www.sanook.com Open in urlscan Pro
203.151.128.172 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://www.sanook.com/home/25321/
Effective URL:
https://www.sanook.com/women/220941/
Submission: On June 26 via manual (June 26th 2023, 3:56:03 am UTC) from TH — Scanned from GE

Summary HTTP 694 Redirects Links 33 Behaviour Indicators

Summary

This website contacted 107 IPs in 18 countries across 107 domains to perform 694 HTTP transactions. The main IP is 203.151.128.172, located in Mueang Samut Prakan, Thailand and belongs to INET-TH-AS Internet Thailand Company Limited, TH. The main domain is www.sanook.com. The Cisco Umbrella rank of the primary domain is 66273.
TLS certificate: Issued by DigiCert Global G2 TLS RSA SHA256 202... on June 16th 2023. Valid for: a year.

This is the only time www.sanook.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 11	203.151.128.172 203.151.128.172	4618 (INET-TH-A...) (INET-TH-AS Internet Thailand Company Limited)
119	43.152.29.12 43.152.29.12	139341 (ACE-AS-AP...) (ACE-AS-AP ACE)
5	178.250.1.3 178.250.1.3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
10	43.152.29.11 43.152.29.11	139341 (ACE-AS-AP...) (ACE-AS-AP ACE)
4	142.250.186.104 142.250.186.104	15169 (GOOGLE) (GOOGLE)
2	203.154.58.214 203.154.58.214	4618 (INET-TH-A...) (INET-TH-AS Internet Thailand Company Limited)
6	203.151.133.6 203.151.133.6	4618 (INET-TH-A...) (INET-TH-AS Internet Thailand Company Limited)
8	157.240.0.6 157.240.0.6	32934 (FACEBOOK) (FACEBOOK)
2	172.217.16.206 172.217.16.206	15169 (GOOGLE) (GOOGLE)
2	142.250.186.34 142.250.186.34	15169 (GOOGLE) (GOOGLE)
2 5	216.58.212.130 216.58.212.130	15169 (GOOGLE) (GOOGLE)
1 5	13.32.99.90 13.32.99.90	16509 (AMAZON-02) (AMAZON-02)
6	2.22.155.137 2.22.155.137	16625 (AKAMAI-AS) (AKAMAI-AS)
5	157.240.0.35 157.240.0.35	32934 (FACEBOOK) (FACEBOOK)
10	23.32.184.192 23.32.184.192	16625 (AKAMAI-AS) (AKAMAI-AS)
2 11	142.250.186.132 142.250.186.132	15169 (GOOGLE) (GOOGLE)
6	142.250.181.227 142.250.181.227	15169 (GOOGLE) (GOOGLE)
4	216.239.38.178 216.239.38.178	15169 (GOOGLE) (GOOGLE)
30	151.101.129.44 151.101.129.44	54113 (FASTLY) (FASTLY)
1	203.151.130.72 203.151.130.72	4618 (INET-TH-A...) (INET-TH-AS Internet Thailand Company Limited)
5	178.250.1.11 178.250.1.11	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	104.18.217.65 104.18.217.65	13335 (CLOUDFLAR...) (CLOUDFLARENET)
10	172.217.16.194 172.217.16.194	15169 (GOOGLE) (GOOGLE)
3	216.239.34.181 216.239.34.181	15169 (GOOGLE) (GOOGLE)
2	64.233.167.154 64.233.167.154	15169 (GOOGLE) (GOOGLE)
4	119.81.216.16 119.81.216.16	36351 (SOFTLAYER) (SOFTLAYER)
27	142.250.186.130 142.250.186.130	15169 (GOOGLE) (GOOGLE)
2 27	141.226.228.48 141.226.228.48	200478 (TABOOLA-AS) (TABOOLA-AS)
8	178.250.7.10 178.250.7.10	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
7	185.64.189.112 185.64.189.112	62713 (AS-PUBMATIC) (AS-PUBMATIC)
13	142.250.184.238 142.250.184.238	15169 (GOOGLE) (GOOGLE)
3	95.101.149.35 95.101.149.35	16625 (AKAMAI-AS) (AKAMAI-AS)
53	185.106.33.48 185.106.33.48	200478 (TABOOLA-AS) (TABOOLA-AS)
18	142.250.181.226 142.250.181.226	15169 (GOOGLE) (GOOGLE)
1	34.102.146.192 34.102.146.192	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	108.138.36.27 108.138.36.27	16509 (AMAZON-02) (AMAZON-02)
1	18.66.190.226 18.66.190.226	16509 (AMAZON-02) (AMAZON-02)
1	151.101.129.229 151.101.129.229	54113 (FASTLY) (FASTLY)
2	104.22.53.86 104.22.53.86	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	34.96.70.87 34.96.70.87	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
5	142.250.186.129 142.250.186.129	15169 (GOOGLE) (GOOGLE)
3 8	185.64.190.78 185.64.190.78	62713 (AS-PUBMATIC) (AS-PUBMATIC)
4	142.250.184.202 142.250.184.202	15169 (GOOGLE) (GOOGLE)
17	172.217.18.1 172.217.18.1	15169 (GOOGLE) (GOOGLE)
2	43.152.29.14 43.152.29.14	139341 (ACE-AS-AP...) (ACE-AS-AP ACE)
1 2	34.120.135.53 34.120.135.53	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
13 14	15.197.193.217 15.197.193.217	16509 (AMAZON-02) (AMAZON-02)
3 4	3.251.46.15 3.251.46.15	16509 (AMAZON-02) (AMAZON-02)
11 13	18.197.205.97 18.197.205.97	16509 (AMAZON-02) (AMAZON-02)
2 2	35.210.239.72 35.210.239.72	15169 (GOOGLE) (GOOGLE)
2	130.211.27.62 130.211.27.62	15169 (GOOGLE) (GOOGLE)
25	138.199.36.11 138.199.36.11	60068 (CDN77 ^_^) (CDN77 ^_^)
9	34.120.139.69 34.120.139.69	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
9 13	162.19.138.120 162.19.138.120	16276 (OVH) (OVH)
2	54.229.146.125 54.229.146.125	16509 (AMAZON-02) (AMAZON-02)
2	35.190.39.111 35.190.39.111	15169 (GOOGLE) (GOOGLE)
15 39	142.250.186.66 142.250.186.66	15169 (GOOGLE) (GOOGLE)
3	142.250.185.198 142.250.185.198	15169 (GOOGLE) (GOOGLE)
4 4	3.75.62.37 3.75.62.37	16509 (AMAZON-02) (AMAZON-02)
3 3	185.29.132.245 185.29.132.245	30419 (MEDIAMATH...) (MEDIAMATH-INC)
26	198.47.127.205 198.47.127.205	3257 (GTT-BACKB...) (GTT-BACKBONE GTT)
2 2	178.250.1.9 178.250.1.9	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1 1	193.0.160.130 193.0.160.130	54312 (ROCKETFUEL) (ROCKETFUEL)
1 14	185.64.191.210 185.64.191.210	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1 2	67.220.228.200 67.220.228.200	16509 (AMAZON-02) (AMAZON-02)
7 8	37.252.171.53 37.252.171.53	29990 (ASN-APPNEX) (ASN-APPNEX)
1 1	85.114.159.93 85.114.159.93	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
11 11	54.217.171.212 54.217.171.212	16509 (AMAZON-02) (AMAZON-02)
2 3	185.86.138.152 185.86.138.152	201081 (SMARTADSE...) (SMARTADSERVER)
2 3	208.93.169.131 208.93.169.131	46244 (WEBMD-IDC...) (WEBMD-IDC1-AS)
3 3	54.173.30.48 54.173.30.48	14618 (AMAZON-AES) (AMAZON-AES)
8 9	54.155.201.15 54.155.201.15	16509 (AMAZON-02) (AMAZON-02)
1 2	34.111.129.221 34.111.129.221	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
3 4	54.84.97.211 54.84.97.211	14618 (AMAZON-AES) (AMAZON-AES)
7 10	37.157.5.84 37.157.5.84	198622 (ADFORM) (ADFORM)
3 4	35.204.74.118 35.204.74.118	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
5	198.47.127.20 198.47.127.20	3257 (GTT-BACKB...) (GTT-BACKBONE GTT)
2 2	31.172.81.158 31.172.81.158	44066 (DE-FIRSTC...) (DE-FIRSTCOLO www.first-colo.net)
2 2	64.158.223.137 64.158.223.137	41041 (VCLK-EU-SE) (VCLK-EU-SE)
5 5	46.228.164.11 46.228.164.11	56396 (AMOBEE) (AMOBEE)
3 5	185.80.39.216 185.80.39.216	27381 (CASALE-MEDIA) (CASALE-MEDIA)
7	185.64.190.82 185.64.190.82	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1 2	185.86.139.94 185.86.139.94	201081 (SMARTADSE...) (SMARTADSERVER)
4 6	69.173.144.165 69.173.144.165	26667 (RUBICONPR...) (RUBICONPROJECT)
1 2	216.52.2.86 216.52.2.86	30282 (AS-INAPCD...) (AS-INAPCDN-OCY)
2 2	99.81.116.28 99.81.116.28	16509 (AMAZON-02) (AMAZON-02)
4 4	3.123.57.37 3.123.57.37	16509 (AMAZON-02) (AMAZON-02)
1 13	34.98.64.218 34.98.64.218	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
3 4	76.223.111.18 76.223.111.18	16509 (AMAZON-02) (AMAZON-02)
1	82.145.213.8 82.145.213.8	39832 (NO-OPERA) (NO-OPERA)
1	61.91.93.45 61.91.93.45	7470 (TRUEINTER...) (TRUEINTERNET-AS-AP TRUE INTERNET Co.)
1	207.120.34.9 207.120.34.9	3356 (LEVEL3) (LEVEL3)
2	162.19.138.83 162.19.138.83	16276 (OVH) (OVH)
4 4	64.227.64.62 64.227.64.62	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
1 1	69.166.1.12 69.166.1.12	27630 (AS-XFERNET) (AS-XFERNET)
6 6	174.137.133.49 174.137.133.49	27257 (WEBAIR-IN...) (WEBAIR-INTERNET)
2 3	213.180.193.90 213.180.193.90	13238 (YANDEX) (YANDEX)
1 1	99.86.4.21 99.86.4.21	16509 (AMAZON-02) (AMAZON-02)
2	52.193.179.39 52.193.179.39	16509 (AMAZON-02) (AMAZON-02)
2 2	35.156.85.133 35.156.85.133	16509 (AMAZON-02) (AMAZON-02)
4	35.244.159.8 35.244.159.8	15169 (GOOGLE) (GOOGLE)
1 1	141.95.32.69 141.95.32.69	16276 (OVH) (OVH)
2	35.186.201.99 35.186.201.99	15169 (GOOGLE) (GOOGLE)
1 2	104.75.89.75 104.75.89.75	16625 (AKAMAI-AS) (AKAMAI-AS)
1	142.250.186.74 142.250.186.74	15169 (GOOGLE) (GOOGLE)
3 6	151.101.130.49 151.101.130.49	54113 (FASTLY) (FASTLY)
3	72.251.245.179 72.251.245.179	32475 (SINGLEHOP...) (SINGLEHOP-LLC)
3 3	52.220.229.2 52.220.229.2	16509 (AMAZON-02) (AMAZON-02)
3	35.186.193.173 35.186.193.173	15169 (GOOGLE) (GOOGLE)
3 5	35.214.142.213 35.214.142.213	15169 (GOOGLE) (GOOGLE)
1	195.5.165.20 195.5.165.20	44968 (IPROM-AS) (IPROM-AS)
3 3	34.102.163.6 34.102.163.6	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
3 6	104.18.24.173 104.18.24.173	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3 3	141.94.242.206 141.94.242.206	16276 (OVH) (OVH)
6 6	141.94.171.213 141.94.171.213	16276 (OVH) (OVH)
16 16	46.228.174.117 46.228.174.117	56396 (AMOBEE) (AMOBEE)
3	162.55.120.196 162.55.120.196	24940 (HETZNER-AS) (HETZNER-AS)
1 5	172.67.13.182 172.67.13.182	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3 6	77.243.51.121 77.243.51.121	42697 (NETIC-AS) (NETIC-AS)
9 10	141.94.171.214 141.94.171.214	16276 (OVH) (OVH)
6 6	98.98.134.242 98.98.134.242	21859 (ZEN-ECN) (ZEN-ECN)
3 3	34.102.253.54 34.102.253.54	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
6 6	37.252.171.21 37.252.171.21	29990 (ASN-APPNEX) (ASN-APPNEX)
1	2.18.160.221 2.18.160.221	16625 (AKAMAI-AS) (AKAMAI-AS)
1	141.226.224.32 141.226.224.32	200478 (TABOOLA-AS) (TABOOLA-AS)
1	69.16.175.42 69.16.175.42	20446 (STACKPATH...) (STACKPATH-CDN)
1	188.114.97.3 188.114.97.3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	108.138.1.25 108.138.1.25	16509 (AMAZON-02) (AMAZON-02)
1	34.107.231.31 34.107.231.31	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 1	23.55.161.187 23.55.161.187	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	51.83.220.94 51.83.220.94	16276 (OVH) (OVH)
2	34.95.81.88 34.95.81.88	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	151.101.194.137 151.101.194.137	54113 (FASTLY) (FASTLY)
1	162.247.241.14 162.247.241.14	23467 (NEWRELIC-...) (NEWRELIC-AS-1)
694	107

11 203.151.128.172 (Mueang Samut Prakan, Thailand) 1 redirects

ASN4618 (INET-TH-AS Internet Thailand Company Limited, TH)
PTR: 172.128.151.203.sta.inet.co.th

www.sanook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
graph.sanook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
apiu.sanook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

119 43.152.29.12 (Singapore)

ASN139341 (ACE-AS-AP ACE, SG)

s.isanook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 178.250.1.3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 43.152.29.11 (Singapore)

ASN139341 (ACE-AS-AP ACE, SG)

p3.isanook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.186.104 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f8.1e100.net

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 203.154.58.214 (Thailand)

ASN4618 (INET-TH-AS Internet Thailand Company Limited, TH)
PTR: 203-154-58-214.northern.inet.co.th

lvs2.truehits.in.th	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 203.151.133.6 (Mueang Samut Prakan, Thailand)

ASN4618 (INET-TH-AS Internet Thailand Company Limited, TH)
PTR: 6.134.151.203.sta.inet.co.th

sal.isanook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 157.240.0.6 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-02-fra3.fbcdn.net

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
static.xx.fbcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.217.16.206 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s08-in-f206.1e100.net

www.googleoptimize.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.34 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 216.58.212.130 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: ams15s21-in-f130.1e100.net

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 13.32.99.90 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-13-32-99-90.fra60.r.cloudfront.net

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2.22.155.137 (Glattbrugg, Switzerland)

ASN16625 (AKAMAI-AS, US)
PTR: a2-22-155-137.deploy.static.akamaitechnologies.com

avd.innity.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 157.240.0.35 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: edge-star-mini-shv-02-fra3.facebook.com

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 23.32.184.192 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-32-184-192.deploy.static.akamaitechnologies.com

ads.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 142.250.186.132 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f4.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 142.250.181.227 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f3.1e100.net

www.google.ge	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 216.239.38.178 (United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

30 151.101.129.44 (United States)

ASN54113 (FASTLY, US)

cdn.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pm-widget.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
trc.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
vidstat.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
imprammp.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
wf.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
match.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pips.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
vidstatb.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 203.151.130.72 (Mueang Samut Prakan, Thailand)

ASN4618 (INET-TH-AS Internet Thailand Company Limited, TH)
PTR: 72.130.151.203.sta.inet.co.th

sloth-api.sanook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 178.250.1.11 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.217.65 (None, )

ASN13335 (CLOUDFLARENET, US)

cdn.izooto.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 172.217.16.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s08-in-f2.1e100.net

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 216.239.34.181 (United States)

ASN15169 (GOOGLE, US)

analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 64.233.167.154 (United States)

ASN15169 (GOOGLE, US)
PTR: wl-in-f154.1e100.net

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 119.81.216.16 (Singapore)

ASN36351 (SOFTLAYER, US)
PTR: 10.d8.5177.ip4.static.sl-reverse.com

avd.innity.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

27 142.250.186.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

27 141.226.228.48 (Netherlands) 2 redirects

ASN200478 (TABOOLA-AS, IL)

trc-events.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
am-vid-events.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
am-match.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync-t1.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
am-wf.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 178.250.7.10 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

bidder.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 185.64.189.112 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

hbopenbid.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 142.250.184.238 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f14.1e100.net

fundingchoicesmessages.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 95.101.149.35 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a95-101-149-35.deploy.static.akamaitechnologies.com

a.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

53 185.106.33.48 (Israel)

ASN200478 (TABOOLA-AS, IL)

il-trc-events.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 142.250.181.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f2.1e100.net

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.102.146.192 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 192.146.102.34.bc.googleusercontent.com

oa.openxcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.138.36.27 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-36-27.muc50.r.cloudfront.net

tags.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.190.226 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-190-226.muc50.r.cloudfront.net

cdn.prod.uidapi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.129.229 (United States)

ASN54113 (FASTLY, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.22.53.86 (None, )

ASN13335 (CLOUDFLARENET, US)

cdn.id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.96.70.87 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 87.70.96.34.bc.googleusercontent.com

invstatic101.creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 142.250.186.129 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f1.1e100.net

d0d8b8e6b737a493004210cba1ad57b8.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c4d7db2e0658565e84fde56f994de857.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 185.64.190.78 (United Kingdom) 3 redirects

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.184.202 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f10.1e100.net

imasdk.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 172.217.18.1 (United States)

ASN15169 (GOOGLE, US)
PTR: fra02s19-in-f1.1e100.net

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 43.152.29.14 (Singapore)

ASN139341 (ACE-AS-AP ACE, SG)

img-as.fsanook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.120.135.53 (Kansas City, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 53.135.120.34.bc.googleusercontent.com

oajs.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 15.197.193.217 (Seattle, United States) 13 redirects

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 3.251.46.15 (Dublin, Ireland) 3 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-251-46-15.eu-west-1.compute.amazonaws.com

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 18.197.205.97 (Frankfurt am Main, Germany) 11 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-197-205-97.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.210.239.72 (Brussels, Belgium) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 72.239.210.35.bc.googleusercontent.com

u.ipw.metadsp.co.uk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 130.211.27.62 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 62.27.211.130.bc.googleusercontent.com

win.eskimi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

25 138.199.36.11 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)
PTR: 138-199-36-11.bunnyinfra.net

dsp-media.eskimi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 34.120.139.69 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 69.139.120.34.bc.googleusercontent.com

dsp-trk.eskimi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 162.19.138.120 (France) 9 redirects

ASN16276 (OVH, FR)
PTR: ns31533571.ip-162-19-138.eu

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.229.146.125 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-229-146-125.eu-west-1.compute.amazonaws.com

bcp.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
id.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.190.39.111 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 111.39.190.35.bc.googleusercontent.com

esp.rtbhouse.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

39 142.250.186.66 (United States) 15 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.185.198 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f6.1e100.net

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 3.75.62.37 (Frankfurt am Main, Germany) 4 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-75-62-37.eu-central-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.29.132.245 (United Kingdom) 3 redirects

ASN30419 (MEDIAMATH-INC, US)

sync.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

26 198.47.127.205 (United States)

ASN3257 (GTT-BACKBONE GTT, US)

simage2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.250.1.9 (France) 2 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

dis.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 193.0.160.130 (United States) 1 redirects

ASN54312 (ROCKETFUEL, US)

p.rfihub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 185.64.191.210 (United Kingdom) 1 redirects

ASN62713 (AS-PUBMATIC, US)

image2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 67.220.228.200 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)

aax-eu.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 37.252.171.53 (Frankfurt am Main, Germany) 7 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 85.114.159.93 (Bad Durrheim, Germany) 1 redirects

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com

dsp.adfarm1.adition.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 54.217.171.212 (Dublin, Ireland) 11 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-217-171-212.eu-west-1.compute.amazonaws.com

match.prod.bidr.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.86.138.152 (France) 2 redirects

ASN201081 (SMARTADSERVER, FR)

rtb-csync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 208.93.169.131 (United States) 2 redirects

ASN46244 (WEBMD-IDC1-AS, US)

bh.contextweb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 54.173.30.48 (Ashburn, United States) 3 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-173-30-48.compute-1.amazonaws.com

sync.srv.stackadapt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 54.155.201.15 (Dublin, Ireland) 8 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-155-201-15.eu-west-1.compute.amazonaws.com

sync.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.111.129.221 (Kansas City, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 221.129.111.34.bc.googleusercontent.com

cr.frontend.weborama.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 54.84.97.211 (Ashburn, United States) 3 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-84-97-211.compute-1.amazonaws.com

a.audrte.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 37.157.5.84 (Denmark) 7 redirects

ASN198622 (ADFORM, DK)

dmp.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 35.204.74.118 (Groningen, Netherlands) 3 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 118.74.204.35.bc.googleusercontent.com

um.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 198.47.127.20 (United States)

ASN3257 (GTT-BACKBONE GTT, US)

image4.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
simage4.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 31.172.81.158 (Germany) 2 redirects

ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE)

sync.bumlam.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 64.158.223.137 (Amsterdam, Netherlands) 2 redirects

ASN41041 (VCLK-EU-SE, US)
PTR: ams02-nessy-float1.dotomi.com

pubmatic-match.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 46.228.164.11 (United Kingdom) 5 redirects

ASN56396 (AMOBEE, GB)

ad.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 185.80.39.216 (Canada) 3 redirects

ASN27381 (CASALE-MEDIA, CA)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 185.64.190.82 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

t.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.86.139.94 (France) 1 redirects

ASN201081 (SMARTADSERVER, FR)

ssbsync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 69.173.144.165 (Frankfurt am Main, Germany) 4 redirects

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 216.52.2.86 (United States) 1 redirects

ASN30282 (AS-INAPCDN-OCY, US)

ce.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 99.81.116.28 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-99-81-116-28.eu-west-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 3.123.57.37 (Frankfurt am Main, Germany) 4 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-123-57-37.eu-central-1.compute.amazonaws.com

rtb.mfadsrvr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 34.98.64.218 (Kansas City, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 218.64.98.34.bc.googleusercontent.com

u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
jp-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
google-bidout-d.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
eu-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 76.223.111.18 (United States) 3 redirects

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 82.145.213.8 (Norway)

ASN39832 (NO-OPERA, NO)
PTR: n-sysadmin-jumpbox-03.feednews.opera.technology

t.adx.opera.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 61.91.93.45 (Bangkok, Thailand)

ASN7470 (TRUEINTERNET-AS-AP TRUE INTERNET Co.,Ltd., TH)
PTR: 61-91-93-45.static.asianet.co.th

dc.sanook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 207.120.34.9 (United States)

ASN3356 (LEVEL3, US)

cdn.streamroot.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 162.19.138.83 (France)

ASN16276 (OVH, FR)
PTR: ns31532338.ip-162-19-138.eu

lb.eu-1-id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 64.227.64.62 (Amsterdam, Netherlands) 4 redirects

ASN14061 (DIGITALOCEAN-ASN, US)

match.adsby.bidtheatre.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.166.1.12 (United States) 1 redirects

ASN27630 (AS-XFERNET, US)

sync.go.sonobi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 174.137.133.49 (United States) 6 redirects

ASN27257 (WEBAIR-INTERNET, US)

rtb2-useast.e-volution.ai	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dsp.adkernel.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 213.180.193.90 (Russian Federation) 2 redirects

ASN13238 (YANDEX, RU)
PTR: bs.yandex.ru

an.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.86.4.21 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-99-86-4-21.fra6.r.cloudfront.net

s.ad.smaato.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.193.179.39 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-193-179-39.ap-northeast-1.compute.amazonaws.com

cc.adingo.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.156.85.133 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-35-156-85-133.eu-central-1.compute.amazonaws.com

pm.w55c.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com

eu-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.95.32.69 (France) 1 redirects

ASN16276 (OVH, FR)
PTR: haproxy-eu-004.roqad.pl

ws.rqtrk.eu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.186.201.99 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 99.201.186.35.bc.googleusercontent.com

dsp-ap.eskimi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.75.89.75 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a104-75-89-75.deploy.static.akamaitechnologies.com

sync.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.74 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f10.1e100.net

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 151.101.130.49 (United States) 3 redirects

ASN54113 (FASTLY, US)

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 72.251.245.179 (Amsterdam, Netherlands)

ASN32475 (SINGLEHOP-LLC, US)

cm.adgrx.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.220.229.2 (Singapore) 3 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-220-229-2.ap-southeast-1.compute.amazonaws.com

cm-supply-web.gammaplatform.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.186.193.173 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 173.193.186.35.bc.googleusercontent.com

ipac.ctnsnet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 35.214.142.213 (Groningen, Netherlands) 3 redirects

ASN15169 (GOOGLE, US)
PTR: 213.142.214.35.bc.googleusercontent.com

csync.loopme.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 195.5.165.20 (Slovenia)

ASN44968 (IPROM-AS, SI)

core.iprom.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 34.102.163.6 (Kansas City, United States) 3 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 6.163.102.34.bc.googleusercontent.com

ad.mrtnsvr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 104.18.24.173 (None, ) 3 redirects

ASN13335 (CLOUDFLARENET, US)

a.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 141.94.242.206 (France) 3 redirects

ASN16276 (OVH, FR)
PTR: bixel-11.cloudy.ovh

green.erne.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 141.94.171.213 (France) 6 redirects

ASN16276 (OVH, FR)
PTR: pikafka-eu-5.cloudy.ovh

pixel-eu.onaudience.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 46.228.174.117 (United Kingdom) 16 redirects

ASN56396 (AMOBEE, GB)

sync.1rx.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync.targeting.unrulymedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 162.55.120.196 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.196.120.55.162.clients.your-server.de

matching.truffle.bid	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 172.67.13.182 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

mwzeom.zeotap.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
spl.zeotap.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 77.243.51.121 (Denmark) 3 redirects

ASN42697 (NETIC-AS, DK)

uipglob.semasio.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 141.94.171.214 (France) 9 redirects

ASN16276 (OVH, FR)
PTR: pikafka-eu-8.cloudy.ovh

pixel.onaudience.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 98.98.134.242 (United States) 6 redirects

ASN21859 (ZEN-ECN, US)

pixel-sync.sitescout.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 34.102.253.54 (Kansas City, United States) 3 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 54.253.102.34.bc.googleusercontent.com

ads.playground.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 37.252.171.21 (Frankfurt am Main, Germany) 6 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.18.160.221 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-160-221.deploy.static.akamaitechnologies.com

stags.bluekai.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.226.224.32 (United States)

ASN200478 (TABOOLA-AS, IL)

cds.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.16.175.42 (United States)

ASN20446 (STACKPATH-CDN, US)
PTR: tlb.hwcdn.net

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 188.114.97.3 (Amsterdam, Netherlands)

ASN13335 (CLOUDFLARENET, US)

rtbdemand.apiip.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 108.138.1.25 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-1-25.fra56.r.cloudfront.net

c.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.107.231.31 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 31.231.107.34.bc.googleusercontent.com

p.adlooxtracking.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.55.161.187 (Frankfurt am Main, Germany) 1 redirects

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-55-161-187.deploy.static.akamaitechnologies.com

ads.stickyadstv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 51.83.220.94 (France)

ASN16276 (OVH, FR)
PTR: app-ngx-pl-03.adpartner.pro

a4p.adpartner.pro	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.95.81.88 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 88.81.95.34.bc.googleusercontent.com

s-cs.rmp.rakuten.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.194.137 (United States)

ASN54113 (FASTLY, US)

js-agent.newrelic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.247.241.14 (United States)

ASN23467 (NEWRELIC-AS-1, US)

bam.nr-data.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
135	isanook.com s.isanook.com — Cisco Umbrella Rank: 42566 p3.isanook.com — Cisco Umbrella Rank: 150068 sal.isanook.com — Cisco Umbrella Rank: 125625	2 MB
111	taboola.com 2 redirects cdn.taboola.com — Cisco Umbrella Rank: 949 pm-widget.taboola.com — Cisco Umbrella Rank: 4879 trc.taboola.com — Cisco Umbrella Rank: 650 trc-events.taboola.com — Cisco Umbrella Rank: 1937 vidstat.taboola.com — Cisco Umbrella Rank: 2894 il-trc-events.taboola.com — Cisco Umbrella Rank: 18169 imprammp.taboola.com — Cisco Umbrella Rank: 12368 am-vid-events.taboola.com — Cisco Umbrella Rank: 11638 am-match.taboola.com — Cisco Umbrella Rank: 12411 sync.taboola.com — Cisco Umbrella Rank: 1088 sync-t1.taboola.com — Cisco Umbrella Rank: 1302 wf.taboola.com — Cisco Umbrella Rank: 2926 match.taboola.com — Cisco Umbrella Rank: 5554 pips.taboola.com — Cisco Umbrella Rank: 1621 cds.taboola.com — Cisco Umbrella Rank: 1928 vidstatb.taboola.com — Cisco Umbrella Rank: 5236 am-wf.taboola.com	668 KB
77	pubmatic.com 4 redirects ads.pubmatic.com — Cisco Umbrella Rank: 547 hbopenbid.pubmatic.com — Cisco Umbrella Rank: 564 image6.pubmatic.com — Cisco Umbrella Rank: 822 simage2.pubmatic.com — Cisco Umbrella Rank: 761 image2.pubmatic.com — Cisco Umbrella Rank: 1020 image4.pubmatic.com — Cisco Umbrella Rank: 1216 t.pubmatic.com — Cisco Umbrella Rank: 3581 simage4.pubmatic.com — Cisco Umbrella Rank: 1351	548 KB
73	doubleclick.net 17 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 57 stats.g.doubleclick.net — Cisco Umbrella Rank: 124 securepubads.g.doubleclick.net — Cisco Umbrella Rank: 219 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 359 cm.g.doubleclick.net — Cisco Umbrella Rank: 244	655 KB
38	eskimi.com win.eskimi.com — Cisco Umbrella Rank: 74339 dsp-media.eskimi.com — Cisco Umbrella Rank: 40379 dsp-trk.eskimi.com — Cisco Umbrella Rank: 36579 dsp-ap.eskimi.com — Cisco Umbrella Rank: 38718	499 KB
38	googlesyndication.com d0d8b8e6b737a493004210cba1ad57b8.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 155 pagead2.googlesyndication.com — Cisco Umbrella Rank: 133 c4d7db2e0658565e84fde56f994de857.safeframe.googlesyndication.com	164 KB
29	google.com 2 redirects www.google.com — Cisco Umbrella Rank: 3 analytics.google.com — Cisco Umbrella Rank: 256 fundingchoicesmessages.google.com — Cisco Umbrella Rank: 1940 adservice.google.com — Cisco Umbrella Rank: 107	62 KB
19	openx.net 2 redirects oajs.openx.net — Cisco Umbrella Rank: 1383 u.openx.net — Cisco Umbrella Rank: 740 jp-u.openx.net — Cisco Umbrella Rank: 9796 rtb.openx.net Failed google-bidout-d.openx.net — Cisco Umbrella Rank: 1387 eu-u.openx.net — Cisco Umbrella Rank: 2623 us-u.openx.net — Cisco Umbrella Rank: 492	4 KB
16	onaudience.com 15 redirects pixel-eu.onaudience.com — Cisco Umbrella Rank: 14548 pixel.onaudience.com — Cisco Umbrella Rank: 3499	7 KB
15	id5-sync.com 9 redirects cdn.id5-sync.com — Cisco Umbrella Rank: 839 id5-sync.com — Cisco Umbrella Rank: 434	67 KB
15	criteo.com 2 redirects gum.criteo.com — Cisco Umbrella Rank: 407 bidder.criteo.com — Cisco Umbrella Rank: 742 dis.criteo.com — Cisco Umbrella Rank: 601	9 KB
14	adnxs.com 13 redirects ib.adnxs.com — Cisco Umbrella Rank: 249 secure.adnxs.com — Cisco Umbrella Rank: 476	15 KB
14	adsrvr.org 13 redirects match.adsrvr.org — Cisco Umbrella Rank: 375	7 KB
13	bidswitch.net 11 redirects x.bidswitch.net — Cisco Umbrella Rank: 361	4 KB
13	sanook.com 1 redirects www.sanook.com — Cisco Umbrella Rank: 66273 graph.sanook.com — Cisco Umbrella Rank: 153906 sloth-api.sanook.com — Cisco Umbrella Rank: 190292 dc.sanook.com — Cisco Umbrella Rank: 132917 apiu.sanook.com — Cisco Umbrella Rank: 166600	64 KB
12	1rx.io 12 redirects sync.1rx.io — Cisco Umbrella Rank: 618	6 KB
12	crwdcntrl.net 8 redirects tags.crwdcntrl.net — Cisco Umbrella Rank: 1019 bcp.crwdcntrl.net — Cisco Umbrella Rank: 952 sync.crwdcntrl.net — Cisco Umbrella Rank: 948 id.crwdcntrl.net — Cisco Umbrella Rank: 3334	16 KB
11	bidr.io 11 redirects match.prod.bidr.io — Cisco Umbrella Rank: 602	6 KB
10	adform.net 7 redirects dmp.adform.net — Cisco Umbrella Rank: 3522 c1.adform.net — Cisco Umbrella Rank: 635	6 KB
10	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 207	500 KB
8	yahoo.com 7 redirects pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 468 ups.analytics.yahoo.com — Cisco Umbrella Rank: 340	3 KB
6	sitescout.com 6 redirects pixel-sync.sitescout.com — Cisco Umbrella Rank: 756	3 KB
6	semasio.net 3 redirects uipglob.semasio.net — Cisco Umbrella Rank: 1332	4 KB
6	tribalfusion.com 3 redirects a.tribalfusion.com — Cisco Umbrella Rank: 920 s.tribalfusion.com — Cisco Umbrella Rank: 2022	2 KB
6	everesttech.net 3 redirects sync-tm.everesttech.net — Cisco Umbrella Rank: 778	2 KB
6	rubiconproject.com 4 redirects pixel.rubiconproject.com — Cisco Umbrella Rank: 381 token.rubiconproject.com — Cisco Umbrella Rank: 656	4 KB
6	google.ge www.google.ge — Cisco Umbrella Rank: 15313	864 B
6	innity.net avd.innity.net — Cisco Umbrella Rank: 42938	27 KB
6	facebook.net connect.facebook.net — Cisco Umbrella Rank: 176	317 KB
5	zeotap.com 1 redirects mwzeom.zeotap.com — Cisco Umbrella Rank: 3222 spl.zeotap.com — Cisco Umbrella Rank: 3488	1 KB
5	loopme.me 3 redirects csync.loopme.me — Cisco Umbrella Rank: 1024	867 B
5	casalemedia.com 3 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 621 ssum-sec.casalemedia.com — Cisco Umbrella Rank: 486	4 KB
5	turn.com 5 redirects ad.turn.com — Cisco Umbrella Rank: 1039	2 KB
5	smartadserver.com 3 redirects rtb-csync.smartadserver.com — Cisco Umbrella Rank: 615 ssbsync.smartadserver.com — Cisco Umbrella Rank: 867	2 KB
5	amazon-adsystem.com 1 redirects aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 1032 c.amazon-adsystem.com — Cisco Umbrella Rank: 357	63 KB
5	googleapis.com imasdk.googleapis.com — Cisco Umbrella Rank: 495 ajax.googleapis.com — Cisco Umbrella Rank: 422	724 KB
5	teads.tv 1 redirects a.teads.tv — Cisco Umbrella Rank: 1495 sync.teads.tv — Cisco Umbrella Rank: 1404	2 KB
5	facebook.com www.facebook.com — Cisco Umbrella Rank: 101	18 KB
5	scorecardresearch.com 1 redirects sb.scorecardresearch.com — Cisco Umbrella Rank: 160	6 KB
5	criteo.net static.criteo.net — Cisco Umbrella Rank: 583	96 KB
4	unrulymedia.com 4 redirects sync.targeting.unrulymedia.com — Cisco Umbrella Rank: 1281	2 KB
4	e-volution.ai 4 redirects rtb2-useast.e-volution.ai — Cisco Umbrella Rank: 12226	2 KB
4	bidtheatre.com 4 redirects match.adsby.bidtheatre.com — Cisco Umbrella Rank: 2846	2 KB
4	3lift.com 3 redirects eb2.3lift.com — Cisco Umbrella Rank: 421	2 KB
4	mfadsrvr.com 4 redirects rtb.mfadsrvr.com — Cisco Umbrella Rank: 1160	3 KB
4	simpli.fi 3 redirects um.simpli.fi — Cisco Umbrella Rank: 976	3 KB
4	audrte.com 3 redirects a.audrte.com — Cisco Umbrella Rank: 2906	3 KB
4	innity.com avd.innity.com — Cisco Umbrella Rank: 30168	2 KB
4	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 60	42 KB
4	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 82	312 KB
3	playground.xyz 3 redirects ads.playground.xyz — Cisco Umbrella Rank: 4922	890 B
3	truffle.bid matching.truffle.bid — Cisco Umbrella Rank: 8501
3	erne.co 3 redirects green.erne.co — Cisco Umbrella Rank: 19647	1 KB
3	mrtnsvr.com 3 redirects ad.mrtnsvr.com — Cisco Umbrella Rank: 3053	396 B
3	ctnsnet.com ipac.ctnsnet.com — Cisco Umbrella Rank: 6665	780 B
3	gammaplatform.com 3 redirects cm-supply-web.gammaplatform.com — Cisco Umbrella Rank: 3540	2 KB
3	adgrx.com cm.adgrx.com — Cisco Umbrella Rank: 1615	661 B
3	yandex.ru 2 redirects an.yandex.ru — Cisco Umbrella Rank: 5036	1 KB
3	stackadapt.com 3 redirects sync.srv.stackadapt.com — Cisco Umbrella Rank: 792	3 KB
3	contextweb.com 2 redirects bh.contextweb.com — Cisco Umbrella Rank: 648	3 KB
3	mathtag.com 3 redirects sync.mathtag.com — Cisco Umbrella Rank: 566	2 KB
3	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 338	303 KB
2	rakuten.com s-cs.rmp.rakuten.com — Cisco Umbrella Rank: 39571	483 B
2	adpartner.pro a4p.adpartner.pro — Cisco Umbrella Rank: 20050	915 B
2	w55c.net 2 redirects pm.w55c.net — Cisco Umbrella Rank: 1012	1 KB
2	adingo.jp cc.adingo.jp — Cisco Umbrella Rank: 8176	87 B
2	adkernel.com 2 redirects dsp.adkernel.com — Cisco Umbrella Rank: 9107	974 B
2	eu-1-id5-sync.com lb.eu-1-id5-sync.com — Cisco Umbrella Rank: 1117	802 B
2	demdex.net 2 redirects dpm.demdex.net — Cisco Umbrella Rank: 218	2 KB
2	lijit.com 1 redirects ce.lijit.com — Cisco Umbrella Rank: 1036	1 KB
2	dotomi.com 2 redirects pubmatic-match.dotomi.com — Cisco Umbrella Rank: 4315	747 B
2	bumlam.com 2 redirects sync.bumlam.com — Cisco Umbrella Rank: 3971	1 KB
2	weborama.fr 1 redirects cr.frontend.weborama.fr — Cisco Umbrella Rank: 26118	500 B
2	rtbhouse.com esp.rtbhouse.com — Cisco Umbrella Rank: 1538	315 B
2	metadsp.co.uk 2 redirects u.ipw.metadsp.co.uk — Cisco Umbrella Rank: 5539	912 B
2	fsanook.com img-as.fsanook.com — Cisco Umbrella Rank: 226314	550 KB
2	fbcdn.net static.xx.fbcdn.net — Cisco Umbrella Rank: 659	134 KB
2	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 172	4 KB
2	googleoptimize.com www.googleoptimize.com — Cisco Umbrella Rank: 1129	97 KB
2	truehits.in.th lvs2.truehits.in.th — Cisco Umbrella Rank: 108501	9 KB
1	nr-data.net bam.nr-data.net — Cisco Umbrella Rank: 330	555 B
1	newrelic.com js-agent.newrelic.com — Cisco Umbrella Rank: 511	9 KB
1	stickyadstv.com 1 redirects ads.stickyadstv.com — Cisco Umbrella Rank: 617	605 B
1	adlooxtracking.com p.adlooxtracking.com — Cisco Umbrella Rank: 25582	4 KB
1	apiip.net rtbdemand.apiip.net — Cisco Umbrella Rank: 47381	1 KB
1	jquery.com code.jquery.com — Cisco Umbrella Rank: 771	30 KB
1	bluekai.com stags.bluekai.com — Cisco Umbrella Rank: 589	430 B
1	iprom.net core.iprom.net — Cisco Umbrella Rank: 7132	282 B
1	rqtrk.eu 1 redirects ws.rqtrk.eu — Cisco Umbrella Rank: 3612	353 B
1	smaato.net 1 redirects s.ad.smaato.net — Cisco Umbrella Rank: 805	674 B
1	sonobi.com 1 redirects sync.go.sonobi.com — Cisco Umbrella Rank: 1089	874 B
1	streamroot.io cdn.streamroot.io — Cisco Umbrella Rank: 197763	71 KB
1	opera.com t.adx.opera.com — Cisco Umbrella Rank: 3272	467 B
1	adition.com 1 redirects dsp.adfarm1.adition.com — Cisco Umbrella Rank: 1651	524 B
1	rfihub.com 1 redirects p.rfihub.com — Cisco Umbrella Rank: 933	795 B
1	creativecdn.com invstatic101.creativecdn.com — Cisco Umbrella Rank: 1408	2 KB
1	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 379	899 B
1	uidapi.com cdn.prod.uidapi.com — Cisco Umbrella Rank: 1509	2 KB
1	openxcdn.net oa.openxcdn.net — Cisco Umbrella Rank: 1553	8 KB
1	izooto.com cdn.izooto.com — Cisco Umbrella Rank: 14293	1 KB
0	onetag-sys.com Failed onetag-sys.com Failed
0	mediago.io Failed trace.mediago.io Failed
0	adscale.de Failed ih.adscale.de Failed
0	socdm.com Failed tg.socdm.com Failed
0	rlcdn.com Failed api.rlcdn.com Failed
0	quantserve.com Failed cms.quantserve.com Failed
0	de17a.com Failed d5p.de17a.com Failed
694	107

