc6b17c791572 Value: 1
.ctnsnet.com/	1970-01-20 21:37:44	Name: cid_1134c78fcf914b69916bac76747e26c2 Value: 1
.pubmatic.com/	1970-01-20 13:35:20	Name: SPugT Value: 1687928610
.adx.opera.com/	1970-01-20 21:37:44	Name: UID Value: OPU6dcd90ffc3e742708781cae44c4e89f7
.rubiconproject.com/	1970-01-20 21:37:44	Name: audit Value: 1\|qrLNCc6NN0VI0fio2fosyxMCxLWgh5bGCBm2XTKmclPtQKxMlrvSDhmbthHsXpyvjidWxQJMGa4kEa5N2k7U1SEEFoCDRlfYBn0LdTvpHNwhd3BJ9Iks+KfGnvA7ZeXhX1vKT1ONdRY=
.onaudience.com/	1970-01-20 12:53:35	Name: done_redirects219 Value: 1
.onaudience.com/	1970-01-20 12:53:35	Name: done_redirects104 Value: 1
.1rx.io/	1970-01-20 21:37:44	Name: _rxuuid Value: %7B%22rx_uuid%22%3A%22RX-605987e8-8e92-48ec-9109-eef3cab2fa93-003%22%2C%22nxtrdr%22%3Afalse%7D
.zeotap.com/	1970-01-20 12:53:35	Name: zsc Value: %1D%CC+%BC8%89P%05%27%7FLO%A9%FB%5B%02%D6%3F%EDW5m%C60%FD%0B%0F%97%94F%A6%9F%FA%9F%09%C59T%22o%A6%BB%0F%C9%13Y%89%9E%B9%02%7C%10jP%DB%A9%3B%A7%D9%E9uly%B8%C0H%BE%B9%D1%F0_%1C%C8h%F9%03%19%3F%81%F1%22%AC%81
.onaudience.com/	1970-01-20 12:53:35	Name: done_redirects200 Value: 1
.linkedin.com/	1970-01-20 21:37:44	Name: bcookie Value: "v=2&04890367-6dea-45fc-8905-19d7c0363b75"
.linkedin.com/	1970-01-20 12:53:35	Name: lidc Value: "b=TGST00:s=T:r=T:a=T:p=T:g=3156:u=1:x=1:i=1687928611:t=1688015011:v=2:sig=AQF2x3vXfWAAmN0xtgDdlqOXMUjltwCt"
.gammaplatform.com/	1970-01-20 22:28:08	Name: _aUID Value: 6jn4bzc6a1r8
.onaudience.com/	1970-01-20 12:53:35	Name: done_redirects147 Value: 1
.pubmatic.com/	1970-01-20 13:35:20	Name: KRTBCOOKIE_1310 Value: 23431-6jn4bzc6a1r8&KRTB&23446-6jn4bzc6a1r8&KRTB&23465-6jn4bzc6a1r8
.adsby.bidtheatre.com/	1970-01-20 13:02:13	Name: __kuid Value: 945e7e9f-6780-4798-a233-349853bec454.457142612
.pubmatic.com/	1970-01-20 15:01:44	Name: KRTBCOOKIE_1305 Value: 23408-42506BB5-4699-4248-8DC1-E5C15A48A7E9&KRTB&23413-42506BB5-4699-4248-8DC1-E5C15A48A7E9&KRTB&23479-42506BB5-4699-4248-8DC1-E5C15A48A7E9
.onaudience.com/	1970-01-20 12:53:35	Name: done_redirects282 Value: 1
.targeting.unrulymedia.com/	1970-01-20 21:37:44	Name: _rxuuid Value: %7B%22rx_uuid%22%3A%22RX-605987e8-8e92-48ec-9109-eef3cab2fa93-003%22%7D
.sitescout.com/	1970-01-20 21:37:44	Name: ssi Value: eaf7987f-1ab0-414f-a31f-66e7537a6763#1687928612225
.semasio.net/	1970-01-20 21:37:44	Name: SEUNCY Value: F925DDA3256C8A35
.pubmatic.com/	1970-01-20 15:01:44	Name: KRTBCOOKIE_594 Value: 17105-RX-605987e8-8e92-48ec-9109-eef3cab2fa93-003&KRTB&17107-RX-605987e8-8e92-48ec-9109-eef3cab2fa93-003
.onaudience.com/	1970-01-20 21:37:44	Name: cookie Value: edef1c758b4d3631
.pubmatic.com/	1970-01-20 13:35:20	Name: KRTBCOOKIE_409 Value: 22966-kODCF8PznTTbMbWahMRRWjSR
.sitescout.com/	1970-01-20 13:35:20	Name: _ssuma Value: eyI0NSI6MTY4NzkyODYxMjQ2MX0
.adform.net/	1970-01-20 13:35:20	Name: C Value: 1
.pubmatic.com/	1970-01-20 15:01:44	Name: KRTBCOOKIE_188 Value: 3189-eaf7987f-1ab0-414f-a31f-66e7537a6763-649bbf24-4745&KRTB&23418-eaf7987f-1ab0-414f-a31f-66e7537a6763-649bbf24-4745
ads.playground.xyz/	1970-01-20 13:00:50	Name: connect.sid Value: s%3Ad38XbiaYPRGZTtuERZuKjFp4N07YpwYI.2D6HTT%2F1FvUD0Tu%2BIBvzXrv%2FgO5xIBW8WuqZNZqUhm8
.adform.net/	1970-01-20 14:18:32	Name: uid Value: 3077284338825082833
.bluekai.com/	1970-01-20 17:15:39	Name: bku Value: wXT99YudZtHPDYDX
.bluekai.com/	1970-01-20 17:15:39	Name: bkpa Value: KJy9cyeQd02pSUHknpD0BpA8wtkAwECCRtBiRMaCBE/hjVPZ1p/e9JS2YDX=
.openx.net/	1970-01-20 13:13:44	Name: pd Value: v2\|1687928612\|gen0vNiygu
.pubmatic.com/	1970-01-20 13:35:20	Name: KRTBCOOKIE_391 Value: 22924-4494080886801228774&KRTB&23263-4494080886801228774&KRTB&23481-4494080886801228774
.pubmatic.com/	1970-01-20 13:35:20	Name: PugT Value: 1687928612
.quantserve.com/	1970-01-20 15:01:44	Name: sp Value: CgsIknESBgil_u6kBg==
.adsrvr.org/	1970-01-20 21:39:11	Name: TDCPM Value: CAESFQoGZ29vZ2xlEgsIgMDdoOHn-zsQBRIWCgdydWJpY29uEgsI8r_aueHn-zsQBRgBIAIoAjILCJ6834H45_s7EAU4AVoHeGtzdzlsYWAC
.openx.net/	1970-01-20 13:13:44	Name: univ_id Value: 537072971\|afa44a28-be32-4884-b7e2-2e84609cee3b\|1687928613309807