	Domain	Requested by
119	s.isanook.com	www.sanook.com s.isanook.com securepubads.g.doubleclick.net
53	il-trc-events.taboola.com	www.sanook.com
37	cm.g.doubleclick.net	15 redirects googleads.g.doubleclick.net www.sanook.com d0d8b8e6b737a493004210cba1ad57b8.safeframe.googlesyndication.com jp-u.openx.net google-bidout-d.openx.net
27	securepubads.g.doubleclick.net	www.googletagservices.com www.sanook.com securepubads.g.doubleclick.net
26	simage2.pubmatic.com	ads.pubmatic.com www.sanook.com
25	dsp-media.eskimi.com	d0d8b8e6b737a493004210cba1ad57b8.safeframe.googlesyndication.com dsp-media.eskimi.com
17	tpc.googlesyndication.com	securepubads.g.doubleclick.net d0d8b8e6b737a493004210cba1ad57b8.safeframe.googlesyndication.com www.sanook.com tpc.googlesyndication.com
16	pagead2.googlesyndication.com	www.sanook.com d0d8b8e6b737a493004210cba1ad57b8.safeframe.googlesyndication.com securepubads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
15	sync.taboola.com	2 redirects imprammp.taboola.com am-match.taboola.com www.sanook.com ads.pubmatic.com
14	image2.pubmatic.com	1 redirects ads.pubmatic.com www.sanook.com
14	match.adsrvr.org	13 redirects www.sanook.com
13	id5-sync.com	9 redirects www.sanook.com
13	x.bidswitch.net	11 redirects d0d8b8e6b737a493004210cba1ad57b8.safeframe.googlesyndication.com www.sanook.com
13	fundingchoicesmessages.google.com	securepubads.g.doubleclick.net www.sanook.com
12	sync.1rx.io	12 redirects
12	cdn.taboola.com	s.isanook.com cdn.taboola.com www.sanook.com
11	match.prod.bidr.io	11 redirects
11	www.google.com	2 redirects www.sanook.com securepubads.g.doubleclick.net d0d8b8e6b737a493004210cba1ad57b8.safeframe.googlesyndication.com tpc.googlesyndication.com
10	pixel.onaudience.com	9 redirects www.sanook.com
10	www.googletagservices.com	s.isanook.com securepubads.g.doubleclick.net d0d8b8e6b737a493004210cba1ad57b8.safeframe.googlesyndication.com
10	ads.pubmatic.com	s.isanook.com www.sanook.com ads.pubmatic.com am-match.taboola.com
10	p3.isanook.com	www.sanook.com s.isanook.com p3.isanook.com
9	c1.adform.net	6 redirects ads.pubmatic.com
9	sync.crwdcntrl.net	8 redirects www.sanook.com
9	dsp-trk.eskimi.com	d0d8b8e6b737a493004210cba1ad57b8.safeframe.googlesyndication.com www.sanook.com
8	ib.adnxs.com	7 redirects googleads.g.doubleclick.net
8	image6.pubmatic.com	3 redirects ads.pubmatic.com
8	bidder.criteo.com	www.sanook.com static.criteo.net
7	eu-u.openx.net	jp-u.openx.net google-bidout-d.openx.net d0d8b8e6b737a493004210cba1ad57b8.safeframe.googlesyndication.com www.sanook.com
7	t.pubmatic.com	www.sanook.com
7	hbopenbid.pubmatic.com	www.sanook.com
6	secure.adnxs.com	6 redirects
6	pixel-sync.sitescout.com	6 redirects
6	uipglob.semasio.net	3 redirects www.sanook.com
6	pixel-eu.onaudience.com	6 redirects
6	sync-tm.everesttech.net	3 redirects ads.pubmatic.com
6	us-u.openx.net	jp-u.openx.net google-bidout-d.openx.net
6	trc.taboola.com	www.sanook.com imprammp.taboola.com am-match.taboola.com
6	www.google.ge	www.sanook.com
6	avd.innity.net	p3.isanook.com avd.innity.net www.sanook.com
6	connect.facebook.net	www.sanook.com connect.facebook.net s.isanook.com
6	sal.isanook.com	www.sanook.com
5	csync.loopme.me	3 redirects d0d8b8e6b737a493004210cba1ad57b8.safeframe.googlesyndication.com www.sanook.com
5	pixel.rubiconproject.com	3 redirects d0d8b8e6b737a493004210cba1ad57b8.safeframe.googlesyndication.com www.sanook.com
5	ad.turn.com	5 redirects
5	gum.criteo.com	static.criteo.net gum.criteo.com cdn.taboola.com www.sanook.com
5	www.facebook.com	www.sanook.com connect.facebook.net
5	sb.scorecardresearch.com	1 redirects p3.isanook.com www.sanook.com
5	googleads.g.doubleclick.net	2 redirects www.googletagmanager.com d0d8b8e6b737a493004210cba1ad57b8.safeframe.googlesyndication.com
5	static.criteo.net	www.sanook.com securepubads.g.doubleclick.net
4	apiu.sanook.com	www.sanook.com
4	mwzeom.zeotap.com	www.sanook.com ads.pubmatic.com
4	sync.targeting.unrulymedia.com	4 redirects
4	simage4.pubmatic.com	ads.pubmatic.com
4	rtb2-useast.e-volution.ai	4 redirects
4	match.adsby.bidtheatre.com	4 redirects
4	eb2.3lift.com	3 redirects www.sanook.com
4	rtb.mfadsrvr.com	4 redirects
4	dsum-sec.casalemedia.com	2 redirects googleads.g.doubleclick.net
4	um.simpli.fi	3 redirects www.sanook.com
4	a.audrte.com	3 redirects www.sanook.com
4	ups.analytics.yahoo.com	4 redirects
4	sync-t1.taboola.com	imprammp.taboola.com www.sanook.com
4	pr-bh.ybp.yahoo.com	3 redirects www.sanook.com
4	imasdk.googleapis.com	securepubads.g.doubleclick.net s.isanook.com imasdk.googleapis.com
4	d0d8b8e6b737a493004210cba1ad57b8.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
4	vidstat.taboola.com	cdn.taboola.com vidstat.taboola.com
4	avd.innity.com	avd.innity.net www.sanook.com
4	graph.sanook.com	s.isanook.com
4	www.google-analytics.com	www.googletagmanager.com www.sanook.com
4	www.googletagmanager.com	www.sanook.com www.googletagmanager.com www.googleoptimize.com
3	c.amazon-adsystem.com	www.sanook.com
3	ads.playground.xyz	3 redirects
3	matching.truffle.bid	ads.pubmatic.com
3	green.erne.co	3 redirects
3	s.tribalfusion.com	ads.pubmatic.com
3	a.tribalfusion.com	3 redirects
3	ad.mrtnsvr.com	3 redirects
3	ipac.ctnsnet.com	ads.pubmatic.com
3	cm-supply-web.gammaplatform.com	3 redirects
3	cm.adgrx.com	ads.pubmatic.com
3	an.yandex.ru	2 redirects d0d8b8e6b737a493004210cba1ad57b8.safeframe.googlesyndication.com
3	sync.srv.stackadapt.com	3 redirects
3	bh.contextweb.com	2 redirects www.sanook.com
3	rtb-csync.smartadserver.com	2 redirects www.sanook.com
3	sync.mathtag.com	3 redirects
3	s0.2mdn.net	d0d8b8e6b737a493004210cba1ad57b8.safeframe.googlesyndication.com imasdk.googleapis.com
3	a.teads.tv	www.sanook.com
3	trc-events.taboola.com	www.sanook.com
3	analytics.google.com	www.googletagmanager.com
3	www.sanook.com	1 redirects s.isanook.com
2	s-cs.rmp.rakuten.com	d0d8b8e6b737a493004210cba1ad57b8.safeframe.googlesyndication.com www.sanook.com
2	a4p.adpartner.pro	d0d8b8e6b737a493004210cba1ad57b8.safeframe.googlesyndication.com www.sanook.com
2	sync.teads.tv	1 redirects www.sanook.com
2	dsp-ap.eskimi.com	dsp-media.eskimi.com
2	pm.w55c.net	2 redirects
2	cc.adingo.jp	d0d8b8e6b737a493004210cba1ad57b8.safeframe.googlesyndication.com
2	dsp.adkernel.com	2 redirects
2	lb.eu-1-id5-sync.com	www.sanook.com
2	u.openx.net	1 redirects www.sanook.com
2	dpm.demdex.net	2 redirects
2	ce.lijit.com	1 redirects www.sanook.com
2	ssbsync.smartadserver.com	1 redirects www.sanook.com
2	pubmatic-match.dotomi.com	2 redirects
2	sync.bumlam.com	2 redirects
2	cr.frontend.weborama.fr	1 redirects www.sanook.com
2	aax-eu.amazon-adsystem.com	1 redirects ads.pubmatic.com
2	dis.criteo.com	2 redirects
2	googleads4.g.doubleclick.net	www.sanook.com
2	esp.rtbhouse.com	invstatic101.creativecdn.com
2	win.eskimi.com	www.sanook.com d0d8b8e6b737a493004210cba1ad57b8.safeframe.googlesyndication.com
2	wf.taboola.com	www.sanook.com
2	u.ipw.metadsp.co.uk	2 redirects
2	oajs.openx.net	1 redirects www.sanook.com
2	am-match.taboola.com	vidstat.taboola.com
2	img-as.fsanook.com	securepubads.g.doubleclick.net
2	am-vid-events.taboola.com	www.sanook.com
2	cdn.id5-sync.com	securepubads.g.doubleclick.net www.sanook.com
2	adservice.google.com	securepubads.g.doubleclick.net
2	static.xx.fbcdn.net	www.facebook.com
2	pm-widget.taboola.com	cdn.taboola.com pm-widget.taboola.com
2	stats.g.doubleclick.net	www.googletagmanager.com www.sanook.com
2	www.googleadservices.com	www.googletagmanager.com
2	www.googleoptimize.com	www.googletagmanager.com
2	lvs2.truehits.in.th	www.sanook.com
1	am-wf.taboola.com	www.sanook.com
1	bam.nr-data.net	js-agent.newrelic.com
1	js-agent.newrelic.com	www.sanook.com
1	ads.stickyadstv.com	1 redirects
1	vidstatb.taboola.com	www.sanook.com
1	p.adlooxtracking.com	www.sanook.com
1	rtbdemand.apiip.net	www.sanook.com
1	code.jquery.com	www.sanook.com
1	cds.taboola.com	www.sanook.com
1	stags.bluekai.com	www.sanook.com
1	spl.zeotap.com	1 redirects
1	core.iprom.net	ads.pubmatic.com
1	ajax.googleapis.com	securepubads.g.doubleclick.net
1	ws.rqtrk.eu	1 redirects
1	s.ad.smaato.net	1 redirects
1	google-bidout-d.openx.net	oa.openxcdn.net
1	c4d7db2e0658565e84fde56f994de857.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	pips.taboola.com	www.sanook.com
1	sync.go.sonobi.com	1 redirects
1	jp-u.openx.net	d0d8b8e6b737a493004210cba1ad57b8.safeframe.googlesyndication.com
1	cdn.streamroot.io	s.isanook.com
1	dc.sanook.com	www.sanook.com
1	t.adx.opera.com	www.sanook.com
1	match.taboola.com	www.sanook.com
1	ssum-sec.casalemedia.com	1 redirects
1	token.rubiconproject.com	1 redirects
1	id.crwdcntrl.net	www.sanook.com
1	image4.pubmatic.com	www.sanook.com
1	dmp.adform.net	1 redirects
1	dsp.adfarm1.adition.com	1 redirects
1	p.rfihub.com	1 redirects
1	bcp.crwdcntrl.net	www.sanook.com
1	imprammp.taboola.com	vidstat.taboola.com
1	invstatic101.creativecdn.com	securepubads.g.doubleclick.net
1	cdn.jsdelivr.net	securepubads.g.doubleclick.net
1	cdn.prod.uidapi.com	securepubads.g.doubleclick.net
1	tags.crwdcntrl.net	securepubads.g.doubleclick.net
1	oa.openxcdn.net	securepubads.g.doubleclick.net
1	cdn.izooto.com	s.isanook.com
1	sloth-api.sanook.com	www.sanook.com
0	onetag-sys.com Failed	d0d8b8e6b737a493004210cba1ad57b8.safeframe.googlesyndication.com
0	rtb.openx.net Failed	d0d8b8e6b737a493004210cba1ad57b8.safeframe.googlesyndication.com
0	trace.mediago.io Failed	www.sanook.com
0	ih.adscale.de Failed	www.sanook.com
0	tg.socdm.com Failed	www.sanook.com
0	api.rlcdn.com Failed	www.sanook.com
0	cms.quantserve.com Failed	ads.pubmatic.com jp-u.openx.net google-bidout-d.openx.net
0	d5p.de17a.com Failed	ads.pubmatic.com
694	173

This site contains links to these domains. Also see Links.

Domain
truehits.net
news.sanook.com
www.joox.com
wetv.vip
www.wecomics.in.th
www.facebook.com
sso.member.sanook.com
muan.sanook.com
www.sanook77.co
comics.sanook.com
tv.sanook.com
learning.sanook.com
guru.sanook.com
www.tencent.co.th
twitter.com
instagram.com
www.youtube.com
www.linkedin.com
line.me
webboard.sanook.com
season.sanook.com
home.sanook.com
www.lazada.co.th
www.onestockhome.com
shopee.co.th
www.tiptoppo.com
popup.taboola.com
storytohear.com
editorsnation.com

Subject Issuer	Validity	Valid
*.sanook.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-06-16` - `2024-07-16`	a year	crt.sh
*.isanook.com DigiCert TLS RSA SHA256 2020 CA1	`2022-10-04` - `2023-10-19`	a year	crt.sh
*.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-05-27` - `2023-08-27`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-05-29` - `2023-08-21`	3 months	crt.sh
lvs2.truehits.in.th Sectigo RSA Domain Validation Secure Server CA	`2023-01-29` - `2024-02-27`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-04-04` - `2023-07-03`	3 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2023-05-29` - `2023-08-21`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-05-29` - `2023-08-21`	3 months	crt.sh
*.scorecardresearch.com Sectigo RSA Domain Validation Secure Server CA	`2022-12-15` - `2023-12-28`	a year	crt.sh
*.innity.net DigiCert TLS RSA SHA256 2020 CA1	`2023-02-24` - `2024-02-26`	a year	crt.sh
*.pubmatic.com DigiCert TLS RSA SHA256 2020 CA1	`2023-01-25` - `2024-01-24`	a year	crt.sh
www.google.com GTS CA 1C3	`2023-05-29` - `2023-08-21`	3 months	crt.sh
*.google.com.ge GTS CA 1C3	`2023-05-29` - `2023-08-21`	3 months	crt.sh
*.taboola.com DigiCert TLS RSA SHA256 2020 CA1	`2022-12-08` - `2023-12-31`	a year	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-05-12` - `2023-08-10`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-05-14` - `2024-05-13`	a year	crt.sh
*.google.com GTS CA 1C3	`2023-05-29` - `2023-08-21`	3 months	crt.sh
*.innity.com Sectigo RSA Domain Validation Secure Server CA	`2022-11-08` - `2023-12-09`	a year	crt.sh
teads.tv R3	`2023-05-11` - `2023-08-09`	3 months	crt.sh
oa.openxcdn.net GTS CA 1D4	`2023-05-28` - `2023-08-26`	3 months	crt.sh
*.crwdcntrl.net Amazon RSA 2048 M01	`2022-11-07` - `2023-12-06`	a year	crt.sh
cdn.prod.uidapi.com R3	`2023-05-18` - `2023-08-16`	3 months	crt.sh
jsdelivr.net GlobalSign Atlas R3 DV TLS CA 2022 Q4	`2022-12-23` - `2024-01-24`	a year	crt.sh
invstatic101.creativecdn.com GTS CA 1D4	`2023-04-28` - `2023-07-28`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-05-29` - `2023-08-21`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-05-29` - `2023-08-21`	3 months	crt.sh
*.fsanook.com DigiCert TLS RSA SHA256 2020 CA1	`2022-12-06` - `2024-01-06`	a year	crt.sh
*.eskimi.com GeoTrust TLS RSA CA G1	`2023-03-20` - `2024-04-12`	a year	crt.sh
*.id5-sync.com R3	`2023-04-18` - `2023-07-17`	3 months	crt.sh
esp.rtbhouse.com GTS CA 1D4	`2023-05-17` - `2023-08-15`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-05-29` - `2023-08-21`	3 months	crt.sh
aax-eu.amazon-adsystem.com Amazon RSA 2048 M01	`2023-06-21` - `2024-03-02`	8 months	crt.sh
*.simpli.fi DigiCert TLS RSA SHA256 2020 CA1	`2022-11-07` - `2023-12-08`	a year	crt.sh
*.ybp.yahoo.com DigiCert SHA2 High Assurance Server CA	`2023-04-04` - `2023-09-27`	6 months	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2023-04-12` - `2024-05-13`	a year	crt.sh
*.smartadserver.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-01-21` - `2024-01-23`	a year	crt.sh
*.contextweb.com DigiCert TLS RSA SHA256 2020 CA1	`2023-04-10` - `2024-05-09`	a year	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2022-07-21` - `2023-08-21`	a year	crt.sh
*.adx.opera.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-05-22` - `2024-06-20`	a year	crt.sh
*.streamroot.io AlphaSSL CA - SHA256 - G4	`2023-02-16` - `2024-03-12`	a year	crt.sh
*.eu-1-id5-sync.com R3	`2023-04-18` - `2023-07-17`	3 months	crt.sh
*.adingo.jp Amazon RSA 2048 M01	`2023-02-13` - `2023-11-11`	9 months	crt.sh
track.adform.net DigiCert TLS RSA SHA256 2020 CA1	`2022-09-20` - `2023-09-20`	a year	crt.sh
*.everesttech.net GlobalSign Atlas R3 DV TLS CA 2022 Q4	`2022-11-07` - `2023-12-09`	a year	crt.sh
public1.adgear.com Sectigo RSA Domain Validation Secure Server CA	`2023-03-03` - `2024-03-31`	a year	crt.sh
*.ctnsnet.com DigiCert TLS RSA SHA256 2020 CA1	`2023-01-04` - `2023-11-06`	10 months	crt.sh
*.iprom.net R3	`2023-05-23` - `2023-08-21`	3 months	crt.sh
truffle.bid R3	`2023-05-24` - `2023-08-22`	3 months	crt.sh
*.jquery.com Sectigo RSA Domain Validation Secure Server CA	`2022-08-03` - `2023-07-14`	a year	crt.sh
c.amazon-adsystem.com Amazon RSA 2048 M01	`2023-02-28` - `2024-02-17`	a year	crt.sh
p.adlooxtracking.com GTS CA 1D4	`2023-05-22` - `2023-08-20`	3 months	crt.sh
adpartner.pro R3	`2023-05-23` - `2023-08-21`	3 months	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2023-03-05` - `2024-04-03`	a year	crt.sh
loopme.com R3	`2023-05-25` - `2023-08-23`	3 months	crt.sh
*.bidswitch.net Sectigo RSA Domain Validation Secure Server CA	`2023-03-23` - `2024-03-23`	a year	crt.sh
*.rmp.rakuten.com DigiCert TLS RSA SHA256 2020 CA1	`2023-01-20` - `2024-01-19`	a year	crt.sh
js-agent.newrelic.com GlobalSign Atlas R3 DV TLS CA 2023 Q2	`2023-04-13` - `2024-05-14`	a year	crt.sh
*.nr-data.net DigiCert TLS RSA SHA256 2020 CA1	`2022-11-18` - `2023-12-19`	a year	crt.sh

This page contains 89 frames:

Primary Page: https://www.sanook.com/women/220941/
Frame ID: 544A1FBB7576F2D6B343EA6FD6A8D8BE
Requests: 284 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: B99B8D15B57D751F28EF929F832103B2
Requests: 1 HTTP requests in this frame

Frame: https://p3.isanook.com/jo/0/mu/evt/_cross_storage/ex/hub.html
Frame ID: CF7037B7DC619E9E601EC49D6D360DF3
Requests: 2 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.sanook.com
Frame ID: AA77739B552A204D3CDE7EA88E5A27B7
Requests: 2 HTTP requests in this frame

Frame: https://cdn.izooto.com/scripts/sak/iz_setcid.html?v=1
Frame ID: D123E26F4D3E14E4341AC0B5067AF69E
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/v2.9/plugins/like.php?action=like&app_id=1675028022749749&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Dfc9912da9376f8%26domain%3Dwww.sanook.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.sanook.com%252Ff1af3c5f3028fd8%26relation%3Dparent.parent&color_scheme=light&container_width=270&href=https%3A%2F%2Fwww.facebook.com%2Fsanookwomen%2F&layout=standard&locale=en_US&sdk=joey&share=false&show_faces=true&size=small&width=270
Frame ID: 312EAD2C7EF583F073A5A26E2C190798
Requests: 3 HTTP requests in this frame

Frame: https://www.sanook.com/video/embed/clip/1537512/?playerType=video-js
Frame ID: E81ECEA059BF937328DD103052EA1DC8
Requests: 79 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=155976
Frame ID: 30DF3933CAA5CEFA628EEBAAF63EAAAE
Requests: 17 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=155976
Frame ID: FE74D0DF62B54F57F642E6DC684E45E9
Requests: 9 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=155976
Frame ID: AFF26EB2A0B6E2AE5DF28DD3C564F5F6
Requests: 9 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=155976
Frame ID: A8CE94CBCC9BD661B911A883E9CC9BBE
Requests: 9 HTTP requests in this frame

Frame: https://d0d8b8e6b737a493004210cba1ad57b8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 332DCFA00BC2BBB77B47B36722B1ABA0
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvZuUnbbtm9Pk-fxy1OI2I1uZy6R12ycUDIW8ofk4l0WAbF-LIJHA3JLhzNQRi3118QeIXQPBXzYrHp7ltU0GCsqb5-ckk7bg4mytlHnGoRe_j7ehMtn6YuzmzR30bGK67kS6L2f38aJgp1IK9nTwSLY1NHRm1Ohw94xPGrfUojo42Hf4QjA2d17-HaIvE8-B9v_DYVoJnzUSlofkOOWm9E6PabJGSC0h--Rj6rLFHiXXhQN0mTUqE_0goVgha4GqGVdXVvnYseLKxHiLoLcz7NmB5oGNKY6uukXs54jPt4Vm-HrBGynnHkHxwk5TVjenVhFWtrTJK7mH4RJoAq0z0KEL3r4lakYq0tScBXCXjOZZd5&sai=AMfl-YRWGuvquVa1baQoXx-bpx6K0kxfQTqNLNd302PKtM1HNpnfuZFQq7o5sZI5Duwo7z03ymhKGLEbXfCvD3ngNU0brl42R1uE3S3gyvbE8HnJuMrWT5ADdu-ExdmDT-wVtHh5VcsFDJCD2O_m4VtBZ8s&sig=Cg0ArKJSzOPom_7KEQgREAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: FA44DDE2B8CCE28DCAC46A2BF4651B5F
Requests: 11 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssW-1GKgcwM6Oe-1FHHz6BBK17zj4qvkJKkDnwqY2Lgdw0__PbOpvAdMFmCfFgOUz29-sUiskr3uWMeUZfnOHnBLTTBgpmrqnZHWlziwCY_37uEzUoSzU0NUYwHZDMt2rF3gABplkvRVvUZrUsDd-VHAj38SVpP2swxAX5_rqTZE7o_r9l_bWfYzgQ8DEI5CIMEj8r-5uLhSceSrrFVo_QxqX_NxUtfb5VLNjBHoDiB9exiX6VzXRgkPTmB64uiVXeirSVZPn3vLLOB_2p4UINPjYI4DgyzL7rmWJT9Ise-8HTkHQXkB1R4rfcr0dcrTMSus3MMLh--qBpFI8nYcU5T6exG56mHK9Q31XuftOrGUmWoi5xfLlP0eAo&sai=AMfl-YR5Fxz57vM16iuMMT75oj-Ttas7lycAXLG-Um7hMRqdVVBoJwQnc7K8bEfi_3HrZU0mAUKkrfYvo952rEOTY54DCsQpPuGEWz_ChjdMlPuj2xyNsbazhP3S9Uq2H6GX47xT3tHh_cTEPzqiMW0SZIo&sig=Cg0ArKJSzIUtKpxLN6HEEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: 56A55A7618AF63DD03B4B967DA3B3B28
Requests: 15 HTTP requests in this frame

Frame: https://d0d8b8e6b737a493004210cba1ad57b8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 3D0ED9C2D83854C2767C9871FA46EC96
Requests: 38 HTTP requests in this frame

Frame: https://p3.isanook.com/jo/0/mu/evt/_cross_storage/ex/hub.html
Frame ID: D001A53B002DE44E3D71FC2C96090F8E
Requests: 2 HTTP requests in this frame

Frame: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V8QL8CLAYUpbN0tncZThAoSmfpbO8ynCgAAABgYED8AAksPK6JYWFaSwaDwVo0si3cwtHEs5YNF6uVaWGyGGemISCBhcc1MSxMa8lgMFiLRraFWziaeNay4WK1Mi1MFuPMNAUfxnKZDGqBhGX2-w4KyunpMbsMoqLrbbE7nGbPG5Cg6XT4XPd63e931zzsfr_XrvG7_bq_22X3SyaD5WixlwMAAACAB_____8QAAAAACIAAAAASAAAAACgEFDh34LABQAAAAAM_____xoAnjgc0MVpdnqe_gAAAAAAAgAAAIAEAEHHWgkAC6yqE___________MQboM29k_P___98w6AHw4APgQQgAAIDHEMwwPu0Hf5RlIgXSRRgBAAAA2Hp3rj4ySSeoWFT5___vtwJwBQAgALH-Ot03i-6gxFsYAAAAgTEL9LD4_WaHXeN3u8z_________v5n_M_9ohEyEH9MIzUSxq_kFBABY8wsIAMBG3QAAvAmAE3QIWjEYrM5ArlazAwAAAHDn____Xw-IWQzLyczlmxhHu83MtDG5jKuRbWJbGTaOxcRm8p5Ut-Ur9rj58j4hwjL7fQcF5fT0mF0GUdH1ttgdTrPnID5oGJaTQTQ_E7YYrSaTzXI4Wy4mg-FoOBrtjwAuB2giBsvlZLKY7Faj1Wgz3I1mgwUSiMEEUbRoMFmNRpPFZLgaTVaz5WK32yCKVq1mo81guJpNZrvdajgYLkcjNGGL0Woy2SyHs-ViMhiOhqPREMHMZjBx7QaLtWo4sa1Fw8HCrRwMl2uNyWLZjBwTj2lmc4teH9PFOVkuNp4tEgzw2IvkaZFORCOTaeJcDpbLkcM2GdkWi81gMPEYd4PdbmVZzSZiieZkkU5kl33NYlhOZi7fxDjabWamjcllXI1sE9vKsHEsJjaTv7MZTFy7wWKtGk5sa9FwsHArB8PlWmOyWDYjx8RjmtncotfHdHFOlouNZ9-YDXe71WI32u0bs-Fut1rsRrt9h87wXX3ORs_lYO4IhUZnNhu0OQ0Kl8HinapX32hndhD9pkWnTKZWFnRGv9_v9_v9fr_f7zdoPQezQeF7Hv7C6WN5Loez0YPYoFDEEsFFOtE87H6_1yKWKE0X6USv-7tddr9kMliOFhOxRHC6SCeil_F0Uf-RQy7mks1yLhnM5pLFZpUAAAAAAAAAACzBJNNNAAAAAJwMZLac7VbrdBCj2Wg0WC0XwANcgC5gEAAAAAAAgGKNPWYwD7vf77UyAAjBbGabfUYQa7Va1gAAAASwAQAABHDTjTcBqlDc_____zgAAAAycugBAACI7wMCwoxaL_TA5VcQi8FutX8AKsRarVa3G2u1Wg!&cmcv=&pix=undefined&cb=1687751750007&uv=3290&tms=1687751750007&abt=nonrv_vA!tbt_player!ufm&ft=0&unm=WIDGET_ITEM&aure=false&agl=1&cirid=0ac5b0a4-2000-4d6a-84b3-6815e4adb8f4&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Frame ID: 8E15214BC462E2417060B552A19973C4
Requests: 4 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvigX5NuAqKDD9WJeODI0kTCWYu4KdUoIDDZiA5WiQSd4igTzdNunRV8updtDdNCTpzbhQbhK1b63vffvh9ZHRHCUrw5fgmdfpNF105BMI9IngsNS7MErZChSlaOJx-g20kCIbzCNZS4TJXPQewmaydtlCNstvQVpdiTgY8o8-Ta1d1eEAciu3rqc_tVXGaeZUnhQQFIOLEs7WieVi1xMyIxasYwQoSCQnOedXe_jYk37tl_BtaXC8H0ZrDWpiZ5OlB_AuWO4ZuZJ96k4v25YurKj6w8sVdw_pNE0XxsgEAtd1ySruK5M9dvDsdMMMnb_ujYBaOZ0n35P-x9dCqdlAl-M709_QcfbbLxCo7P5R21pwOzw&sai=AMfl-YSp0RJjfeM3pzcm3ZcJtw_KdguMzTLucqUsZab7CTPLtwMX1bDDtf2iU5rcHvt3NOmCLrrqqXpP7niWdAvcG3Jg11bts5kzuAihXi5QBtqtuhJPp2dAmNSghSdO3Y5wtVtp8ls7EwAGHIKR1vw5IG8&sig=Cg0ArKJSzOXKokLoXeO_EAE&uach_m=[UACH]&adurl=
Frame ID: 697E571FBA660CC0C9B3B35946693B87
Requests: 9 HTTP requests in this frame

Frame: https://d0d8b8e6b737a493004210cba1ad57b8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 6917AAA8102353851C08BA026207C00F
Requests: 13 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjst0kMUu93MNtyBSgYuPtHiERiTeGXUSM7_EjkM-krb1jeshmTYoC4jNLxuQwKNtU5fl66Y5rS5IsI18JcbP21IjqevIR4J-vPxvZHPXDwgtGz7bWNTKXxbw6gpW-MBEUHIXVGBFTgnEbcrbSpAkxtZ7zw5zNSsvJ0mEK1q4Ce1joVjHiTbKEzskof1hVxPCokk2aCBw1667KQhTy1Zl4TgTZ8IoTnnk_61fY0d0pS1duP7FpqQ4w1ElNyOdniDdUckHX9zQEcw4etaAnm-jqcjyWZSIDQReUhzqk776-4RfTj18sHeUiVkTTkSeZVUWIj9SHl_j4sN7b1sLkt37ObVwpQi4ZIzxTOUvjPnOWw&sai=AMfl-YTl_gpjqLsMyIuaNXwoAUN_I_OP-f23E7zYF5Ci7A9esRkhahiSKTgg2BftWXLL_2WUmTovSkh9lAaB-tBuLYIfexBgiL1wh1aREt4fPNHHiLBzyQqXzVuNpf_XhLkdZG3W9gpVhtXggS_E11LWsg&sig=Cg0ArKJSzOIiwJY4GqnsEAE&uach_m=[UACH]&adurl=
Frame ID: A12EAEAA3888EE20EBDF3B5DD5834491
Requests: 8 HTTP requests in this frame

Frame: https://d0d8b8e6b737a493004210cba1ad57b8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 53805E600F13B7D858DA20314B62B0A9
Requests: 32 HTTP requests in this frame

Frame: https://am-match.taboola.com/sync?dast=V8QL8CLAYUpbN0tncZThAoSmfpbO8ynCgAAABgYED8AAksPK6JYWFaSwaDwVo0si3cwtHEs5YNF6uVaWGyGGemISCBhcc1MSxMa8lgMFiLRraFWziaeNay4WK1Mi1MFuPMNAUfxnKZDGqBhGX2-w4KyunpMbsMoqLrbbE7nGbPG5Cg6XT4XPd63e931zzsfr_XrvG7_bq_22X3SyaD5WixlwMAAACAB_____8QAAAAACIAAAAASAAAAACgEFDh34LABQAAAAAM_____xoAnjgc0MVpdnqe_gAAAAAAAgAAAIAEAEHHWgkAC6yqE___________MQboM29k_P___98w6AHw4APgQQgAAIDHEMwwPu0Hf5RlIgXSRRgBAAAA2Hp3rj4ySSeoWFT5___vtwJwBQAgALH-Ot03i-6gxFsYAAAAgTEL9LD4_WaHXeN3u8z_________v5n_M_9ohEyEH9MIzUSxq_kFBABY8wsIAMBG3QAAvAmAE3QIWjEYrM5ArlazAwAAAHDn____Xw-IWQzLyczlmxhHu83MtDG5jKuRbWJbGTaOxcRm8p5Ut-Ur9rj58j4hwjL7fQcF5fT0mF0GUdH1ttgdTrPnID5oGJaTQTQ_E7YYrSaTzXI4Wy4mg-FoOBrtjwAuB2giBsvlZLKY7Faj1Wgz3I1mgwUSiMEEUbRoMFmNRpPFZLgaTVaz5WK32yCKVq1mo81guJpNZrvdajgYLkcjNGGL0Woy2SyHs-ViMhiOhqPREMHMZjBx7QaLtWo4sa1Fw8HCrRwMl2uNyWLZjBwTj2lmc4teH9PFOVkuNp4tEgzw2IvkaZFORCOTaeJcDpbLkcM2GdkWi81gMPEYd4PdbmVZzSZiieZkkU5kl33NYlhOZi7fxDjabWamjcllXI1sE9vKsHEsJjaTv7MZTFy7wWKtGk5sa9FwsHArB8PlWmOyWDYjx8RjmtncotfHdHFOlouNZ9-YDXe71WI32u0bs-Fut1rsRrt9h87wXX3ORs_lYO4IhUZnNhu0OQ0Kl8HinapX32hndhD9pkWnTKZWFnRGv9_v9_v9fr_f7zdoPQezQeF7Hv7C6WN5Loez0YPYoFDEEsFFOtE87H6_1yKWKE0X6USv-7tddr9kMliOFhOxRHC6SCeil_F0Uf-RQy7mks1yLhnM5pLFZpUAAAAAAAAAACzBJNNNAAAAAJwMZLac7VbrdBCj2Wg0WC0XwANcgC5gEAAAAAAAgGKNPWYwD7vf77UyAAjBbGabfUYQa7Va1gAAAASwAQAABHDTjTcBqlDc_____zgAAAAycugBAACI7wMCwoxaL_TA5VcQi8FutX8AKsRarVa3G2u1Wg!&excid=22&docw=0&cijs=1&nlb=false
Frame ID: C6D40433870235CF35464EF1D986874C
Requests: 4 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CK6g0PkCEJip0sIEGJ_h7OgBMAE&v=APEucNVnPTX7mty5n0n2j60DTgr_Mx1RWPGBFJmyf4RiuCpNmL4YavLQ4MwbP1lQ1j60t9HiNwA5FazJnoBsLB9l0iTzk5fVBA
Frame ID: 5455D9C5DC497733ECBE5281DD159DD1
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 655F34E0C829DC83FA114D5536E1D484
Requests: 9 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:ee416499-0c47-4900-9866-75ceeafb321f&gdpr=0&gdpr_consent=
Frame ID: 5DCBDBF9457D055063FCCA86595734AE
Requests: 1 HTTP requests in this frame

Frame: https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
Frame ID: 74C8364D8F94F527065C51C3351F2407
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Frame ID: A14EC80FA9EC32F6171F635D49313C03
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=5140084925828741246
Frame ID: A24F2A512133C155DDB98A74021CC5AA
Requests: 1 HTTP requests in this frame

Frame: https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=B7B76140-5686-45C7-BDB2-CE3A35903DE0&redir=true&gdpr=0&gdpr_consent=&dcc=t
Frame ID: 7B25514022751119B22587BA78A9B0C2
Requests: 1 HTTP requests in this frame

Frame: https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
Frame ID: 8AB45DBAE2BA24D8856912B22E774AA5
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=8739825237432947340&gdpr=0&gdpr_consent=
Frame ID: F5DAE6D1DB20CD53ABDDAB1A7AFBFADE
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7248838604383385740&gdpr=0&gdpr_consent=
Frame ID: AE7790C67025127D79330E0A67745666
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAAaCk7JMhkAACA-NRli0w&gdpr=0&gdpr_consent=
Frame ID: 0CAFF5D2BF150E12B9FDFE06E775B1EB
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=HyGEDPYnWDFb8hkcmLqXflvvztU&gdpr=0&gdpr_consent=
Frame ID: C9736A19606C90EF25677CA42F7D32DE
Requests: 1 HTTP requests in this frame

Frame: https://tg.socdm.com/aux/idsync?proto=taboola
Frame ID: 433E18647DE1777D06E02BA23E5F8371
Requests: 22 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: FC1CCAAE866B30061C92EC17C925DF77
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 7C19E1061F9FA905C8EB1E50B4B25C78
Requests: 3 HTTP requests in this frame

Frame: https://jp-u.openx.net/w/1.0/pd?plm=10&ph=41369f8c-6fd8-4c86-b8bb-fad81774416e
Frame ID: 446F1111FC883CC7A2DC012E8B3E46C1
Requests: 11 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: CC71B30609D5D852FB5B6CED51DFC64D
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 32E37086724D86B96C4AC48EFE79DD79
Requests: 9 HTTP requests in this frame

Frame: https://c4d7db2e0658565e84fde56f994de857.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: FDEC98BFB7FA194D0CB8228359CB7E17
Requests: 1 HTTP requests in this frame

Frame: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Frame ID: 08DAB548CA04018D6045FDCF4485E3AB
Requests: 6 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.578.0_en.html
Frame ID: 48E192920A451C3F89E3F4C7BDB38BD5
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsupkOgwzPGq8vyilo_obFugo3_6RPAQP_X3izGBbnVnrbWECvDjCpPCfj5S1fzdLiNrPRoSGxYGBULcFtoh-bP6Sn9fw4SSZuZbA172kX1rPdaUIwmLF9CUYYiwbS6MEmrKSvkFXlD9S6R57BjGUAJwAoln3oKEJKIVmD0Vd43u1LNAsy-0YQagndAPIr6QluDDqiBJV596SluGrFEZwXvVS6hxXz384FOGxjWJFC1XfxtaPr2D-z0WMjuF7dYVZoIeX2ZkHZBzpa4F8CaNeLb_l7843unFTEAzjNLAJfwDVuBQv-F0eZ3JmeywuNbXW3jCo_HqXj1PQaTyEA&sai=AMfl-YRzC14XSTltTqJkrLiwxQGkWYS8hHr2pgNst2OxXDnJYlmSUSqcx12-XrjyycZB5rm26CcjYN9jdtqESlwedVJOT-jzo97nKH-DEhZ99CmZabVZ3xOLR8nKAFGrsnM&sig=Cg0ArKJSzLD7um69evBlEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: 4E059CDB54EFCD824D8031C97A1C3FF6
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: F5FB7C8C0234C4A52262F497ADA8E676
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 98144594FE6ECA7A9830BD6E359D6767
Requests: 2 HTTP requests in this frame

Frame: https://c1.adform.net/serving/cookie/match?party=14&cid=B7B76140-5686-45C7-BDB2-CE3A35903DE0&gdpr=0&gdpr_consent=
Frame ID: 944350F64B9CF0326C926B060067EE98
Requests: 1 HTTP requests in this frame

Frame: https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=&_test=ZJkMSQAUqx6qsgBa
Frame ID: 9A144B5253B9FA8B50239A5E04938ADF
Requests: 1 HTTP requests in this frame

Frame: https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Frame ID: DF36BD97C48A4D73A123D81AABB7E780
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTkmdGw9NDMyMDA=&piggybackCookie=e5fufkphy0lk
Frame ID: 7DC1415C4506E64AF1923FDEBF222F77
Requests: 1 HTTP requests in this frame

Frame: https://ipac.ctnsnet.com/int/cm?exc=14&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=[user_id]
Frame ID: F0B55371487485F1F6AB6C02A4D5995C
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
Frame ID: 190094713509E4F4902A9D0A381A5783
Requests: 1 HTTP requests in this frame

Frame: https://core.iprom.net/cookiesync?gdpr=0&gdpr_consent=
Frame ID: 02668C0F2752062B7A026E1D1E4EAE61
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTgmdGw9MTI5NjAw&piggybackCookie=B7B76140-5686-45C7-BDB2-CE3A35903DE0&gdpr=0&gdpr_consent=
Frame ID: 5DA41B0E5A85C585FE357A948464A760
Requests: 1 HTTP requests in this frame

Frame: https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Frame ID: EF563A9B7B6AB70C22F03D7ACE4F8881
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=NOvcHvPGbYSSSVgjVnaSbVVT&gdpr=0&gdpr_consent=
Frame ID: 9484DB573CC442F2389639D3A73514B4
Requests: 1 HTTP requests in this frame

Frame: https://sync.taboola.com/sg/unrulyrtb-network/1/rtb-h/?taboola_hm=[USER-ID]
Frame ID: 3AADE637EA4740F2897A87AFB4F0990B
Requests: 1 HTTP requests in this frame

Frame: https://matching.truffle.bid/sync/pub?sid=161&suid=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NDQmdGw9MjAxNjA=&piggybackCookie=$UID
Frame ID: A831D84A3D24DA1D4C8E05B3A3B83812
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:CD423BBAA38141F985F3DA759A9DEA53&gdpr=0&gdpr_consent=
Frame ID: CBD71DA976792240903B954D48F7BBBF
Requests: 1 HTTP requests in this frame

Frame: https://c1.adform.net/serving/cookie/match?party=14&cid=B7B76140-5686-45C7-BDB2-CE3A35903DE0&gdpr=0&gdpr_consent=
Frame ID: 79A892EAD91AB3FFFF34AD3FA6DBA0DE
Requests: 1 HTTP requests in this frame

Frame: https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=&_test=ZJkMSQAUhZt7UgAn
Frame ID: 924404BD5A99A0659A1F2D5C8E769BFC
Requests: 1 HTTP requests in this frame

Frame: https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Frame ID: C64E2AC819E062E2ED4F56B51F9F1F99
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTkmdGw9NDMyMDA=&piggybackCookie=kpaeefqc7wtk
Frame ID: FF86488B1BA75D0CDF05ADF76CA22F41
Requests: 1 HTTP requests in this frame

Frame: https://ipac.ctnsnet.com/int/cm?exc=14&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=[user_id]
Frame ID: CDEB67A1068B6C24CD6E1741BA50422C
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
Frame ID: 6A378DDC4FA62CC58A2B4D7A413106A9
Requests: 1 HTTP requests in this frame

Frame: https://core.iprom.net/cookiesync?gdpr=0&gdpr_consent=
Frame ID: 6B686A13FB50270855917CAE748114C3
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTgmdGw9MTI5NjAw&piggybackCookie=B7B76140-5686-45C7-BDB2-CE3A35903DE0&gdpr=0&gdpr_consent=
Frame ID: 6A7800CDA56DC7B0F94FE7D0F8A1BC93
Requests: 1 HTTP requests in this frame

Frame: https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Frame ID: A858E6D3C716B2E10D07F56CD4AD09B0
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=NOvcHvPGbYSSSVgjVnaSbVVT&gdpr=0&gdpr_consent=
Frame ID: 6442E95250A9F5BF990C80CBB487E5B0
Requests: 1 HTTP requests in this frame

Frame: https://sync.taboola.com/sg/unrulyrtb-network/1/rtb-h/?taboola_hm=[USER-ID]
Frame ID: 6100794FAA56122D294FFA745C55A89B
Requests: 1 HTTP requests in this frame

Frame: https://matching.truffle.bid/sync/pub?sid=161&suid=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NDQmdGw9MjAxNjA=&piggybackCookie=$UID
Frame ID: 0AF3F3AFCC418B00F1D53E5D9E661B6B
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:5E559732D1B34DA098A357D5B454401E&gdpr=0&gdpr_consent=
Frame ID: 8E66F0134CDA9F057CF5216736DBBA83
Requests: 1 HTTP requests in this frame

Frame: https://c1.adform.net/serving/cookie/match?party=14&cid=B7B76140-5686-45C7-BDB2-CE3A35903DE0&gdpr=0&gdpr_consent=
Frame ID: C2E50B1FDEF5A3F58DAD9AEC382B7A51
Requests: 1 HTTP requests in this frame

Frame: https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=&_test=ZJkMSQAUrCqqsQBa
Frame ID: 7AF422AC5E57DDC36C4A776AEB06DFAA
Requests: 1 HTTP requests in this frame

Frame: https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Frame ID: D62E0746B0BB1B269B928E3D5E629258
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTkmdGw9NDMyMDA=&piggybackCookie=a6tml745w70l
Frame ID: 2047EB5C16D2626CD98E13788858A757
Requests: 1 HTTP requests in this frame

Frame: https://ipac.ctnsnet.com/int/cm?exc=14&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=[user_id]
Frame ID: 36A86728BAFE9DF63C7A69FD66B5D154
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
Frame ID: 5E1BEC15FAD922893C160E58BC2B754A
Requests: 1 HTTP requests in this frame

Frame: https://core.iprom.net/cookiesync?gdpr=0&gdpr_consent=
Frame ID: 98465B36DBA918A58AE9B54AD79EEED1
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTgmdGw9MTI5NjAw&piggybackCookie=B7B76140-5686-45C7-BDB2-CE3A35903DE0&gdpr=0&gdpr_consent=
Frame ID: 293F95FB0CEEDD06761F62F3266DE98A
Requests: 1 HTTP requests in this frame

Frame: https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Frame ID: 15AC21C38FFD272E30E2CA43602F24D8
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=NOvcHvPGbYSSSVgjVnaSbVVT&gdpr=0&gdpr_consent=
Frame ID: 0B940A7599D973C8AE2818944A3663FD
Requests: 1 HTTP requests in this frame

Frame: https://sync.taboola.com/sg/unrulyrtb-network/1/rtb-h/?taboola_hm=[USER-ID]
Frame ID: 04B8C100621A060581134F9E4772C405
Requests: 1 HTTP requests in this frame

Frame: https://matching.truffle.bid/sync/pub?sid=161&suid=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NDQmdGw9MjAxNjA=&piggybackCookie=$UID
Frame ID: 19829D8CD425D92DEF4B017263370F07
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:3C7ADA27E19747F19F42274F7BBBD430&gdpr=0&gdpr_consent=
Frame ID: D5981CC52689C790CF17A4C00DB3066A
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.578.0_en.html
Frame ID: C1F7188F958EC93DEBA2F3AE6DACB7D8
Requests: 1 HTTP requests in this frame

Frame: https://am-match.taboola.com/sync?dast=V8QL8CLAYUpbN0tncZThAoSmfpbO8ynCgAAABgYED8AAksPK6JYWFaSwaDwVo0si3cwtHEs5YNF6uVaWGyGGemISCBhcc1MSxMa8lgMFiLRraFWziaeNay4WK1Mi1MFuPMNAUfxnKZDGqBhGX2-w4KyunpMbsMoqLrbbE7nGbPG5Cg6XT4XPd63e931zzsfr_XrvG7_bq_22X3SyaD5WixlwMAAACAB_____8QAAAAACIAAAAASAAAAACgEFDh34LABQAAAAAM_____xoAnjgc0MVpdnqe_gAAAAAAAgAAAIAEAEHHWgkAC6yqE___________MQboM29k_P___98w6AHw4APgQQgAAIDHEMwwPu0Hf5RlIgXSRRgBAAAA2Hp3rj4ySSeoWFT5___vtwJwBQAgALH-Ot03i-6gxFsYAAAAgTEL9LD4_WaHXeN3u8z_________v5n_M_9ohEyEH9MIzUSxq_kFBABY8wsIAMBG3QAAvAmAE3QIWjEYrM5ArlazAwAAAHDn____Xw-IWQzLyczlmxhHu83MtDG5jKuRbWJbGTaOxcRm8p5Ut-Ur9rj58j4hwjL7fQcF5fT0mF0GUdH1ttgdTrPnID5oGJaTQTQ_E7YYrSaTzXI4Wy4mg-FoOBrtjwAuB2giBsvlZLKY7Faj1Wgz3I1mgwUSiMEEUbRoMFmNRpPFZLgaTVaz5WK32yCKVq1mo81guJpNZrvdajgYLkcjNGGL0Woy2SyHs-ViMhiOhqPREMHMZjBx7QaLtWo4sa1Fw8HCrRwMl2uNyWLZjBwTj2lmc4teH9PFOVkuNp4tEgzw2IvkaZFORCOTaeJcDpbLkcM2GdkWi81gMPEYd4PdbmVZzSZiieZkkU5kl33NYlhOZi7fxDjabWamjcllXI1sE9vKsHEsJjaTv7MZTFy7wWKtGk5sa9FwsHArB8PlWmOyWDYjx8RjmtncotfHdHFOlouNZ9-YDXe71WI32u0bs-Fut1rsRrt9h87wXX3ORs_lYO4IhUZnNhu0OQ0Kl8HinapX32hndhD9pkWnTKZWFnRGv9_v9_v9fr_f7zdoPQezQeF7Hv7C6WN5Loez0YPYoFDEEsFFOtE87H6_1yKWKE0X6USv-7tddr9kMliOFhOxRHC6SCeil_F0Uf-RQy7mks1yLhnM5pLFZpUAAAAAAAAAACzBJNNNAAAAAJwMZLac7VbrdBCj2Wg0WC0XwANcgC5gEAAAAAAAgGKNPWYwD7vf77UyAAjBbGabfUYQa7Va1gAAAASwAQAABHDTjTcBqlDc_____zgAAAAycugBAACI7wMCwoxaL_TA5VcQi8FutX8AKsRarVa3G2u1Wg!&excid=22&docw=0&cijs=1&nlb=false
Frame ID: E7985387ACEDCC75B5A7DC3AF962D2F8
Requests: 3 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&p=156307&userIdMacro=PM_UID&us_privacy=1---&predirect=https%3A%2F%2Fsync.taboola.com%2Fsg%2Frtb-pubmatic-network%2F1%2Frtb-h%2F%3Fgdpr%3D0%26taboola_hm%3DPM_UID%26orig%3Dvideo%26us_privacy%3D1---
Frame ID: A69E55D8EC653758B397A708F228D985
Requests: 2 HTTP requests in this frame

Frame: https://sync.taboola.com/sg/rtb-pubmatic-network/1/rtb-h/?gdpr=0&taboola_hm=B7B76140-5686-45C7-BDB2-CE3A35903DE0&orig=video&us_privacy=1---
Frame ID: D2109E8E118A7B841F323AEFA224001E
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

“ฉากกั้นโควิด-19” อยากได้ ทำเอง หรือที่ไหนมีขายบ้าง Group 3Group 3Group 3Group 3

Page URL History Show full URLs

https://www.sanook.com/home/25321/ HTTP 302
https://www.sanook.com/women/220941/ Page URL

Detected technologies

GSAP (JavaScript frameworks) Expand

Overall confidence: 100%
Detected patterns

TweenMax(?:\.min)?\.js

React (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

<[^>]+data-react

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Ad Exchange (AdX) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

tpc\.googlesyndication\.com/safeframe

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

DoubleClick for Publishers (DFP) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googletagservices\.com/tag/js/gpt(?:_mobile)?\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Optimize (A/B Testing) Expand

Overall confidence: 100%
Detected patterns

googleoptimize\.com/optimize\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Izooto (Marketing automation) Expand

Overall confidence: 100%
Detected patterns

cdn\.izooto\.\w+

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

Yandex.Direct (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://an\.yandex\.ru/

comScore (Analytics) Expand

Overall confidence: 100%
Detected patterns

<iframe[^>]* (?:id="comscore"|scr=[^>]+comscore)|\.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon
\.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

694
Requests

86 %
HTTPS

0 %
IPv6

107
Domains

173
Subdomains

107
IPs

18
Countries

8641 kB
Transfer

27064 kB
Size

181
Cookies

33 Outgoing links

These are links going to different origins than the main page.

URL: https://truehits.net/stat.php?login=sanook

Search URL Search Domain Scan URL

URL: https://news.sanook.com/lotto
Title: ตรวจหวย

Search URL Search Domain Scan URL

URL: https://www.joox.com/th
Title: ฟังเพลง

Search URL Search Domain Scan URL

URL: https://wetv.vip/th?language=th
Title: ดูหนัง

Search URL Search Domain Scan URL

URL: https://www.wecomics.in.th/
Title: อ่านการ์ตูน

Search URL Search Domain Scan URL

URL: https://www.facebook.com/PUBGMOBILE.TH.OFFICIAL
Title: เล่นเกมส์

Search URL Search Domain Scan URL

URL: https://sso.member.sanook.com/member/login.php?psnid=000001-000030-000030-000001&autologin=1&option=&surl=https://www.sanook.com/women/220941/&registerUrl=http%3A%2F%2Fsso.member.sanook.com%2Fregister%2Fmini.php
Title: เข้าสู่ระบบ

Search URL Search Domain Scan URL

URL: https://sso.member.sanook.com/member/signup.php?psnid=000001-000030-000030-000001&surl=https://www.sanook.com/women/220941/&autologin=1&eventID=&option=&mail=
Title: สมัครสมาชิก

Search URL Search Domain Scan URL

URL: https://muan.sanook.com/
Title: ข่าวลาว

Search URL Search Domain Scan URL

URL: https://www.sanook77.co/
Title: ข่าว 77 จังหวัด

Search URL Search Domain Scan URL

URL: https://news.sanook.com/lotto/
Title: หวยไทย

Search URL Search Domain Scan URL

URL: https://news.sanook.com/lotto/lotto-stats/
Title: สถิติหวยไทย

Search URL Search Domain Scan URL

URL: https://comics.sanook.com/
Title: อ่านการ์ตูน

Search URL Search Domain Scan URL

URL: https://tv.sanook.com/
Title: ดูทีวี

Search URL Search Domain Scan URL

URL: https://learning.sanook.com/
Title: เรียนออนไลน์

Search URL Search Domain Scan URL

URL: https://guru.sanook.com/
Title: กูรู-รอบรู้

Search URL Search Domain Scan URL

URL: https://www.tencent.co.th/th/jobs/
Title: ร่วมงานกับเรา

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sanookeveryday

Search URL Search Domain Scan URL

URL: https://twitter.com/sanook

Search URL Search Domain Scan URL

URL: https://instagram.com/sanook.com

Search URL Search Domain Scan URL

URL: https://www.youtube.com/user/SanookTV

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/1013623?trk=tyah&trkInfo=clickedVertical%3Acompany%2CclickedEntityId%3A1013623%2Cidx%3A2-1-2%2CtarId%3A1465882069006%2Ctas%3ASanook

Search URL Search Domain Scan URL

URL: https://line.me/ti/p/@sanook.com

Search URL Search Domain Scan URL

URL: https://webboard.sanook.com/forum/?board=75
Title: เว็บบอร์ด

Search URL Search Domain Scan URL

URL: https://season.sanook.com/hbdproject/july/winner/

Search URL Search Domain Scan URL

URL: https://home.sanook.com/tips/diy/
Title: DIY

Search URL Search Domain Scan URL

URL: https://www.lazada.co.th/
Title: lazada

Search URL Search Domain Scan URL

URL: https://www.onestockhome.com/
Title: onestockhome

Search URL Search Domain Scan URL

URL: https://shopee.co.th/%E0%B8%89%E0%B8%B2%E0%B8%81%E0%B8%81%E0%B8%B1%E0%B9%89%E0%B8%99%E0%B8%9E%E0%B8%A5%E0%B8%B2%E0%B8%AA%E0%B8%95%E0%B8%B4%E0%B8%81-DIY-%E0%B8%96%E0%B8%AD%E0%B8%94%E0%B8%9B%E0%B8%A3%E0%B8%B0%E0%B8%81%E0%B8%AD%E0%B8%9A-%E0%B8%AA%E0%B8%B3%E0%B8%AB%E0%B8%A3%E0%B8%B1%E0%B8%9A%E0%B8%95%E0%B8%B4%E0%B8%94%E0%B8%95%E0%B8%B1%E0%B9%89%E0%B8%87%E0%B8%97%E0%B8%B5%E0%B9%88%E0%B9%80%E0%B8%84%E0%B8%B2%E0%B8%99%E0%B9%8C%E0%B9%80%E0%B8%95%E0%B8%AD%E0%B8%A3%E0%B9%8C-%E0%B8%AA%E0%B8%B3%E0%B8%99%E0%B8%B1%E0%B8%81%E0%B8%87%E0%B8%B2%E0%B8%99-i.70626269.7823937325
Title: shopee

Search URL Search Domain Scan URL

URL: https://www.tiptoppo.com/worldwide/statu-fb
Title: Tiptoppo

Search URL Search Domain Scan URL

URL: https://popup.taboola.com/th/?template=colorbox&utm_source=sanook&utm_medium=referral&utm_content=thumbs-feed-01:Below%20Article%20Thumbnails%20|%20Card%201:
Title: Sponsored

Search URL Search Domain Scan URL

URL: https://storytohear.com/uncategorized/use-olive-oil-for-your-skin/
Title: Story to Hear

Search URL Search Domain Scan URL

URL: https://editorsnation.com/trending/ms-universe-or-world-cup-find-out-who-among-these-fans-is-the-fairest-of-them-all-2-new-footbalfans-us
Title: Editors Nation

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://www.sanook.com/home/25321/ HTTP 302
https://www.sanook.com/women/220941/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 89

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1007499765/?random=38660829&cv=11&fst=1687751745775&bg=ffffff&guid=ON&async=1&gtm=45He36l0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.sanook.com%2Fwomen%2F220941%2F&label=JxFSCKqXqfMBEPXztOAD&hn=www.googleadservices.com&frm=0&tiba=%E2%80%9C%E0%B8%89%E0%B8%B2%E0%B8%81%E0%B8%81%E0%B8%B1%E0%B9%89%E0%B8%99%E0%B9%82%E0%B8%84%E0%B8%A7%E0%B8%B4%E0%B8%94-19%E2%80%9D%20%E0%B8%AD%E0%B8%A2%E0%B8%B2%E0%B8%81%E0%B9%84%E0%B8%94%E0%B9%89%20%E0%B8%97%E0%B8%B3%E0%B9%80%E0%B8%AD%E0%B8%87%20%E0%B8%AB&value=0&auid=1312455546.1687751746&uamb=0&uaw=0&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=QgyZZPGVDfSD7_UPkYmC2Ac&sscte=1&crd=&eitems=ChEI8MvfpAYQ5KGFy8vn8Nn0ARIdAPl51E9HSXJQNgkvd4M4lcaZl1QUCZj8_BOQr64&pscrd=Ek5DaEFJOE12ZnBBWVE1NGVLajV2NTVLbGFFaVlBcTlpUmh6UTRjajFRbGthYm9ZbXdOa1BtUmhOTXd4Um9hM2FYaHBoaDVJeW9YdE9tVmcaWkNoRUk4TXZmcEFZUXlNS2pscEdOOV9YaUFSSXVBQ0dlaU1fMmxoSmNqQk03VmprQ0gxdVdPMUNiQ1pZUER3OU1fc2czNjFLNUdCTHdXLVMweEk2Nzg3RGFQZyITCPG-tZqF4P8CFfTBuwgdkYQAew HTTP 302
https://www.google.com/pagead/1p-conversion/1007499765/?random=38660829&cv=11&fst=1687751745775&bg=ffffff&guid=ON&async=1&gtm=45He36l0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.sanook.com%2Fwomen%2F220941%2F&label=JxFSCKqXqfMBEPXztOAD&hn=www.googleadservices.com&frm=0&tiba=%E2%80%9C%E0%B8%89%E0%B8%B2%E0%B8%81%E0%B8%81%E0%B8%B1%E0%B9%89%E0%B8%99%E0%B9%82%E0%B8%84%E0%B8%A7%E0%B8%B4%E0%B8%94-19%E2%80%9D%20%E0%B8%AD%E0%B8%A2%E0%B8%B2%E0%B8%81%E0%B9%84%E0%B8%94%E0%B9%89%20%E0%B8%97%E0%B8%B3%E0%B9%80%E0%B8%AD%E0%B8%87%20%E0%B8%AB&value=0&auid=1312455546.1687751746&uamb=0&uaw=0&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek5DaEFJOE12ZnBBWVE1NGVLajV2NTVLbGFFaVlBcTlpUmh6UTRjajFRbGthYm9ZbXdOa1BtUmhOTXd4Um9hM2FYaHBoaDVJeW9YdE9tVmcaWkNoRUk4TXZmcEFZUXlNS2pscEdOOV9YaUFSSXVBQ0dlaU1fMmxoSmNqQk03VmprQ0gxdVdPMUNiQ1pZUER3OU1fc2czNjFLNUdCTHdXLVMweEk2Nzg3RGFQZyITCPG-tZqF4P8CFfTBuwgdkYQAew&is_vtc=1&ocp_id=QgyZZPGVDfSD7_UPkYmC2Ac&cid=CAQSKQBygQiDfU9Qk-cJ9gGg5zZYAUczjjpIChH4b2WQ6H0ERVYgixs_XGvA&eitems=ChEI8MvfpAYQ5KGFy8vn8Nn0ARIdAPl51E812QslWknBwktzm68676VRZ_TApWQjEUc&random=804047261 HTTP 302
https://www.google.ge/pagead/1p-conversion/1007499765/?random=38660829&cv=11&fst=1687751745775&bg=ffffff&guid=ON&async=1&gtm=45He36l0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.sanook.com%2Fwomen%2F220941%2F&label=JxFSCKqXqfMBEPXztOAD&hn=www.googleadservices.com&frm=0&tiba=%E2%80%9C%E0%B8%89%E0%B8%B2%E0%B8%81%E0%B8%81%E0%B8%B1%E0%B9%89%E0%B8%99%E0%B9%82%E0%B8%84%E0%B8%A7%E0%B8%B4%E0%B8%94-19%E2%80%9D%20%E0%B8%AD%E0%B8%A2%E0%B8%B2%E0%B8%81%E0%B9%84%E0%B8%94%E0%B9%89%20%E0%B8%97%E0%B8%B3%E0%B9%80%E0%B8%AD%E0%B8%87%20%E0%B8%AB&value=0&auid=1312455546.1687751746&uamb=0&uaw=0&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek5DaEFJOE12ZnBBWVE1NGVLajV2NTVLbGFFaVlBcTlpUmh6UTRjajFRbGthYm9ZbXdOa1BtUmhOTXd4Um9hM2FYaHBoaDVJeW9YdE9tVmcaWkNoRUk4TXZmcEFZUXlNS2pscEdOOV9YaUFSSXVBQ0dlaU1fMmxoSmNqQk03VmprQ0gxdVdPMUNiQ1pZUER3OU1fc2czNjFLNUdCTHdXLVMweEk2Nzg3RGFQZyITCPG-tZqF4P8CFfTBuwgdkYQAew&is_vtc=1&ocp_id=QgyZZPGVDfSD7_UPkYmC2Ac&cid=CAQSKQBygQiDfU9Qk-cJ9gGg5zZYAUczjjpIChH4b2WQ6H0ERVYgixs_XGvA&eitems=ChEI8MvfpAYQ5KGFy8vn8Nn0ARIdAPl51E812QslWknBwktzm68676VRZ_TApWQjEUc&random=804047261&ipr=y

Request Chain 106

https://sb.scorecardresearch.com/b?c1=2&c2=14617386&cs_it=b9&cv=4.0.0%2B2301240627&ns__t=1687751746981&ns_c=UTF-8&c7=https%3A%2F%2Fwww.sanook.com%2Fwomen%2F220941%2F&c8=%E2%80%9C%E0%B8%89%E0%B8%B2%E0%B8%81%E0%B8%81%E0%B8%B1%E0%B9%89%E0%B8%99%E0%B9%82%E0%B8%84%E0%B8%A7%E0%B8%B4%E0%B8%94-19%E2%80%9D%20%E0%B8%AD%E0%B8%A2%E0%B8%B2%E0%B8%81%E0%B9%84%E0%B8%94%E0%B9%89%20%E0%B8%97%E0%B8%B3%E0%B9%80%E0%B8%AD%E0%B8%87%20%E0%B8%AB%E0%B8%A3%E0%B8%B7%E0%B8%AD%E0%B8%97%E0%B8%B5%E0%B9%88%E0%B9%84%E0%B8%AB%E0%B8%99%E0%B8%A1%E0%B8%B5%E0%B8%82%E0%B8%B2%E0%B8%A2%E0%B8%9A%E0%B9%89%E0%B8%B2%E0%B8%87&c9= HTTP 302
https://sb.scorecardresearch.com/b2?c1=2&c2=14617386&cs_it=b9&cv=4.0.0%2B2301240627&ns__t=1687751746981&ns_c=UTF-8&c7=https%3A%2F%2Fwww.sanook.com%2Fwomen%2F220941%2F&c8=%E2%80%9C%E0%B8%89%E0%B8%B2%E0%B8%81%E0%B8%81%E0%B8%B1%E0%B9%89%E0%B8%99%E0%B9%82%E0%B8%84%E0%B8%A7%E0%B8%B4%E0%B8%94-19%E2%80%9D%20%E0%B8%AD%E0%B8%A2%E0%B8%B2%E0%B8%81%E0%B9%84%E0%B8%94%E0%B9%89%20%E0%B8%97%E0%B8%B3%E0%B9%80%E0%B8%AD%E0%B8%87%20%E0%B8%AB%E0%B8%A3%E0%B8%B7%E0%B8%AD%E0%B8%97%E0%B8%B5%E0%B9%88%E0%B9%84%E0%B8%AB%E0%B8%99%E0%B8%A1%E0%B8%B5%E0%B8%82%E0%B8%B2%E0%B8%A2%E0%B8%9A%E0%B9%89%E0%B8%B2%E0%B8%87&c9=

Request Chain 327

https://oajs.openx.net/esp?url=https%3A%2F%2Fwww.sanook.com%2Fwomen%2F220941%2F&rid=esp HTTP 302
https://oajs.openx.net/esp?url=https%3A%2F%2Fwww.sanook.com%2Fwomen%2F220941%2F&rid=esp&cc=1

Request Chain 328

https://match.adsrvr.org/track/cmf/generic?gdpr=0&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1 HTTP 302
https://match.adsrvr.org/track/cmb/generic?gdpr=0&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1 HTTP 302
https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=5e7202d9-6874-499f-945e-f77f754f1896

Request Chain 329

https://pr-bh.ybp.yahoo.com/sync/taboola/330b5701-58b6-480a-9089-cdb23d1bc4ff-tuctb9291c3?gdpr=0&us_privacy=1--- HTTP 302
https://sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/?taboola_hm=y-RqpMTslE2oRFMEhOlckt7hMEiauwYOXQTgAVFw--~A

Request Chain 330

https://x.bidswitch.net/sync?gdpr=0&us_privacy=1---&ssp=taboola HTTP 302
https://x.bidswitch.net/ul_cb/sync?gdpr=0&us_privacy=1---&ssp=taboola HTTP 302
https://u.ipw.metadsp.co.uk/sync?ssp=bidswitch&bidswitch_ssp_id=taboola&bsw_user_id=${BSW_USER_UD}&bsw_param=c34bfbe5-d3c8-4220-bb90-84a9e8560152&gdpr=0&gdpr_consent=&gdpr_pd=&us_privacy=1--- HTTP 302
https://u.ipw.metadsp.co.uk/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=taboola&bsw_user_id=${BSW_USER_UD}&bsw_param=c34bfbe5-d3c8-4220-bb90-84a9e8560152&gdpr=0&gdpr_consent=&gdpr_pd=&us_privacy=1--- HTTP 302
https://x.bidswitch.net/sync?dsp_id=339&expires=14&gdpr=0&gdpr_consent=&user_group=1&user_id=899a20bf-5e43-4182-9f5b-3c7dccf63804&ssp=taboola&bsw_param=c34bfbe5-d3c8-4220-bb90-84a9e8560152 HTTP 302
https://sync-t1.taboola.com/sg/bidswitch-network/1/rtb-h?taboola_hm=c34bfbe5-d3c8-4220-bb90-84a9e8560152&gdpr=0&gdpr_consent=&gdpr_pd=&us_privacy=

Request Chain 369

https://match.adsrvr.org/track/cmf/generic?gdpr=0&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1 HTTP 302
https://match.adsrvr.org/track/cmb/generic?gdpr=0&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1 HTTP 302
https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=5e7202d9-6874-499f-945e-f77f754f1896

Request Chain 370

https://pr-bh.ybp.yahoo.com/sync/taboola/330b5701-58b6-480a-9089-cdb23d1bc4ff-tuctb9291c3?gdpr=0&us_privacy=1--- HTTP 302
https://sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/?taboola_hm=y-Jj.5AaVE2oRzDqLcg9SRfgIpRLI7carq3Z3UVQ--~A

Request Chain 371

https://ups.analytics.yahoo.com/ups/58785/sync?redir=true&gdpr=0&us_privacy=1--- HTTP 302
https://ups.analytics.yahoo.com/ups/58785/sync?redir=true&gdpr=0&us_privacy=1---&verify=true HTTP 302
https://sync.taboola.com/sg/yahoosspus-network/1/rtb-h/?taboola_hm=y-S07i3ppE2uFrIe2DseWwgUNw4wqt7y.x~A&gdpr_in_effect=0

Request Chain 374

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1007499765/?random=1668127239&cv=11&fst=1687751749958&bg=ffffff&guid=ON&async=1&gtm=45He36l0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.sanook.com%2Fwomen%2F220941%2F&ref=https%3A%2F%2Fwww.sanook.com%2Fwomen%2F220941%2F&label=JxFSCKqXqfMBEPXztOAD&hn=www.googleadservices.com&frm=1&tiba=%E0%B8%A3%E0%B8%B2%E0%B8%A8%E0%B8%B5%E0%B8%97%E0%B8%B5%E0%B9%88%E0%B8%A1%E0%B8%B5%E0%B9%80%E0%B8%81%E0%B8%93%E0%B8%91%E0%B9%8C%20%E0%B9%80%E0%B8%94%E0%B8%B4%E0%B8%99%E0%B8%97%E0%B8%B2%E0%B8%87%E0%B9%81%E0%B8%A5%E0%B9%89%E0%B8%A7%E0%B8%94%E0%B8%B5%20&value=0&us_privacy=error&auid=1312455546.1687751746&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=RgyZZJfJArfK7_UP1KCO2Aw&sscte=1&crd=&eitems=ChEI8MvfpAYQ5KGFy8vn8Nn0ARIdAPl51E9o-8y2B5oNwBOg9NVxxzbNrNC3qSIx6vo&pscrd=Ek5DaEFJOE12ZnBBWVE1NGVLajV2NTVLbGFFaVlBcTlpUmh6UTRjajFRbGthYm9ZbXdOa1BtUmhOTXd4Um9hM2FYaHBoaDVJeW9YdE9tVmcaWkNoRUk4TXZmcEFZUXlNS2pscEdOOV9YaUFSSXVBQ0dlaU1fcENfRzItbkhMT1l5eGZWbTFNOXRxck5fMmx0LW92cW1NaW1nS0dRZjZHM2otSlk0VVBHMUI2dyITCJeEn5yF4P8CFTfluwgdVJADyw HTTP 302
https://www.google.com/pagead/1p-conversion/1007499765/?random=1668127239&cv=11&fst=1687751749958&bg=ffffff&guid=ON&async=1&gtm=45He36l0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.sanook.com%2Fwomen%2F220941%2F&ref=https%3A%2F%2Fwww.sanook.com%2Fwomen%2F220941%2F&label=JxFSCKqXqfMBEPXztOAD&hn=www.googleadservices.com&frm=1&tiba=%E0%B8%A3%E0%B8%B2%E0%B8%A8%E0%B8%B5%E0%B8%97%E0%B8%B5%E0%B9%88%E0%B8%A1%E0%B8%B5%E0%B9%80%E0%B8%81%E0%B8%93%E0%B8%91%E0%B9%8C%20%E0%B9%80%E0%B8%94%E0%B8%B4%E0%B8%99%E0%B8%97%E0%B8%B2%E0%B8%87%E0%B9%81%E0%B8%A5%E0%B9%89%E0%B8%A7%E0%B8%94%E0%B8%B5%20&value=0&us_privacy=error&auid=1312455546.1687751746&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek5DaEFJOE12ZnBBWVE1NGVLajV2NTVLbGFFaVlBcTlpUmh6UTRjajFRbGthYm9ZbXdOa1BtUmhOTXd4Um9hM2FYaHBoaDVJeW9YdE9tVmcaWkNoRUk4TXZmcEFZUXlNS2pscEdOOV9YaUFSSXVBQ0dlaU1fcENfRzItbkhMT1l5eGZWbTFNOXRxck5fMmx0LW92cW1NaW1nS0dRZjZHM2otSlk0VVBHMUI2dyITCJeEn5yF4P8CFTfluwgdVJADyw&is_vtc=1&ocp_id=RgyZZJfJArfK7_UP1KCO2Aw&cid=CAQSKQBygQiDkHwR3Me9vXEeJRb1WKG8nbHhaNGkZt50CLxr9B_QQjNObyV3&eitems=ChEI8MvfpAYQ5KGFy8vn8Nn0ARIdAPl51E9Qrf7CojPW4KBF5E_BYZnpTNQBsT-Q-rY&random=2233665875 HTTP 302
https://www.google.ge/pagead/1p-conversion/1007499765/?random=1668127239&cv=11&fst=1687751749958&bg=ffffff&guid=ON&async=1&gtm=45He36l0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.sanook.com%2Fwomen%2F220941%2F&ref=https%3A%2F%2Fwww.sanook.com%2Fwomen%2F220941%2F&label=JxFSCKqXqfMBEPXztOAD&hn=www.googleadservices.com&frm=1&tiba=%E0%B8%A3%E0%B8%B2%E0%B8%A8%E0%B8%B5%E0%B8%97%E0%B8%B5%E0%B9%88%E0%B8%A1%E0%B8%B5%E0%B9%80%E0%B8%81%E0%B8%93%E0%B8%91%E0%B9%8C%20%E0%B9%80%E0%B8%94%E0%B8%B4%E0%B8%99%E0%B8%97%E0%B8%B2%E0%B8%87%E0%B9%81%E0%B8%A5%E0%B9%89%E0%B8%A7%E0%B8%94%E0%B8%B5%20&value=0&us_privacy=error&auid=1312455546.1687751746&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek5DaEFJOE12ZnBBWVE1NGVLajV2NTVLbGFFaVlBcTlpUmh6UTRjajFRbGthYm9ZbXdOa1BtUmhOTXd4Um9hM2FYaHBoaDVJeW9YdE9tVmcaWkNoRUk4TXZmcEFZUXlNS2pscEdOOV9YaUFSSXVBQ0dlaU1fcENfRzItbkhMT1l5eGZWbTFNOXRxck5fMmx0LW92cW1NaW1nS0dRZjZHM2otSlk0VVBHMUI2dyITCJeEn5yF4P8CFTfluwgdVJADyw&is_vtc=1&ocp_id=RgyZZJfJArfK7_UP1KCO2Aw&cid=CAQSKQBygQiDkHwR3Me9vXEeJRb1WKG8nbHhaNGkZt50CLxr9B_QQjNObyV3&eitems=ChEI8MvfpAYQ5KGFy8vn8Nn0ARIdAPl51E9Qrf7CojPW4KBF5E_BYZnpTNQBsT-Q-rY&random=2233665875&ipr=y

Request Chain 377

https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:ee416499-0c47-4900-9866-75ceeafb321f&gdpr=0&gdpr_consent=

Request Chain 379

https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@ HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=

Request Chain 380

https://p.rfihub.com/cm?pub=224&in=1&getuid=https%3A//image2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=5140084925828741246

Request Chain 381

https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=B7B76140-5686-45C7-BDB2-CE3A35903DE0&redir=true&gdpr=0&gdpr_consent= HTTP 302
https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=B7B76140-5686-45C7-BDB2-CE3A35903DE0&redir=true&gdpr=0&gdpr_consent=&dcc=t

Request Chain 383

https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA%3D%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=8739825237432947340&gdpr=0&gdpr_consent=

Request Chain 384

https://dsp.adfarm1.adition.com/cookie/?ssp=9&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7248838604383385740&gdpr=0&gdpr_consent=

Request Chain 385

https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent= HTTP 303
https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent=&_bee_ppp=1 HTTP 303
https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFDMWYwN0pNaGtBQUItcjQtVHlSUQ&gdpr=0&gdpr_consent=&bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 302
https://match.prod.bidr.io/cookie-sync/adx?gdpr=0&gdpr_consent=&bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 303
https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AAC1f07JMhkAAB-r4-TyRQ&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26bee_sync_partners%3Dpp%252Cpm%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D2%26userid%3DSMART_USER_ID&gdpr=0 HTTP 302
https://match.prod.bidr.io/cookie-sync?gdpr=0&bee_sync_partners=pp%2Cpm&bee_sync_current_partner=sas&bee_sync_initiator=adx&bee_sync_hop_count=2&userid=2461878853718764298&gdpr=0&gdpr_consent= HTTP 303
https://bh.contextweb.com/bh/rtset?do=add&pid=558502&ev=AAAaCk7JMhkAACA-NRli0w&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26userid%3D2461878853718764298%26gdpr%3D0%26gdpr_consent%3D%26bee_sync_partners%3Dpm%26bee_sync_current_partner%3Dpp%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D3&gdpr=0 HTTP 302
https://match.prod.bidr.io/cookie-sync?gdpr=0&userid=2461878853718764298&gdpr=0&gdpr_consent=&bee_sync_partners=pm&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=3&ev=AAAaCk7JMhkAACA-NRli0w&pid=558502&do=add&gdpr=0 HTTP 303
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAAaCk7JMhkAACA-NRli0w&gdpr=0&gdpr_consent=

Request Chain 386

https://sync.srv.stackadapt.com/sync?nid=11&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=HyGEDPYnWDFb8hkcmLqXflvvztU&gdpr=0&gdpr_consent=

Request Chain 387

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=t7dhQFaGRce9ss46NZA94A%3D%3D&gdpr=0&gdpr_consent= HTTP 302
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=

Request Chain 388

https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=B7B76140-5686-45C7-BDB2-CE3A35903DE0&gdpr=0&gdpr_consent= HTTP 302
https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=B7B76140-5686-45C7-BDB2-CE3A35903DE0&gdpr=0&gdpr_consent=&ct=y

Request Chain 389

https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent= HTTP 307
https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=&bounce=1&random=2190605136

Request Chain 390

https://a.audrte.com/match?gdpr=0&gdpr_consent=&p=M1717054901&uid=B7B76140-5686-45C7-BDB2-CE3A35903DE0 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_hm=MzQ4d2pDVFU3T1JRdWV2MS0tcEgzcDFvZw==&google_redir=https%3A%2F%2Fa.audrte.com%2Fddp%3Fred%3DeyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbeyJuYW1lIjoiYWRmb3JtIn1dfQ%253D%253D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
https://a.audrte.com/ddp?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbeyJuYW1lIjoiYWRmb3JtIn1dfQ%3D%3D&gdpr=0&gdpr_consent= HTTP 302
https://dmp.adform.net/serving/cookie/match/?party=1003&r=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&gdpr=0&gdpr_consent= HTTP 302
https://a.audrte.com/a?adform_uid=976055358127449841&r=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D HTTP 302
https://a.audrte.com/p

Request Chain 391

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=QjdCNzYxNDAtNTY4Ni00NUM3LUJEQjItQ0UzQTM1OTAzREUw&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=

Request Chain 392

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEGWRv0GZWp5Q9lfvJtOlbtY&google_cver=1

Request Chain 394

https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=976055358127449841

Request Chain 395

https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=5e7202d9-6874-499f-945e-f77f754f1896&gdpr=0&gdpr_consent=

Request Chain 396

https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=B7B76140-5686-45C7-BDB2-CE3A35903DE0&redir=true&gdpr=0&gdpr_consent= HTTP 302
https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=B7B76140-5686-45C7-BDB2-CE3A35903DE0&redir=true&gdpr=0&gdpr_consent=&verify=true HTTP 302
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-KcqwIcFE2uWTWgYzWDzyWQsfElqLC.E-~A&gdpr=0