5 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'ambient-light-sensor'.
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'bluetooth'.
javascript	error	URL: https://www.sanook.com/women/220941/ Message: Access to XMLHttpRequest at 'https://api.rlcdn.com/api/identity/envelope?pid=1258' from origin 'https://www.sanook.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://api.rlcdn.com/api/identity/envelope?pid=1258 Message: Failed to load resource: net::ERR_FAILED
network	error	URL: https://id5-sync.com/k/264.gif?puid=afa44a28-be32-4884-b7e2-2e84609cee3b&ttl=%%TTL%% Message: Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains;

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

5594b4fd3b464788e361638398c3f62b.safeframe.googlesyndication.com
7b396d131b51a631f1f56b13a95d7996.safeframe.googlesyndication.com
a.audrte.com
a.c.appier.net
a.teads.tv
a.tribalfusion.com
aax-eu.amazon-adsystem.com
ad.mrtnsvr.com
ad.turn.com
ads.playground.xyz
ads.pubmatic.com
ads.travelaudience.com
adservice.google.com
ajax.googleapis.com
am-match.taboola.com
am-vid-events.taboola.com
am-wf.taboola.com
analytics.google.com
ap.lijit.com
api.rlcdn.com
apiu.sanook.com
avd.innity.com
avd.innity.net
b1sync.zemanta.com
bcp.crwdcntrl.net
bh.contextweb.com
bidder.criteo.com
c.amazon-adsystem.com
c1.adform.net
cdn.adviad.com
cdn.id5-sync.com
cdn.izooto.com
cdn.jsdelivr.net
cdn.prod.uidapi.com
cdn.streamroot.io
cdn.taboola.com
cds.taboola.com
ce.lijit.com
cm-supply-web.gammaplatform.com
cm.adgrx.com
cm.g.doubleclick.net
cms.quantserve.com
code.jquery.com
connect.facebook.net
core.iprom.net
cr.frontend.weborama.fr
cs.media.net
csi.gstatic.com
csync.loopme.me
d5p.de17a.com
dc.sanook.com
dis.criteo.com
dsp-media.eskimi.com
dsp.adfarm1.adition.com
dsp.adviad.com
dspmedia.eskimi.com
dsum-sec.casalemedia.com
eb2.3lift.com
esp.rtbhouse.com
eu-u.openx.net
eus.rubiconproject.com
fksnk.com
fonts.googleapis.com
fonts.gstatic.com
fundingchoicesmessages.google.com
google-bidout-d.openx.net
googleads.g.doubleclick.net
graph.sanook.com
green.erne.co
gum.criteo.com
hbopenbid.pubmatic.com
ib.adnxs.com
id.crwdcntrl.net
id5-sync.com
ih.adscale.de
il-trc-events.taboola.com
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
imasdk.googleapis.com
img-as.fsanook.com
imprammp.taboola.com
invstatic101.creativecdn.com
ipac.ctnsnet.com
lb.eu-1-id5-sync.com
lvs2.truehits.in.th
match.360yield.com
match.adsby.bidtheatre.com
match.adsrvr.org
match.prod.bidr.io
match.taboola.com
matching.truffle.bid
mwzeom.zeotap.com
oa.openxcdn.net
oajs.openx.net
p.adlooxtracking.com
p.rfihub.com
p3.isanook.com
pagead2.googlesyndication.com
pips.taboola.com
pixel-eu.onaudience.com
pixel-sync.sitescout.com
pixel-us-east.rubiconproject.com
pixel.onaudience.com
pixel.rubiconproject.com
pm-widget.taboola.com
pr-bh.ybp.yahoo.com
pubmatic-match.dotomi.com
px.ads.linkedin.com
rtb-csync.smartadserver.com
rtb.mfadsrvr.com
rtb.openx.net
rtbdemand.apiip.net
s.ad.smaato.net
s.amazon-adsystem.com
s.isanook.com
s0.2mdn.net
sal.isanook.com
sb.scorecardresearch.com
secure.adnxs.com
securepubads.g.doubleclick.net
simage2.pubmatic.com
simage4.pubmatic.com
sloth-api.sanook.com
spl.zeotap.com
ssbsync.smartadserver.com
ssum-sec.casalemedia.com
stags.bluekai.com
static.criteo.net
static.xx.fbcdn.net
stats.g.doubleclick.net
sync-t1.taboola.com
sync-tm.everesttech.net
sync.1rx.io
sync.crwdcntrl.net
sync.inmobi.com
sync.mathtag.com
sync.srv.stackadapt.com
sync.taboola.com
sync.targeting.unrulymedia.com
sync.teads.tv
t.adx.opera.com
t.pubmatic.com
tags.crwdcntrl.net
tg.socdm.com
token.rubiconproject.com
tpc.googlesyndication.com
trace.mediago.io
trc-events.taboola.com
trc.taboola.com
u.openx.net
uipglob.semasio.net
um.simpli.fi