Request Chain 398

https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
https://sync.bumlam.com/?src=bsw2&bsw_ssp=pubmatic&bsw_param=c34bfbe5-d3c8-4220-bb90-84a9e8560152&gdpr=0&gdpr_consent= HTTP 302
https://sync.bumlam.com/?src=bsw2&s_data=CAIQARjImOSkBloJCgRnZHByEgEwWg4KDGdkcHJfY29uc2VudKIBEFhlwzIT1RHuhuAAJZDAZHyqAQhwdWJtYXRpY7IBJGMzNGJmYmU1LWQzYzgtNDIyMC1iYjkwLTg0YTllODU2MDE1Mg** HTTP 302
https://x.bidswitch.net/sync?dsp_id=476&user_id=5865c332-13d5-11ee-86e0-002590c0647c&expires=90&ssp=pubmatic&bsw_param=c34bfbe5-d3c8-4220-bb90-84a9e8560152 HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=c34bfbe5-d3c8-4220-bb90-84a9e8560152&gdpr=&gdpr_consent=&gdpr_pd=

Request Chain 399

https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=B7B76140-5686-45C7-BDB2-CE3A35903DE0&gdpr=0&gdpr_consent= HTTP 302
https://pubmatic-match.dotomi.com/match/bounce/current?DotomiTest=7cac6b470cb5240e&is_secure=true&networkId=17100&version=1&nuid=B7B76140-5686-45C7-BDB2-CE3A35903DE0&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAM-uDbUM85CwNhGQY6AAAAAAA&expiration=1687838153&nuid=B7B76140-5686-45C7-BDB2-CE3A35903DE0&is_secure=true&gdpr_consent=&gdpr=0

Request Chain 400

https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=2992603343639734767&gdpr=0&gdpr_consent=&us_privacy=

Request Chain 419

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJcqOdaRYtCdx4RsXUUIB-0&google_cver=1

Request Chain 420

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZJkMRw7ibFhG2uyiH-3BUQAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJcqOdaRYtCdx4RsXUUIB-0&google_cver=1

Request Chain 421

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESED54lYb5gla2d8xvm6t3zzo&google_cver=1 HTTP 307
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESED54lYb5gla2d8xvm6t3zzo%26google_cver%3D1

Request Chain 422

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTI4MjYzMjMxOTA0ODU5MDAxOA%3D%3D

Request Chain 435

https://pixel.rubiconproject.com/exchange/sync.php?p=16698 HTTP 302
https://sync.taboola.com/sg/rubiconvideo-network/1/rtb-h/?taboola_hm=LJCBTGRE-O-6ART

Request Chain 436

https://pr-bh.ybp.yahoo.com/sync/taboola/330b5701-58b6-480a-9089-cdb23d1bc4ff-tuctb9291c3?gdpr=0&gdpr_consent=&us_privacy= HTTP 302
https://sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/?taboola_hm=y-RqpMTslE2oRFMEhOlckt7hMEiauwYOXQTgAVFw--~A

Request Chain 438

https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_cm&google_sc HTTP 302
https://trc.taboola.com/sg/google-network/1/rtb-h/?taboola_hm=CAESELl9k-JAUtwJvXhnPrrdrWs&google_cver=1

Request Chain 440

https://sync.taboola.com/sg/google-network/1/rtb/?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dtaboola_dbm%26google_sc%26gdpr%3D0%26gdpr_consent%3D&orig=trc HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_sc&gdpr=0&gdpr_consent=&google_hm=330b5701-58b6-480a-9089-cdb23d1bc4ff-tuctb9291c3

Request Chain 441

https://match.adsrvr.org/track/cmf/generic?ttd_pid=054f32o&ttd_tpi=1 HTTP 302
https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=5e7202d9-6874-499f-945e-f77f754f1896

Request Chain 442

https://ce.lijit.com/merge?pid=42&3pid=330b5701-58b6-480a-9089-cdb23d1bc4ff-tuctb9291c3&us_privacy=&gdpr=0&gdpr_consent= HTTP 302
https://ce.lijit.com/merge?pid=42&3pid=330b5701-58b6-480a-9089-cdb23d1bc4ff-tuctb9291c3&us_privacy=&gdpr=0&gdpr_consent=&dnr=1

Request Chain 445

https://dis.criteo.com/dis/usersync.aspx?r=29&p=282&cp=taboolaortb&cu=1&url=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fcriteortb-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%40%40CRITEO_USERID%40%40 HTTP 302
https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=23147ba8-9dce-4280-9b33-0326e7f1884a

Request Chain 446

https://id5-sync.com/s/464/9.gif?puid=330b5701-58b6-480a-9089-cdb23d1bc4ff-tuctb9291c3&gdpr=0&gdpr_consent=&callback=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fid5-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%7BID5UID%7D HTTP 302
https://id5-sync.com/c/464/464/7/1.gif?puid=330b5701-58b6-480a-9089-cdb23d1bc4ff-tuctb9291c3&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
https://sync.mathtag.com/sync/img?mt_exid=10089&mt_exuid=ID5-8382zvmjJAqFuNN4znWypfEIoBKdaZiM67JbDOmiow&redir=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F3%2F6%2F2.gif%3Fpuid%3D%5BUUID%5D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
https://id5-sync.com/c/464/3/6/2.gif?puid=ee416499-0c47-4900-9866-75ceeafb321f&gdpr=0&gdpr_consent= HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=8h9u11h&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
https://id5-sync.com/k/264.gif?puid=5e7202d9-6874-499f-945e-f77f754f1896&ttl=%%TTL%% HTTP 302
https://sync.crwdcntrl.net/map/c=13953/tp=IDFI/gdpr=0/gdpr_consent=?https://id5-sync.com/c/464/19/4/4.gif?puid=${profile_id}&gdpr=0&gdpr_consent= HTTP 302
https://id5-sync.com/c/464/19/4/4.gif?puid=eb6079d1e598c4acd9508a7f7c38cd63&gdpr=0&gdpr_consent= HTTP 302
https://token.rubiconproject.com/token?pid=49266&puid={ID5UID}&gdpr=0&gdpr_consent= HTTP 302
https://id5-sync.com/k/285.gif?puid=LJCBTGRE-O-6ART&gdpr=0 HTTP 302
https://dpm.demdex.net/ibs:dpid=121998&dpuuid=eb6079d1e598c4acd9508a7f7c38cd63&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F485%2F2%2F6.gif%3Fpuid%3D%24%7BDD_UUID%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=121998&dpuuid=eb6079d1e598c4acd9508a7f7c38cd63&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F485%2F2%2F6.gif%3Fpuid%3D%24%7BDD_UUID%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
https://id5-sync.com/c/464/485/2/6.gif?puid=76286581780712167101442776588903371845&gdpr=0&gdpr_consent= HTTP 302
https://x.bidswitch.net/check_uuid/https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F104%2F1%2F7.gif%3Fpuid%3D%24%7BBSW_UUID%7D%26gdpr%3D0%26gdpr_consent%3D?gdpr=0&gdpr_consent= HTTP 302
https://id5-sync.com/c/464/104/1/7.gif?puid=c34bfbe5-d3c8-4220-bb90-84a9e8560152&gdpr=0&gdpr_consent= HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?s=198601&cb=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F165%2F0%2F8.gif%3Fpuid%3D__UID__%26gdpr%3D0%26gdpr_consent%3D&gdpr_consent=&gdpr=0 HTTP 302
https://id5-sync.com/c/464/165/0/8.gif?puid=ZJkMRw7ibFhG2uyiH-3BUQAA%265142&gdpr=0&gdpr_consent= HTTP 302
https://sync.taboola.com/sg/id5-network/1/rtb-h/?taboola_hm=ID5-8382zvmjJAqFuNN4znWypfEIoBKdaZiM67JbDOmiow

Request Chain 447

https://x.bidswitch.net/sync?ssp=taboola&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
https://rtb.mfadsrvr.com/sync?ssp=bidswitch&bidswitch_ssp_id=taboola&bsw_user_id=c34bfbe5-d3c8-4220-bb90-84a9e8560152&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
https://rtb.mfadsrvr.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=taboola&bsw_user_id=c34bfbe5-d3c8-4220-bb90-84a9e8560152&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
https://x.bidswitch.net/sync?dsp_id=250&expires=14&user_id=065d7fef-6ff6-439d-a11b-307399f3e66b&ssp=taboola&gdpr=0 HTTP 302
https://sync-t1.taboola.com/sg/bidswitch-network/1/rtb-h?taboola_hm=c34bfbe5-d3c8-4220-bb90-84a9e8560152&gdpr=0&gdpr_consent=&gdpr_pd=&us_privacy=

Request Chain 448

https://rtb.mfadsrvr.com/sync?ssp=taboola HTTP 302
https://rtb.mfadsrvr.com/ul_cb/sync?ssp=taboola HTTP 302
https://sync.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=804f59f7-bc60-484a-9eed-7698cacb7469 HTTP 302
https://match.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=804f59f7-bc60-484a-9eed-7698cacb7469&tbid=330b5701-58b6-480a-9089-cdb23d1bc4ff-tuctb9291c3&query=taboola_hm%3D804f59f7-bc60-484a-9eed-7698cacb7469&isDirect=0

Request Chain 450

https://eb2.3lift.com/xuid?mid=7772&xuid=330b5701-58b6-480a-9089-cdb23d1bc4ff-tuctb9291c3&dongle=tbla&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
https://eb2.3lift.com/xuid?ld=1&mid=7772&xuid=330b5701-58b6-480a-9089-cdb23d1bc4ff-tuctb9291c3&dongle=tbla&gdpr=0&cmp_cs=&us_privacy=

Request Chain 451

https://sync.srv.stackadapt.com/sync?nid=140 HTTP 302
https://sync.taboola.com/sg/stackadaptrtb-network/1/rtb-h?taboola_hm=HyGEDPYnWDFb8hkcmLqXflvvztU

Request Chain 453

https://u.openx.net/w/1.0/cm?gdpr=0&gdpr_consent=&ph=295bf259-a378-4089-aae8-a2a995ba8627&id=37f45540-fa88-4005-bf73-8a7ac39467e3&r=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fopenxrtb-network%2F1%2Frtb-h%2F%3Fgdpr%3D0%26us_privacy%3D1---%26orig%3Dvideo%26taboola_hm%3D HTTP 302
https://sync-t1.taboola.com/sg/openxrtb-network/1/rtb-h/?gdpr=0&us_privacy=1---&orig=video&taboola_hm=08f6c4d5-d5ca-4f5a-aef9-71664733e5bb

Request Chain 481

https://match.adsby.bidtheatre.com/adxcookie?id=&google_gid=CAESEM9FJCzL_gtRm0F-kxyMypE&google_cver=1&google_push=ATf1kGOPSSIAbnOVNwOZk1eNWapHYVwhYUUqh3iFwOTgk0W363NWy-B8ncDLzYXgtBaq11V11u_U1nWW5Bqun36yVFeqHMQ2D_Kn HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=bt&google_push=ATf1kGOPSSIAbnOVNwOZk1eNWapHYVwhYUUqh3iFwOTgk0W363NWy-B8ncDLzYXgtBaq11V11u_U1nWW5Bqun36yVFeqHMQ2D_Kn

Request Chain 483

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEO_Wkgcvf9U77XvtLlSMiRA&google_cver=1&google_push=ATf1kGN1gbeVK80acyK0hI3zKNsREYuM2UruoKVGE8thXbfVp1ZJy9Ah6Ntg-KRo7HPLSj_kH9nQIHzqTsAfCbv5g_eIlYvSVATD HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEpDQlRHWjYtMVYtTUNSTA==&google_push=ATf1kGN1gbeVK80acyK0hI3zKNsREYuM2UruoKVGE8thXbfVp1ZJy9Ah6Ntg-KRo7HPLSj_kH9nQIHzqTsAfCbv5g_eIlYvSVATD

Request Chain 484

https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dsonobi%26google_push%3DATf1kGNrmJ9toIaAshxrm7EEqs-oyvS2sS_keNgZq8TaxBhp5YvGHf1AgKEMDVdzPVpQZGuKGgAJOC82hpDiJwWOnR2isy75KC0N%26google_hm%3D%5BUID%5D&google_gid=CAESEFIuCRvfQQeE7m7pL34rtt8&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=sonobi&google_push=ATf1kGNrmJ9toIaAshxrm7EEqs-oyvS2sS_keNgZq8TaxBhp5YvGHf1AgKEMDVdzPVpQZGuKGgAJOC82hpDiJwWOnR2isy75KC0N&google_hm=57439a8a-80a9-45d0-800e-78cd74cabc7e

Request Chain 485

https://rtb2-useast.e-volution.ai/sync?exchange=193&google_gid=CAESEHNjqDo9NaqZt8YGFMh2OhI&google_cver=1&google_push=ATf1kGNPLdJ1FRA5EDRO9LoGMt69fWjviRsonqLzJEQKnIfz1-UWXVuJWaXrjbHT2RFWtpp-lyDUja-xI5HpLNkzp5XJv2zeKa6axA HTTP 302
https://dsp.adkernel.com/adkuid?r=https%3A%2F%2Frtb2-useast.e-volution.ai%2Fsync%3Fexchange%3D193%26google_gid%3DCAESEHNjqDo9NaqZt8YGFMh2OhI%26google_cver%3D1%26google_push%3DATf1kGNPLdJ1FRA5EDRO9LoGMt69fWjviRsonqLzJEQKnIfz1-UWXVuJWaXrjbHT2RFWtpp-lyDUja-xI5HpLNkzp5XJv2zeKa6axA HTTP 302
https://rtb2-useast.e-volution.ai/sync?adkuid=A2175767589467416057&exchange=193&google_gid=CAESEHNjqDo9NaqZt8YGFMh2OhI&google_cver=1&google_push=ATf1kGNPLdJ1FRA5EDRO9LoGMt69fWjviRsonqLzJEQKnIfz1-UWXVuJWaXrjbHT2RFWtpp-lyDUja-xI5HpLNkzp5XJv2zeKa6axA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=metup_srl_w_bidswitch&google_hm=QTIxNzU3Njc1ODk0Njc0MTYwNTc&google_push=ATf1kGNPLdJ1FRA5EDRO9LoGMt69fWjviRsonqLzJEQKnIfz1-UWXVuJWaXrjbHT2RFWtpp-lyDUja-xI5HpLNkzp5XJv2zeKa6axA

Request Chain 487

https://an.yandex.ru/mapuid/google/CAESEJ_sa0iY2bkLo6ezmMEhbug?ext-param=ATf1kGNaV4cWBQnG6DLb4G57_y3ekQa5jRxutxDxvDCq4_HB4tRr8RE3R-1UQVSa0zPlTCRi5h4on0w8DGid5UTxvT42FQKgCIEAfg&partner-tag=yandex_ag&google_cver=1 HTTP 302
https://an.yandex.ru/mapuid/google/CAESEJ_sa0iY2bkLo6ezmMEhbug?redir-setuniq=1&ext-param=ATf1kGNaV4cWBQnG6DLb4G57_y3ekQa5jRxutxDxvDCq4_HB4tRr8RE3R-1UQVSa0zPlTCRi5h4on0w8DGid5UTxvT42FQKgCIEAfg&partner-tag=yandex_ag&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yandex_ag&google_hm=CAESEJ_sa0iY2bkLo6ezmMEhbug&google_redir=https%3A%2F%2Fan.yandex.ru%2Fresource%2Fspacer.gif HTTP 302
https://an.yandex.ru/resource/spacer.gif

Request Chain 519

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEE6H8PQVHRz98zUFcTUhGYM&google_cver=1&google_push=ATf1kGNlAH6KwJi8BU6H-QkKyqOMc_OX4EmqOJTzbk7vun23jt6MvjQxyL31ZTre1WQTCJE4ctMfpZbet6aQsnmwN70UnKPijJs HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=OTc2MDU1MzU4MTI3NDQ5ODQx&google_push=ATf1kGNlAH6KwJi8BU6H-QkKyqOMc_OX4EmqOJTzbk7vun23jt6MvjQxyL31ZTre1WQTCJE4ctMfpZbet6aQsnmwN70UnKPijJs

Request Chain 521

https://sync.srv.stackadapt.com/sync?nid=154&google_gid=CAESEF_L3m67cP0wrQX6yStoeMU&google_cver=1&google_push=ATf1kGNPq4ti18JWVHGn-lEQx809haTZKJf5ljIptM-Q1ueIPrz4H-q6WTKJ0ndYbQidJuLqFiLdpgNIxG8G3v2Zr5zer52J4UA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=HyGEDPYnWDFb8hkcmLqXflvvztU&google_push=ATf1kGNPq4ti18JWVHGn-lEQx809haTZKJf5ljIptM-Q1ueIPrz4H-q6WTKJ0ndYbQidJuLqFiLdpgNIxG8G3v2Zr5zer52J4UA

Request Chain 522

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEO_Wkgcvf9U77XvtLlSMiRA&google_cver=1&google_push=ATf1kGMAzV4fC4HEK-u6EXuns7oItlNsiG9w3ypnQorPZjeqN81BUgJgpqNUSX343e5rG2Mi9ircJSdTiAsAAXTN9UWoqA4ugVJa HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEpDQlRIMzgtRi1JUzRQ&google_push=ATf1kGMAzV4fC4HEK-u6EXuns7oItlNsiG9w3ypnQorPZjeqN81BUgJgpqNUSX343e5rG2Mi9ircJSdTiAsAAXTN9UWoqA4ugVJa

Request Chain 523

https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEJ6eJnViK9zxW4LYmXm6mq8&google_cver=1&google_push=ATf1kGOznbIxyorig0Updku3U99QrDMeBb-cvr-BHstjiJObYjVVYnz2rbRcm5eZ2TLv-NjtlXAr6yE8s_NrI-EPSnDeabpZMWc HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_hm=055ac3d2&google_redir=https%3A%2F%2Fs.ad.smaato.net%2Fc%2F%3FadExInit%3Dg&google_push=ATf1kGOznbIxyorig0Updku3U99QrDMeBb-cvr-BHstjiJObYjVVYnz2rbRcm5eZ2TLv-NjtlXAr6yE8s_NrI-EPSnDeabpZMWc

Request Chain 524

https://ssbsync.smartadserver.com/api/sync?callerId=3&google_gid=CAESEDaAN89FtIrTrtD-86TkeH8&google_cver=1&google_push=ATf1kGPBKuw5RLo_SBJg4vXygVKk_2NQP0m7stpRgoFKA4U4pKMidYM_i_BMGMm8ZIbIhG8FxRDdRxpTDdnmD1EBsI2sb_qmCdrz HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_push=ATf1kGPBKuw5RLo_SBJg4vXygVKk_2NQP0m7stpRgoFKA4U4pKMidYM_i_BMGMm8ZIbIhG8FxRDdRxpTDdnmD1EBsI2sb_qmCdrz&google_hm=NDAwODU0NzYxNDEwNDc0Mjc4NA%3D%3D

Request Chain 528

https://pm.w55c.net/ping_match.gif?ei=OPENX&rurl=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072979%26val%3D_wfivefivec_ HTTP 302
https://pm.w55c.net/ping_match.gif?scc=1&ei=OPENX&rurl=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072979%26val%3D_wfivefivec_ HTTP 302
https://eu-u.openx.net/w/1.0/sd?id=537072979&val=yTw0vAQn1QdDkz5

Request Chain 529

https://x.bidswitch.net/sync?ssp=openx HTTP 302
https://ws.rqtrk.eu/pull?pid=6298098f-c92c-4c68-bdfc-f454f26a86ac&redirect=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D193%26user_id%3D%24BROWSER_ID%26gdpr%3D%24GDPR%26gdpr_consent%3D%24GDPR_CONSENT%26expires%3D1%26ssp%3D%24bidswitch_ssp_id&return-unstable=true&eb=&bidswitch_ssp_id=openx&g=1&gdpr_pd=&gdpr=&gdpr_consent= HTTP 302
https://x.bidswitch.net/sync?dsp_id=193&user_id=&gdpr=0&gdpr_consent=&expires=1&ssp=openx HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072968&val=c34bfbe5-d3c8-4220-bb90-84a9e8560152&gdpr=0&gdpr_consent=&us_privacy=

Request Chain 530

https://ib.adnxs.com/getuid?https://eu-u.openx.net/w/1.0/sd?id=537072399&val=$UID HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072399%26val%3D%24UID HTTP 302
https://eu-u.openx.net/w/1.0/sd?id=537072399&val=7968148166034222670

Request Chain 531

https://match.prod.bidr.io/cookie-sync/ox HTTP 303
https://match.prod.bidr.io/cookie-sync/ox?_bee_ppp=1 HTTP 303
https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFBYUNrN0pNaGtBQUNBLU5SbGkwdw&bee_sync_partners=pm%2Csas%2Cpp%2Cox&bee_sync_current_partner=adx&bee_sync_initiator=ox&bee_sync_hop_count=1 HTTP 302
https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pm%2Csas%2Cpp%2Cox&bee_sync_current_partner=adx&bee_sync_initiator=ox&bee_sync_hop_count=1 HTTP 303
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAAaCk7JMhkAACA-NRli0w&r=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dsas%252Cpp%252Cox%26bee_sync_current_partner%3Dpm%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D2 HTTP 302
https://match.prod.bidr.io/cookie-sync?bee_sync_partners=sas%2Cpp%2Cox&bee_sync_current_partner=pm&bee_sync_initiator=adx&bee_sync_hop_count=2 HTTP 303
https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AAAaCk7JMhkAACA-NRli0w&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dpp%252Cox%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D3%26userid%3DSMART_USER_ID HTTP 302
https://match.prod.bidr.io/cookie-sync?bee_sync_partners=pp%2Cox&bee_sync_current_partner=sas&bee_sync_initiator=adx&bee_sync_hop_count=3&userid=4008547614104742784 HTTP 303
https://bh.contextweb.com/bh/rtset?do=add&pid=558502&ev=AAAaCk7JMhkAACA-NRli0w&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fuserid%3D4008547614104742784%26bee_sync_partners%3Dox%26bee_sync_current_partner%3Dpp%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D4 HTTP 302
https://match.prod.bidr.io/cookie-sync?userid=4008547614104742784&bee_sync_partners=ox&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=4&ev=AAAaCk7JMhkAACA-NRli0w&pid=558502&do=add HTTP 303
https://us-u.openx.net/w/1.0/sd?id=537125688&val=AAAaCk7JMhkAACA-NRli0w

Request Chain 532

https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D HTTP 302
https://eu-u.openx.net/w/1.0/sd?id=536872786&val=ee416499-0c47-4900-9866-75ceeafb321f

Request Chain 534

https://c1.adform.net/serving/cookie/match?party=22 HTTP 302
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=976055358127449841

Request Chain 535

https://match.adsrvr.org/track/cmf/openx?oxid=8fcc27f6-3fcb-7e0d-dc57-70e0e64e410f&gdpr=0 HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072971&val=5e7202d9-6874-499f-945e-f77f754f1896&ttd_puid=8fcc27f6-3fcb-7e0d-dc57-70e0e64e410f&gdpr=0&gdpr_consent=

Request Chain 537

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEBkdEKetsQEY9V3V1hoTc9o&google_cver=1

Request Chain 542

https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEOgDz6QeQSqqhlYuP4bzu1k&google_cver=1&google_push=ATf1kGMH-Nk7uFaL3mmX_F0gsYNksxPTQbFEDUq2WnzkBDN5i1dCzYHs1tgd9KVZX7DJ2G4cdvFxkEXwD3qxaO3IPao1IEPPzgts HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=ATf1kGMH-Nk7uFaL3mmX_F0gsYNksxPTQbFEDUq2WnzkBDN5i1dCzYHs1tgd9KVZX7DJ2G4cdvFxkEXwD3qxaO3IPao1IEPPzgts&google_hm=w0v75dPIQiC7kISp6FYBUg==

Request Chain 543

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEE6H8PQVHRz98zUFcTUhGYM&google_cver=1&google_push=ATf1kGPPlRJbrgJ9aZCQqEUI691u5MyF_9ggIKrJDRz3OJnOO8EMV4miGkcRfF7O8R4VRnyJGjDI_1-QluUkVKBzfjcvSpMEkW91 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=OTc2MDU1MzU4MTI3NDQ5ODQx&google_push=ATf1kGPPlRJbrgJ9aZCQqEUI691u5MyF_9ggIKrJDRz3OJnOO8EMV4miGkcRfF7O8R4VRnyJGjDI_1-QluUkVKBzfjcvSpMEkW91

Request Chain 544

https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEIjVwys9dnRFRpUNjY0Ynd8&google_cver=1&google_push=ATf1kGPJYdWIivEu2zgYXcGVkp8t0Oxpg7tgaV6P7n1JcBLhIpAHzV6rMMa1eKlykuFVVpSckUpkrof8N7PBrDM7ttCCvvQ8TtU HTTP 302
https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=0&gdpr_consent=&us_privacy=&sync=1&google_push=ATf1kGPJYdWIivEu2zgYXcGVkp8t0Oxpg7tgaV6P7n1JcBLhIpAHzV6rMMa1eKlykuFVVpSckUpkrof8N7PBrDM7ttCCvvQ8TtU&google_gid=CAESEIjVwys9dnRFRpUNjY0Ynd8 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MzU1ODExNTI1ODMyNzQxNjEzODYyNQ%3D%3D&google_push=ATf1kGPJYdWIivEu2zgYXcGVkp8t0Oxpg7tgaV6P7n1JcBLhIpAHzV6rMMa1eKlykuFVVpSckUpkrof8N7PBrDM7ttCCvvQ8TtU

Request Chain 546

https://rtb2-useast.e-volution.ai/sync?exchange=193&google_gid=CAESEHNjqDo9NaqZt8YGFMh2OhI&google_cver=1&google_push=ATf1kGMYwSbhvpNyp16BnIlcI7Unsld7r2pvm9PglAzcVVFdnYze_nWxZov6oQ1WYzAAjm40FvJTWzJsEuzS1yV7wnCXJpkMfNfE2w HTTP 302
https://dsp.adkernel.com/adkuid?r=https%3A%2F%2Frtb2-useast.e-volution.ai%2Fsync%3Fexchange%3D193%26google_gid%3DCAESEHNjqDo9NaqZt8YGFMh2OhI%26google_cver%3D1%26google_push%3DATf1kGMYwSbhvpNyp16BnIlcI7Unsld7r2pvm9PglAzcVVFdnYze_nWxZov6oQ1WYzAAjm40FvJTWzJsEuzS1yV7wnCXJpkMfNfE2w HTTP 302
https://rtb2-useast.e-volution.ai/sync?adkuid=A7818322809194813312&exchange=193&google_gid=CAESEHNjqDo9NaqZt8YGFMh2OhI&google_cver=1&google_push=ATf1kGMYwSbhvpNyp16BnIlcI7Unsld7r2pvm9PglAzcVVFdnYze_nWxZov6oQ1WYzAAjm40FvJTWzJsEuzS1yV7wnCXJpkMfNfE2w HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=metup_srl_w_bidswitch&google_hm=QTc4MTgzMjI4MDkxOTQ4MTMzMTI&google_push=ATf1kGMYwSbhvpNyp16BnIlcI7Unsld7r2pvm9PglAzcVVFdnYze_nWxZov6oQ1WYzAAjm40FvJTWzJsEuzS1yV7wnCXJpkMfNfE2w

Request Chain 548

https://sync.teads.tv/um?eid=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEGMY8ghtrFuTYK4JHarIw-0&google_cver=1&google_push=ATf1kGOIfrOZxv-Kfizvn0vVqvjdMnh8KKVzVqRvtcZ8_rlp33y6QgqEff11lemESdSQIZOfOUjjDHV-J3UydL6L1M6-3eguopoafA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=OTYwNDljMWItNDQwYS00NzNlLWExOTYtNTgzNTA2NjcxYWNk&google_push=ATf1kGOIfrOZxv-Kfizvn0vVqvjdMnh8KKVzVqRvtcZ8_rlp33y6QgqEff11lemESdSQIZOfOUjjDHV-J3UydL6L1M6-3eguopoafA HTTP 302
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab

Request Chain 557

https://c1.adform.net/serving/cookie/match?party=22 HTTP 302
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=976055358127449841

Request Chain 558

https://match.adsrvr.org/track/cmf/openx?oxid=8fcc27f6-3fcb-7e0d-dc57-70e0e64e410f&gdpr=0 HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072971&val=5e7202d9-6874-499f-945e-f77f754f1896&ttd_puid=8fcc27f6-3fcb-7e0d-dc57-70e0e64e410f&gdpr=0&gdpr_consent=

Request Chain 560

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEBkdEKetsQEY9V3V1hoTc9o&google_cver=1

Request Chain 577

https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent= HTTP 302
https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=&_test=ZJkMSQAUqx6qsgBa

Request Chain 579

https://cm-supply-web.gammaplatform.com/adx/usersyncsupply?pid=7&t=pixel HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTkmdGw9NDMyMDA=&piggybackCookie=e5fufkphy0lk

Request Chain 581

https://csync.loopme.me/?pubid=11331&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={viewer_token} HTTP 307
https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}

Request Chain 583

https://ad.mrtnsvr.com/sync/pubmatic?gdpr=0&gdpr_consent= HTTP 302
https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0NTgmdGw9MTI5NjAw%26piggybackCookie%3D%23PM_USER_ID%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTgmdGw9MTI5NjAw&piggybackCookie=B7B76140-5686-45C7-BDB2-CE3A35903DE0&gdpr=0&gdpr_consent=

Request Chain 584

https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID} HTTP 302
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}

Request Chain 585

https://green.erne.co/pubmatic/cm?gdpr=0&gdpr_consent= HTTP 302
https://pixel-eu.onaudience.com/?partner=270&smartmap=1&gdpr=0&gdpr_consent=&redirect=image2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%26piggybackCookie%3D%25_rid%26gdpr%3D0%26gdpr_consent%3D%25_gdpr_consent HTTP 302
https://sync.crwdcntrl.net/map/c=14544/tp=BIDB/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel-eu.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%24%7Bgdpr%7D%26redirect%3Dhttps%253A%252F%252Fimage2.pubmatic.com%252FAdServer%252FPug%253Fvcode%253Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%2526piggybackCookie%253DNOvcHvPGbYSSSVgjVnaSbVVT%2526gdpr%253D0%2526gdpr_consent%253D HTTP 302
https://pixel-eu.onaudience.com/?partner=104&icm&cver&mapped=eb6079d1e598c4acd9508a7f7c38cd63&gdpr=0&redirect=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%26piggybackCookie%3DNOvcHvPGbYSSSVgjVnaSbVVT%26gdpr%3D0%26gdpr_consent%3D HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=NOvcHvPGbYSSSVgjVnaSbVVT&gdpr=0&gdpr_consent=

Request Chain 586

https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent= HTTP 302
https://sync.1rx.io/usersync2/pubmatic?zcc=1&cb=1687751756189 HTTP 302
https://ad.turn.com/r/cs?pid=45&rndcb=3348667192 HTTP 302
https://sync.1rx.io/usersync/turn/2992603343639734767?dspret=1&gdpr=&gdpr_consent=&us_privacy= HTTP 302
https://sync.targeting.unrulymedia.com/csync/RX-47b4185a-ff3c-4292-8bff-911bcd673d4e-003?redir=https%3A%2F%2Fsync.taboola.com%2Fsg%2Funrulyrtb-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%5BUSER-ID%5D HTTP 302
https://sync.taboola.com/sg/unrulyrtb-network/1/rtb-h/?taboola_hm=[USER-ID]

Request Chain 588

https://um.simpli.fi/pm_match?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:CD423BBAA38141F985F3DA759A9DEA53&gdpr=0&gdpr_consent=

Request Chain 590

https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=B7B76140-5686-45C7-BDB2-CE3A35903DE0&sInitiator=external&gdpr=0&gdpr_consent= HTTP 302
https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=B7B76140-5686-45C7-BDB2-CE3A35903DE0&sInitiator=external&gdpr=0&gdpr_consent=

Request Chain 591

https://pixel.onaudience.com/?partner=214&mapped=B7B76140-5686-45C7-BDB2-CE3A35903DE0&gdpr=0&gdpr_consent= HTTP 302
https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=a3b60065c433c383/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%24%7Bgdpr%7D HTTP 302
https://pixel.onaudience.com/?partner=104&icm&cver&mapped=eb6079d1e598c4acd9508a7f7c38cd63&gdpr=0 HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=0 HTTP 302
https://pixel.onaudience.com/?partner=147&mapped=5e7202d9-6874-499f-945e-f77f754f1896&icm&gdpr=0&gdpr_consent=&cver HTTP 302
https://spl.zeotap.com/?zdid=1332&zcluid=138885ac5e081557 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=a8ac3d4d-87d7-4f06-4c69-6ba801c2667f&reqId=3ae5d74a-7cb8-4cc5-6494-36e858e887be&zcluid=138885ac5e081557&zdid=1332 HTTP 302
https://mwzeom.zeotap.com/mw?google_gid=CAESEHR6g7qzvUwnsHEwH_j1vW4&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=a8ac3d4d-87d7-4f06-4c69-6ba801c2667f&reqId=3ae5d74a-7cb8-4cc5-6494-36e858e887be&zcluid=138885ac5e081557&zdid=1332

Request Chain 592

https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent= HTTP 302
https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=3&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=a916684b-f1ee-4080-9a73-71a298175d5e-64990c4a-4745&gdpr=0&gdpr_consent=

Request Chain 593

https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:33646a60-a0e0-48bc-acf9-e332e5974af6&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw

Request Chain 594

https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 307
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA%3D%26piggybackCookie%3D%24UID HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=731412336073080856

Request Chain 597

https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=B7B76140-5686-45C7-BDB2-CE3A35903DE0&sInitiator=external&gdpr=0&gdpr_consent= HTTP 302
https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=B7B76140-5686-45C7-BDB2-CE3A35903DE0&sInitiator=external&gdpr=0&gdpr_consent=

Request Chain 598

https://pixel.onaudience.com/?partner=214&mapped=B7B76140-5686-45C7-BDB2-CE3A35903DE0&gdpr=0&gdpr_consent= HTTP 302
https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=0e548bed4a7d0c1f/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%24%7Bgdpr%7D HTTP 302
https://pixel.onaudience.com/?partner=104&icm&cver&mapped=eb6079d1e598c4acd9508a7f7c38cd63&gdpr=0 HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=0 HTTP 302
https://pixel.onaudience.com/?partner=147&mapped=5e7202d9-6874-499f-945e-f77f754f1896&icm&gdpr=0&gdpr_consent=&cver HTTP 302
https://pixel.onaudience.com/?partner=282&icm&cver&gdpr=0&smartmap=1&redirect=stags.bluekai.com%2Fsite%2F52799%3Fid%3D%25m HTTP 302
https://stags.bluekai.com/site/52799?id=74ab22c3875bcc54

Request Chain 600

https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent= HTTP 302
https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=3&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=a916684b-f1ee-4080-9a73-71a298175d5e-64990c4a-4745&gdpr=0&gdpr_consent=

Request Chain 601

https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent= HTTP 302
https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=&_test=ZJkMSQAUhZt7UgAn

Request Chain 603

https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:4d0ab125-1d2f-495a-834a-264dbef3e17e&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw

Request Chain 604

https://cm-supply-web.gammaplatform.com/adx/usersyncsupply?pid=7&t=pixel HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTkmdGw9NDMyMDA=&piggybackCookie=kpaeefqc7wtk

Request Chain 606

https://csync.loopme.me/?pubid=11331&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={viewer_token} HTTP 307
https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}

Request Chain 608

https://ad.mrtnsvr.com/sync/pubmatic?gdpr=0&gdpr_consent= HTTP 302
https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0NTgmdGw9MTI5NjAw%26piggybackCookie%3D%23PM_USER_ID%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTgmdGw9MTI5NjAw&piggybackCookie=B7B76140-5686-45C7-BDB2-CE3A35903DE0&gdpr=0&gdpr_consent=

Request Chain 609

https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID} HTTP 302
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}

Request Chain 610

https://green.erne.co/pubmatic/cm?gdpr=0&gdpr_consent= HTTP 302
https://pixel-eu.onaudience.com/?partner=270&smartmap=1&gdpr=0&gdpr_consent=&redirect=image2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%26piggybackCookie%3D%25_rid%26gdpr%3D0%26gdpr_consent%3D%25_gdpr_consent HTTP 302
https://sync.crwdcntrl.net/map/c=14544/tp=BIDB/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel-eu.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%24%7Bgdpr%7D%26redirect%3Dhttps%253A%252F%252Fimage2.pubmatic.com%252FAdServer%252FPug%253Fvcode%253Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%2526piggybackCookie%253DNOvcHvPGbYSSSVgjVnaSbVVT%2526gdpr%253D0%2526gdpr_consent%253D HTTP 302
https://pixel-eu.onaudience.com/?partner=104&icm&cver&mapped=eb6079d1e598c4acd9508a7f7c38cd63&gdpr=0&redirect=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%26piggybackCookie%3DNOvcHvPGbYSSSVgjVnaSbVVT%26gdpr%3D0%26gdpr_consent%3D HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=NOvcHvPGbYSSSVgjVnaSbVVT&gdpr=0&gdpr_consent=

Request Chain 611

https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent= HTTP 302
https://sync.1rx.io/usersync2/pubmatic?zcc=1&cb=1687751756189 HTTP 302
https://ad.turn.com/r/cs?pid=45&rndcb=8944876365 HTTP 302
https://sync.1rx.io/usersync/turn/2992603343639734767?dspret=1&gdpr=&gdpr_consent=&us_privacy= HTTP 302
https://sync.targeting.unrulymedia.com/csync/RX-47b4185a-ff3c-4292-8bff-911bcd673d4e-003?redir=https%3A%2F%2Fsync.taboola.com%2Fsg%2Funrulyrtb-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%5BUSER-ID%5D HTTP 302
https://sync.taboola.com/sg/unrulyrtb-network/1/rtb-h/?taboola_hm=[USER-ID]

Request Chain 613

https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 307
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA%3D%26piggybackCookie%3D%24UID HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=762049451042691692

Request Chain 614

https://um.simpli.fi/pm_match?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:5E559732D1B34DA098A357D5B454401E&gdpr=0&gdpr_consent=

Request Chain 618

https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=B7B76140-5686-45C7-BDB2-CE3A35903DE0&sInitiator=external&gdpr=0&gdpr_consent= HTTP 302
https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=B7B76140-5686-45C7-BDB2-CE3A35903DE0&sInitiator=external&gdpr=0&gdpr_consent=

Request Chain 619

https://pixel.onaudience.com/?partner=214&mapped=B7B76140-5686-45C7-BDB2-CE3A35903DE0&gdpr=0&gdpr_consent= HTTP 302
https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=138885ac5e081557/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%24%7Bgdpr%7D HTTP 302
https://pixel.onaudience.com/?partner=104&icm&cver&mapped=eb6079d1e598c4acd9508a7f7c38cd63&gdpr=0 HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=0 HTTP 302
https://pixel.onaudience.com/?partner=147&mapped=5e7202d9-6874-499f-945e-f77f754f1896&icm&gdpr=0&gdpr_consent=&cver

Request Chain 621

https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent= HTTP 302
https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=3&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=a916684b-f1ee-4080-9a73-71a298175d5e-64990c4a-4745&gdpr=0&gdpr_consent=

Request Chain 622

https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent= HTTP 302
https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=&_test=ZJkMSQAUrCqqsQBa

Request Chain 624

https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:a4def9fa-76ee-464c-9d3b-a544bf32ab96&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw

Request Chain 625

https://cm-supply-web.gammaplatform.com/adx/usersyncsupply?pid=7&t=pixel HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTkmdGw9NDMyMDA=&piggybackCookie=a6tml745w70l

Request Chain 627

https://csync.loopme.me/?pubid=11331&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={viewer_token} HTTP 307
https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}

Request Chain 629

https://ad.mrtnsvr.com/sync/pubmatic?gdpr=0&gdpr_consent= HTTP 302
https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0NTgmdGw9MTI5NjAw%26piggybackCookie%3D%23PM_USER_ID%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTgmdGw9MTI5NjAw&piggybackCookie=B7B76140-5686-45C7-BDB2-CE3A35903DE0&gdpr=0&gdpr_consent=

Request Chain 630

https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID} HTTP 302
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}

Request Chain 631

https://green.erne.co/pubmatic/cm?gdpr=0&gdpr_consent= HTTP 302
https://pixel-eu.onaudience.com/?partner=270&smartmap=1&gdpr=0&gdpr_consent=&redirect=image2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%26piggybackCookie%3D%25_rid%26gdpr%3D0%26gdpr_consent%3D%25_gdpr_consent HTTP 302
https://sync.crwdcntrl.net/map/c=14544/tp=BIDB/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel-eu.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%24%7Bgdpr%7D%26redirect%3Dhttps%253A%252F%252Fimage2.pubmatic.com%252FAdServer%252FPug%253Fvcode%253Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%2526piggybackCookie%253DNOvcHvPGbYSSSVgjVnaSbVVT%2526gdpr%253D0%2526gdpr_consent%253D HTTP 302
https://pixel-eu.onaudience.com/?partner=104&icm&cver&mapped=eb6079d1e598c4acd9508a7f7c38cd63&gdpr=0&redirect=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%26piggybackCookie%3DNOvcHvPGbYSSSVgjVnaSbVVT%26gdpr%3D0%26gdpr_consent%3D HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=NOvcHvPGbYSSSVgjVnaSbVVT&gdpr=0&gdpr_consent=

Request Chain 632

https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent= HTTP 302
https://sync.1rx.io/usersync2/pubmatic?zcc=1&cb=1687751756189 HTTP 302
https://ad.turn.com/r/cs?pid=45&rndcb=3315769291 HTTP 302
https://sync.1rx.io/usersync/turn/2992603343639734767?dspret=1&gdpr=&gdpr_consent=&us_privacy= HTTP 302
https://sync.targeting.unrulymedia.com/csync/RX-47b4185a-ff3c-4292-8bff-911bcd673d4e-003?redir=https%3A%2F%2Fsync.taboola.com%2Fsg%2Funrulyrtb-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%5BUSER-ID%5D HTTP 302
https://sync.taboola.com/sg/unrulyrtb-network/1/rtb-h/?taboola_hm=[USER-ID]

Request Chain 634

https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 307
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA%3D%26piggybackCookie%3D%24UID HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=8118729449218215871

Request Chain 635

https://um.simpli.fi/pm_match?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:3C7ADA27E19747F19F42274F7BBBD430&gdpr=0&gdpr_consent=

Request Chain 668

https://ads.stickyadstv.com/user-matching?id=3570&gdpr=gdpr=0&&gdpr_consent= HTTP 302
https://sync.taboola.com/sg/freewheelrtb-network/1/rtb-h?taboola_hm=40702615c8b07bf058df622541201fb4&gdpr_consent=&gdpr=gdpr%3D0

Request Chain 669

https://sync.1rx.io/usersync2/rmpssp?sub=taboola HTTP 302
https://sync.1rx.io/usersync2/rmpssp?sub=taboola&zcc=1&cb=1687751756190 HTTP 302
https://ad.turn.com/r/cs?pid=45&rndcb=1455450389 HTTP 302
https://sync.1rx.io/usersync/turn/2992603343639734767?dspret=1&gdpr=&gdpr_consent=&us_privacy= HTTP 302
https://sync.targeting.unrulymedia.com/csync/RX-47b4185a-ff3c-4292-8bff-911bcd673d4e-003?redir=https%3A%2F%2Fsync.taboola.com%2Fsg%2Funrulyrtb-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%5BUSER-ID%5D HTTP 302
https://sync.taboola.com/sg/unrulyrtb-network/1/rtb-h/?taboola_hm=[USER-ID]

694 HTTP transactions
7 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request / Show response
www.sanook.com/women/220941/
Redirect Chain

https://www.sanook.com/home/25321/
https://www.sanook.com/women/220941/

276 KB
47 KB

360ms
360ms

Document
text/html

203.151.128.172
INET-TH-AS Intern...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.sanook.com/women/220941/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

203.151.128.172 Mueang Samut Prakan, Thailand, ASN4618 (INET-TH-AS Internet Thailand Company Limited, TH),

Reverse DNS

172.128.151.203.sta.inet.co.th

Software

nginx /

Resource Hash

9f48a628f00097f08cc08db80935c0d88a744f32ed5db43c88d27ba81a3e99d8

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains;

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: ka-GE,ka;q=0.9

Response headers

Cache-Control: public, s-maxage=15, max-age=5, must-revalidate
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html; charset=utf-8
Date: Mon, 26 Jun 2023 03:55:44 GMT
Proxy-Cache-Status: MISS
SN-Cache-Status: HIT
Server: nginx
Strict-Transport-Security: max-age=15724800; includeSubDomains;
Transfer-Encoding: chunked
Vary: Accept-Encoding User-Agent
X-Cache-Status: MISS
X-Ua-Device: desktop
X-Ua-Exp: notset
X-Ua-Key: cover_display
X-Ua-Type: human

Redirect headers

Cache-Control: public, s-maxage=15, max-age=5, must-revalidate
Connection: keep-alive
Content-Length: 58
Content-Type: text/plain; charset=utf-8
Date: Mon, 26 Jun 2023 03:55:44 GMT
Location: https://www.sanook.com/women/220941/
Proxy-Cache-Status: MISS
SN-Cache-Status: HIT
Server: nginx
Strict-Transport-Security: max-age=15724800; includeSubDomains;
Vary: User-Agent, Accept-Encoding
X-Cache-Status: MISS
X-Ua-Device: desktop
X-Ua-Exp: notset
X-Ua-Key: cover_display
X-Ua-Type: human

GET
H2 200 pubmatic_desktop.1.0.0.js Show response
s.isanook.com/sh/0/js/ 1 KB
741 B 1307ms
224ms Script
application/javascript 43.152.29.12
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to

Full URL: https://s.isanook.com/sh/0/js/pubmatic_desktop.1.0.0.js
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/women/220941/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 43.152.29.12 , Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: Lego Server /
Resource Hash: f5c2cea9fb4541a86979fdf18bb69f11555678d14a9d0b9be1758b65d180553b

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Jun 2023 05:04:19 GMT
content-encoding: gzip
x-cache-lookup: Cache Hit, Hit From Inner Cluster
last-modified: Wed, 16 May 2018 08:30:09 GMT
server: Lego Server
age: 0
etag: W/"5afbec11-43f"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000, s-maxage=10
x-nws-log-uuid: 4393203388682896627
accept-ranges: bytes
content-length: 550
expires: Fri, 14 Jul 2023 05:04:19 GMT

GET
H2 200 publishertag.js Show response
static.criteo.net/js/ld/ 126 KB
41 KB 503ms
216ms Script
text/javascript 178.250.1.3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.js

Requested by

Host: www.sanook.com
URL: https://www.sanook.com/women/220941/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

ce42adf01899c970e7e1791dc9c4665f8307e40bc6dc1dc7fd20041b8f5f44a6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Jun 2023 03:55:45 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 31 May 2023 13:09:50 GMT
server: nginx
etag: W/"6477471e-1f8af"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Tue, 27 Jun 2023 03:55:45 GMT

GET
H2 200 beacon.v1.js Show response
p3.isanook.com/sh/0/js/ 375 B
617 B 760ms
142ms Script
application/javascript 43.152.29.11
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to

Full URL: https://p3.isanook.com/sh/0/js/beacon.v1.js
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/women/220941/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 43.152.29.11 , Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: Lego Server /
Resource Hash: 5b0a1c9fa55b83f6c2baabc1ff99f48a43294126d03299226c166fb461520305

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 26 May 2023 08:44:39 GMT
content-encoding: gzip
x-cache-lookup: Cache Hit, Hit From Inner Cluster
last-modified: Thu, 28 Nov 2013 06:56:15 GMT
server: Lego Server
age: 1501638
etag: "5296e90f-177"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000, s-maxage=10
x-nws-log-uuid: 15447746580313239477
accept-ranges: bytes
content-length: 266
expires: Sun, 25 Jun 2023 08:44:39 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 225 KB
73 KB 435ms
151ms Script
application/javascript 142.250.186.104
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-PNXLXRS

Requested by

Host: www.sanook.com
URL: https://www.sanook.com/women/220941/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.104 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

a18821c1ae205190b65c272d41afadfa095148f5459721dd62f833e473f35aa0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Jun 2023 03:55:45 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 74454
x-xss-protection: 0
last-modified: Mon, 26 Jun 2023 03:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 26 Jun 2023 03:55:45 GMT

GET
H2 200 d0004449.js Show response
lvs2.truehits.in.th/dataa/ 9 KB
9 KB 977ms
328ms Script
application/x-javascript 203.154.58.214
INET-TH-AS Intern...

General

Check archive.org

Show headers Download Go to

Full URL: https://lvs2.truehits.in.th/dataa/d0004449.js
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/women/220941/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 203.154.58.214 , Thailand, ASN4618 (INET-TH-AS Internet Thailand Company Limited, TH),
Reverse DNS: 203-154-58-214.northern.inet.co.th
Software: nginx/1.23.3 /
Resource Hash: 87bf38e637a4b0c69d9a299cdadf28ee022b1fa73041d49ef9fc0d0a2e3bec6c

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Jun 2023 03:55:45 GMT
last-modified: Thu, 22 Jun 2023 07:02:00 GMT
server: nginx/1.23.3
p3p: CP=NOI DSP COR NID ADMa OUR IND NAV; policyref="/w3c/p3p.xml"
content-type: application/x-javascript
cache-control: max-age=604800
content-length: 8719
expires: Mon, 3 Jul 2023 3:55:45 GMT

GET
H/1.1 200
OK a102.js Show response
sal.isanook.com/js/ 23 KB
10 KB 3253ms
316ms Script
application/javascript 203.151.133.6
INET-TH-AS Intern...

General

Check archive.org

Show headers Download Go to

Full URL: https://sal.isanook.com/js/a102.js
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/women/220941/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 203.151.133.6 Mueang Samut Prakan, Thailand, ASN4618 (INET-TH-AS Internet Thailand Company Limited, TH),
Reverse DNS: 6.134.151.203.sta.inet.co.th
Software: nginx /
Resource Hash: 65a2c51a124c9c70ba2658a101e28c00535c64651897577b2ed90693e9aeabd4

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 26 Jun 2023 03:55:48 GMT
Content-Encoding: gzip
Last-Modified: Mon, 10 Aug 2020 09:23:14 GMT
Server: nginx
ETag: W/"5f311202-5de3"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=2592000
Connection: keep-alive
Expires: Wed, 26 Jul 2023 03:55:48 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 112 KB
29 KB 432ms
139ms Script
application/x-javascript 157.240.0.6
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.sanook.com
URL: https://www.sanook.com/women/220941/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

157.240.0.6 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-02-fra3.fbcdn.net

Software

Resource Hash

21d4a80744b439cb8dd504b6d5f1dd6fd9fe1ddcca9e46ab98d156f51e893c1b

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Mon, 26 Jun 2023 03:55:45 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 28307
x-xss-protection: 0
pragma: public
x-fb-debug: U7gFmf9hGPrXUOuG01ptCRC69c6YaL6SgSP2EDsknNM5ivv3YI2/d7AihRSps4E8pY7Jr0Gi1s3n/rWxNcxkHA==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 bc1a5e788a33746f4adc.css
s.isanook.com/sr/0/_next/static/css/ 42 KB
9 KB 1190ms
131ms Stylesheet
text/css 43.152.29.12
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to

Full URL: https://s.isanook.com/sr/0/_next/static/css/bc1a5e788a33746f4adc.css
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/women/220941/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 43.152.29.12 , Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: Lego Server /
Resource Hash: 63f76efdf34dcee17d568b373f3b6616322a133cf8299dec72a3f9e74789e363

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 12 Jun 2023 05:08:20 GMT
content-encoding: gzip
x-cache-lookup: Cache Hit, Hit From Inner Cluster
last-modified: Fri, 09 Jun 2023 10:07:27 GMT
server: Lego Server
age: 0
etag: W/"6482f9df-a6ad"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=2592000
x-nws-log-uuid: 16580693918030419689
accept-ranges: bytes
content-length: 8901
expires: Wed, 12 Jul 2023 05:08:20 GMT

GET
H2 200 1216-75cdf64a6bee3b4a0f08.js Show response
s.isanook.com/sr/0/_next/static/chunks/ 7 KB
3 KB 1064ms
225ms Script
application/javascript 43.152.29.12
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to

Full URL: https://s.isanook.com/sr/0/_next/static/chunks/1216-75cdf64a6bee3b4a0f08.js
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/women/220941/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 43.152.29.12 , Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: Lego Server /
Resource Hash: c874f708f5b975cd971bc4b89f3a432a46121a549273f79c0e1363ef54001157

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Jun 2023 20:04:42 GMT
content-encoding: gzip
x-cache-lookup: Cache Hit, Hit From Inner Cluster
last-modified: Tue, 13 Jun 2023 06:22:51 GMT
server: Lego Server
age: 0
etag: W/"64880b3b-1ad7"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000
x-nws-log-uuid: 13953862567853135809
accept-ranges: bytes
content-length: 2537
expires: Fri, 14 Jul 2023 20:04:42 GMT

GET
H2 200 617-5cad0d06573dab8c8b0a.js Show response
s.isanook.com/sr/0/_next/static/chunks/ 16 KB
5 KB 1053ms
214ms Script
application/javascript 43.152.29.12
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to

Full URL: https://s.isanook.com/sr/0/_next/static/chunks/617-5cad0d06573dab8c8b0a.js
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/women/220941/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 43.152.29.12 , Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: Lego Server /
Resource Hash: 68551662722fe4ed510f4d33fd3aee3dea77c47dff7584e8c50d1dc9241f22df

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 15 Jun 2023 07:46:27 GMT
content-encoding: gzip
x-cache-lookup: Cache Hit, Hit From Inner Cluster
last-modified: Thu, 15 Jun 2023 02:53:38 GMT
server: Lego Server
age: 0
etag: W/"648a7d32-3fa3"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000, s-maxage=10
x-nws-log-uuid: 12200032528173266327
accept-ranges: bytes
content-length: 4581
expires: Sat, 15 Jul 2023 07:46:27 GMT

GET
H2 200 5886-0250f3a1d32ffcdd3e37.js Show response
s.isanook.com/sr/0/_next/static/chunks/ 80 KB
26 KB 1064ms
225ms Script
application/javascript 43.152.29.12
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to

Full URL: https://s.isanook.com/sr/0/_next/static/chunks/5886-0250f3a1d32ffcdd3e37.js
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/women/220941/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 43.152.29.12 , Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: Lego Server /
Resource Hash: 0efc2b3150feea54abc6285d834aaea36661ffd5acb56047656748c731d12330

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 15:57:26 GMT
content-encoding: gzip
x-cache-lookup: Cache Hit, Hit From Inner Cluster
last-modified: Thu, 15 Jun 2023 02:53:37 GMT
server: Lego Server
age: 0
etag: W/"648a7d31-14109"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000
x-nws-log-uuid: 4272090438265820607
accept-ranges: bytes
content-length: 26131
expires: Mon, 17 Jul 2023 15:57:26 GMT

GET
H2 200 5616-5f8425f3631c502b5b56.js Show response
s.isanook.com/sr/0/_next/static/chunks/ 9 KB
3 KB 738ms
225ms Script
application/javascript 43.152.29.12
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to

Full URL: https://s.isanook.com/sr/0/_next/static/chunks/5616-5f8425f3631c502b5b56.js
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/women/220941/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 43.152.29.12 , Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: Lego Server /
Resource Hash: be670c3d3cc9021e3e244a863bd36f5c685a09f46cffefdb930b9fefee0fec0e

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 18 Jun 2023 05:46:13 GMT
content-encoding: gzip
x-cache-lookup: Cache Hit, Hit From Inner Cluster
last-modified: Thu, 15 Jun 2023 02:53:37 GMT
server: Lego Server
age: 0
etag: W/"648a7d31-2370"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000
x-nws-log-uuid: 9098105718605662240
accept-ranges: bytes
content-length: 3081
expires: Tue, 18 Jul 2023 05:46:13 GMT

GET
H2 200 4883-eaa47998e430c5efe9d8.js Show response
s.isanook.com/sr/0/_next/static/chunks/ 80 KB
24 KB 150ms
141ms Script
application/javascript 43.152.29.12
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to

Full URL: https://s.isanook.com/sr/0/_next/static/chunks/4883-eaa47998e430c5efe9d8.js
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/women/220941/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 43.152.29.12 , Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: Lego Server /
Resource Hash: 661b4395fdf6481afb7d43aab2fb0eb3eee2a2c8efe620a6a8ccccf01bcd90c5

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jun 2023 04:19:13 GMT
content-encoding: gzip
x-cache-lookup: Cache Hit, Hit From Inner Cluster
last-modified: Thu, 15 Jun 2023 02:53:37 GMT
server: Lego Server
age: 0
etag: W/"648a7d31-13e58"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000, s-maxage=10
x-nws-log-uuid: 4313882663292495917
accept-ranges: bytes
content-length: 24427
expires: Thu, 20 Jul 2023 04:19:13 GMT

GET
H2 200 5884-96c7c5b8d105dc707520.js Show response
s.isanook.com/sr/0/_next/static/chunks/ 13 KB
5 KB 142ms
133ms Script
application/javascript 43.152.29.12
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to

Full URL: https://s.isanook.com/sr/0/_next/static/chunks/5884-96c7c5b8d105dc707520.js
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/women/220941/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 43.152.29.12 , Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: Lego Server /
Resource Hash: 5c360f4a08727f0dbb9b0452830cb058ff02f8bd09d8e775bfc267655374e186

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 25 Jun 2023 05:55:31 GMT
content-encoding: gzip
x-cache-lookup: Cache Hit
last-modified: Fri, 09 Jun 2023 10:07:26 GMT
server: Lego Server
age: 1142605
etag: W/"6482f9de-35e4"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000
x-nws-log-uuid: 10668770383200449119
accept-ranges: bytes
content-length: 4464
expires: Wed, 12 Jul 2023 00:32:08 GMT

GET
H2 200 7904.67e2aa2dfa45ebf80dcc.js Show response
s.isanook.com/sr/0/_next/static/chunks/ 10 KB
4 KB 150ms
142ms Script
application/javascript 43.152.29.12
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to

Full URL: https://s.isanook.com/sr/0/_next/static/chunks/7904.67e2aa2dfa45ebf80dcc.js
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/women/220941/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 43.152.29.12 , Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: Lego Server /
Resource Hash: f1e3d93c70524fde72b4aa58a5581719ed2953f8fc64ec5a103bea40fc11fee5

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 15 Jun 2023 19:30:03 GMT
content-encoding: gzip
x-cache-lookup: Cache Hit, Hit From Inner Cluster
last-modified: Thu, 15 Jun 2023 02:53:37 GMT
server: Lego Server
age: 0
etag: W/"648a7d31-265c"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000
x-nws-log-uuid: 6639349873952172055
accept-ranges: bytes
content-length: 3486
expires: Sat, 15 Jul 2023 19:30:03 GMT

GET
H2 200 2182-c812998b9bfd40b7bc57.js Show response
s.isanook.com/sr/0/_next/static/chunks/ 14 KB
3 KB 150ms
142ms Script
application/javascript 43.152.29.12
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to

Full URL: https://s.isanook.com/sr/0/_next/static/chunks/2182-c812998b9bfd40b7bc57.js
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/women/220941/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 43.152.29.12 , Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: Lego Server /
Resource Hash: 9ccdbec9e927128d190882fdc2b16952ae59a95bfe6f179416ecd98d4aeef7ea

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 12 Jun 2023 17:51:57 GMT
content-encoding: gzip
x-cache-lookup: Cache Hit, Hit From Inner Cluster
last-modified: Thu, 18 May 2023 02:38:19 GMT
server: Lego Server
age: 2198269
etag: W/"64658f9b-39ae"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000
x-nws-log-uuid: 67631181987344351
accept-ranges: bytes
content-length: 3109
expires: Sat, 17 Jun 2023 07:14:09 GMT

GET
H2 200 7634-9c48588a06a20cc2cfaa.js Show response
s.isanook.com/sr/0/_next/static/chunks/ 14 KB
3 KB 150ms
142ms Script
application/javascript 43.152.29.12
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to

Full URL: https://s.isanook.com/sr/0/_next/static/chunks/7634-9c48588a06a20cc2cfaa.js
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/women/220941/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 43.152.29.12 , Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: Lego Server /
Resource Hash: 696ebff2f6fb069f9f94ffe87bf3afc534a4dc68dee592c312549170a6e0e9d2

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Jun 2023 20:04:43 GMT
content-encoding: gzip
x-cache-lookup: Cache Hit, Hit From Inner Cluster
last-modified: Tue, 13 Jun 2023 06:22:49 GMT
server: Lego Server
age: 578958
etag: W/"64880b39-371e"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000, s-maxage=10
x-nws-log-uuid: 14559549366246733349
accept-ranges: bytes
content-length: 2599
expires: Wed, 14 Jun 2023 20:04:44 GMT

GET
H2 200 1574-49fbeedfa20dd915de79.js Show response
s.isanook.com/sr/0/_next/static/chunks/ 17 KB
4 KB 150ms
141ms Script
application/javascript 43.152.29.12
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to

Full URL: https://s.isanook.com/sr/0/_next/static/chunks/1574-49fbeedfa20dd915de79.js
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/women/220941/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 43.152.29.12 , Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: Lego Server /
Resource Hash: 3009935cba76944c4d42291b3db5c07f521b3b4e80ffac3295ce76fb57d52d91

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Jun 2023 09:06:17 GMT
content-encoding: gzip
x-cache-lookup: Cache Hit, Hit From Inner Cluster
last-modified: Thu, 08 Jun 2023 05:08:07 GMT
server: Lego Server
age: 960692
etag: W/"64816237-45f8"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000, s-maxage=10
x-nws-log-uuid: 6689039327951186431
accept-ranges: bytes
content-length: 3887
expires: Sat, 08 Jul 2023 09:06:17 GMT

GET
H2 200 6584-447a1b16d42a2945b19a.js Show response
s.isanook.com/sr/0/_next/static/chunks/ 20 KB
5 KB 201ms
193ms Script
application/javascript 43.152.29.12
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to

Full URL: https://s.isanook.com/sr/0/_next/static/chunks/6584-447a1b16d42a2945b19a.js
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/women/220941/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 43.152.29.12 , Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: Lego Server /
Resource Hash: 6f51d2ba38480066c4deff4b8d84389d977c9e39d852160a3d8c21f5bf70ef58

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 15 Jun 2023 19:30:02 GMT
content-encoding: gzip
x-cache-lookup: Cache Hit, Hit From Inner Cluster
last-modified: Thu, 15 Jun 2023 02:53:37 GMT
server: Lego Server
age: 0
etag: W/"648a7d31-4e14"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000, s-maxage=10
x-nws-log-uuid: 8130214697473870185
accept-ranges: bytes
content-length: 4860
expires: Sat, 15 Jul 2023 19:30:02 GMT

GET
H2 200 930-d28b6a360e225517874b.js Show response
s.isanook.com/sr/0/_next/static/chunks/ 51 KB
8 KB 193ms
185ms Script
application/javascript 43.152.29.12
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to

Full URL: https://s.isanook.com/sr/0/_next/static/chunks/930-d28b6a360e225517874b.js
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/women/220941/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 43.152.29.12 , Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: Lego Server /
Resource Hash: 0dd8fc60dd2b16b2caa3910eb6e7f9f539f749e895ae41c101fa2c3d6d7106d7

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 08:26:27 GMT
content-encoding: gzip
x-cache-lookup: Cache Hit
last-modified: Wed, 21 Jun 2023 07:17:22 GMT
server: Lego Server
age: 0
etag: W/"6492a402-cb98"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000, s-maxage=10
x-nws-log-uuid: 11253197925135430097
accept-ranges: bytes
content-length: 8187
expires: Fri, 21 Jul 2023 08:26:27 GMT

GET
H2 200 7227-51d632e8e233a60727f0.js Show response
s.isanook.com/sr/0/_next/static/chunks/ 36 KB
9 KB 203ms
195ms Script
application/javascript 43.152.29.12
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to

Full URL: https://s.isanook.com/sr/0/_next/static/chunks/7227-51d632e8e233a60727f0.js
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/women/220941/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 43.152.29.12 , Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: Lego Server /
Resource Hash: d27a8af1af6f6d6e1e029e12eccb095a262be96563c9a42f96622593ee5a1a17

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 09:25:32 GMT
content-encoding: gzip
x-cache-lookup: Cache Hit, Hit From Inner Cluster
last-modified: Wed, 31 May 2023 10:37:53 GMT
server: Lego Server
age: 976670
etag: W/"64772381-8fb8"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000
x-nws-log-uuid: 12842643483650166710
accept-ranges: bytes
content-length: 8622
expires: Thu, 06 Jul 2023 02:07:43 GMT

GET
H2 200 8513-44b99275bec71ef8fa4b.js Show response
s.isanook.com/sr/0/_next/static/chunks/ 62 KB
10 KB 202ms
194ms Script
application/javascript 43.152.29.12
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to

Full URL: https://s.isanook.com/sr/0/_next/static/chunks/8513-44b99275bec71ef8fa4b.js
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/women/220941/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 43.152.29.12 , Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: Lego Server /
Resource Hash: 3ed6172c57461534660b5435664ff1a82c954872daf7c3e79edd7ac8d6e78436

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Jun 2023 10:39:46 GMT
content-encoding: gzip
x-cache-lookup: Cache Hit, Hit From Inner Cluster
last-modified: Tue, 13 Jun 2023 06:22:49 GMT
server: Lego Server
age: 840303
etag: "64880b39-f890"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000, s-maxage=10
x-nws-log-uuid: 15629294222159979770
accept-ranges: bytes
content-length: 10456
expires: Thu, 13 Jul 2023 10:39:46 GMT

GET
H2 200 1341.1edfbe3884df9fec9e57.js Show response
s.isanook.com/sr/0/_next/static/chunks/ 183 KB
35 KB 203ms
195ms Script
application/javascript 43.152.29.12
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to

Full URL: https://s.isanook.com/sr/0/_next/static/chunks/1341.1edfbe3884df9fec9e57.js
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/women/220941/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 43.152.29.12 , Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: Lego Server /
Resource Hash: 868acca2855c9426e8ee404b075c5748bffdf548464fa4229b46eb7ddbe6130c

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 23 Jun 2023 03:21:40 GMT
content-encoding: gzip
x-cache-lookup: Cache Hit, Hit From Inner Cluster
x-original-content-length: 187186
server: Lego Server
age: 10
etag: W/"64950480-2db32"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-nws-log-uuid: 9292679487231065717
accept-ranges: bytes
content-length: 35224
expires: Sun, 23 Jul 2023 03:21:40 GMT

GET
H2 200 2043.be10e3e5f3854c874df3.js Show response
s.isanook.com/sr/0/_next/static/chunks/ 16 KB
4 KB 203ms
194ms Script
application/javascript 43.152.29.12
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to

Full URL: https://s.isanook.com/sr/0/_next/static/chunks/2043.be10e3e5f3854c874df3.js
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/women/220941/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 43.152.29.12 , Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: Lego Server /
Resource Hash: 7954a0d6f2c6dd81496228d5665194d0c0aa4c33e1516c79ba8db0b37b116f5b

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Jun 2023 05:45:25 GMT
content-encoding: gzip
x-cache-lookup: Cache Hit, Hit From Inner Cluster
last-modified: Tue, 30 May 2023 02:41:01 GMT
server: Lego Server
age: 2165643
etag: W/"6475623d-4005"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000
x-nws-log-uuid: 5408043193822433686
accept-ranges: bytes
content-length: 3918
expires: Thu, 29 Jun 2023 04:11:23 GMT

GET
H2 200 1494.ee80947318c66a85d091.js Show response
s.isanook.com/sr/0/_next/static/chunks/ 191 KB
32 KB 204ms
195ms Script
application/javascript 43.152.29.12
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to

Full URL: https://s.isanook.com/sr/0/_next/static/chunks/1494.ee80947318c66a85d091.js
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/women/220941/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 43.152.29.12 , Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: Lego Server /
Resource Hash: ba6196c4a159b1b4c99756302bdf508b864a53e962b4c819fd5a8b2daa5f1149

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 23 Jun 2023 03:21:40 GMT
content-encoding: gzip
x-cache-lookup: Cache Hit, Hit From Inner Cluster
x-original-content-length: 195312
server: Lego Server
age: 0
etag: W/"64950480-2faf0"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-nws-log-uuid: 14043661283722855068
accept-ranges: bytes
content-length: 32236
expires: Sun, 23 Jul 2023 03:21:40 GMT

GET
H2 200 webpack-85ef46c5ff52500835f2.js Show response
s.isanook.com/sr/0/_next/static/chunks/ 9 KB
5 KB 290ms
282ms Script
application/javascript 43.152.29.12
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to

Full URL: https://s.isanook.com/sr/0/_next/static/chunks/webpack-85ef46c5ff52500835f2.js
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/women/220941/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 43.152.29.12 , Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: Lego Server /
Resource Hash: 0a0c71cb2232ffdde95f07b0f6e9a794907328f3f27688ebc789dc1d727f534d

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 23 Jun 2023 03:21:39 GMT
content-encoding: gzip
x-cache-lookup: Cache Hit, Hit From Inner Cluster
x-original-content-length: 9093
server: Lego Server
age: 0
etag: W/"6495047f-2385"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-nws-log-uuid: 6393029109366687575
accept-ranges: bytes
content-length: 4523
expires: Sun, 23 Jul 2023 03:21:39 GMT

GET
H2 200 framework-bccd505f411f10b308c7.js Show response
s.isanook.com/sr/0/_next/static/chunks/ 147 KB
45 KB 203ms
195ms Script
application/javascript 43.152.29.12
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to

Full URL: https://s.isanook.com/sr/0/_next/static/chunks/framework-bccd505f411f10b308c7.js
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/women/220941/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 43.152.29.12 , Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: Lego Server /
Resource Hash: e16941500a7e562826092aa4e31a907a0c6e9354e4c843391cd3fdec33602bb1

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 12 Jun 2023 19:10:59 GMT
content-encoding: gzip
x-cache-lookup: Cache Hit, Hit From Inner Cluster
last-modified: Mon, 22 May 2023 07:38:14 GMT
server: Lego Server
age: 1702601
etag: W/"646b1be6-24b58"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000
x-nws-log-uuid: 8689863821987193022
accept-ranges: bytes
content-length: 45781
expires: Fri, 23 Jun 2023 02:14:19 GMT

GET
H2 200 main-bcf4d111f618a82e6a4e.js Show response
s.isanook.com/sr/0/_next/static/chunks/ 75 KB
24 KB 204ms
196ms Script
application/javascript 43.152.29.12
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to

Full URL: https://s.isanook.com/sr/0/_next/static/chunks/main-bcf4d111f618a82e6a4e.js
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/women/220941/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 43.152.29.12 , Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: Lego Server /
Resource Hash: 1c4ab2f8971959b6a8e4375092eacd41007a97c2078e14af4dd43fdfea43bb6a

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 15 Jun 2023 12:19:53 GMT
content-encoding: gzip
x-cache-lookup: Cache Hit, Hit From Inner Cluster
last-modified: Thu, 15 Jun 2023 02:53:38 GMT
server: Lego Server
age: 0
etag: "648a7d32-12af2"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000, s-maxage=10
x-nws-log-uuid: 12346178511600783606
accept-ranges: bytes
content-length: 23884
expires: Sat, 15 Jul 2023 12:19:53 GMT

GET
H2 200 _app-728bf3a5f2152c8da774.js Show response
s.isanook.com/sr/0/_next/static/chunks/pages/ 551 KB
158 KB 291ms
283ms Script
application/javascript 43.152.29.12
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to

Full URL: https://s.isanook.com/sr/0/_next/static/chunks/pages/_app-728bf3a5f2152c8da774.js
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/women/220941/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 43.152.29.12 , Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: Lego Server /
Resource Hash: f6b2106e1aeb9eb001b22d996135eacf9b6e9d630e0dc80eeb456bcbe0eebe60

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 23 Jun 2023 03:21:39 GMT
content-encoding: gzip
x-cache-lookup: Cache Hit, Hit From Inner Cluster
last-modified: Fri, 23 Jun 2023 02:33:11 GMT
server: Lego Server
age: 0
etag: W/"64950467-89d06"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000, s-maxage=10
x-nws-log-uuid: 15277477658754313102
accept-ranges: bytes
content-length: 161703
expires: Sun, 23 Jul 2023 03:21:39 GMT

GET
H2 200 7918-3bbc8a6036bbcdb09d83.js Show response
s.isanook.com/sr/0/_next/static/chunks/ 29 KB
8 KB 291ms
283ms Script
application/javascript 43.152.29.12
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to

Full URL: https://s.isanook.com/sr/0/_next/static/chunks/7918-3bbc8a6036bbcdb09d83.js
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/women/220941/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 43.152.29.12 , Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: Lego Server /
Resource Hash: 8acb5c888f88d9948d9729db88e737b9dd92ae3653dd11557aa286a55eeaeb09

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Jun 2023 09:43:41 GMT
content-encoding: gzip
x-cache-lookup: Cache Hit, Hit From Inner Cluster
last-modified: Tue, 13 Jun 2023 06:22:50 GMT
server: Lego Server
age: 0
etag: "64880b3a-7567"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000, s-maxage=10
x-nws-log-uuid: 13469254246181309094
accept-ranges: bytes
content-length: 7717
expires: Fri, 14 Jul 2023 09:43:41 GMT

GET
H2 200 8229-a3ffb213d38ea4b85bad.js Show response
s.isanook.com/sr/0/_next/static/chunks/ 29 KB
7 KB 342ms
334ms Script
application/javascript 43.152.29.12
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to

Full URL: https://s.isanook.com/sr/0/_next/static/chunks/8229-a3ffb213d38ea4b85bad.js
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/women/220941/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 43.152.29.12 , Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: Lego Server /
Resource Hash: 0b93fcce3e4ed4086f6f2e19b753dfd7f9e48213ddba0ab5b8c9dfb2dc862ae0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 15 Jun 2023 09:28:46 GMT
content-encoding: gzip
x-cache-lookup: Cache Hit, Hit From Inner Cluster
last-modified: Thu, 15 Jun 2023 02:53:36 GMT
server: Lego Server
age: 0
etag: W/"648a7d30-7506"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000, s-maxage=10
x-nws-log-uuid: 4534278595189449694
accept-ranges: bytes
content-length: 6889
expires: Sat, 15 Jul 2023 09:28:46 GMT

GET
H2 200 9669-b56602280eb9384c191d.js Show response
s.isanook.com/sr/0/_next/static/chunks/ 13 KB
5 KB 291ms
283ms Script
application/javascript 43.152.29.12
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to

Full URL: https://s.isanook.com/sr/0/_next/static/chunks/9669-b56602280eb9384c191d.js
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/women/220941/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 43.152.29.12 , Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: Lego Server /
Resource Hash: 9cd0cf9358f6d9ef9aecc29466faba4f8f2f5b9a79f03be60e6b220558fd4340

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 15:57:25 GMT
content-encoding: gzip
x-cache-lookup: Cache Hit, Hit From Inner Cluster
last-modified: Thu, 15 Jun 2023 02:53:36 GMT
server: Lego Server
age: 2
etag: W/"648a7d30-35e2"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000
x-nws-log-uuid: 6563670844023125053
accept-ranges: bytes
content-length: 4715
expires: Sat, 17 Jun 2023 15:57:35 GMT

GET
H2 200 1354-e6e263fd45386d27bc3d.js Show response
s.isanook.com/sr/0/_next/static/chunks/ 50 KB
16 KB 344ms
336ms Script
application/javascript 43.152.29.12
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to

Full URL: https://s.isanook.com/sr/0/_next/static/chunks/1354-e6e263fd45386d27bc3d.js
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/women/220941/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 43.152.29.12 , Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: Lego Server /
Resource Hash: 6110bd3d72d24a65ab45401d0318208e362f323aca3c84d57a36523d34a60f0b

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 19 Jun 2023 11:57:46 GMT
content-encoding: gzip
x-cache-lookup: Cache Hit, Hit From Inner Cluster
last-modified: Thu, 15 Jun 2023 02:53:37 GMT
server: Lego Server
age: 0
etag: W/"648a7d31-c680"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000, s-maxage=10
x-nws-log-uuid: 12917470682973421523
accept-ranges: bytes
content-length: 16570
expires: Wed, 19 Jul 2023 11:57:46 GMT

GET
H2 200 2962-603a28e62dde6ed2aedb.js Show response
s.isanook.com/sr/0/_next/static/chunks/ 12 KB
3 KB 295ms
287ms Script
application/javascript 43.152.29.12
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to

Full URL: https://s.isanook.com/sr/0/_next/static/chunks/2962-603a28e62dde6ed2aedb.js
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/women/220941/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 43.152.29.12 , Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: Lego Server /
Resource Hash: 39a9767a33fe8b9d31f24bb9f29f98152c9f738a1bf59539cfd87285d30be231

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 18 Jun 2023 19:20:32 GMT
content-encoding: gzip
x-cache-lookup: Cache Hit, Hit From Inner Cluster
last-modified: Thu, 15 Jun 2023 02:53:37 GMT
server: Lego Server
age: 0
etag: W/"648a7d31-2ebe"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000
x-nws-log-uuid: 7144678098486355534
accept-ranges: bytes
content-length: 2738
expires: Sun, 18 Jun 2023 19:20:43 GMT

GET
H2 200 9047-2d652cafc35943e20d62.js Show response
s.isanook.com/sr/0/_next/static/chunks/ 14 KB
5 KB 291ms
283ms Script
application/javascript 43.152.29.12
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to

Full URL: https://s.isanook.com/sr/0/_next/static/chunks/9047-2d652cafc35943e20d62.js
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/women/220941/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 43.152.29.12 , Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: Lego Server /
Resource Hash: 50242617945a6f6a36fe2fd68afa582d0b765e127a17bfe46487e5cc3970bb18

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Jun 2023 05:04:20 GMT
content-encoding: gzip
x-cache-lookup: Cache Hit, Hit From Inner Cluster
last-modified: Tue, 13 Jun 2023 06:22:49 GMT
server: Lego Server
age: 0
etag: "64880b39-38a5"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000, s-maxage=10
x-nws-log-uuid: 11246546919594655934
accept-ranges: bytes
content-length: 4475
expires: Fri, 14 Jul 2023 05:04:20 GMT

GET
H2 200 3253-079293c535abc2a452b6.js Show response
s.isanook.com/sr/0/_next/static/chunks/ 22 KB
7 KB 200ms
192ms Script
application/javascript 43.152.29.12
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to

Full URL: https://s.isanook.com/sr/0/_next/static/chunks/3253-079293c535abc2a452b6.js
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/women/220941/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 43.152.29.12 , Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: Lego Server /
Resource Hash: 3c306814caff0bcd34236c2f17695012ea796e2e7d0d1506ec323773f70596b8

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 19 Jun 2023 08:14:13 GMT
content-encoding: gzip
x-cache-lookup: Cache Hit
last-modified: Thu, 15 Jun 2023 02:53:37 GMT
server: Lego Server
age: 0
etag: W/"648a7d31-57ad"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000
x-nws-log-uuid: 14227750487644252696
accept-ranges: bytes
content-length: 6481
expires: Wed, 19 Jul 2023 08:14:13 GMT

GET
H2 200 1350-ccbe2b949cfdea577ff1.js Show response
s.isanook.com/sr/0/_next/static/chunks/ 14 KB
5 KB 291ms
283ms Script
application/javascript 43.152.29.12
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to

Full URL: https://s.isanook.com/sr/0/_next/static/chunks/1350-ccbe2b949cfdea577ff1.js
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/women/220941/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 43.152.29.12 , Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: Lego Server /
Resource Hash: 7492395fef5caac2500eb07ba8dbc30c0fa593fe2db43e89db33dc0d3af70e41

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Jun 2023 06:39:33 GMT
content-encoding: gzip
x-cache-lookup: Cache Hit, Hit From Inner Cluster
last-modified: Thu, 15 Jun 2023 02:53:37 GMT
server: Lego Server
age: 26711
etag: W/"648a7d31-3614"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000, s-maxage=10
x-nws-log-uuid: 1759986184084815340
accept-ranges: bytes
content-length: 4649
expires: Sun, 16 Jul 2023 06:39:33 GMT

GET
H2 200 7754-d32784ee1900caafa06f.js Show response
s.isanook.com/sr/0/_next/static/chunks/ 5 KB
2 KB 344ms
336ms Script
application/javascript 43.152.29.12
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to

Full URL: https://s.isanook.com/sr/0/_next/static/chunks/7754-d32784ee1900caafa06f.js
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/women/220941/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 43.152.29.12 , Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: Lego Server /
Resource Hash: 350561b966752ef570c416aa9bd649dcc3c7b903fd5ba20c9375c7a713ef0d25

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 19 Jun 2023 11:57:48 GMT
content-encoding: gzip
x-cache-lookup: Cache Hit, Hit From Inner Cluster
last-modified: Thu, 15 Jun 2023 02:53:37 GMT
server: Lego Server
age: 0
etag: "648a7d31-130d"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000, s-maxage=10
x-nws-log-uuid: 13011359267967161811
accept-ranges: bytes
content-length: 2221
expires: Wed, 19 Jul 2023 11:57:48 GMT

GET
H2 200 2930-e57bfc69aee05a2179a5.js Show response
s.isanook.com/sr/0/_next/static/chunks/ 204 KB
27 KB 342ms
334ms Script
application/javascript 43.152.29.12
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to