ups.analytics.yahoo.com
us-u.openx.net
vidstat.taboola.com
vidstatb.taboola.com
wf.taboola.com
ws.rqtrk.eu
www.facebook.com
www.google-analytics.com
www.google.com
www.google.ge
www.googleadservices.com
www.googleoptimize.com
www.googletagmanager.com
www.googletagservices.com
www.sanook.com
x.bidswitch.net
a.audrte.com
a.c.appier.net
a.tribalfusion.com
api.rlcdn.com
avd.innity.com
ce.lijit.com
core.iprom.net
cr.frontend.weborama.fr
d5p.de17a.com
fksnk.com
ih.adscale.de
match.prod.bidr.io
p.rfihub.com
p3.isanook.com
pagead2.googlesyndication.com
rtb-csync.smartadserver.com
rtbdemand.apiip.net
104.18.216.65
104.21.234.8
104.22.25.87
104.22.53.86
104.75.89.75
108.138.1.25
108.138.36.111
108.138.36.28
108.138.39.216
119.81.216.16
124.146.215.43
13.107.42.14
13.248.245.213
13.32.99.90
134.122.57.34
141.226.224.32
141.226.228.48
141.94.170.77
141.94.171.216
141.94.240.143
141.95.32.72
141.95.98.65
142.250.181.227
142.250.181.238
142.250.184.194
142.250.184.202
142.250.185.106
142.250.185.130
142.250.185.166
142.250.185.168
142.250.185.174
142.250.185.194
142.250.185.234
142.250.186.132
142.250.186.161
142.250.186.162
142.250.186.66
142.250.74.194
15.197.193.217
151.101.1.44
151.101.129.44
151.101.2.49
151.101.65.229
157.240.251.35
157.240.251.9
162.19.138.83
169.150.247.37
172.217.16.130
172.217.16.195
172.217.16.206
173.194.76.155
178.250.1.11
178.250.1.8
178.250.1.9
178.250.7.2
18.158.79.166
184.28.181.176
185.106.33.48
185.29.134.244
185.64.189.112
185.64.189.226
185.64.190.78
185.64.190.80
185.80.39.216
185.86.139.94
195.5.165.20
198.47.127.20
198.47.127.205
2.18.160.221
20.127.253.7
203.151.128.177
203.151.130.56
203.154.58.214
207.120.36.69
208.93.169.131
216.239.32.3
216.239.38.181
23.212.88.20
23.32.184.192
23.37.42.132
23.88.86.2
3.120.73.159
3.71.149.231
34.102.146.192
34.102.163.6
34.102.253.54
34.107.231.31
34.120.107.143
34.247.153.61
34.96.70.87
34.98.64.218
35.186.193.173
35.186.253.211
35.190.0.66
35.190.39.111
35.204.158.49
35.208.249.213
35.214.209.176
35.244.159.8
37.157.6.243
37.252.171.149
43.152.26.154
43.152.44.81
46.228.164.11
46.228.174.117
52.211.103.124
52.213.96.27
52.220.229.2
52.30.150.15
52.46.155.104
54.156.56.88
61.91.93.45
61.91.94.165
63.215.202.137
63.251.14.3
64.74.236.255
67.220.228.203
69.16.175.10
69.173.144.138
69.173.144.139
72.251.241.204
77.243.51.121
8.43.72.97
82.145.213.8
85.114.159.118
91.228.74.159
92.62.130.178
95.101.149.35
98.98.134.243
0014ffccade01ae1ab385b85433decef0f11f26cbe25721faa0d13bb5c0badda
0407dafc112212a135d1aa4dd9b40ba0208c6bb6b1959f5535af093254189d66
04739cdd0a9f88f3ceac9851166b8376d4d10cc38cff7f92edc30d5e298d11b1
04dd17131968a07c34224fb2e34a25d3bdd06fed40c6025f20ecdfc9e6eff2a0
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
076d24cbdcf9e0597833fef55d3dca79e6b5fd281e45d85957bea5925473bc6c
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
082a175e45ea74470f7bdc24248a3b1e080c60a81bd0aa432f51dc98680b1b38
08a8463bf15cca775e8cc01995f1d42758cbda90dee2b7019fee15daa62822c9
09439d5fce9bc38ceac331e7da5d0a7bc2b88c88b9fe7e6bb12a006254632e60
0a55a803103fd73c135ad66d1a8b9aa2a7a7bb0054618b70a9c0d46c87a59371
0ac2654f733fb50a86eb7d31e0d9c33160779cfa74b584e458448872b95219cf
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80
0b2e019fbe37d9642ad85f3194ef708e5510f4e580544587d3036d2c6a22809e
0b55ec4e5aa91ac70224085c402a372fcdd954dd4df3229b7de7efbfa86cff3c
0b8957b41a0f8972ab50ec3c4ff92fff08f2f5dd19f3d4b8166aa6c723e6d82c
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0b93fcce3e4ed4086f6f2e19b753dfd7f9e48213ddba0ab5b8c9dfb2dc862ae0
0c15bfd08232823d9669b87651b41e086f88cdeb6638c952ee8216ef3bc58b0a
0d111d61901004eafd87c672f12f6cd54b3c376513aa672bf58100506dfe76f5
0dd8fc60dd2b16b2caa3910eb6e7f9f539f749e895ae41c101fa2c3d6d7106d7