Full URL: https://s.isanook.com/sr/0/_next/static/chunks/2930-e57bfc69aee05a2179a5.js
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/women/220941/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 43.152.29.12 , Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: Lego Server /
Resource Hash: 55bbfc861e7a701243f51f7e35b254b20ec854f162f6f9d37e68a75f90dfcbc8

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 07:30:52 GMT
content-encoding: gzip
x-cache-lookup: Cache Hit, Hit From Inner Cluster
x-original-content-length: 209275
server: Lego Server
age: 1
etag: W/"6492a402-3317b"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-nws-log-uuid: 12759412889245579955
accept-ranges: bytes
content-length: 27887
expires: Fri, 21 Jul 2023 07:28:20 GMT

GET
H2 200 2996-02c93ea9f8ef187330a7.js Show response
s.isanook.com/sr/0/_next/static/chunks/ 92 KB
17 KB 342ms
335ms Script
application/javascript 43.152.29.12
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to

Full URL: https://s.isanook.com/sr/0/_next/static/chunks/2996-02c93ea9f8ef187330a7.js
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/women/220941/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 43.152.29.12 , Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: Lego Server /
Resource Hash: 535499bf25b6a149637ce611286da6239dee803fda1191102371595c8d23d63e

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Jun 2023 14:04:49 GMT
content-encoding: gzip
x-cache-lookup: Cache Hit, Hit From Inner Cluster
last-modified: Thu, 15 Jun 2023 02:53:37 GMT
server: Lego Server
age: 0
etag: W/"648a7d31-16f46"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000, s-maxage=10
x-nws-log-uuid: 4102585785696295704
accept-ranges: bytes
content-length: 16728
expires: Sun, 16 Jul 2023 14:04:49 GMT

GET
H2 200 7263-a62ce33231ab5ee8cb0d.js Show response
s.isanook.com/sr/0/_next/static/chunks/ 197 KB
43 KB 343ms
336ms Script
application/javascript 43.152.29.12
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to

Full URL: https://s.isanook.com/sr/0/_next/static/chunks/7263-a62ce33231ab5ee8cb0d.js
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/women/220941/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 43.152.29.12 , Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: Lego Server /
Resource Hash: b60ab41fb92e80bb9abd19bead792c4276a9a738adeaa23fafabcc875cf5f5f0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 23 Jun 2023 03:21:39 GMT
content-encoding: gzip
x-cache-lookup: Cache Hit, Hit From Inner Cluster
last-modified: Fri, 23 Jun 2023 02:33:36 GMT
server: Lego Server
age: 0
etag: W/"64950480-31365"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000
x-nws-log-uuid: 371553151706050358
accept-ranges: bytes
content-length: 44180
expires: Sun, 23 Jul 2023 03:21:39 GMT

GET
H2 200 3316-c2db2abb0c275a7040e2.js Show response
s.isanook.com/sr/0/_next/static/chunks/ 18 KB
4 KB 343ms
335ms Script
application/javascript 43.152.29.12
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to

Full URL: https://s.isanook.com/sr/0/_next/static/chunks/3316-c2db2abb0c275a7040e2.js
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/women/220941/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 43.152.29.12 , Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: Lego Server /
Resource Hash: d38961bd0b1ca21df559b911d10e02450f663398373f3e6ac76eb31809b5b75e

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 22 Jun 2023 14:28:25 GMT
content-encoding: gzip
x-cache-lookup: Cache Hit, Hit From Inner Cluster
last-modified: Wed, 21 Jun 2023 11:27:45 GMT
server: Lego Server
age: 0
etag: "6492deb1-4663"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000, s-maxage=10
x-nws-log-uuid: 5163505066377761624
accept-ranges: bytes
content-length: 4351
expires: Sat, 22 Jul 2023 14:28:25 GMT

GET
H2 200 5269-1d0561d680f1a96c6cdf.js Show response
s.isanook.com/sr/0/_next/static/chunks/ 239 KB
19 KB 343ms
335ms Script
application/javascript 43.152.29.12
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to

Full URL: https://s.isanook.com/sr/0/_next/static/chunks/5269-1d0561d680f1a96c6cdf.js
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/women/220941/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 43.152.29.12 , Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: Lego Server /
Resource Hash: f3d9ef2604c7f5133d7096b134f0c873884577caf93cf6bc16833050afea301d

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Jun 2023 07:09:41 GMT
content-encoding: gzip
x-cache-lookup: Cache Hit, Hit From Inner Cluster
last-modified: Fri, 23 Jun 2023 02:33:35 GMT
server: Lego Server
age: 0
etag: W/"6495047f-3bb4e"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000
x-nws-log-uuid: 5522760753685172307
accept-ranges: bytes
content-length: 19114
expires: Mon, 24 Jul 2023 07:09:42 GMT

GET
H2 200 9063-6e02c0a21aa2efaf0666.js Show response
s.isanook.com/sr/0/_next/static/chunks/ 12 KB
4 KB 294ms
286ms Script
application/javascript 43.152.29.12
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to

Full URL: https://s.isanook.com/sr/0/_next/static/chunks/9063-6e02c0a21aa2efaf0666.js
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/women/220941/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 43.152.29.12 , Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: Lego Server /
Resource Hash: 75211e639a6f958dbd73ff9d849f26e9dec1f621659360882f76dbb4a50bc503

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 15 Jun 2023 19:30:27 GMT
content-encoding: gzip
x-cache-lookup: Cache Hit, Hit From Inner Cluster
last-modified: Thu, 15 Jun 2023 02:53:37 GMT
server: Lego Server
age: 0
etag: W/"648a7d31-2e81"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000, s-maxage=10
x-nws-log-uuid: 561671053417732242
accept-ranges: bytes
content-length: 3778
expires: Sat, 15 Jul 2023 19:30:27 GMT

GET
H2 200 1145-33095e92bfe999492f55.js Show response
s.isanook.com/sr/0/_next/static/chunks/ 21 KB
6 KB 344ms
336ms Script
application/javascript 43.152.29.12
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to

Full URL: https://s.isanook.com/sr/0/_next/static/chunks/1145-33095e92bfe999492f55.js
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/women/220941/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 43.152.29.12 , Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: Lego Server /
Resource Hash: 69651768c0ed318d4a7feb3157ba5687433728fff0cb61f4ebd737142bcd8132

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Jun 2023 08:44:46 GMT
content-encoding: gzip
x-cache-lookup: Cache Hit, Hit From Inner Cluster
last-modified: Fri, 23 Jun 2023 02:33:35 GMT
server: Lego Server
age: 0
etag: W/"6495047f-54ed"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000, s-maxage=10
x-nws-log-uuid: 14630838581166037442
accept-ranges: bytes
content-length: 5653
expires: Mon, 24 Jul 2023 08:44:46 GMT

GET
H2 200 entry-d357a1e9362d47394e70.js Show response
s.isanook.com/sr/0/_next/static/chunks/pages/common/ 47 KB
11 KB 294ms
287ms Script
application/javascript 43.152.29.12
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to

Full URL: https://s.isanook.com/sr/0/_next/static/chunks/pages/common/entry-d357a1e9362d47394e70.js
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/women/220941/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 43.152.29.12 , Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: Lego Server /
Resource Hash: 4a80b29c03942c5e6681b13019cc4d4fe2ea05e12038fda0e030b680ddbfdc1a

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 23 Jun 2023 03:21:40 GMT
content-encoding: gzip
x-cache-lookup: Cache Hit, Hit From Inner Cluster
x-original-content-length: 47656
server: Lego Server
age: 0
etag: W/"64950480-ba28"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000
x-nws-log-uuid: 12590534848106248704
accept-ranges: bytes
content-length: 10835
expires: Sun, 23 Jul 2023 03:21:40 GMT

GET
H2 200 _buildManifest.js Show response
s.isanook.com/sr/0/_next/static/w9cWYAHcRxyocyIcD8YLU/ 22 KB
6 KB 199ms
192ms Script
application/javascript 43.152.29.12
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to

Full URL: https://s.isanook.com/sr/0/_next/static/w9cWYAHcRxyocyIcD8YLU/_buildManifest.js
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/women/220941/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 43.152.29.12 , Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: Lego Server /
Resource Hash: a1187a2df40326dac6994a12cc15f688ad94218b7d971c1722e645ed8bc5bb21

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 23 Jun 2023 03:21:42 GMT
content-encoding: gzip
x-cache-lookup: Cache Hit
x-original-content-length: 22689
server: Lego Server
age: 0
etag: W/"64950468-58a1"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-nws-log-uuid: 15013776381151713766
accept-ranges: bytes
content-length: 5787
expires: Sun, 23 Jul 2023 03:21:40 GMT

GET
H2 200 _ssgManifest.js Show response
s.isanook.com/sr/0/_next/static/w9cWYAHcRxyocyIcD8YLU/ 77 B
235 B 342ms
335ms Script
application/javascript 43.152.29.12
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to

Full URL: https://s.isanook.com/sr/0/_next/static/w9cWYAHcRxyocyIcD8YLU/_ssgManifest.js
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/women/220941/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 43.152.29.12 , Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: Lego Server /
Resource Hash: 6f5b4aa00d2f8d6aed9935b471806bf7acef464d0c1d390260e5fe27f800c67e

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 23 Jun 2023 03:21:39 GMT
x-cache-lookup: Cache Hit, Hit From Inner Cluster
last-modified: Fri, 23 Jun 2023 02:33:12 GMT
server: Lego Server
age: 0
etag: "64950468-4d"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000, s-maxage=10
x-nws-log-uuid: 16920291672514959550
accept-ranges: bytes
content-length: 77
expires: Sun, 23 Jul 2023 03:21:39 GMT

GET
H2 200 spacer.gif
p3.isanook.com/sh/0/di/ac/vl/ 43 B
220 B 230ms
143ms Image
image/gif 43.152.29.11
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p3.isanook.com/sh/0/di/ac/vl/spacer.gif
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/women/220941/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 43.152.29.11 , Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: Lego Server /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 22 Jun 2023 01:10:31 GMT
x-cache-lookup: Cache Hit, Hit From Inner Cluster
last-modified: Tue, 08 Feb 2011 09:07:23 GMT
server: Lego Server
age: 0
etag: "4d5107cb-2b"
vary: Accept-Encoding
content-type: image/gif
cache-control: max-age=2592000, s-maxage=10
x-nws-log-uuid: 8420200143221543669
accept-ranges: bytes
content-length: 43
expires: Sat, 22 Jul 2023 01:10:31 GMT

GET
H2 200 ic-lotto.png
s.isanook.com/sr/0/images/firstpage/desktop/icons/ 3 KB
3 KB 352ms
200ms Image
image/png 43.152.29.12
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.isanook.com/sr/0/images/firstpage/desktop/icons/ic-lotto.png
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/women/220941/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 43.152.29.12 , Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: Lego Server /
Resource Hash: 99547a965f07daf7a5531abff25b655f8ca954dcd1fc1794a87e62b4f59069a7

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 15:14:33 GMT
x-cache-lookup: Cache Hit, Hit From Inner Cluster
last-modified: Thu, 15 Jun 2023 02:53:48 GMT
server: Lego Server
age: 0
etag: "648a7d3c-b1f"
content-type: image/png
cache-control: s-maxage=10
x-nws-log-uuid: 5970069924668255202
accept-ranges: bytes
content-length: 2847

GET
H2 200 joox.svg
s.isanook.com/sr/0/images/firstpage/desktop/icons/ 1 KB
735 B 352ms
200ms Image
image/svg+xml 43.152.29.12
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.isanook.com/sr/0/images/firstpage/desktop/icons/joox.svg
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/women/220941/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 43.152.29.12 , Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: Lego Server /
Resource Hash: 0b2e019fbe37d9642ad85f3194ef708e5510f4e580544587d3036d2c6a22809e

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jun 2023 08:35:40 GMT
content-encoding: gzip
x-cache-lookup: Cache Hit, Hit From Inner Cluster
last-modified: Thu, 15 Jun 2023 02:53:48 GMT
server: Lego Server
age: 0
etag: W/"648a7d3c-4e7"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=2592000
x-nws-log-uuid: 9176312278257496406
accept-ranges: bytes
content-length: 548
expires: Thu, 20 Jul 2023 08:35:40 GMT

GET
H2 200 wetv.svg
s.isanook.com/sr/0/images/firstpage/desktop/icons/ 7 KB
2 KB 296ms
144ms Image
image/svg+xml 43.152.29.12
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.isanook.com/sr/0/images/firstpage/desktop/icons/wetv.svg
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/women/220941/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 43.152.29.12 , Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: Lego Server /
Resource Hash: 08a8463bf15cca775e8cc01995f1d42758cbda90dee2b7019fee15daa62822c9

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 18 Jun 2023 19:46:23 GMT
content-encoding: gzip
x-cache-lookup: Cache Hit
last-modified: Thu, 15 Jun 2023 02:53:48 GMT
server: Lego Server
age: 0
etag: W/"648a7d3c-1a5b"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=2592000
x-nws-log-uuid: 7542074331670688772
accept-ranges: bytes
content-length: 1827
expires: Tue, 18 Jul 2023 19:46:23 GMT

GET
H2 200 wecomics-d.png
s.isanook.com/sr/0/images/firstpage/desktop/icons/ 3 KB
3 KB 297ms
145ms Image
image/png 43.152.29.12
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.isanook.com/sr/0/images/firstpage/desktop/icons/wecomics-d.png
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/women/220941/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 43.152.29.12 , Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: Lego Server /
Resource Hash: 72b957c8e33b77cbf556151dc0c974c59408561b4bf97828c5b400bb60663138

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 25 Jun 2023 10:49:02 GMT
x-cache-lookup: Cache Hit, Hit From Inner Cluster
last-modified: Fri, 23 Jun 2023 02:33:52 GMT
server: Lego Server
age: 0
etag: "64950490-bec"
content-type: image/png
cache-control: s-maxage=10
x-nws-log-uuid: 8619034661982290197
accept-ranges: bytes
content-length: 3052

GET
H2 200 pubg.png
s.isanook.com/sr/0/images/firstpage/desktop/icons/ 2 KB
2 KB 297ms
145ms Image
image/png 43.152.29.12
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.isanook.com/sr/0/images/firstpage/desktop/icons/pubg.png
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/women/220941/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 43.152.29.12 , Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: Lego Server /
Resource Hash: 695669eab4d353184ff9d06af8b2e1d0c0aea5af143d16b84206b05f1fa7ec3d

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 19 Jun 2023 23:52:38 GMT
x-cache-lookup: Cache Hit, Hit From Inner Cluster
last-modified: Thu, 15 Jun 2023 02:53:48 GMT
server: Lego Server
age: 0
etag: "648a7d3c-8c6"
content-type: image/png
cache-control: s-maxage=10
x-nws-log-uuid: 10856875068556054894
accept-ranges: bytes
content-length: 2246

GET
H2 200 220941-thumbnail.jpg
s.isanook.com/wo/0/ud/44/220941/ 39 KB
39 KB 775ms
623ms Image
image/webp 43.152.29.12
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.isanook.com/wo/0/ud/44/220941/220941-thumbnail.jpg?ip/crop/w728h437/q80/webp

Requested by

Host: www.sanook.com
URL: https://www.sanook.com/women/220941/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

43.152.29.12 , Singapore, ASN139341 (ACE-AS-AP ACE, SG),

Reverse DNS

Software

Lego Server /

Resource Hash

d1b3f666dc137b2e28d18ce5dc569c442fd005f030b8ee12134d236d8a51b61f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains;

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Jun 2023 03:55:46 GMT
strict-transport-security: max-age=15724800; includeSubDomains;
x-cache-lookup: Cache Miss, Hit From Inner Cluster, Cache Miss, Hit From Inner Cluster
server: Lego Server
age: 0
content-type: image/webp
x-nws-log-uuid: 1880898587524314800
accept-ranges: bytes
content-length: 39764

GET
H2 200 aHR0cHM6Ly9zLmlzYW5vb2suY29tL3dvLzAvdWQvNDQvMjIwOTQxLzIyMDk0MS0yMDIyMTIyNDAxMzM0My1lNzNiNGIyLmpwZw==.jpg
s.isanook.com/wo/0/rp/r/w728/ya0xa0m1w0/ 80 KB
81 KB 586ms
579ms Image
image/jpeg 43.152.29.12
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.isanook.com/wo/0/rp/r/w728/ya0xa0m1w0/aHR0cHM6Ly9zLmlzYW5vb2suY29tL3dvLzAvdWQvNDQvMjIwOTQxLzIyMDk0MS0yMDIyMTIyNDAxMzM0My1lNzNiNGIyLmpwZw==.jpg
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/women/220941/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 43.152.29.12 , Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: Lego Server /
Resource Hash: 133c876619684ced5951e6115df5ad49cd2ec351511f2c5368f3991205e78ef7

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Jun 2023 03:55:46 GMT
x-cache-lookup: Cache Miss, Hit From Inner Cluster, Cache Miss, Hit From Inner Cluster
server: Lego Server
age: 0
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=2592000, s-maxage=10
x-nws-log-uuid: 7263144199185294012
accept-ranges: bytes
expires: Wed, 26 Jul 2023 03:55:46 GMT

GET
H2 200 aHR0cHM6Ly9zLmlzYW5vb2suY29tL3dvLzAvdWQvNDQvMjIwOTQxLzIyMDk0MS0yMDIyMTIyNDAxMzM0NC0zNDgxMGJiLmpwZw==.jpg
s.isanook.com/wo/0/rp/r/w728/ya0xa0m1w0/ 19 KB
20 KB 568ms
561ms Image
image/jpeg 43.152.29.12
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.isanook.com/wo/0/rp/r/w728/ya0xa0m1w0/aHR0cHM6Ly9zLmlzYW5vb2suY29tL3dvLzAvdWQvNDQvMjIwOTQxLzIyMDk0MS0yMDIyMTIyNDAxMzM0NC0zNDgxMGJiLmpwZw==.jpg
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/women/220941/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 43.152.29.12 , Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: Lego Server /
Resource Hash: 6796916c129546cfb332437c7ecbba347ec10e8e0c086101107c9cc2297c321d

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Jun 2023 03:55:46 GMT
x-cache-lookup: Cache Miss, Cache Miss, Hit From Inner Cluster
server: Lego Server
age: 0
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=2592000, s-maxage=10
x-nws-log-uuid: 9937830095667435750
accept-ranges: bytes
content-length: 19850
expires: Wed, 26 Jul 2023 03:55:46 GMT

GET
H2 200 aHR0cHM6Ly9zLmlzYW5vb2suY29tL3dvLzAvdWQvNDQvMjIwOTQxLzIyMDk0MS0yMDIyMTIyNDAxMzM0NC0xYzUwNzUwLmpwZw==.jpg
s.isanook.com/wo/0/rp/r/w728/ya0xa0m1w0/ 77 KB
78 KB 576ms
569ms Image
image/jpeg 43.152.29.12
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.isanook.com/wo/0/rp/r/w728/ya0xa0m1w0/aHR0cHM6Ly9zLmlzYW5vb2suY29tL3dvLzAvdWQvNDQvMjIwOTQxLzIyMDk0MS0yMDIyMTIyNDAxMzM0NC0xYzUwNzUwLmpwZw==.jpg
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/women/220941/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 43.152.29.12 , Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: Lego Server /
Resource Hash: 3c4ff6636ff9ebc83840d06ac0544dc0bf708b851050b9b953d47c5bc2016b63

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Jun 2023 03:55:46 GMT
x-cache-lookup: Cache Miss, Cache Miss, Hit From Inner Cluster
server: Lego Server
age: 0
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=2592000, s-maxage=10
x-nws-log-uuid: 10566683332332049118
accept-ranges: bytes
expires: Wed, 26 Jul 2023 03:55:46 GMT

GET
H2 200 aHR0cHM6Ly9zLmlzYW5vb2suY29tL3dvLzAvdWQvNDQvMjIwOTQxLzIyMDk0MS0yMDIyMTIyNDAxMzM0NC01YWNkZmQ4LmpwZw==.jpg
s.isanook.com/wo/0/rp/r/w728/ya0xa0m1w0/ 36 KB
36 KB 1607ms
1600ms Image
image/jpeg 43.152.29.12
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.isanook.com/wo/0/rp/r/w728/ya0xa0m1w0/aHR0cHM6Ly9zLmlzYW5vb2suY29tL3dvLzAvdWQvNDQvMjIwOTQxLzIyMDk0MS0yMDIyMTIyNDAxMzM0NC01YWNkZmQ4LmpwZw==.jpg
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/women/220941/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 43.152.29.12 , Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: Lego Server /
Resource Hash: 0cc22e22c095d1f43354a15286ed3290122650402c216bba29192c0301a4dccd

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Jun 2023 03:55:47 GMT
x-cache-lookup: Cache Miss, Hit From Inner Cluster, Cache Miss, Hit From Inner Cluster
server: Lego Server
age: 0
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=2592000, s-maxage=10
x-nws-log-uuid: 6120332375829937797
accept-ranges: bytes
expires: Wed, 26 Jul 2023 03:55:47 GMT

GET
H2 200 aHR0cHM6Ly9zLmlzYW5vb2suY29tL3dvLzAvdWQvNDQvMjIwOTQxLzIyMDk0MS0yMDIyMTIyNDAxMzM0NS0xYzkxYmI4LmpwZw==.jpg
s.isanook.com/wo/0/rp/r/w728/ya0xa0m1w0/ 38 KB
39 KB 621ms
614ms Image
image/jpeg 43.152.29.12
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.isanook.com/wo/0/rp/r/w728/ya0xa0m1w0/aHR0cHM6Ly9zLmlzYW5vb2suY29tL3dvLzAvdWQvNDQvMjIwOTQxLzIyMDk0MS0yMDIyMTIyNDAxMzM0NS0xYzkxYmI4LmpwZw==.jpg
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/women/220941/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 43.152.29.12 , Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: Lego Server /
Resource Hash: 67e5f95bc71c04605497d7ad18d807ce7464dc4ac413a89bf72f9214c1d03ba9

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Jun 2023 03:55:46 GMT
x-cache-lookup: Cache Miss, Hit From Inner Cluster, Cache Miss, Hit From Inner Cluster
server: Lego Server
age: 0
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=2592000, s-maxage=10
x-nws-log-uuid: 7814886911954848068
accept-ranges: bytes
expires: Wed, 26 Jul 2023 03:55:46 GMT

GET
H2 200 sanook_70x200.jpg
s.isanook.com/wo/0/uc/0/1441/ 8 KB
8 KB 402ms
396ms Image
image/jpeg 43.152.29.12
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.isanook.com/wo/0/uc/0/1441/sanook_70x200.jpg
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/women/220941/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 43.152.29.12 , Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: Lego Server /
Resource Hash: 49df687aafbcd68fee44ebf3a5d015dbc1249dc10a6af49e4b014dbf81c69aca

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jun 2023 13:22:51 GMT
x-cache-lookup: Cache Hit, Hit From Inner Cluster
last-modified: Wed, 16 Oct 2019 17:10:50 GMT
server: Lego Server
age: 0
etag: "5da74f1a-215a"
content-type: image/jpeg
cache-control: s-maxage=10
x-nws-log-uuid: 2620163538491017824
accept-ranges: bytes
content-length: 8538

GET
H2 200 winner_banner_read.png
s.isanook.com/sr/0/images/event-banner/2023/hbdproject/july/ 80 KB
80 KB 372ms
365ms Image
image/png 43.152.29.12
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.isanook.com/sr/0/images/event-banner/2023/hbdproject/july/winner_banner_read.png
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/women/220941/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 43.152.29.12 , Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: Lego Server /
Resource Hash: ed53ed7e8cca61c3ec4d4cf06ff4d87a8d6ad73479289a9dae93b16c5add4208

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Jun 2023 09:00:09 GMT
x-cache-lookup: Cache Hit, Hit From Inner Cluster
last-modified: Fri, 23 Jun 2023 02:33:57 GMT
server: Lego Server
age: 0
etag: "64950495-13ee8"
content-type: image/png
cache-control: s-maxage=10
x-nws-log-uuid: 6144020371828424188
accept-ranges: bytes
content-length: 81640

GET
H2 200 216489-thumbnail.jpg
s.isanook.com/wo/0/ud/43/216489/ 17 KB
18 KB 508ms
502ms Image
image/jpg 43.152.29.12
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.isanook.com/wo/0/ud/43/216489/216489-thumbnail.jpg?ip/crop/w350h197/q80/jpg

Requested by

Host: www.sanook.com
URL: https://www.sanook.com/women/220941/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

43.152.29.12 , Singapore, ASN139341 (ACE-AS-AP ACE, SG),

Reverse DNS

Software

Lego Server /

Resource Hash

c5abf2464a853ab4c67c11f6e8d2d0967af237baa734ded483479e05e2fdcbcd

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains;

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Jun 2023 03:51:20 GMT
strict-transport-security: max-age=15724800; includeSubDomains;
x-cache-lookup: Cache Hit, Cache Miss, Hit From Inner Cluster
server: Lego Server
age: 0
content-type: image/jpg
x-nws-log-uuid: 16267889076027787696
accept-ranges: bytes
content-length: 17838

GET
H2 200 tnw7.jpg
s.isanook.com/wo/0/ud/46/232117/ 18 KB
18 KB 650ms
643ms Image
image/jpg 43.152.29.12
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.isanook.com/wo/0/ud/46/232117/tnw7.jpg?ip/crop/w350h197/q80/jpg

Requested by

Host: www.sanook.com
URL: https://www.sanook.com/women/220941/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

43.152.29.12 , Singapore, ASN139341 (ACE-AS-AP ACE, SG),

Reverse DNS

Software

Lego Server /

Resource Hash

3b3ecb9e5dbe85c40c435f18a9cc83aca35c252b02f31b12718e8089444d3041

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains;

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Jun 2023 03:55:46 GMT
strict-transport-security: max-age=15724800; includeSubDomains;
x-cache-lookup: Cache Miss, Cache Miss, Hit From Inner Cluster
server: Lego Server
age: 0
content-type: image/jpg
x-nws-log-uuid: 5350587218974842369
accept-ranges: bytes
content-length: 18774

GET
H2 200 228317-thumbnail.jpg
s.isanook.com/wo/0/ud/45/228317/ 19 KB
19 KB 1551ms
1544ms Image
image/jpg 43.152.29.12
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.isanook.com/wo/0/ud/45/228317/228317-thumbnail.jpg?ip/crop/w350h197/q80/jpg

Requested by

Host: www.sanook.com
URL: https://www.sanook.com/women/220941/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

43.152.29.12 , Singapore, ASN139341 (ACE-AS-AP ACE, SG),

Reverse DNS

Software

Lego Server /

Resource Hash

033cbccbd3f7efaf55b2cbd9418ba13d4a469247ba5db6d87cfdc8596057218c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains;

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Jun 2023 03:51:19 GMT
strict-transport-security: max-age=15724800; includeSubDomains;
x-cache-lookup: Cache Hit, Hit From Inner Cluster, Cache Miss
server: Lego Server
age: 0
content-type: image/jpg
x-nws-log-uuid: 1985364839463147910
accept-ranges: bytes
content-length: 19599

GET
H2 200 221645-thumbnail.jpg
s.isanook.com/wo/0/ud/44/221645/ 17 KB
17 KB 516ms
510ms Image
image/jpg 43.152.29.12
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.isanook.com/wo/0/ud/44/221645/221645-thumbnail.jpg?ip/crop/w350h197/q80/jpg

Requested by

Host: www.sanook.com
URL: https://www.sanook.com/women/220941/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

43.152.29.12 , Singapore, ASN139341 (ACE-AS-AP ACE, SG),

Reverse DNS

Software

Lego Server /

Resource Hash

d97959b503be6478020f470986662db8b786ea2491ec991e652b1f37611fbb39

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains;

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Jun 2023 02:54:34 GMT
strict-transport-security: max-age=15724800; includeSubDomains;
x-cache-lookup: Cache Hit, Hit From Inner Cluster, Cache Miss, Hit From Inner Cluster
server: Lego Server
age: 0
content-type: image/jpg
x-nws-log-uuid: 5809304432106043249
accept-ranges: bytes
content-length: 17757

GET
H2 200 227117-thumbnail.jpg
s.isanook.com/wo/0/ud/45/227117/ 19 KB
20 KB 518ms
512ms Image
image/jpg 43.152.29.12
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.isanook.com/wo/0/ud/45/227117/227117-thumbnail.jpg?ip/crop/w350h197/q80/jpg

Requested by

Host: www.sanook.com
URL: https://www.sanook.com/women/220941/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

43.152.29.12 , Singapore, ASN139341 (ACE-AS-AP ACE, SG),

Reverse DNS

Software

Lego Server /

Resource Hash

caf5d51717c7d26c09bd92bea1d285ac2ec534f33ca708e28fdebb51fa895c4a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains;

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Jun 2023 03:51:20 GMT
strict-transport-security: max-age=15724800; includeSubDomains;
x-cache-lookup: Cache Hit, Cache Miss, Hit From Inner Cluster
server: Lego Server
age: 0
content-type: image/jpg
x-nws-log-uuid: 5294081303758673030
accept-ranges: bytes
content-length: 19906

GET
H2 200 candyblast_3.png
s.isanook.com/sr/0/images/game/gamecenter/ 185 KB
186 KB 371ms
364ms Image
image/png 43.152.29.12
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.isanook.com/sr/0/images/game/gamecenter/candyblast_3.png
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/women/220941/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 43.152.29.12 , Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: Lego Server /
Resource Hash: 3eda6d9d9ce8d34aeae4ef396eee0d3a79569b5527136de05938e3ff2f470093

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 25 Jun 2023 09:55:19 GMT
x-cache-lookup: Cache Hit, Hit From Inner Cluster
last-modified: Fri, 23 Jun 2023 02:33:51 GMT
server: Lego Server
age: 0
etag: "6495048f-2e5d7"
content-type: image/png
x-nws-log-uuid: 17236882748556284289
accept-ranges: bytes
content-length: 189911

GET
H2 200 oppa.js Show response
p3.isanook.com/sh/0/js/ 537 B
558 B 168ms
143ms Script
application/javascript 43.152.29.11
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to

Full URL: https://p3.isanook.com/sh/0/js/oppa.js
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/women/220941/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 43.152.29.11 , Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: Lego Server /
Resource Hash: 8d9ca9a070463bcbe29e90af7f3b2aff78adce09eb1481d5b261af72ef998f28

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 19 Jun 2023 10:06:39 GMT
content-encoding: gzip
x-cache-lookup: Cache Hit, Hit From Inner Cluster
last-modified: Wed, 17 May 2017 08:37:40 GMT
server: Lego Server
age: 0
etag: "591c0bd4-219"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000, s-maxage=10
x-nws-log-uuid: 14156339849286260281
accept-ranges: bytes
content-length: 363
expires: Wed, 19 Jul 2023 10:06:39 GMT

GET
H2 200 db04b7e80825ebbe7211052ca9638d056f74acc8-1.11.0.js Show response
s.isanook.com/sr/0/js/izooto/ 209 KB
54 KB 372ms
366ms Script
application/javascript 43.152.29.12
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to

Full URL: https://s.isanook.com/sr/0/js/izooto/db04b7e80825ebbe7211052ca9638d056f74acc8-1.11.0.js
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/women/220941/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 43.152.29.12 , Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: Lego Server /
Resource Hash: 04739cdd0a9f88f3ceac9851166b8376d4d10cc38cff7f92edc30d5e298d11b1

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 19:10:10 GMT
content-encoding: gzip
x-cache-lookup: Cache Hit, Hit From Inner Cluster
last-modified: Wed, 21 Jun 2023 11:28:14 GMT
server: Lego Server
age: 0
etag: "6492dece-34574"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000
x-nws-log-uuid: 8778718204969910708
accept-ranges: bytes
content-length: 55174
expires: Fri, 21 Jul 2023 19:10:10 GMT

GET
H2 200 1489944661112333 Show response
connect.facebook.net/signals/config/ 300 KB
86 KB 140ms
140ms Script
application/x-javascript 157.240.0.6
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1489944661112333?v=2.9.109&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

157.240.0.6 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-02-fra3.fbcdn.net

Software

Resource Hash

1b8ae9585b6cf1b2e44f3326f61905d2dcff7f35a7a31b7334f800ad6367b8d6

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Mon, 26 Jun 2023 03:55:45 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 88179
x-xss-protection: 0
pragma: public
x-fb-debug: pBqedMU/oDfk3fR6BuxOOVPEaUcqgGIBrbbGnXS2iQG8kHBmx00NUo8RrtwFM50MlhkfzDBhQWJp6Z2+zQ1n3g==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 logo-sanook-n.svg
s.isanook.com/sr/0/images/ 11 KB
4 KB 351ms
200ms Image
image/svg+xml 43.152.29.12
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.isanook.com/sr/0/images/logo-sanook-n.svg
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/women/220941/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 43.152.29.12 , Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: Lego Server /
Resource Hash: 412e44de7c09f2b8d76b1ad4ca25cc6915bcca5d737aaa7c5a6b44e5965d1d6d

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 19 Jun 2023 04:17:03 GMT
content-encoding: gzip
x-cache-lookup: Cache Hit, Hit From Inner Cluster
last-modified: Thu, 15 Jun 2023 02:53:51 GMT
server: Lego Server
age: 67975
etag: W/"648a7d3f-2b18"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=2592000
x-nws-log-uuid: 8625916526942284864
accept-ranges: bytes
content-length: 4394
expires: Wed, 19 Jul 2023 04:17:03 GMT

GET
H2 200 prompt-regular-webfont.woff2
s.isanook.com/sr/0/fonts/prompt/ 50 KB
51 KB 398ms
131ms Font
font/woff2 43.152.29.12
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to

Full URL: https://s.isanook.com/sr/0/fonts/prompt/prompt-regular-webfont.woff2
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/women/220941/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 43.152.29.12 , Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: Lego Server /
Resource Hash: 8756f19020bac3a40d2a403c5f5bcf3ac5034bc0da074d6a383bbe6c32561de5

Request headers

Referer: https://www.sanook.com/
Origin: https://www.sanook.com
accept-language: ka-GE,ka;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 23 Jun 2023 05:12:22 GMT
x-cache-lookup: Cache Hit, Hit From Inner Cluster
last-modified: Fri, 23 Jun 2023 02:33:39 GMT
server: Lego Server
age: 0
etag: "64950483-c8dc"
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=2592000
x-nws-log-uuid: 18397871542740889716
accept-ranges: bytes
content-length: 51420
expires: Sun, 23 Jul 2023 05:12:22 GMT

GET
H2 200 new.png
s.isanook.com/sr/0/images/game/ 4 KB
4 KB 371ms
365ms Image
image/png 43.152.29.12
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.isanook.com/sr/0/images/game/new.png
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/women/220941/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 43.152.29.12 , Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: Lego Server /
Resource Hash: 92b90e6df7c880e709cfd70ad4e659609d5a1b898674fb8dd371083f790ba404

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jun 2023 08:56:51 GMT
x-cache-lookup: Cache Hit, Hit From Inner Cluster
last-modified: Thu, 15 Jun 2023 02:53:48 GMT
server: Lego Server
age: 0
etag: "648a7d3c-1052"
content-type: image/png
cache-control: s-maxage=10
x-nws-log-uuid: 11608989066296943069
accept-ranges: bytes
content-length: 4178

GET
H2 200 SukhumvitReg.woff2
s.isanook.com/sr/0/fonts/sukhumvit/ 31 KB
31 KB 396ms
133ms Font
application/octet-stream 43.152.29.12
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to

Full URL: https://s.isanook.com/sr/0/fonts/sukhumvit/SukhumvitReg.woff2
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/women/220941/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 43.152.29.12 , Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: Lego Server /
Resource Hash: 65d92e36ac9a058f660398ed713dda9b407854b01e659fe29508f8548f9eb479

Request headers

Referer: https://www.sanook.com/
Origin: https://www.sanook.com
accept-language: ka-GE,ka;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 22 Jun 2023 03:11:02 GMT
content-encoding: gzip
x-cache-lookup: Cache Hit, Hit From Inner Cluster
last-modified: Wed, 21 Jun 2023 11:27:48 GMT
server: Lego Server
age: 0
etag: W/"6492deb4-7a90"
vary: Accept-Encoding
content-type: text/plain
access-control-allow-origin: *
cache-control: public, max-age=2592000
x-nws-log-uuid: 9970771467666369239
accept-ranges: bytes
content-length: 31404
expires: Sat, 22 Jul 2023 03:11:02 GMT

GET
H2 200 prompt-bold-webfont.woff2
s.isanook.com/sr/0/fonts/prompt/ 52 KB
52 KB 395ms
132ms Font
application/octet-stream 43.152.29.12
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to

Full URL: https://s.isanook.com/sr/0/fonts/prompt/prompt-bold-webfont.woff2
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/women/220941/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 43.152.29.12 , Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: Lego Server /
Resource Hash: d68c3ead837103c502de483abfdb0167fa83abe2a3ba452df2d5f216289f6c9f

Request headers

Referer: https://www.sanook.com/
Origin: https://www.sanook.com
accept-language: ka-GE,ka;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 19 Jun 2023 08:10:57 GMT
content-encoding: gzip
x-cache-lookup: Cache Hit, Hit From Inner Cluster
last-modified: Thu, 15 Jun 2023 02:53:40 GMT
server: Lego Server
age: 0
etag: W/"648a7d34-cf40"
vary: Accept-Encoding
content-type: text/plain
access-control-allow-origin: *
cache-control: public, max-age=2592000
x-nws-log-uuid: 9463108820556932434
accept-ranges: bytes
content-length: 53090
expires: Wed, 19 Jul 2023 08:10:57 GMT

GET
H2 200 prompt-semibold-webfont.woff2
s.isanook.com/sr/0/fonts/prompt/ 50 KB
51 KB 394ms
132ms Font
font/woff2 43.152.29.12
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to

Full URL: https://s.isanook.com/sr/0/fonts/prompt/prompt-semibold-webfont.woff2
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/women/220941/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 43.152.29.12 , Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: Lego Server /
Resource Hash: 211ce11050c57b74d7f793232305a8ee5cea7f061366efaa6df4bff5cb7a2495

Request headers

Referer: https://www.sanook.com/
Origin: https://www.sanook.com
accept-language: ka-GE,ka;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 26 May 2023 03:24:20 GMT
x-cache-lookup: Cache Hit, Hit From Inner Cluster
last-modified: Fri, 26 May 2023 02:49:41 GMT
server: Lego Server
age: 2122589
etag: "64701e45-c930"
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=2592000
x-nws-log-uuid: 967938807798275280
accept-ranges: bytes
content-length: 51504
expires: Sun, 25 Jun 2023 03:24:20 GMT

GET
H2 200 SukhumvitBold.woff2
s.isanook.com/sr/0/fonts/sukhumvit/ 31 KB
32 KB 605ms
343ms Font
font/woff2 43.152.29.12
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to

Full URL: https://s.isanook.com/sr/0/fonts/sukhumvit/SukhumvitBold.woff2
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/women/220941/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 43.152.29.12 , Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: Lego Server /
Resource Hash: ac0d14d8b4a66299b3a84068fc5447d86121c033e665a51bbd3fb23938e00d3f

Request headers

Referer: https://www.sanook.com/
Origin: https://www.sanook.com
accept-language: ka-GE,ka;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 18 Jun 2023 20:49:55 GMT
x-cache-lookup: Cache Hit, Hit From Inner Cluster
last-modified: Thu, 15 Jun 2023 02:53:41 GMT
server: Lego Server
age: 77764
etag: "648a7d35-7df4"
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=2592000
x-nws-log-uuid: 13363013944263931181
accept-ranges: bytes
content-length: 32244
expires: Tue, 18 Jul 2023 20:49:55 GMT

GET
H2 200 optimize.js Show response
www.googleoptimize.com/ 125 KB
48 KB 432ms
140ms Script
application/javascript 172.217.16.206
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleoptimize.com/optimize.js?id=GTM-NBRLWV4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PNXLXRS

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.206 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f206.1e100.net

Software

Google Tag Manager /

Resource Hash

79a0cf058d11a697f716f09dd18abfec136ee0186f685d5eba18a749414f2b27

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Jun 2023 03:55:46 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 49217
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 26 Jun 2023 03:55:46 GMT

GET
H2 200 / Show response
www.googleadservices.com/pagead/conversion/1007499765/ 3 KB
2 KB 452ms
154ms Script
text/javascript 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion/1007499765/?random=1687751745775&cv=11&fst=1687751745775&bg=ffffff&guid=ON&async=1&gtm=45He36l0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.sanook.com%2Fwomen%2F220941%2F&label=JxFSCKqXqfMBEPXztOAD&hn=www.googleadservices.com&frm=0&tiba=%E2%80%9C%E0%B8%89%E0%B8%B2%E0%B8%81%E0%B8%81%E0%B8%B1%E0%B9%89%E0%B8%99%E0%B9%82%E0%B8%84%E0%B8%A7%E0%B8%B4%E0%B8%94-19%E2%80%9D%20%E0%B8%AD%E0%B8%A2%E0%B8%B2%E0%B8%81%E0%B9%84%E0%B8%94%E0%B9%89%20%E0%B8%97%E0%B8%B3%E0%B9%80%E0%B8%AD%E0%B8%87%20%E0%B8%AB&value=0&bttype=purchase&auid=1312455546.1687751746&uamb=0&uaw=0&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PNXLXRS