0e7180a71dde7d28bbb50ea73c1f2687ac78e876e393870c9b9a3b57f7b95986
0ef96616448b6a5a85f613193f68ad3f98957f5e2dde7fc4cab40d6c2e417238
0efc2b3150feea54abc6285d834aaea36661ffd5acb56047656748c731d12330
10b7f660bbe70fc660e99f219bfd972dafc4837c50260a04c0ec63f7a7c2cead
11d2bdb5484bfb6a7cf3372118314b287d5f1cd8f64e942dce92853b4eeef968
12033e73be050321fdc3d2756f9970c1423c57bd877e8c316cb023b67ecd34df
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
12b5eaccd8a9d81a6a12512566d2b72aa7c100b4a261a08ee6aae4679a9e36b4
12c77ac611a4332b163f12367043df571ad45e56537880d12235f9aa3376e777
13196d718f448e479eb932c6f6f8ec259f79474c272a67628027b1dc5127bd01
14642d9bda67d96a5291f33bb8c703967c8f2ac0214efe41b0c453aaa369cc6e
15fac2fdbb8af0c07f9f4ad320112b4e93508afb4e9d53ea474cf400f20b7734
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
1738581c7fbdaf8d87bf740f768fc04a0f3ba908967bb6fd12ece14b9ce38fe4
179499f36d5bea583e01d4b176aaf461aa94be585275eb34fc9a099013e68e60
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
19677d061ebecf56a68d8a379c102b114ac5f901cd50873f0d98545e0d6f00ca
1aaffaf23421624f140c74bf5abeb203fab96cf341796cd0d16fbebc2a6ee144
1aee66e2e24e851039801c0dace90f3efb7a1a17b033f7d5bbc12ca7c1d19432
1c4ab2f8971959b6a8e4375092eacd41007a97c2078e14af4dd43fdfea43bb6a
1cc6ea7b5ee7743c78ecc2ce4cfa26dbf557cda7c3964f51a97ca821fe191407
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
1d2af190c50b253938d0bd45e907ae7981359dc7224bbc020c518d449cadad09
1ea2cc1571eeea94445a1b48b53ab3df57be81ecffdf75728c8b42df8a8df284
1ed6dbf78873f431131c57bceef419d33c140c1c1e20b5235f0015f8cf5192a8
1f45b3cb70dbd5ad242b7d9e086f8b44939740aff0f169067aeb7259e353b490
1fbcc7f3b789fe32c35941497b721bb531abec0f03d77ccdee56119af3f27bdc
2104855248541b155f008a2979c14a6e24d809c92ccc54dc16c98dd32116eb03
211ce11050c57b74d7f793232305a8ee5cea7f061366efaa6df4bff5cb7a2495
215f4ef2146f44284e28d5e6334dd7eb736ca0ec7ea148d16d7bf2c45988bdf8
2196ce7f33cc68484877fa94f170765e9a2ed92a55b5dc6e12b4efa5197fa925
21a1f91c8fc410da7a83086287557260103aec19581bdc9b8331243779367451
2295fbd4eed6fa5b0d775a17048a0f73e85c3a347bb384be7b427418cd453d23
22a191737d58e91e6ea2b8bfbdcded9a8c184ea7b438cebb84f65e107bdab663
23b42d89f560227ed71458d7c74b92caa44de221bb9209c369cec8c75f97f2ce
23c9a8181bf7dd6670130c3ab66b5ed62fb1056657de6b32525304e31af15922
250c5d4f82a35a76df85b2888aeee92bb430fdfafb5722bfdb39610caeb65dc0
28b7a0f74d6167961091562429f20cae466bc8265e2803a22f99200e89f7c93f
2b1b0887304a18419d7cd3f97a53310197a1f8783737b823147a5c891c6e6dcc
2c3282f6361e85f669bc3d248b8693c53dd22f8f06488c99beb57258e6e00f87
2d7ffcc5150251cee54325976f95f3b844dd7ac7970eee86552ee9382a1a8fa8
2d80e664e546141cb614f2a3c70ed734157998b06c5aa35c7766fbfabea96b08
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
3009935cba76944c4d42291b3db5c07f521b3b4e80ffac3295ce76fb57d52d91
3086c49956d51c2cba2562ba86a083aedf01d66f41c264f158f5d4f6e632c3eb
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
332d8e2d6964e41c92a430d24b1b469bfdcc30ad072f980b2e7adf241590886a
350561b966752ef570c416aa9bd649dcc3c7b903fd5ba20c9375c7a713ef0d25
35ca42e2853ea433b5c3a2e4d2f159a54d0b3133d0b54d37f40b85e6d4c51aa9
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068
3742d5b28f7d0667a9e788a9a6867410194c116b62d93bcd6d256dad386189ad
383e7de5472fa0805511cb92ecfed5a182c010d7fc2d4c8da059ba0426194d33
392c32f20b9f867852a946a6ed1c5e21476df9619083548b6585d80a3b5f9bd4
39a9767a33fe8b9d31f24bb9f29f98152c9f738a1bf59539cfd87285d30be231
39b076e4bb4fab9b8a142499cf6155f8c128464974691a04de7e764f71b72618
3a3708ae57e8e85f42e94cd40dc4e8dfd2c6fae3ec52d67b35e19237f450084f
3a6dd89113e4ac5370c05fa1239fa2b3bd7daec9988e214698bb4337d7055e32
3a73e8d0ec72b787592da2c1396e3c077c069387174b97e4dca18a911b1d54eb
3aaf0fa9fd2c6ca4f097f5943e0398408ee52a5d9663cae23b4fdd68e436ef42
3b89401fea631023de67ae75bf8f246b1af109a9a4247c3862016949eacc462b
3c306814caff0bcd34236c2f17695012ea796e2e7d0d1506ec323773f70596b8
3c78f30eae1c546abce28fb3253e8e32612aa206d67c02049b35506691a77ec7
3ca78bd0d073b822d4968dfbc211a029aec31edb2e6994e81326d28f1db4528b
3d65d402bfd2d40e6f69dc563fa6dc454bbbff49c4601c8fd9a9e4179d16d6f1
3e7d49f24d56db02c7baca8ae3a17555c2e527571450e8c24c77b453407e267a
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3ed6172c57461534660b5435664ff1a82c954872daf7c3e79edd7ac8d6e78436
3eda6d9d9ce8d34aeae4ef396eee0d3a79569b5527136de05938e3ff2f470093
3f32099b59e873a57587a20c99cfd8d1f5c60081add4d50b9ff6ce25bd3cd0b5
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
412e44de7c09f2b8d76b1ad4ca25cc6915bcca5d737aaa7c5a6b44e5965d1d6d
414ffa2cfb16d4cab6ba693f1dc1d4682a4f2a08e3d9aa8536cf1dcac822eca2
42b9a15f9b6a86e0bca2678c6a6679ed2e73777ca55d893012e685275249f702
43ea9ef76731500d6c3463b196d10efe7821051bb44d24b7080919adbe6366f2
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
4475158a6db4d9f6acb7ff044c9ab87b433707a49404ca74e9806950bb565e3f
44a8550a5891e70e072fe307ff01f77c94c89a120117c7aaa82e5e9ac2860436
44ca2146f5e4ac14cbb7e71aefc11dc07792aa5302627fee0209b3ecdab18b25
464be521d749b2ba1c7e8c1f87223b56a03ee0bd05484baa0e9067ce9eb9d2be
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
4895c44118a86780663c6e877b78922dda0ddb83051b4b1d22ed786415868af1
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
4924e12a30059184d9bd1c36294dcdf957f5f2da452209448b35a93aa785cca5
49388d71763e0cd0a0c7489561fd837dc39069c6273f049f2f25775b023121b3
49882d4c608390a68db3bc5b2cd2ae75c71b170ff0f2763b57e87686d8bc7992
49df687aafbcd68fee44ebf3a5d015dbc1249dc10a6af49e4b014dbf81c69aca
4a80b29c03942c5e6681b13019cc4d4fe2ea05e12038fda0e030b680ddbfdc1a
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4b73ba1653aaddc0c19e9729053ed92d6273c68705d70d145bf83080feee8deb
4c3eda48e1bef3d279a49a60e5c561301b795d120557aaa8505501d81c8bce8d
4d78dbde982addc92e11e80a520cfc7b5fc849346821ca7bd668bccfac21d4d2
4da184569357566a9c9ed2eb6c8e143f4bef95e9ac567d72df5e31ee47d2b351
4df807f913ad793ba717713bb65f51aa8eb93f88d4df87c1a763ef62205be0b4
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f7d10b03c85f1a4ae2112185a6091efbd2a47974484bb13d571829550a83297
4ffd5f0dfb7b77ede843f2f03f5ca1527ce8d76b70f884ff6dc6861c65652496
50242617945a6f6a36fe2fd68afa582d0b765e127a17bfe46487e5cc3970bb18
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
5254ef619ea505e932d4cd0a9a1e4bb2b9520dfde31099e8427b491b3b9dad87
535499bf25b6a149637ce611286da6239dee803fda1191102371595c8d23d63e
53b0e6770451c05ca7eaf824e5768e9a5cfc4a47ed325c6f5919599a9cca3568
544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
55bbfc861e7a701243f51f7e35b254b20ec854f162f6f9d37e68a75f90dfcbc8
57d130a294cfd6ac50429fa86234f0381598113601b34f0a26995a59a475252d
5834100b74df5b33141bade07e3c6cc1de333768ad6dfe8f11504c01523d7e94
5ae21c64bacbf4172043a14a53245ecd4b869070425c24344ef5e4d983b20a33
5b0a1c9fa55b83f6c2baabc1ff99f48a43294126d03299226c166fb461520305
5c360f4a08727f0dbb9b0452830cb058ff02f8bd09d8e775bfc267655374e186
5f789ccae156b160492d89a6146b1974d15128790b74abb995d8e89fa44cde5e
6110bd3d72d24a65ab45401d0318208e362f323aca3c84d57a36523d34a60f0b
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
63a535305d3b0ca376dd8225cc817b1e6709f346016a99a5aa85c48ca2f77482
63f76efdf34dcee17d568b373f3b6616322a133cf8299dec72a3f9e74789e363
641e51f616d000ed9254b3392c53737e2cd5b63f0761051a4f0a15187fb2e2c2
64faf061ed09cea996b42e0975d7b0425b77b4b50967b211bd5cf375508df564
6573600e0b8e8846b336b6bdd25cf29487f066ed5960befe0a17e9a1d74e6081
65a2c51a124c9c70ba2658a101e28c00535c64651897577b2ed90693e9aeabd4