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

8e4d51d6651548519f3558d43cef1f72038b61c3677e3b9a91d5e2a0f7d46846

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 26 Jun 2023 03:55:46 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1695
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/408516141/ 3 KB
2 KB 445ms
151ms Script
text/javascript 216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/408516141/?random=1687751745784&cv=11&fst=1687751745784&bg=ffffff&guid=ON&async=1&gtm=45He36l0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.sanook.com%2Fwomen%2F220941%2F&hn=www.googleadservices.com&frm=0&tiba=%E2%80%9C%E0%B8%89%E0%B8%B2%E0%B8%81%E0%B8%81%E0%B8%B1%E0%B9%89%E0%B8%99%E0%B9%82%E0%B8%84%E0%B8%A7%E0%B8%B4%E0%B8%94-19%E2%80%9D%20%E0%B8%AD%E0%B8%A2%E0%B8%B2%E0%B8%81%E0%B9%84%E0%B8%94%E0%B9%89%20%E0%B8%97%E0%B8%B3%E0%B9%80%E0%B8%AD%E0%B8%87%20%E0%B8%AB&auid=1312455546.1687751746&uamb=0&uaw=0&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PNXLXRS

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f130.1e100.net

Software

cafe /

Resource Hash

dde7da8fbaf28eb013abd531ee731dd926cf260ae671432733fee5ad7fb24c01

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 26 Jun 2023 03:55:46 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1378
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 beacon.js Show response
sb.scorecardresearch.com/ 4 KB
2 KB 414ms
134ms Script
application/javascript 13.32.99.90
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/beacon.js
Requested by: Host: p3.isanook.com
URL: https://p3.isanook.com/sh/0/js/beacon.v1.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-90.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 1aee66e2e24e851039801c0dace90f3efb7a1a17b033f7d5bbc12ca7c1d19432

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Jun 2023 01:20:21 GMT
content-encoding: gzip
via: 1.1 544814e402956ba93c0a2d2b923e94c2.cloudfront.net (CloudFront)
last-modified: Thu, 09 Mar 2023 09:22:40 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P3
age: 9328
x-amz-server-side-encryption: AES256
etag: W/"a06e7a176f40dc26aa5e9567ac9d2d5e"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=86400
x-amz-cf-id: dVfURSZLX_KpHu2sacA-afVqfpXx41sOTHKVwyiPF5O3bgap80_KwQ==

GET
H/1.1 200
OK container_57b51f2f1c51b15b6d1e8553.js Show response
avd.innity.net/225/ 8 KB
4 KB 415ms
137ms Script
application/javascript 2.22.155.137
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://avd.innity.net/225/container_57b51f2f1c51b15b6d1e8553.js
Requested by: Host: p3.isanook.com
URL: https://p3.isanook.com/sh/0/js/oppa.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2.22.155.137 Glattbrugg, Switzerland, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-22-155-137.deploy.static.akamaitechnologies.com
Software: nginx/1.20.2 /
Resource Hash: 79e294a7071dc71eebe41f088919fd137441a80f5ba5bd2765b978726ec5ee9d

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 26 Jun 2023 03:55:46 GMT
Content-Encoding: gzip
Last-Modified: Fri, 28 Aug 2020 08:27:45 GMT
Server: nginx/1.20.2
ETag: "5f48c001-20eb-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: public, max-age=1290932
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3217
Expires: Tue, 11 Jul 2023 02:31:18 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
186 B 407ms
134ms Image
text/plain 157.240.0.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1489944661112333&ev=PageView&dl=https%3A%2F%2Fwww.sanook.com%2Fwomen%2F220941%2F&rl=&if=false&ts=1687751745902&sw=1600&sh=1200&v=2.9.109&r=stable&ec=0&o=30&fbp=fb.1.1687751745900.417076920&it=1687751745624&coo=false&rqm=GET

Requested by

Host: www.sanook.com
URL: https://www.sanook.com/women/220941/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

157.240.0.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-02-fra3.facebook.com

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Mon, 26 Jun 2023 03:55:46 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 goggen.php
lvs2.truehits.in.th/ 91 B
293 B 324ms
319ms Image
image/jpeg 203.154.58.214
INET-TH-AS Intern...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lvs2.truehits.in.th/goggen.php?hc=d0004449&bv=0&rf=bookmark&web=s5BFi1xrsu3%2b25kj/Et59w%3D%3D&bn=Netscape&ss=1600*1200&sc=24&sv=1.3&ck=y&ja=n&vt=2AFC8DE8.1&fp=d&fv=-&truehitspage=sanook.women.entry&truehitsurl=https%3a//www.sanook.com/women/220941/&async=1
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/women/220941/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 203.154.58.214 , Thailand, ASN4618 (INET-TH-AS Internet Thailand Company Limited, TH),
Reverse DNS: 203-154-58-214.northern.inet.co.th
Software: nginx/1.23.3 /
Resource Hash: 44a8550a5891e70e072fe307ff01f77c94c89a120117c7aaa82e5e9ac2860436

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type: image/jpeg
pragma: no-cache
date: Mon, 26 Jun 2023 03:55:46 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
server: nginx/1.23.3
p3p: CP=NOI DSP COR NID ADMa OUR IND NAV; policyref="/w3c/p3p.xml"

GET
H2 200 base-icon-v1.0.45.woff2
s.isanook.com/sr/0/fonts/icon/ 39 KB
40 KB 298ms
298ms Font
font/woff2 43.152.29.12
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to

Full URL: https://s.isanook.com/sr/0/fonts/icon/base-icon-v1.0.45.woff2
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/women/220941/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 43.152.29.12 , Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: Lego Server /
Resource Hash: 14642d9bda67d96a5291f33bb8c703967c8f2ac0214efe41b0c453aaa369cc6e

Request headers

Referer: https://www.sanook.com/
Origin: https://www.sanook.com
accept-language: ka-GE,ka;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 23 Jun 2023 14:22:52 GMT
x-cache-lookup: Cache Hit
last-modified: Fri, 23 Jun 2023 02:33:39 GMT
server: Lego Server
age: 0
etag: "64950483-9d84"
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=2592000
x-nws-log-uuid: 10103698602374365941
accept-ranges: bytes
content-length: 40324
expires: Sun, 23 Jul 2023 14:22:52 GMT

GET
H2 200 pwt.js Show response
ads.pubmatic.com/AdServer/js/pwt/155976/781/ 2 MB
238 KB 424ms
136ms Script
application/javascript 23.32.184.192
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js
Requested by: Host: s.isanook.com
URL: https://s.isanook.com/sh/0/js/pubmatic_desktop.1.0.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.32.184.192 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-32-184-192.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 90dc8ea5f4689b21cfb8a0a192e3e017aa6d81ba6eaa93d00b17db3efcbd4121

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Jun 2023 03:55:46 GMT
content-encoding: gzip
last-modified: Tue, 30 May 2023 09:15:23 GMT
server: Apache
vary: Accept-Encoding
content-type: application/javascript
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: max-age=42877
accept-ranges: bytes
content-length: 243421
expires: Mon, 26 Jun 2023 15:50:23 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/408516141/ 42 B
456 B 427ms
146ms Image
image/gif 142.250.186.132
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/408516141/?random=1687751745784&cv=11&fst=1687748400000&bg=ffffff&guid=ON&async=1&gtm=45He36l0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.sanook.com%2Fwomen%2F220941%2F&frm=0&tiba=%E2%80%9C%E0%B8%89%E0%B8%B2%E0%B8%81%E0%B8%81%E0%B8%B1%E0%B9%89%E0%B8%99%E0%B9%82%E0%B8%84%E0%B8%A7%E0%B8%B4%E0%B8%94-19%E2%80%9D%20%E0%B8%AD%E0%B8%A2%E0%B8%B2%E0%B8%81%E0%B9%84%E0%B8%94%E0%B9%89%20%E0%B8%97%E0%B8%B3%E0%B9%80%E0%B8%AD%E0%B8%87%20%E0%B8%AB&fmt=3&is_vtc=1&random=3659817188&rmt_tld=0&ipr=y

Requested by

Host: www.sanook.com
URL: https://www.sanook.com/women/220941/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f4.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 26 Jun 2023 03:55:46 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.ge/pagead/1p-user-list/408516141/ 42 B
456 B 448ms
147ms Image
image/gif 142.250.181.227
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.ge/pagead/1p-user-list/408516141/?random=1687751745784&cv=11&fst=1687748400000&bg=ffffff&guid=ON&async=1&gtm=45He36l0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.sanook.com%2Fwomen%2F220941%2F&frm=0&tiba=%E2%80%9C%E0%B8%89%E0%B8%B2%E0%B8%81%E0%B8%81%E0%B8%B1%E0%B9%89%E0%B8%99%E0%B9%82%E0%B8%84%E0%B8%A7%E0%B8%B4%E0%B8%94-19%E2%80%9D%20%E0%B8%AD%E0%B8%A2%E0%B8%B2%E0%B8%81%E0%B9%84%E0%B8%94%E0%B9%89%20%E0%B8%97%E0%B8%B3%E0%B9%80%E0%B8%AD%E0%B8%87%20%E0%B8%AB&fmt=3&is_vtc=1&random=3659817188&rmt_tld=1&ipr=y

Requested by

Host: www.sanook.com
URL: https://www.sanook.com/women/220941/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.227 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f3.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 26 Jun 2023 03:55:46 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

/
www.google.ge/pagead/1p-conversion/1007499765/
Redirect Chain

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1007499765/?random=38660829&cv=11&fst=1687751745775&bg=ffffff&guid=ON&async=1&gtm=45He36l0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.s...
https://www.google.com/pagead/1p-conversion/1007499765/?random=38660829&cv=11&fst=1687751745775&bg=ffffff&guid=ON&async=1&gtm=45He36l0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.sanook.com%2Fwomen%2F2...
https://www.google.ge/pagead/1p-conversion/1007499765/?random=38660829&cv=11&fst=1687751745775&bg=ffffff&guid=ON&async=1&gtm=45He36l0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.sanook.com%2Fwomen%2F22...

42 B
109 B

146ms
145ms

Image
image/gif

142.250.181.227
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.ge/pagead/1p-conversion/1007499765/?random=38660829&cv=11&fst=1687751745775&bg=ffffff&guid=ON&async=1&gtm=45He36l0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.sanook.com%2Fwomen%2F220941%2F&label=JxFSCKqXqfMBEPXztOAD&hn=www.googleadservices.com&frm=0&tiba=%E2%80%9C%E0%B8%89%E0%B8%B2%E0%B8%81%E0%B8%81%E0%B8%B1%E0%B9%89%E0%B8%99%E0%B9%82%E0%B8%84%E0%B8%A7%E0%B8%B4%E0%B8%94-19%E2%80%9D%20%E0%B8%AD%E0%B8%A2%E0%B8%B2%E0%B8%81%E0%B9%84%E0%B8%94%E0%B9%89%20%E0%B8%97%E0%B8%B3%E0%B9%80%E0%B8%AD%E0%B8%87%20%E0%B8%AB&value=0&auid=1312455546.1687751746&uamb=0&uaw=0&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek5DaEFJOE12ZnBBWVE1NGVLajV2NTVLbGFFaVlBcTlpUmh6UTRjajFRbGthYm9ZbXdOa1BtUmhOTXd4Um9hM2FYaHBoaDVJeW9YdE9tVmcaWkNoRUk4TXZmcEFZUXlNS2pscEdOOV9YaUFSSXVBQ0dlaU1fMmxoSmNqQk03VmprQ0gxdVdPMUNiQ1pZUER3OU1fc2czNjFLNUdCTHdXLVMweEk2Nzg3RGFQZyITCPG-tZqF4P8CFfTBuwgdkYQAew&is_vtc=1&ocp_id=QgyZZPGVDfSD7_UPkYmC2Ac&cid=CAQSKQBygQiDfU9Qk-cJ9gGg5zZYAUczjjpIChH4b2WQ6H0ERVYgixs_XGvA&eitems=ChEI8MvfpAYQ5KGFy8vn8Nn0ARIdAPl51E812QslWknBwktzm68676VRZ_TApWQjEUc&random=804047261&ipr=y

Requested by

Host: www.sanook.com
URL: https://www.sanook.com/women/220941/

Protocol

Server

142.250.181.227 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f3.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 26 Jun 2023 03:55:47 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 26 Jun 2023 03:55:46 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://www.google.ge/pagead/1p-conversion/1007499765/?random=38660829&cv=11&fst=1687751745775&bg=ffffff&guid=ON&async=1&gtm=45He36l0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.sanook.com%2Fwomen%2F220941%2F&label=JxFSCKqXqfMBEPXztOAD&hn=www.googleadservices.com&frm=0&tiba=%E2%80%9C%E0%B8%89%E0%B8%B2%E0%B8%81%E0%B8%81%E0%B8%B1%E0%B9%89%E0%B8%99%E0%B9%82%E0%B8%84%E0%B8%A7%E0%B8%B4%E0%B8%94-19%E2%80%9D%20%E0%B8%AD%E0%B8%A2%E0%B8%B2%E0%B8%81%E0%B9%84%E0%B8%94%E0%B9%89%20%E0%B8%97%E0%B8%B3%E0%B9%80%E0%B8%AD%E0%B8%87%20%E0%B8%AB&value=0&auid=1312455546.1687751746&uamb=0&uaw=0&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek5DaEFJOE12ZnBBWVE1NGVLajV2NTVLbGFFaVlBcTlpUmh6UTRjajFRbGthYm9ZbXdOa1BtUmhOTXd4Um9hM2FYaHBoaDVJeW9YdE9tVmcaWkNoRUk4TXZmcEFZUXlNS2pscEdOOV9YaUFSSXVBQ0dlaU1fMmxoSmNqQk03VmprQ0gxdVdPMUNiQ1pZUER3OU1fc2czNjFLNUdCTHdXLVMweEk2Nzg3RGFQZyITCPG-tZqF4P8CFfTBuwgdkYQAew&is_vtc=1&ocp_id=QgyZZPGVDfSD7_UPkYmC2Ac&cid=CAQSKQBygQiDfU9Qk-cJ9gGg5zZYAUczjjpIChH4b2WQ6H0ERVYgixs_XGvA&eitems=ChEI8MvfpAYQ5KGFy8vn8Nn0ARIdAPl51E812QslWknBwktzm68676VRZ_TApWQjEUc&random=804047261&ipr=y
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 / Show response
www.facebook.com/tr/ Frame B99B 0
48 B 140ms
140ms Document
text/plain 157.240.0.35
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Host: www.sanook.com
URL: https://www.sanook.com/women/220941/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

157.240.0.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-02-fra3.facebook.com

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Content-Type: application/x-www-form-urlencoded
Origin: https://www.sanook.com
Referer: https://www.sanook.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: ka-GE,ka;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-origin: https://www.sanook.com
alt-svc: h3=":443"; ma=86400
content-length: 0
content-type: text/plain
cross-origin-resource-policy: cross-origin
date: Mon, 26 Jun 2023 03:55:46 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 405ms
132ms Script
text/javascript 216.239.38.178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PNXLXRS

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.239.38.178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 26 Jun 2023 03:04:41 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 3065
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Mon, 26 Jun 2023 05:04:41 GMT

GET
H2 200 2481.dcf19fe8839f8737d536.js Show response
s.isanook.com/sr/0/_next/static/chunks/ 4 KB
2 KB 131ms
130ms Script
application/javascript 43.152.29.12
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to

Full URL: https://s.isanook.com/sr/0/_next/static/chunks/2481.dcf19fe8839f8737d536.js
Requested by: Host: s.isanook.com
URL: https://s.isanook.com/sr/0/_next/static/chunks/webpack-85ef46c5ff52500835f2.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 43.152.29.12 , Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: Lego Server /
Resource Hash: 0a55a803103fd73c135ad66d1a8b9aa2a7a7bb0054618b70a9c0d46c87a59371

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 16:46:58 GMT
content-encoding: gzip
x-cache-lookup: Cache Hit
last-modified: Thu, 15 Jun 2023 02:53:37 GMT
server: Lego Server
age: 0
etag: W/"648a7d31-ee2"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000
x-nws-log-uuid: 9990754839822193027
accept-ranges: bytes
content-length: 1444
expires: Mon, 17 Jul 2023 16:46:58 GMT

GET
H2 200 950.268be4686f34540c2906.js Show response
s.isanook.com/sr/0/_next/static/chunks/ 97 KB
20 KB 134ms
134ms Script
application/javascript 43.152.29.12
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to

Full URL: https://s.isanook.com/sr/0/_next/static/chunks/950.268be4686f34540c2906.js
Requested by: Host: s.isanook.com
URL: https://s.isanook.com/sr/0/_next/static/chunks/webpack-85ef46c5ff52500835f2.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 43.152.29.12 , Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: Lego Server /
Resource Hash: 9e06da0bcecb5c3543ff295850c81e14dc9e0b6e28cccf39dae72e88c2ae1a2d

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 04:34:26 GMT
content-encoding: gzip
x-cache-lookup: Cache Hit, Hit From Inner Cluster
last-modified: Wed, 21 Jun 2023 03:38:59 GMT
server: Lego Server
age: 0
etag: W/"649270d3-18451"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000
x-nws-log-uuid: 8276239315604730280
accept-ranges: bytes
content-length: 20211
expires: Fri, 21 Jul 2023 04:34:26 GMT

GET
H2 200 2437.9e6c8584339c5949c677.js Show response
s.isanook.com/sr/0/_next/static/chunks/ 1 KB
1 KB 133ms
133ms Script
application/javascript 43.152.29.12
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to

Full URL: https://s.isanook.com/sr/0/_next/static/chunks/2437.9e6c8584339c5949c677.js
Requested by: Host: s.isanook.com
URL: https://s.isanook.com/sr/0/_next/static/chunks/webpack-85ef46c5ff52500835f2.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 43.152.29.12 , Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: Lego Server /
Resource Hash: 8f8559a1d533e1b9f28b7904b9328abf7defe554bb3cf4328d84e21ddf5764f2

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 23 Jun 2023 15:23:44 GMT
content-encoding: gzip
x-cache-lookup: Cache Hit, Hit From Inner Cluster
last-modified: Fri, 23 Jun 2023 02:33:35 GMT
server: Lego Server
age: 0
etag: W/"6495047f-586"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000, s-maxage=10
x-nws-log-uuid: 7206768755599810634
accept-ranges: bytes
content-length: 791
expires: Sun, 23 Jul 2023 15:23:44 GMT

GET
H2 200 responsive-voice-1.0.3.min.js Show response
s.isanook.com/sr/0/js/voice/ 90 KB
23 KB 132ms
132ms Script
application/javascript 43.152.29.12
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to

Full URL: https://s.isanook.com/sr/0/js/voice/responsive-voice-1.0.3.min.js
Requested by: Host: s.isanook.com
URL: https://s.isanook.com/sr/0/_next/static/chunks/pages/_app-728bf3a5f2152c8da774.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 43.152.29.12 , Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: Lego Server /
Resource Hash: 695e3e04c7d78887cbe74d3449f5c0a5e2ef92d173e6cbf8f692d3e028f4554d

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 23 Jun 2023 18:35:41 GMT
content-encoding: gzip
x-cache-lookup: Cache Hit, Hit From Inner Cluster
last-modified: Wed, 31 May 2023 02:47:41 GMT
server: Lego Server
age: 2032443
etag: W/"6476b54d-16928"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000
x-nws-log-uuid: 10097515045034989886
accept-ranges: bytes
content-length: 23390
expires: Fri, 30 Jun 2023 06:01:39 GMT

GET
H3 200 sdk.js Show response
connect.facebook.net/en_US/ 3 KB
2 KB 139ms
138ms Script
application/x-javascript 157.240.0.6
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js

Requested by

Host: s.isanook.com
URL: https://s.isanook.com/sr/0/_next/static/chunks/4883-eaa47998e430c5efe9d8.js

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.0.6 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-02-fra3.fbcdn.net

Software

Resource Hash

a0bbcc76286aa419b503fd81c79af5446beed1056f5f45cfb45dd16dfcb32ba3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 26 Jun 2023 03:55:46 GMT
content-md5: 5Gcy2YjNsZOrYjb4y3yupw==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 1688
x-fb-debug: NoTekTrvV0LXMs6dhUH85S048EG57pC6psA50/f0+bR1EuqB8y+PCEs4iQs7qSusKjnCMuCa8iK8K4RsFtt/Rg==
x-fb-content-md5: b63d2ae9be0c80e79fd860a0bd2634ae
cross-origin-opener-policy: same-origin-allow-popups
etag: "6f38771845e15dd7272450b63b90a607"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
priority: u=3,i
expires: Mon, 26 Jun 2023 04:03:01 GMT

GET
H2 200 hub.html Show response
p3.isanook.com/jo/0/mu/evt/_cross_storage/ex/ Frame CF70 236 B
369 B 512ms
512ms Document
text/html 43.152.29.11
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to

Full URL: https://p3.isanook.com/jo/0/mu/evt/_cross_storage/ex/hub.html
Requested by: Host: s.isanook.com
URL: https://s.isanook.com/sr/0/_next/static/chunks/pages/_app-728bf3a5f2152c8da774.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 43.152.29.11 , Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: Lego Server /
Resource Hash: 076d24cbdcf9e0597833fef55d3dca79e6b5fd281e45d85957bea5925473bc6c

Request headers

Referer: https://www.sanook.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: ka-GE,ka;q=0.9

Response headers

accept-ranges: bytes
age: 214
cache-control: no-cache, max-age=0
content-encoding: gzip
content-length: 192
content-type: text/html
date: Mon, 26 Jun 2023 03:52:12 GMT
server: Lego Server
vary: Accept-Encoding
x-cache-lookup: Cache Miss Hit From Inner Cluster Cache Miss Hit From Inner Cluster
x-nws-log-uuid: 176944839261976015
x-page-speed: 1.13.35.2-0

OPTIONS
H/1.1 204
No Content /
graph.sanook.com/ Frame 0
0 1164ms
308ms Preflight 203.151.128.172
INET-TH-AS Intern...

General

Check archive.org

Show headers Download Go to

Full URL

https://graph.sanook.com/?operationName=getTrendingTags&variables=%7B%22position%22%3A%22HOROSCOPE_ENTRY_DEFAULT_VIDEO%22%7D&extensions=%7B%22persistedQuery%22%3A%7B%22version%22%3A1%2C%22sha256Hash%22%3A%22fafa2ebba388db4754b1cdb5c5ca17123842d3c2cc2f8ea2e6f1d75377e2179d%22%7D%7D

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

203.151.128.172 Mueang Samut Prakan, Thailand, ASN4618 (INET-TH-AS Internet Thailand Company Limited, TH),

Reverse DNS

172.128.151.203.sta.inet.co.th

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains;

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://www.sanook.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range,XPURGE,XNAME,Authorization
Access-Control-Allow-Methods: GET, POST, OPTIONS, HEAD
Access-Control-Allow-Origin: https://www.sanook.com
Access-Control-Max-Age: 300
Connection: keep-alive
Date: Mon, 26 Jun 2023 03:55:47 GMT
G-API-Cache-Status: BYPASS
Server: nginx
Strict-Transport-Security: max-age=15724800; includeSubDomains;
Vary: Origin

GET
H2 200 loader.js Show response
cdn.taboola.com/libtrc/sanook/ 727 KB
63 KB 431ms
185ms Script
application/javascript 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/sanook/loader.js
Requested by: Host: s.isanook.com
URL: https://s.isanook.com/sr/0/_next/static/chunks/6584-447a1b16d42a2945b19a.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: a09ab6de3c891e65cadae6800284453d2202c5d3a131ec3d9f61ebd60bc3a00f

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: 3FozrXOVMwj6y.OF8kXUiEgqORmwKGsU
content-encoding: gzip
via: 1.1 varnish
date: Mon, 26 Jun 2023 03:55:47 GMT
x-amz-request-id: MTP96HN9Z4WA26YM
age: 0
x-amz-server-side-encryption: AES256
x-cache: MISS
x-from-cache: 1
x-envoy-upstream-service-time: 12
x-amz-replication-status: FAILED
content-length: 63856
x-amz-id-2: iYp3eZdqvwnxh7cDXILhYBeFLLk27FCMJXidq9s4LjXVH6HnhGad9iVzNcYahQxAXCwKFq1fWY0=
x-served-by: cache-sof1510039-SOF
last-modified: Mon, 26 Jun 2023 03:55:47 UTC
server: nginx
x-tbl-debug: bestatus=200,beresp=OK
x-timer: S1687751747.042018,VS0,VE65
etag: "849a4c2a4d87947707dadf0b31fede921a559d25"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
abp: 20
cache-control: private,max-age=14400
accept-ranges: bytes
x-cache-hits: 0

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 240 KB
83 KB 141ms
140ms Script
application/javascript 142.250.186.104
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-M0RYDTKBFK&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PNXLXRS

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.104 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

55e004cc0e3faf943829034280d5c88e393ea5236487f5ed66d68f9d6b1f6f10

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Jun 2023 03:55:46 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 85163
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 26 Jun 2023 03:55:46 GMT

GET
H2 200 abbreviationv2.min.json Show response
s.isanook.com/sr/0/textToSpeech/ 14 KB
3 KB 131ms
131ms XHR
application/json 43.152.29.12
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to

Full URL: https://s.isanook.com/sr/0/textToSpeech/abbreviationv2.min.json?t=26062023
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/women/220941/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 43.152.29.12 , Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: Lego Server /
Resource Hash: 964b656289b3bc187440e3556d72226c8f364bdc257acb0b3a99956ad013b60a

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.sanook.com/
accept-language: ka-GE,ka;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Jun 2023 09:00:11 GMT
content-encoding: gzip
x-cache-lookup: Cache Hit, Hit From Inner Cluster
last-modified: Fri, 23 Jun 2023 02:34:07 GMT
server: Lego Server
age: 15228
etag: "6495049f-38e8"
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=2592000, s-maxage=10
x-nws-log-uuid: 17401584565011191887
accept-ranges: bytes
content-length: 2550
expires: Mon, 24 Jul 2023 09:00:11 GMT

GET
H2 200 cookiepolicy.png
s.isanook.com/sr/0/images/ 17 KB
17 KB 131ms
131ms Image
image/png 43.152.29.12
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.isanook.com/sr/0/images/cookiepolicy.png
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/women/220941/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 43.152.29.12 , Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: Lego Server /
Resource Hash: d57aeaf80265f0b85de1bf9798c3eb60e8b8a71869a16cea4873e21667c9f657

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 19 Jun 2023 12:00:05 GMT
x-cache-lookup: Cache Hit, Hit From Inner Cluster
last-modified: Thu, 15 Jun 2023 02:53:47 GMT
server: Lego Server
age: 0
etag: "648a7d3b-428b"
content-type: image/png
cache-control: s-maxage=10
x-nws-log-uuid: 6213540533829842449
accept-ranges: bytes
content-length: 17035

GET
H/1.1 200
OK sanook_trend Show response
sloth-api.sanook.com/api/ 615 B
997 B 3080ms
320ms XHR
application/json 203.151.130.72
INET-TH-AS Intern...

General

Check archive.org

Show headers Download Go to

Full URL: https://sloth-api.sanook.com/api/sanook_trend?channel=women&t=468819
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/women/220941/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 203.151.130.72 Mueang Samut Prakan, Thailand, ASN4618 (INET-TH-AS Internet Thailand Company Limited, TH),
Reverse DNS: 72.130.151.203.sta.inet.co.th
Software: nginx / Express
Resource Hash: e66a14fa0956a877bdd7df2de2e999f15cbbd2533f10ea058bb6adca64ed030c

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.sanook.com/
accept-language: ka-GE,ka;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

X-Response-Time: 2.807ms
Date: Mon, 26 Jun 2023 03:55:49 GMT
Server: nginx
X-Powered-By: Express
ETag: W/"267-wNAcS12kNiCIbXVvMn9fykD/jXg"
Vary: Accept-Encoding
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=2592000
Connection: keep-alive
Content-Length: 615
Expires: Wed, 26 Jul 2023 03:55:49 GMT

GET
H/1.1 200
OK / Show response
graph.sanook.com/ 701 B
1 KB 312ms
312ms Fetch
application/json 203.151.128.172
INET-TH-AS Intern...

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: s.isanook.com
URL: https://s.isanook.com/sr/0/_next/static/chunks/pages/_app-728bf3a5f2152c8da774.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

203.151.128.172 Mueang Samut Prakan, Thailand, ASN4618 (INET-TH-AS Internet Thailand Company Limited, TH),

Reverse DNS

172.128.151.203.sta.inet.co.th

Software

nginx /

Resource Hash

8c4b69c824c4178c36992112852830ad02e2a81511f8073d9e1cecc839ffecb8

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains;

Request headers

accept: */*
Referer: https://www.sanook.com/
accept-language: ka-GE,ka;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type: application/json

Response headers

Date: Mon, 26 Jun 2023 03:55:48 GMT
Strict-Transport-Security: max-age=15724800; includeSubDomains;
Content-Encoding: br
Server: nginx
ETag: W/"2bd-XktoHvinbOpjl6Xz0OAG8yPSPoY"
X-Cache-Status: EXPIRED
Transfer-Encoding: chunked
Vary: Accept-Encoding, Origin
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://www.sanook.com
Access-Control-Allow-Methods: GET, POST, OPTIONS, HEAD
Access-Control-Allow-Credentials: true
G-API-Cache-Status: HIT
Connection: keep-alive
Access-Control-Allow-Headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range,XPURGE,XNAME,Authorization

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame AA77 15 KB
6 KB 440ms
149ms Document
text/html 178.250.1.11
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.sanook.com

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

42b9a15f9b6a86e0bca2678c6a6679ed2e73777ca55d893012e685275249f702

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://www.sanook.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: ka-GE,ka;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Mon, 26 Jun 2023 03:55:46 GMT
server: Kestrel
server-processing-duration-in-ticks: 269777
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2

204

b2
sb.scorecardresearch.com/
Redirect Chain

https://sb.scorecardresearch.com/b?c1=2&c2=14617386&cs_it=b9&cv=4.0.0%2B2301240627&ns__t=1687751746981&ns_c=UTF-8&c7=https%3A%2F%2Fwww.sanook.com%2Fwomen%2F220941%2F&c8=%E2%80%9C%E0%B8%89%E0%B8%B2%...
https://sb.scorecardresearch.com/b2?c1=2&c2=14617386&cs_it=b9&cv=4.0.0%2B2301240627&ns__t=1687751746981&ns_c=UTF-8&c7=https%3A%2F%2Fwww.sanook.com%2Fwomen%2F220941%2F&c8=%E2%80%9C%E0%B8%89%E0%B8%B2...

0
226 B

134ms
134ms

Image
text/plain

13.32.99.90
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b2?c1=2&c2=14617386&cs_it=b9&cv=4.0.0%2B2301240627&ns__t=1687751746981&ns_c=UTF-8&c7=https%3A%2F%2Fwww.sanook.com%2Fwomen%2F220941%2F&c8=%E2%80%9C%E0%B8%89%E0%B8%B2%E0%B8%81%E0%B8%81%E0%B8%B1%E0%B9%89%E0%B8%99%E0%B9%82%E0%B8%84%E0%B8%A7%E0%B8%B4%E0%B8%94-19%E2%80%9D%20%E0%B8%AD%E0%B8%A2%E0%B8%B2%E0%B8%81%E0%B9%84%E0%B8%94%E0%B9%89%20%E0%B8%97%E0%B8%B3%E0%B9%80%E0%B8%AD%E0%B8%87%20%E0%B8%AB%E0%B8%A3%E0%B8%B7%E0%B8%AD%E0%B8%97%E0%B8%B5%E0%B9%88%E0%B9%84%E0%B8%AB%E0%B8%99%E0%B8%A1%E0%B8%B5%E0%B8%82%E0%B8%B2%E0%B8%A2%E0%B8%9A%E0%B9%89%E0%B8%B2%E0%B8%87&c9=
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/women/220941/
Protocol: H2
Server: 13.32.99.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-90.fra60.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Jun 2023 03:55:47 GMT
via: 1.1 544814e402956ba93c0a2d2b923e94c2.cloudfront.net (CloudFront)
accept-ch: UA, Platform, Arch, Model, Mobile
x-amz-cf-pop: FRA60-P3
x-amz-cf-id: YRd9Djvbv6hrvsUHvyQIyhBFYnXM52xOh2C31tFugJsDOIumodGJHg==
x-cache: Miss from cloudfront

Redirect headers

date: Mon, 26 Jun 2023 03:55:47 GMT
via: 1.1 544814e402956ba93c0a2d2b923e94c2.cloudfront.net (CloudFront)
accept-ch: UA, Platform, Arch, Model, Mobile
x-amz-cf-pop: FRA60-P3
x-cache: Miss from cloudfront
location: /b2?c1=2&c2=14617386&cs_it=b9&cv=4.0.0%2B2301240627&ns__t=1687751746981&ns_c=UTF-8&c7=https%3A%2F%2Fwww.sanook.com%2Fwomen%2F220941%2F&c8=%E2%80%9C%E0%B8%89%E0%B8%B2%E0%B8%81%E0%B8%81%E0%B8%B1%E0%B9%89%E0%B8%99%E0%B9%82%E0%B8%84%E0%B8%A7%E0%B8%B4%E0%B8%94-19%E2%80%9D%20%E0%B8%AD%E0%B8%A2%E0%B8%B2%E0%B8%81%E0%B9%84%E0%B8%94%E0%B9%89%20%E0%B8%97%E0%B8%B3%E0%B9%80%E0%B8%AD%E0%B8%87%20%E0%B8%AB%E0%B8%A3%E0%B8%B7%E0%B8%AD%E0%B8%97%E0%B8%B5%E0%B9%88%E0%B9%84%E0%B8%AB%E0%B8%99%E0%B8%A1%E0%B8%B5%E0%B8%82%E0%B8%B2%E0%B8%A2%E0%B8%9A%E0%B9%89%E0%B8%B2%E0%B8%87&c9=
content-length: 0
x-amz-cf-id: ZTGCAIvshJTNRBvP9dJpmlkKcd9RLtltJ9Vmt1yxULBWSq2R9D8aUg==

GET
H2 200 iz_setcid.html Show response
cdn.izooto.com/scripts/sak/ Frame D123 4 KB
1 KB 251ms
90ms Document
text/html 104.18.217.65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.izooto.com/scripts/sak/iz_setcid.html?v=1

Requested by

Host: s.isanook.com
URL: https://s.isanook.com/sr/0/js/izooto/db04b7e80825ebbe7211052ca9638d056f74acc8-1.11.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.217.65 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d1baf1e3c12564049e49e6a2f91ab528957fa12cb80c3dc0b113329a44d4216c

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.sanook.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: ka-GE,ka;q=0.9

Response headers

access-control-allow-origin: *
age: 1682618
cache-control: public, max-age=2678400
cf-cache-status: HIT
cf-ray: 7dd284440ac02dcd-TBS
content-encoding: br
content-type: text/html
date: Mon, 26 Jun 2023 03:55:47 GMT
expires: Thu, 27 Jul 2023 03:55:47 GMT
last-modified: Tue, 07 Feb 2023 10:27:13 GMT
server: cloudflare
vary: Accept-Encoding
x-xss-protection: 1; mode=block

GET
H/1.1 200
OK dc.js Show response
avd.innity.net/lib/ 20 KB
7 KB 140ms
140ms Script
application/javascript 2.22.155.137
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://avd.innity.net/lib/dc.js
Requested by: Host: avd.innity.net
URL: https://avd.innity.net/225/container_57b51f2f1c51b15b6d1e8553.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2.22.155.137 Glattbrugg, Switzerland, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-22-155-137.deploy.static.akamaitechnologies.com
Software: nginx/1.20.2 /
Resource Hash: 0014ffccade01ae1ab385b85433decef0f11f26cbe25721faa0d13bb5c0badda

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 26 Jun 2023 03:55:47 GMT
Content-Encoding: gzip
Last-Modified: Fri, 22 Oct 2021 06:40:46 GMT
Server: nginx/1.20.2
ETag: "61725cee-5149-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: public, max-age=2115711
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 6412
Expires: Thu, 20 Jul 2023 15:37:38 GMT

GET
H/1.1 200
OK container_5f47736a47e7049801000002.js Show response
avd.innity.net/261/ 8 KB
3 KB 277ms
136ms Script
application/javascript 2.22.155.137
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://avd.innity.net/261/container_5f47736a47e7049801000002.js
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/women/220941/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2.22.155.137 Glattbrugg, Switzerland, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-22-155-137.deploy.static.akamaitechnologies.com
Software: nginx/1.20.2 /
Resource Hash: 2c3282f6361e85f669bc3d248b8693c53dd22f8f06488c99beb57258e6e00f87

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 26 Jun 2023 03:55:47 GMT
Content-Encoding: gzip
Last-Modified: Wed, 30 Sep 2020 01:58:26 GMT
Server: nginx/1.20.2
ETag: "5f73e642-1eac-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: public, max-age=1347180
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2875
Expires: Tue, 11 Jul 2023 18:08:47 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 4 B
209 B 140ms
139ms XHR
text/plain 216.239.38.178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1524032784&t=pageview&_s=1&dl=https%3A%2F%2Fwww.sanook.com%2Fwomen%2F220941%2F&ul=en-us&de=UTF-8&dt=%E2%80%9C%E0%B8%89%E0%B8%B2%E0%B8%81%E0%B8%81%E0%B8%B1%E0%B9%89%E0%B8%99%E0%B9%82%E0%B8%84%E0%B8%A7%E0%B8%B4%E0%B8%94-19%E2%80%9D%20%E0%B8%AD%E0%B8%A2%E0%B8%B2%E0%B8%81%E0%B9%84%E0%B8%94%E0%B9%89%20%E0%B8%97%E0%B8%B3%E0%B9%80%E0%B8%AD%E0%B8%87%20%E0%B8%AB%E0%B8%A3%E0%B8%B7%E0%B8%AD%E0%B8%97%E0%B8%B5%E0%B9%88%E0%B9%84%E0%B8%AB%E0%B8%99%E0%B8%A1%E0%B8%B5%E0%B8%82%E0%B8%B2%E0%B8%A2%E0%B8%9A%E0%B9%89%E0%B8%B2%E0%B8%87&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABQAAAACAEK~&jid=1788456868&gjid=1185042925&cid=829687064.1687751747&tid=UA-8147095-6&_gid=1856301452.1687751747&_r=1&_slc=1&gtm=45He36l0n81PNXLXRS&cd1=Sanook%20API&cd2=S!%20Women%20(Rewrite)&cd3=home&cd4=0&cd12=1687751746491.04qbn4z4&cd13=covid-19&cd14=%E0%B9%82%E0%B8%84%E0%B8%A7%E0%B8%B4%E0%B8%94-19&cd15=220941&cd16=editorial&cd17=2020-05-06&cd18=11%3A36&cd19=S!%20Women%20(Rewrite)&cd21=2491&cd22=women&cd23=readpage&cd33=covid-19%2C%20%E0%B9%82%E0%B8%84%E0%B8%A7%E0%B8%B4%E0%B8%94-19%2C%20%E0%B8%89%E0%B8%B2%E0%B8%81%E0%B8%81%E0%B8%B1%E0%B9%89%E0%B8%99%E0%B9%82%E0%B8%84%E0%B8%A7%E0%B8%B4%E0%B8%94-19%2C%20%E0%B8%89%E0%B8%B2%E0%B8%81%E0%B8%81%E0%B8%B1%E0%B9%89%E0%B8%99%E0%B8%9E%E0%B8%A5%E0%B8%B2%E0%B8%AA%E0%B8%95%E0%B8%B4%E0%B8%81%2C%20%E0%B8%89%E0%B8%B2%E0%B8%81%E0%B8%81%E0%B8%B1%E0%B9%89%E0%B8%99%20pvc%2C%20%E0%B9%80%E0%B8%84%E0%B8%A5%E0%B9%87%E0%B8%94%E0%B8%A5%E0%B8%B1%E0%B8%9A%E0%B9%80%E0%B8%A3%E0%B8%B7%E0%B9%88%E0%B8%AD%E0%B8%87%E0%B8%9A%E0%B9%89%E0%B8%B2%E0%B8%99%2C%20%E0%B9%81%E0%B8%95%E0%B9%88%E0%B8%87%E0%B8%9A%E0%B9%89%E0%B8%B2%E0%B8%99&cd34=article&cd35=S!%20Women%20(Rewrite)&cd36=home&cd43=0&cm5=1&z=170422573