65d92e36ac9a058f660398ed713dda9b407854b01e659fe29508f8548f9eb479
65eef217d443cecde982c7be5248ec37c06e91602cd401712072bd6e89136e7f
661b4395fdf6481afb7d43aab2fb0eb3eee2a2c8efe620a6a8ccccf01bcd90c5
66ee380ca9f00e51527e09a44f0fbbd2a1979f8876d05d88b307b9f4a9e14537
68551662722fe4ed510f4d33fd3aee3dea77c47dff7584e8c50d1dc9241f22df
695669eab4d353184ff9d06af8b2e1d0c0aea5af143d16b84206b05f1fa7ec3d
695e3e04c7d78887cbe74d3449f5c0a5e2ef92d173e6cbf8f692d3e028f4554d
69651768c0ed318d4a7feb3157ba5687433728fff0cb61f4ebd737142bcd8132
696ebff2f6fb069f9f94ffe87bf3afc534a4dc68dee592c312549170a6e0e9d2
6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6bc543d46cca98aead3005a87979d5dfbad919b8020fa78c1d1952336f967db1
6bf9ce9415eea6f068b8ae700abc9be21de147384e5a62b967cfb630062d6a7e
6cdf5b8d8528713b5a7b3fae738d27e6107afa0cc3a8e691a9d612303f6dfd7a
6df7c73fa12d8261f09a11faff5c77f91f912362a9fdc15c46c3b949b188717b
6f2e467708bf33042629c5ea99418aeb1c3026a41851f320d6dd309c26b667ed
6f51d2ba38480066c4deff4b8d84389d977c9e39d852160a3d8c21f5bf70ef58
6f5b4aa00d2f8d6aed9935b471806bf7acef464d0c1d390260e5fe27f800c67e
70856a63a96ee2c09aa20e62da18169425647aadc2b96612cace247c7014a461
724e580198448dffa92f0ce0a492872fede68b841786ff45bee69a7114ec15a2
72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48
72b957c8e33b77cbf556151dc0c974c59408561b4bf97828c5b400bb60663138
736b2c4b73505c1d470f24657e5fad5ac3da245c41a9734ba6241e8a9daa7bef
747f0cfa83704d88a357ae65f66caf40838ee2b939582f2e11a05ad9e678fa9c
7492395fef5caac2500eb07ba8dbc30c0fa593fe2db43e89db33dc0d3af70e41
74b02f64bf100884aaa1d74667fed86903494b62ce149e8ac3b29cdb20a24184
75211e639a6f958dbd73ff9d849f26e9dec1f621659360882f76dbb4a50bc503
75a4652125853a945a31d2262da42d0bbc892271ee28a53d4db1a02b2bce05ca
776a28e191f05a078df0df129f85d0365d274ac128afd1342265570deac8aaf8
7836c8ef8022b3852c8abe0e8a3a481d896ac1815b7b33b06feaa61ef7ac4f4f
7954a0d6f2c6dd81496228d5665194d0c0aa4c33e1516c79ba8db0b37b116f5b
79e294a7071dc71eebe41f088919fd137441a80f5ba5bd2765b978726ec5ee9d
7ca7a1e30027e42d510cd253b29f1b9f505c04b9af48c9ed20804d9d8006faff
7d4095ea226f3f80d6d4fc62e3737dd5107fd9d4aa4a443cac11378b102f64b6
7d66ae2517f0926f3321039a156a684edeb7debc7cc176af39749bc646691443
7f68ee2786c79a1fa01d4a0f41300e20597ae64bb3604fa6441b594ab9ad3353
802e46397eb62312956c4d3774d57e7a6ce4d6327d5bba368b785446aa8135c4
81f66fb840c902b62f902bc4e27a6e3dee001d2f8babf5e767f78f16136ff0b7
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
839c424b188a9bdafd46e5b643a2c5afb4b7df5e51f0321ffafd5f23b118e259
856b260e65068aea3b94cdb9e6c2074d9c7a79e9d1dd38b5114dd3a72ea11264
868acca2855c9426e8ee404b075c5748bffdf548464fa4229b46eb7ddbe6130c
86c7f6fa0f971de2762b826418bc12223047820b2d27d34d066c96084079914f
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de
8756f19020bac3a40d2a403c5f5bcf3ac5034bc0da074d6a383bbe6c32561de5
89548297e461ee363c33f97f4b761cfd9a4cba8d3dd34e915e4b95ee61d77441
8965d65e3e94312945cad97325a2f8fd48b24489ef0c84ca950d68f6b41a7859
8acb5c888f88d9948d9729db88e737b9dd92ae3653dd11557aa286a55eeaeb09
8c4b69c824c4178c36992112852830ad02e2a81511f8073d9e1cecc839ffecb8
8d67e93b773c993230e55a3881853d5e8d399b32fb591d845c41553c0fe8c71b
8d9ca9a070463bcbe29e90af7f3b2aff78adce09eb1481d5b261af72ef998f28
8ec0877d3ebac0139432fad7a7a93c900087db3c391de08c1b0d73d650952eb8
8f8559a1d533e1b9f28b7904b9328abf7defe554bb3cf4328d84e21ddf5764f2
90dc8ea5f4689b21cfb8a0a192e3e017aa6d81ba6eaa93d00b17db3efcbd4121
9163a6cffabb323a25f6d9ce6806368972f8f17a88ec4ba9e5aa0a92d5fa4fc2
92b90e6df7c880e709cfd70ad4e659609d5a1b898674fb8dd371083f790ba404
93024aa94f49cd25fc69986bf962db245afc6879b3101d3fa2d58bfcb963e78d
93191b26f0c23a09a2fabf5e0d71815caab853f55f7ffd3d9b053d7703fadfec
94094359237b11ed1329f5d99a38f8b64a5690ddbeca1c8d2081c0525ba25155
942b68d6949df5bcfc841a758a03e7b2dd3a4680a079411282fc149496bd1bd0
943cffc6d85a2eecc6f121949a6aa0010ebceeaddc7fff23372c71c87567aee9
964b656289b3bc187440e3556d72226c8f364bdc257acb0b3a99956ad013b60a
97154d299252283a6f591aea0b5984c7db3609792007852d753dd491be860180
97348c353f76a887e0b17194356c30e88de422ceb21c5971c6ab6b13122cc545
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
98d2e3edd14aa506c4521125c7cdb7bb3030d7caae5803feec6d2613195ee955
991b8b544ad11ad8176e3fc1287058425715839ab4c534e61bdc4cd882ea2fee
99547a965f07daf7a5531abff25b655f8ca954dcd1fc1794a87e62b4f59069a7
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9a18306fa24c601c0dab093a860e17849370b11ecb4f863eec35f9521f2c5ee0
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9c3414876f3603f781a46bc8642c58b25d5ebd027f56367f0a1487de285c6e63
9ccdbec9e927128d190882fdc2b16952ae59a95bfe6f179416ecd98d4aeef7ea
9cd0cf9358f6d9ef9aecc29466faba4f8f2f5b9a79f03be60e6b220558fd4340
9e06da0bcecb5c3543ff295850c81e14dc9e0b6e28cccf39dae72e88c2ae1a2d
9ec2c32588fef4f65a2f3fa36dfc2c9142e6c9cbbf26c391e9858e2592c63703
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a02c8ac8f495a76ff06168feb71fda144e5bc5389fb70bc0986bc7450e7473c7
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e
a6571199455f009b27bb8719e76ab06240bb4c9246f6b8915e3119ced168c132
a687719cfe27e33b9d4c5dbf769cb12c0981fab940fd8a9e3ca78515e98e8ada
a68a6a1cb0ae423200a62015c7f0b130fc6d67f3d5c00492649f9f16a648024b
a695b8b12c7d88355d0b1b33d6c643a7913bcfbeae91553bd7560019188b1032
aada7cafad2a820fa83ff944ac71e869921ddadf753539cf23403e13e922c33a
ab8666c9c5f434bb652bf6ee88cb6ff9e51b120c0c38648fd3352168bcb96dae
ab935e06ab36047954ec11bfc6677db2c06bf64a0b6ab0b0566004e2ef5bcc6e
ac0d14d8b4a66299b3a84068fc5447d86121c033e665a51bbd3fb23938e00d3f
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
aef991b2e0b693a95d41986576dd3901ea7ac03b379501b1caba966058753308
afd19ac6383c3a445ce3e18fdda6aad74f8bd93dd0700f2442ce1de1fce7b21a
afd8f0857ea78c5062357999db000e31d7469b088ff8eb6bdb5f6842d552d9cc
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b3ca470a6724c90a285f54fb02ef9b78ea730ef4fc5f7bad035f10ccf0c43faf
b3f3f379d724f87e5282f75c162017587c0f0bdd6fe267518119c7bd4a72059d
b4b2fa70821bb895efc62481fc0894cd2787949383f7067c69a494b8443d62ff
b67b9241c149408c77ef950995b405fb2254058f55d0b93dafb3a9e765ee4b20
b69375931b746ba3f1efd882ecbc0ed69bda0b4eacfcbdf90c3b36fe0dc68d97
b7605b0250e59534bee9ac378c7b01556496f8abeca4aed73d27747c9f0dbd4e
b79ae3695c2658408d8e846750080aed460c56994fe8cbfcfa0bd1b77e249604
b8bee454b11f0a4a8007466999ae2acb69f484d534a78aba6ea8585c2d9be60a
ba6196c4a159b1b4c99756302bdf508b864a53e962b4c819fd5a8b2daa5f1149
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bb9be29c53cd9ba53868db438577a847030688be6b5d77ffc309b154fcf58f96
bbb7002392343b953914d18e2a7d8af24b5bf3da6bdaeffad52b10633ac1592f
bd08be9cbf5f35486ce3011abc8286e9e2f59ac1de1ff9840377332383263f19
be670c3d3cc9021e3e244a863bd36f5c685a09f46cffefdb930b9fefee0fec0e
beb5cbf247c248eddca04f11beaac4736b3ba2f3b551357e96a2a9dca4ea1a59
c0905692ca87c28ed7f0c12ad5e300868a6087d813c527529f9df3958838c4b9
c0c2ec1f2d626ab278d81abe34d30681f0007e8c79a890165f27e3e1550e99b7
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c37abd9dc04c7337013980a8b65c81aa00207cbc8197aa136263684f1ca37233
c3ec5fd82b2b5642bcd2bb6f6db113306135239c684e8b41ee971aaeeb436d84
c3ef41a7b2711db4fe8004949f24349f5235b029705b22c8a5f9194bd8cef5c1
c489134cd8282e379ab7e6aa10e0292038bd696b17554fd03251b59d1a840bdd
c4a27ee312943a0da319a5c3ffc038424873954f22bb5203a41620b2d8c44d18
c5744a04814bc4e9e1769833ce70a9121110dff54a3d5dd49b02596b1a3719ed
c7e91ec737c4456ae82d47d50d3099d60105d58ddfe04c0001b9b13887d41d21
c84f5c94fec8629693e4bbb5d8c6810bdeee0f88ae60703782c583d3dbcf6469
c874f708f5b975cd971bc4b89f3a432a46121a549273f79c0e1363ef54001157
cbbea5ddef89ab10c3ba4c56b378f820b7426c4da981721ad97f6d7638e0c2b1
cdd152da46fe3cee3e804d967f5dead6756bfb9698b157766bbbdc0ab5ce9b0c
ce42adf01899c970e7e1791dc9c4665f8307e40bc6dc1dc7fd20041b8f5f44a6
cf1b60bfeb6a35c7ecef0f2b781093889727240ccbf677b23255dfc798c1f5b3
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d021a42429c9121303b4aa9316b84d89377992c1ba5c680eadb5b3e38989fe61
d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2
d1b3f666dc137b2e28d18ce5dc569c442fd005f030b8ee12134d236d8a51b61f
d1baf1e3c12564049e49e6a2f91ab528957fa12cb80c3dc0b113329a44d4216c
d27a8af1af6f6d6e1e029e12eccb095a262be96563c9a42f96622593ee5a1a17
d38961bd0b1ca21df559b911d10e02450f663398373f3e6ac76eb31809b5b75e
d435ab5b315fa05b5ec2875afe20287bbfd930a91185fefc35dba18c1ef2722c
d4e3661d345f8e4fea14950432ef9862ab23bd33441e7c27cb93f8ef8c9534e0
d57aeaf80265f0b85de1bf9798c3eb60e8b8a71869a16cea4873e21667c9f657
d65f4b2e8eee94ddc7f762d098de19558d879a3b597c8913b4d075532e3ed4b4
d68c3ead837103c502de483abfdb0167fa83abe2a3ba452df2d5f216289f6c9f
d78d9c8e1b7a9ac6fd03b9fe14ca5b561f0365ccfe490cfb0e51e996aa4fdf6c
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e16941500a7e562826092aa4e31a907a0c6e9354e4c843391cd3fdec33602bb1
e17cd97b32de1227d3b69099d7d14166d1c8b61e453a8cd134913a803f08b9e3
e1db25900e37106b1acae1f42e2dba3fa34e76cdd3e33824b38c658ac8268227
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4780cf7bd83405e6b410c77b2f65a827705c3ae367744211867d5c2fbe24612
e53d8bed4c59c8998739795602f58569641716f1cea236777964c1771e0b2b02
e57411e4f4b90c5f7fde3904f8a10035a1057945eb0235b99d682a1acd3d0932
e6c49e667ef73a512d1b579ca675dae131aed4b0541873902abf76840000e9de
e91c5185cda7255c5e6d6b6a623e0a84ca59a48f335a237ebcb8dbac59994e18
ed12cf700eadbdceab2058404396037584477fafd3bbbfd84d9ce2a6f3461e2a
ed3307c62c0d78bf73af142b4c660e3257374d97385b2f50b28b1003a5c00513
ed53ed7e8cca61c3ec4d4cf06ff4d87a8d6ad73479289a9dae93b16c5add4208
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f022d004b222efee610e30fd68b5be41fe393cfe9212ad27612762bf08e6938e
f1c8ce41ae8b88605c4c5fb570282b57d3033d090e073ec9f5809cfcdee32f22
f1e3d93c70524fde72b4aa58a5581719ed2953f8fc64ec5a103bea40fc11fee5
f3d9ef2604c7f5133d7096b134f0c873884577caf93cf6bc16833050afea301d
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f5beabe9074c8bc9408a13f51a663db1b47fe309d05c74cc32f960b7e353ddb6
f5c2cea9fb4541a86979fdf18bb69f11555678d14a9d0b9be1758b65d180553b
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f7fa57c0d35ae39ac4987d2e8c46206616245c2dd1f8f75e848bc58c235e12ce
fb0b7f80bdd77b5081047d7bccf6f1d6b484b111db13f6d6ebfa19885613a626
fb329000228cc5a24c264c57139de8bf854fc86fc18bf1c04ab61a2b5cb4b921
fbfe6b54acb44141865f8871f390e45e3be5738aeb77bfdff8173fba39fd385c
fc4f0ffd15bb00264d4682dff1d2fa701fe1ab85db6f77dc5a7706d346f22cae
fec1885fb0d6f6e49a8e02f66262fc9b7ce3b52a54d24c4574a6ce90d4cb4879
ff542034c21d041c9a0c20aaa35e02a9271fb89d475cfe6ce51c4216a51c2133

www.sanook.com Open in urlscan Pro 203.151.130.56 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

673 Requests

82 %HTTPS

0 %IPv6

102 Domains

169 Subdomains

100 IPs

16 Countries

10852 kBTransfer

30024 kBSize

153 Cookies

29 Outgoing links

Page URL History

Redirected requests

673 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 7 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.sanook.com Open in urlscan Pro
203.151.130.56 Public Scan

Screenshot
Live screenshot

Full Image

673
Requests

82 %
HTTPS

0 %
IPv6

102
Domains

169
Subdomains

100
IPs

16
Countries

10852 kB
Transfer

30024 kB
Size

153
Cookies

673 HTTP transactions
7 data transactions