Requested by

Host: www.sanook.com
URL: https://www.sanook.com/women/220941/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.239.38.178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.sanook.com/
accept-language: ka-GE,ka;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 26 Jun 2023 03:55:47 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.sanook.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 floors.json Show response
ads.pubmatic.com/AdServer/js/pwt/floors/155976/781/ 6 KB
1021 B 400ms
135ms XHR
application/json 23.32.184.192
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/pwt/floors/155976/781/floors.json
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/women/220941/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.32.184.192 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-32-184-192.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: e3254293f9829d2f07914f43cca12765b51a8dd31dbcd6a9efe69f8d8cfbd364

Request headers

Referer: https://www.sanook.com/
accept-language: ka-GE,ka;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 26 Jun 2023 03:55:47 GMT
content-encoding: gzip
last-modified: Sat, 24 Jun 2023 01:24:38 GMT
server: Apache
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
access-control-allow-origin: *
content-type: application/json
cache-control: max-age=146592
access-control-allow-credentials: true
accept-ranges: bytes
content-length: 619
expires: Tue, 27 Jun 2023 20:38:59 GMT

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 77 KB
26 KB 435ms
150ms Script
text/javascript 172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: s.isanook.com
URL: https://s.isanook.com/sh/0/js/pubmatic_desktop.1.0.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f2.1e100.net

Software

cafe /

Resource Hash

18ffd992b267b58bcd693f5dfce5291e28e4ce09e5838be00eb26c6b4ff618a2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Jun 2023 03:55:47 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 26457
x-xss-protection: 0
server: cafe
etag: 277 / 19534 / m202306200101 / config-hash: 3635630053877940451
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Mon, 26 Jun 2023 03:55:47 GMT

GET
H3 200 sdk.js Show response
connect.facebook.net/en_US/ 307 KB
87 KB 275ms
134ms Script
application/x-javascript 157.240.0.6
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js?hash=1826326afd591db354a53ab4d717f14a

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.0.6 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-02-fra3.fbcdn.net

Software

Resource Hash

2b2c3c1bb0b2b4146cb2598cf0dd895e0a498d1dd9c3410182442cb12d40df36

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.sanook.com/
Origin: https://www.sanook.com
accept-language: ka-GE,ka;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 26 Jun 2023 03:55:47 GMT
content-md5: /+KeHgAzqsD0RKbeyNgmgQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 88708
x-fb-debug: OcrLgEWDffTiZUOVtyCCM5dkpn8XzVMuF3SZeSy8wSUeOx1DwKzmOVNIrFO9jIfUdf/tJFk7aSfplFRTw9W8Kw==
x-fb-content-md5: 0507fe155049fb18cfa87ad24828c505
cross-origin-opener-policy: same-origin-allow-popups
etag: "bb6caf9216c6394c405e18c2c6704f20"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
priority: u=3,i
expires: Tue, 25 Jun 2024 03:11:11 GMT

POST
H2 204 collect
analytics.google.com/g/ 0
254 B 435ms
141ms Ping
text/plain 216.239.34.181
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-M0RYDTKBFK&gtm=45je36l0&_p=1524032784&_gaz=1&cid=829687064.1687751747&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&dl=https%3A%2F%2Fwww.sanook.com%2Fwomen%2F220941%2F&sid=1687751747&sct=1&seg=0&dt=%E2%80%9C%E0%B8%89%E0%B8%B2%E0%B8%81%E0%B8%81%E0%B8%B1%E0%B9%89%E0%B8%99%E0%B9%82%E0%B8%84%E0%B8%A7%E0%B8%B4%E0%B8%94-19%E2%80%9D%20%E0%B8%AD%E0%B8%A2%E0%B8%B2%E0%B8%81%E0%B9%84%E0%B8%94%E0%B9%89%20%E0%B8%97%E0%B8%B3%E0%B9%80%E0%B8%AD%E0%B8%87%20%E0%B8%AB%E0%B8%A3%E0%B8%B7%E0%B8%AD%E0%B8%97%E0%B8%B5%E0%B9%88%E0%B9%84%E0%B8%AB%E0%B8%99%E0%B8%A1%E0%B8%B5%E0%B8%82%E0%B8%B2%E0%B8%A2%E0%B8%9A%E0%B9%89%E0%B8%B2%E0%B8%87&en=page_view&_fv=1&_ss=2&ep.content_editor=Sanook%20API&ep.content_source=S!%20Women%20(Rewrite)&ep.content_category=home&ep.user_session_id=1687751746489.cfma8db7&ep.content_tag_primary=covid-19&ep.content_tag_secondary=%E0%B9%82%E0%B8%84%E0%B8%A7%E0%B8%B4%E0%B8%94-19&ep.content_unique_id=220941&ep.content_editorial_type=editorial&ep.content_publication_date=2020-05-06&ep.content_publication_time=11%3A36&ep.content_partner=S!%20Women%20(Rewrite)&ep.content_number_of_characters=2491&ep.content_channel=women&ep.content_page_format=readpage&ep.content_tags=covid-19%2C%20%E0%B9%82%E0%B8%84%E0%B8%A7%E0%B8%B4%E0%B8%94-19%2C%20%E0%B8%89%E0%B8%B2%E0%B8%81%E0%B8%81%E0%B8%B1%E0%B9%89%E0%B8%99%E0%B9%82%E0%B8%84%E0%B8%A7%E0%B8%B4%E0%B8%94-19%2C%20%E0%B8%89%E0%B8%B2%E0%B8%81%E0%B8%81%E0%B8%B1%E0%B9%89%E0%B8%99%E0%B8%9E%E0%B8%A5%E0%B8%B2%E0%B8%AA%E0%B8%95%E0%B8%B4%E0%B8%81%2C%20%E0%B8%89%E0%B8%B2%E0%B8%81%E0%B8%81%E0%B8%B1%E0%B9%89%E0%B8%99%20pvc%2C%20%E0%B9%80%E0%B8%84%E0%B8%A5%E0%B9%87%E0%B8%94%E0%B8%A5%E0%B8%B1%E0%B8%9A%E0%B9%80%E0%B8%A3%E0%B8%B7%E0%B9%88%E0%B8%AD%E0%B8%87%E0%B8%9A%E0%B9%89%E0%B8%B2%E0%B8%99%2C%20%E0%B9%81%E0%B8%95%E0%B9%88%E0%B8%87%E0%B8%9A%E0%B9%89%E0%B8%B2%E0%B8%99&ep.content_type=article&ep.adblock_tracker=false&ep.article_read=1&upn.user_login=0
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-M0RYDTKBFK&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 216.239.34.181 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 26 Jun 2023 03:55:47 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.sanook.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
57 B 437ms
149ms Ping
text/plain 64.233.167.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-M0RYDTKBFK&cid=829687064.1687751747&gtm=45je36l0&aip=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-M0RYDTKBFK&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 64.233.167.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: wl-in-f154.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 26 Jun 2023 03:55:47 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.sanook.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.ge/ads/ 42 B
108 B 146ms
136ms Image
image/gif 142.250.181.227
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.ge/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-M0RYDTKBFK&cid=829687064.1687751747&gtm=45je36l0&aip=1&z=1876964270

Requested by

Host: www.sanook.com
URL: https://www.sanook.com/women/220941/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.227 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f3.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 26 Jun 2023 03:55:47 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
349 B 426ms
148ms XHR
text/plain 64.233.167.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-8147095-6&cid=829687064.1687751747&jid=1788456868&gjid=1185042925&_gid=1856301452.1687751747&_u=YEBAAEAAQAAAACAEK~&z=884423217

Requested by

Host: www.sanook.com
URL: https://www.sanook.com/women/220941/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

64.233.167.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

wl-in-f154.1e100.net

Software

Golfe2 /

Resource Hash

12033e73be050321fdc3d2756f9970c1423c57bd877e8c316cb023b67ecd34df

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.sanook.com/
accept-language: ka-GE,ka;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Mon, 26 Jun 2023 03:55:47 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.sanook.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK / Show response
avd.innity.com/dc/cb/ 59 B
726 B 1510ms
379ms Script
application/javascript 119.81.216.16
SOFTLAYER

General

Check archive.org

Show headers Download Go to

Full URL: https://avd.innity.com/dc/cb/?mt=_iampt._cbUC
Requested by: Host: avd.innity.net
URL: https://avd.innity.net/lib/dc.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 119.81.216.16 , Singapore, ASN36351 (SOFTLAYER, US),
Reverse DNS: 10.d8.5177.ip4.static.sl-reverse.com
Software: Apache /
Resource Hash: 753df382ba427c4f754970c078708ea6a0f82d711ec5607967cc64a8936b1feb

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 26 Jun 2023 03:55:48 GMT
Content-Encoding: gzip
Last-Modified: Mon, 26 Jun 2023 03:55:48 GMT
Server: Apache
Vary: Accept-Encoding
P3P: policyref=http://www.innity.com/p3p/p3p.xml,CP="CURa ADMa DEVa OUR BUS UNI COM NAV INT"
Content-Type: application/javascript
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Content-Length: 79
Expires: Wed, 04 Aug 1985 12:59:00 GMT

GET
H2 200 hub.js Show response
p3.isanook.com/jo/0/mu/evt/_cross_storage/lib/ Frame CF70 3 KB
1 KB 143ms
142ms Script
application/javascript 43.152.29.11
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to

Full URL: https://p3.isanook.com/jo/0/mu/evt/_cross_storage/lib/hub.js
Requested by: Host: p3.isanook.com
URL: https://p3.isanook.com/jo/0/mu/evt/_cross_storage/ex/hub.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 43.152.29.11 , Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: Lego Server /
Resource Hash: 776a28e191f05a078df0df129f85d0365d274ac128afd1342265570deac8aaf8

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://p3.isanook.com/jo/0/mu/evt/_cross_storage/ex/hub.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 19 Jun 2023 08:58:46 GMT
content-encoding: gzip
x-cache-lookup: Cache Hit, Hit From Inner Cluster
x-original-content-length: 3222
server: Lego Server
age: 102305
etag: W/"PSA-aj-UwdRNtHGhk"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-nws-log-uuid: 13482339177600833130
accept-ranges: bytes
content-length: 1062
expires: Sat, 15 Jul 2023 18:27:19 GMT

GET
H/1.1 200
OK dc-script-v2.min.js Show response
sal.isanook.com/dc/ 25 KB
10 KB 1083ms
335ms Script
application/javascript 203.151.133.6
INET-TH-AS Intern...

General

Check archive.org

Show headers Download Go to

Full URL: https://sal.isanook.com/dc/dc-script-v2.min.js
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/women/220941/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 203.151.133.6 Mueang Samut Prakan, Thailand, ASN4618 (INET-TH-AS Internet Thailand Company Limited, TH),
Reverse DNS: 6.134.151.203.sta.inet.co.th
Software: nginx /
Resource Hash: 3742d5b28f7d0667a9e788a9a6867410194c116b62d93bcd6d256dad386189ad

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 26 Jun 2023 03:55:48 GMT
Content-Encoding: gzip
Last-Modified: Mon, 16 Nov 2020 11:46:30 GMT
Server: nginx
ETag: W/"5fb26696-62be"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=2592000
Connection: keep-alive
Expires: Wed, 26 Jul 2023 03:55:48 GMT

GET
H2 200 load.js Show response
pm-widget.taboola.com/sanook/ 4 KB
2 KB 463ms
461ms Script
application/javascript 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://pm-widget.taboola.com/sanook/load.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/sanook/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 1d2af190c50b253938d0bd45e907ae7981359dc7224bbc020c518d449cadad09

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: HOe39fuCUuh9CqTNSdLIDLcVEWV5wEWy
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
date: Mon, 26 Jun 2023 03:55:47 GMT
x-amz-request-id: FCFFNQB0KZ1PDTCK
age: 290
x-cache: HIT, HIT
content-length: 1327
x-amz-id-2: YyCFKCQ+UOeEs2dcm/wf1izoIZFlnyNhbZr+vrYtXBlcxEeHJZtkXOqZ/xl3iJKq+X3Xuwd9GKI=
x-served-by: cache-bur-kbur8200067-BUR, cache-sof1510039-SOF
last-modified: Wed, 26 Apr 2023 05:52:19 GMT
server: AmazonS3
x-timer: S1687751747.429767,VS0,VE344
etag: "f22bfee2c00440a2593cbe45676c1fe0"
vary: Accept-Encoding,,
content-type: application/javascript; charset=utf-8
cache-control: max-age=300
accept-ranges: bytes
x-cache-hits: 2, 1

GET
H2 200 impl.20230620-21-RELEASE.js Show response
cdn.taboola.com/libtrc/ 771 KB
161 KB 123ms
123ms Script
application/javascript 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/impl.20230620-21-RELEASE.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/sanook/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3-br /
Resource Hash: 0128f335c3135cb6bd02909187da5fd3d91463b5cdc075b093a8a1b02ecd9799

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: V4Ud4L8XYwcpVA5AP270UDNRg3jCnTAV
content-encoding: br
via: 1.1 varnish
date: Mon, 26 Jun 2023 03:55:47 GMT
x-amz-request-id: CV31CX6P3GPPJAHB
age: 14224
x-amz-server-side-encryption: AES256
x-cache: HIT
content-length: 164019
x-amz-id-2: A76wP5CWJ7XbyPn5G6a8bYCrB62EAQ3Kbg/BsR42/O6WctuTsWdhaA7/jBbeYVb2cew4og6hDYI=
x-served-by: cache-sof1510039-SOF
last-modified: Wed, 21 Jun 2023 15:44:34 GMT
server: AmazonS3-br
x-tbl-debug: bestatus=200,beresp=OK
x-timer: S1687751747.428748,VS0,VE0
etag: "7b2446c278117819dcb9068bd7cb84f0"
vary: Accept-Encoding
content-type: application/javascript
abp: 67
access-control-allow-origin: *
cache-control: private,max-age=31536000
accept-ranges: bytes
x-cache-hits: 767

GET
H2 200 tr5
cdn.taboola.com/libtrc/ 3 B
76 B 206ms
206ms Image
text/html 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.taboola.com/libtrc/tr5?abgroup=vis-state-roll-disabled_ctrl
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/women/220941/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Varnish /
Resource Hash

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-served-by: cache-sof1510039-SOF
date: Mon, 26 Jun 2023 03:55:47 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1687751747.428985,VS0,VE0
x-cache: HIT
content-type: text/html
access-control-allow-origin: *
cache-control: private,max-age=14400
accept-ranges: bytes
content-length: 3
retry-after: 0
x-cache-hits: 0

GET
H2 200 json Show response
gum.criteo.com/sid/ Frame AA77 433 B
561 B 148ms
148ms Fetch
application/json 178.250.1.11
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=publishertag&domain=sanook.com&sn=ChromeSyncframe&so=0&topUrl=www.sanook.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0

Requested by

Host: gum.criteo.com
URL: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.sanook.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

d82f464020e016f40ed44d94fcf41e27fbebb2f30378c91228305f239d794a8f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.sanook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 26 Jun 2023 03:55:47 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
content-type: application/json; charset=utf-8
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 966576
expires: 0

GET
H3 200 ga-audiences
www.google.com/ads/ 42 B
63 B 143ms
143ms Image
image/gif 142.250.186.132
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-8147095-6&cid=829687064.1687751747&jid=1788456868&_u=YEBAAEAAQAAAACAEK~&z=1559736925

Requested by

Host: www.sanook.com
URL: https://www.sanook.com/women/220941/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f4.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 26 Jun 2023 03:55:47 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.ge/ads/ 42 B
63 B 144ms
143ms Image
image/gif 142.250.181.227
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.ge/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-8147095-6&cid=829687064.1687751747&jid=1788456868&_u=YEBAAEAAQAAAACAEK~&z=1559736925

Requested by

Host: www.sanook.com
URL: https://www.sanook.com/women/220941/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.227 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f3.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 26 Jun 2023 03:55:47 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306200101/ 393 KB
125 KB 432ms
134ms Script
text/javascript 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306200101/pubads_impl.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

923ac60ae2b51d9cb2025f34d30e8188c5bdfb61e04f7d5c88908b56800c7ed0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 25 Jun 2023 12:45:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 54639
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 127691
x-xss-protection: 0
server: cafe
etag: 13681810057703077335
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Mon, 24 Jun 2024 12:45:09 GMT

GET
H2 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 6 KB
1 KB 441ms
145ms XHR
application/json 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.sanook.com

Requested by

Host: www.sanook.com
URL: https://www.sanook.com/women/220941/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

cdff804a874ca5ecf67d2f6c6605826044354c0f24e2e9f20f95c32fe17aa69c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Jun 2023 03:55:48 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 931
x-xss-protection: 0
expires: Mon, 26 Jun 2023 03:55:48 GMT

GET
H2 200 sync Show response
gum.criteo.com/ 73 B
313 B 143ms
143ms Script
text/javascript 178.250.1.11
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sync?c=72&r=2&j=TRC.getRTUS

Requested by

Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230620-21-RELEASE.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

7b2a992aec259dba4fcb597f99606b4888892893aeacca8d9cab0ca32fe3fde0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Jun 2023 03:55:46 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
cache-control: private, max-age=3600
server-processing-duration-in-ticks: 786895
expires: 60

GET
H2 200 json Show response
trc.taboola.com/sanook/trc/3/ 91 KB
24 KB 1129ms
1119ms XHR
application/javascript 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/sanook/trc/3/json?tim=03%3A55%3A47.702&lti=vis-state-roll-disabled_ctrl&data=%7B%22id%22%3A573%2C%22ii%22%3A%22%2Fwomen%2F220941%22%2C%22it%22%3A%22text%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22uifp%22%3Anull%2C%22lbt%22%3A1687684683674%2C%22vi%22%3A1687751747699%2C%22cv%22%3A%2220230620-21-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fwww.sanook.com%2Fwomen%2F220941%2F%22%2C%22bv%22%3A%220%22%2C%22wc%22%3Atrue%2C%22ul%22%3A%5B%22en-US%22%2C%22en%22%5D%2C%22uad%22%3A%7B%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%2C%22uaFullVersion%22%3A%22%22%7D%2C%22pev%22%3A11973%2C%22btv%22%3A%220%22%2C%22cos%22%3A%224g%22%2C%22bu%22%3A%22https%3A%2F%2Fwww.sanook.com%2Fwomen%2F220941%2F%22%2C%22vpi%22%3A%22%2Fwomen%2F220941%22%2C%22bad%22%3A-1%2C%22sw%22%3A1600%2C%22sh%22%3A1200%2C%22bw%22%3A1600%2C%22sde%22%3A%221.000%22%2C%22bh%22%3A1200%2C%22dw%22%3A1600%2C%22dh%22%3A7236%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-t2m%22%2C%22s%22%3A6%2C%22uim%22%3A%22alternating-thumbnails-a%3Aabp%3D0%22%2C%22uip%22%3A%22Below%20Article%20Thumbnails%22%2C%22orig_uip%22%3A%22Below%20Article%20Thumbnails%22%2C%22cd%22%3A7235.78125%2C%22mw%22%3A728%7D%5D%2C%22cacheKey%22%3A%22text%3D%2Fwomen%2F220941%2CBelow%20Article%20Thumbnails%3Dalternating-thumbnails-a%3Aabp%3D0%22%2C%22cb%22%3A%22TRC.callbacks.recommendations_1%22%2C%22lt%22%3A%22vis-state-roll-disabled_ctrl%22%7D&llvl=2
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/women/220941/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: f1ffe6c12f94e09630024ae034b328c9f2942b046fdc49d291ae294cbb083de7

Request headers

Referer: https://www.sanook.com/
accept-language: ka-GE,ka;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

x-vcl-time-ms: 997
date: Mon, 26 Jun 2023 03:55:48 GMT
content-encoding: gzip
via: 1.1 varnish
x-fastly-to-nlb-rtt: 94632
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version: v2
x-served-by: cache-sof1510039-SOF
server: nginx
x-timer: S1687751748.762958,VS0,VE997
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: https://www.sanook.com
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 0

GET
H2 204 debug
trc-events.taboola.com/sanook/log/2/ 0
91 B 470ms
142ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc-events.taboola.com/sanook/log/2/debug?tim=03%3A55%3A47.696&type=info&msg=https%3A%2F%2Fwww.sanook.com%2Fwomen%2F220941%2F&llvl=2&id=5849&cv=20230620-21-RELEASE&lt=vis-state-roll-disabled_ctrl&pct=1
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/women/220941/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Jun 2023 03:55:48 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 73512

GET
H2 204 debug
trc-events.taboola.com/sanook/log/2/ 0
90 B 471ms
143ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc-events.taboola.com/sanook/log/2/debug?tim=03%3A55%3A47.697&type=info&msg=%7B%22mode%22%3A%22alternating-thumbnails-a%22%2C%22container%22%3A%22taboola-below-article-thumbnails%22%2C%22placement%22%3A%22Below%20Article%20Thumbnails%22%2C%22target_type%22%3A%22mix%22%7D&llvl=2&id=406&cv=20230620-21-RELEASE&lt=vis-state-roll-disabled_ctrl&pct=1
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/women/220941/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Jun 2023 03:55:48 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 73512

GET
H2 204 debug
trc-events.taboola.com/sanook/log/2/ 0
90 B 471ms
144ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc-events.taboola.com/sanook/log/2/debug?tim=03%3A55%3A47.701&type=info&msg=Below%20Article%20Thumbnails%20alternating-thumbnails-a&llvl=2&id=9813&cv=20230620-21-RELEASE&lt=vis-state-roll-disabled_ctrl&pct=1
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/women/220941/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Jun 2023 03:55:48 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 73512

GET
H2 200 like.php Show response
www.facebook.com/v2.9/plugins/ Frame 312E 51 KB
18 KB 477ms
476ms Document
text/html 157.240.0.35
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/v2.9/plugins/like.php?action=like&app_id=1675028022749749&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Dfc9912da9376f8%26domain%3Dwww.sanook.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.sanook.com%252Ff1af3c5f3028fd8%26relation%3Dparent.parent&color_scheme=light&container_width=270&href=https%3A%2F%2Fwww.facebook.com%2Fsanookwomen%2F&layout=standard&locale=en_US&sdk=joey&share=false&show_faces=true&size=small&width=270

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js?hash=1826326afd591db354a53ab4d717f14a

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

157.240.0.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-02-fra3.facebook.com

Software

Resource Hash

01e13c69146713fb8eaa0f7d914a8374abab753a3e7070468c11ce227320d26f

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com;font-src data: .gstatic.com .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com .tenor.co media.tenor.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net .giphy.com connect.facebook.net .carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com .whatsapp.net .fb.com .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com https://.giphy.com data:;frame-src .doubleclick.net .google.com .facebook.com www.googleadservices.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.sanook.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: ka-GE,ka;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: private, no-cache, no-store, must-revalidate
content-encoding: br
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-type: text/html; charset="utf-8"
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Mon, 26 Jun 2023 03:55:48 GMT
document-policy: force-load-at-top
expires: Sat, 01 Jan 2000 00:00:00 GMT
facebook-api-version: v11.0
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(self), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(self), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
pragma: no-cache
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
strict-transport-security: max-age=15552000; preload
vary: Accept-Encoding
x-content-type-options: nosniff
x-fb-debug: ftytI3RtP2I8pxBqTiBR/lES88SZ+npM9/MpUgCpgWcgkklesO8zXxKlBkyTQSwRM4a8lAv87argTai/iat2fA==
x-xss-protection: 0

GET
H2 200 pmk-20220605.23.js Show response
pm-widget.taboola.com/sanook/ 115 KB
31 KB 118ms
118ms Script
application/javascript 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://pm-widget.taboola.com/sanook/pmk-20220605.23.js
Requested by: Host: pm-widget.taboola.com
URL: https://pm-widget.taboola.com/sanook/load.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 35ca42e2853ea433b5c3a2e4d2f159a54d0b3133d0b54d37f40b85e6d4c51aa9

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: yu2AxphjsPa18q60m4PdzQZaVZxlqMYU
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
date: Mon, 26 Jun 2023 03:55:47 GMT
x-amz-request-id: 149FKES8V2E4RZJA
age: 1686273
x-cache: HIT, HIT
content-length: 31816
x-amz-id-2: Q52iLml235c9UUfWI7f2OWLoQxQweF5okJVp7aWD55siatMyVe+aXdCWK7XYoSI28K6RyE71xiE=
x-served-by: cache-bur-kbur8200037-BUR, cache-sof1510039-SOF
last-modified: Wed, 26 Apr 2023 05:52:18 GMT
server: AmazonS3
x-timer: S1687751748.893716,VS0,VE1
etag: "0f4ca938da8176a4da0d0c7a78de9f9a"
vary: Accept-Encoding,,
content-type: application/javascript; charset=utf-8
cache-control: max-age=31536000
accept-ranges: bytes
x-cache-hits: 6596, 1

POST
H2 204 cdb Show response
bidder.criteo.com/ 0
192 B 459ms
148ms XHR
text/plain 178.250.7.10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?ptv=137&profileId=184&cb=1068590068

Requested by

Host: www.sanook.com
URL: https://www.sanook.com/women/220941/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.7.10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://www.sanook.com/
accept-language: ka-GE,ka;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://www.sanook.com
date: Mon, 26 Jun 2023 03:55:47 GMT
strict-transport-security: max-age=31536000; preload;
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
server: Kestrel
vary: Origin

POST
H2 204 cdb Show response
bidder.criteo.com/ 0
192 B 458ms
149ms XHR
text/plain 178.250.7.10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?ptv=137&profileId=184&cb=8988596930

Requested by

Host: www.sanook.com
URL: https://www.sanook.com/women/220941/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.7.10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://www.sanook.com/
accept-language: ka-GE,ka;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://www.sanook.com
date: Mon, 26 Jun 2023 03:55:48 GMT
strict-transport-security: max-age=31536000; preload;
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
server: Kestrel
vary: Origin

POST
H2 204 cdb Show response
bidder.criteo.com/ 0
192 B 453ms
145ms XHR
text/plain 178.250.7.10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?ptv=137&profileId=184&cb=29392393654

Requested by

Host: www.sanook.com
URL: https://www.sanook.com/women/220941/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.7.10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://www.sanook.com/
accept-language: ka-GE,ka;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://www.sanook.com
date: Mon, 26 Jun 2023 03:55:47 GMT
strict-transport-security: max-age=31536000; preload;
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
server: Kestrel
vary: Origin

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ 0
113 B 448ms
142ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=ow-client&correlator=208
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/women/220941/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.sanook.com/
accept-language: ka-GE,ka;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.sanook.com
date: Mon, 26 Jun 2023 03:55:48 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ 0
57 B 513ms
215ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=ow-client&correlator=80
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/women/220941/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.sanook.com/
accept-language: ka-GE,ka;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.sanook.com
date: Mon, 26 Jun 2023 03:55:47 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

POST
H2 204 cdb Show response
bidder.criteo.com/ 0
193 B 418ms
143ms XHR
text/plain 178.250.7.10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?ptv=137&profileId=184&cb=78254811103

Requested by

Host: www.sanook.com
URL: https://www.sanook.com/women/220941/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.7.10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://www.sanook.com/
accept-language: ka-GE,ka;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://www.sanook.com
date: Mon, 26 Jun 2023 03:55:48 GMT
strict-transport-security: max-age=31536000; preload;
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
server: Kestrel
vary: Origin

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ 0
57 B 413ms
142ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=ow-client&correlator=142
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/women/220941/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.sanook.com/
accept-language: ka-GE,ka;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.sanook.com
date: Mon, 26 Jun 2023 03:55:47 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

GET
H2 200 213794966 Show response
fundingchoicesmessages.google.com/i/ 147 KB
49 KB 475ms
162ms Script
application/javascript 142.250.184.238
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/i/213794966?ers=3

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306200101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.238 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f14.1e100.net

Software

ESF /

Resource Hash

4819718ef6d1231aaca1417bc751013aa7c5a0e0deffb4e5e509a3792aa6295c

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-R1EDglXwIV7LS99GEBugzQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Jun 2023 03:55:48 GMT
content-security-policy: script-src 'report-sample' 'nonce-R1EDglXwIV7LS99GEBugzQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 GMmfYfOPzYh.js Show response
static.xx.fbcdn.net/rsrc.php/v3iEpO4/y0/l/en_US/ Frame 312E 517 KB
134 KB 139ms
138ms Script
application/x-javascript 157.240.0.6
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3iEpO4/y0/l/en_US/GMmfYfOPzYh.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/v2.9/plugins/like.php?action=like&app_id=1675028022749749&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Dfc9912da9376f8%26domain%3Dwww.sanook.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.sanook.com%252Ff1af3c5f3028fd8%26relation%3Dparent.parent&color_scheme=light&container_width=270&href=https%3A%2F%2Fwww.facebook.com%2Fsanookwomen%2F&layout=standard&locale=en_US&sdk=joey&share=false&show_faces=true&size=small&width=270

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

157.240.0.6 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-02-fra3.fbcdn.net

Software

Resource Hash

787f2f507549db884e2ce59d8f8590f06a4254957067a7c489f717bd4bf0d65b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Jun 2023 03:55:48 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: vUiaOckZr60elyeKsvh/Pg==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 136547
x-fb-debug: AFn/Bk7dR4YFf3tjvkUAl1Sq53QQR3ING7W7xNeUsUqy+g1E+hlVgR97gILDjK9rQZlFB1MgIbfSkrf332hQMA==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
expires: Fri, 21 Jun 2024 17:53:35 GMT

GET
H2 200 FEppCFCt76d.png
static.xx.fbcdn.net/rsrc.php/v3/yD/r/ Frame 312E 299 B
499 B 220ms
220ms Image
image/png 157.240.0.6
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yD/r/FEppCFCt76d.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

157.240.0.6 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-02-fra3.fbcdn.net

Software

Resource Hash

d65f4b2e8eee94ddc7f762d098de19558d879a3b597c8913b4d075532e3ed4b4

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-fb-debug: +t3iFXToujScCkyRRCyhzkLQlSNxL27Nl1oVKCUQOq3ln1Q0X5TFmxik6h9UUF5aTLCacTeJGwgUmWqFqbzpXw==
date: Mon, 26 Jun 2023 03:55:48 GMT
x-content-type-options: nosniff
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
content-md5: OIlAxCmR79nrM/Ez4ygGlg==
document-policy: force-load-at-top
content-type: image/png
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=86400
content-length: 299
expires: Fri, 21 Jun 2024 06:38:36 GMT

GET
H/1.1 200
OK c
sal.isanook.com/sa/ 35 B
376 B 327ms
327ms Image
image/gif 203.151.133.6
INET-TH-AS Intern...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sal.isanook.com/sa/c?v=1&_v=j41&a=89908788&t=pageview&_s=1&dl=https%3A%2F%2Fwww.sanook.com%2Fwomen%2F220941%2F&dp=%2Fwomen%2F220941%2F&ul=en-us&de=UTF-8&dt=%E2%80%9C%E0%B8%89%E0%B8%B2%E0%B8%81%E0%B8%81%E0%B8%B1%E0%B9%89%E0%B8%99%E0%B9%82%E0%B8%84%E0%B8%A7%E0%B8%B4%E0%B8%94-19%E2%80%9D%20%E0%B8%AD%E0%B8%A2%E0%B8%B2%E0%B8%81%E0%B9%84%E0%B8%94%E0%B9%89%20%E0%B8%97%E0%B8%B3%E0%B9%80%E0%B8%AD%E0%B8%87%20%E0%B8%AB%E0%B8%A3%E0%B8%B7%E0%B8%AD%E0%B8%97%E0%B8%B5%E0%B9%88%E0%B9%84%E0%B8%AB%E0%B8%99%E0%B8%A1%E0%B8%B5%E0%B8%82%E0%B8%B2%E0%B8%A2%E0%B8%9A%E0%B9%89%E0%B8%B2%E0%B8%87&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=QAAAAAABC~&cid=1893576059.1687751748&tid=SA-8147095-6&cd4=0&cd8=b&z=1135664280
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/women/220941/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 203.151.133.6 Mueang Samut Prakan, Thailand, ASN4618 (INET-TH-AS Internet Thailand Company Limited, TH),
Reverse DNS: 6.134.151.203.sta.inet.co.th
Software: nginx /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
Date: Mon, 26 Jun 2023 03:55:48 GMT
Server: nginx
ETag: "5791d98d-23"
Vary: Accept-Encoding
Content-Type: image/gif
Cache-Control: no-cache, no-cache, no-store, must-revalidate
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 35
Expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H/1.1 200
OK / Show response
www.sanook.com/video/embed/clip/1537512/ Frame E81E 29 KB
11 KB 336ms
336ms Document
text/html 203.151.128.172
INET-TH-AS Intern...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.sanook.com/video/embed/clip/1537512/?playerType=video-js

Requested by

Host: s.isanook.com
URL: https://s.isanook.com/sr/0/_next/static/chunks/framework-bccd505f411f10b308c7.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

203.151.128.172 Mueang Samut Prakan, Thailand, ASN4618 (INET-TH-AS Internet Thailand Company Limited, TH),

Reverse DNS

172.128.151.203.sta.inet.co.th

Software

nginx /

Resource Hash

bbc4a3f217f0cf6b6d06050d4bc2cdb99bc00b79ddc78a9f46da37f2e437744b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains;

Request headers

Referer: https://www.sanook.com/women/220941/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: ka-GE,ka;q=0.9

Response headers

Cache-Control: public, s-maxage=15, max-age=5, must-revalidate
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html; charset=utf-8
Date: Mon, 26 Jun 2023 03:55:48 GMT
Proxy-Cache-Status: STALE
SN-Cache-Status: HIT
Server: nginx
Strict-Transport-Security: max-age=15724800; includeSubDomains;
Transfer-Encoding: chunked
Vary: Accept-Encoding User-Agent
X-Cache-Status: MISS
X-Ua-Device: desktop
X-Ua-Exp: notset
X-Ua-Key: cover_display
X-Ua-Type: human

GET
H/1.1 200
OK / Show response
graph.sanook.com/ 216 B
865 B 355ms
355ms Fetch
application/json 203.151.128.172
INET-TH-AS Intern...

General

Check archive.org

Show headers Download Go to

Full URL

https://graph.sanook.com/?operationName=getDiscussion&variables=%7B%22app%22%3A%22women%22%2C%22entryId%22%3A%22220941%22%2C%22orderBy%22%3A%22DESC%22%2C%22limit%22%3A3%2C%22first%22%3A20%2C%22status%22%3A%5B%22online%22%2C%22approve%22%2C%22pending%22%5D%7D&extensions=%7B%22persistedQuery%22%3A%7B%22version%22%3A1%2C%22sha256Hash%22%3A%2282896c022500aca939eee159f786a22c48d36151b904f6abac81125e9e4fbacb%22%7D%7D

Requested by

Host: s.isanook.com
URL: https://s.isanook.com/sr/0/_next/static/chunks/pages/_app-728bf3a5f2152c8da774.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

203.151.128.172 Mueang Samut Prakan, Thailand, ASN4618 (INET-TH-AS Internet Thailand Company Limited, TH),

Reverse DNS

172.128.151.203.sta.inet.co.th

Software

nginx /

Resource Hash

ab935e06ab36047954ec11bfc6677db2c06bf64a0b6ab0b0566004e2ef5bcc6e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains;

Request headers

accept: */*
Referer: https://www.sanook.com/
accept-language: ka-GE,ka;q=0.9
XPURGE: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type: application/json

Response headers

Date: Mon, 26 Jun 2023 03:55:49 GMT
Strict-Transport-Security: max-age=15724800; includeSubDomains;
Content-Encoding: br
Server: nginx
ETag: W/"d8-pijFInCuKNeVMFRKZdE6AneOTlY"
X-Cache-Status: BYPASS
Transfer-Encoding: chunked
Vary: Accept-Encoding, Origin
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://www.sanook.com
Access-Control-Allow-Methods: GET, POST, OPTIONS, HEAD
Access-Control-Allow-Credentials: true
G-API-Cache-Status: BYPASS
Connection: keep-alive
Access-Control-Allow-Headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range,XPURGE,XNAME,Authorization

OPTIONS
H/1.1 204
No Content /
graph.sanook.com/ Frame 0
0 321ms
320ms Preflight 203.151.128.172
INET-TH-AS Intern...

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

203.151.128.172 Mueang Samut Prakan, Thailand, ASN4618 (INET-TH-AS Internet Thailand Company Limited, TH),

Reverse DNS

172.128.151.203.sta.inet.co.th

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains;

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,xpurge
Access-Control-Request-Method: GET
Origin: https://www.sanook.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range,XPURGE,XNAME,Authorization
Access-Control-Allow-Methods: GET, POST, OPTIONS, HEAD
Access-Control-Allow-Origin: https://www.sanook.com
Access-Control-Max-Age: 300
Connection: keep-alive
Date: Mon, 26 Jun 2023 03:55:48 GMT
G-API-Cache-Status: BYPASS
Server: nginx
Strict-Transport-Security: max-age=15724800; includeSubDomains;
Vary: Origin

GET
H/1.1 200
OK /
avd.innity.com/dc/ 43 B
600 B 1146ms
376ms Image
image/gif 119.81.216.16
SOFTLAYER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://avd.innity.com/dc/?cl=225&cuid=67ac1c270c2e1f591648c9eeff45189b&cb=1687751748749&douid=&sess=261462602.225.1687751748749&dur=0&ref=https%3A%2F%2Fwww.sanook.com%2Fwomen%2F220941%2F&srf=&pk=&pt=%E2%80%9C%E0%B8%89%E0%B8%B2%E0%B8%81%E0%B8%81%E0%B8%B1%E0%B9%89%E0%B8%99%E0%B9%82%E0%B8%84%E0%B8%A7%E0%B8%B4%E0%B8%94-19%E2%80%9D%20%E0%B8%AD%E0%B8%A2%E0%B8%B2%E0%B8%81%E0%B9%84%E0%B8%94%E0%B9%89%20%E0%B8%97%E0%B8%B3%E0%B9%80%E0%B8%AD%E0%B8%87%20%E0%B8%AB%E0%B8%A3%E0%B8%B7%E0%B8%AD%E0%B8%97%E0%B8%B5%E0%B9%88%E0%B9%84%E0%B8%AB%E0%B8%99%E0%B8%A1%E0%B8%B5%E0%B8%82%E0%B8%B2%E0%B8%A2%E0%B8%9A%E0%B9%89%E0%B8%B2%E0%B8%87&sr=1600x1200&ul=en-US&de=UTF-8&vp=1600x1200
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/women/220941/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 119.81.216.16 , Singapore, ASN36351 (SOFTLAYER, US),
Reverse DNS: 10.d8.5177.ip4.static.sl-reverse.com
Software: Apache /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 26 Jun 2023 03:55:49 GMT
Last-Modified: Mon, 26 Jun 2023 03:55:49 GMT
Server: Apache
P3P: policyref=http://www.innity.com/p3p/p3p.xml,CP="CURa ADMa DEVa OUR BUS UNI COM NAV INT"
Content-Type: image/gif
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Content-Length: 43
Expires: Wed, 04 Aug 1985 12:59:00 GMT

GET
H/1.1 200
OK /
avd.innity.com/sync/ 43 B
471 B 1154ms
383ms Image
image/gif 119.81.216.16
SOFTLAYER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://avd.innity.com/sync/?partner=innity&token=67ac1c270c2e1f591648c9eeff45189b&type=cookie&itmcb=1687751748749
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/women/220941/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 119.81.216.16 , Singapore, ASN36351 (SOFTLAYER, US),
Reverse DNS: 10.d8.5177.ip4.static.sl-reverse.com
Software: Apache /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 26 Jun 2023 03:55:49 GMT
Last-Modified: Mon, 26 Jun 2023 03:55:49 GMT
Server: Apache
P3P: policyref=http://www.innity.com/p3p/p3p.xml,CP="CURa ADMa DEVa OUR BUS UNI COM NAV INT"
Content-Type: image/gif
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Content-Length: 43
Expires: Wed, 04 Aug 1985 12:59:00 GMT

POST
H2 200 bid-request Show response
a.teads.tv/hb/ 16 B
497 B 526ms
169ms XHR
application/json 95.101.149.35
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://a.teads.tv/hb/bid-request
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/women/220941/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 95.101.149.35 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a95-101-149-35.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c

Request headers

Referer: https://www.sanook.com/
accept-language: ka-GE,ka;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 26 Jun 2023 03:55:49 GMT
content-encoding: gzip
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://www.sanook.com
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 42
expires: Mon, 26 Jun 2023 03:55:49 GMT

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ 0
57 B 142ms
142ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=ow-client&correlator=648
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/women/220941/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.sanook.com/
accept-language: ka-GE,ka;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.sanook.com
date: Mon, 26 Jun 2023 03:55:48 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

POST
H2 204 events
bidder.criteo.com/csm/ 0
78 B 140ms
139ms Ping
text/plain 178.250.7.10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/csm/events

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.7.10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://www.sanook.com/
accept-language: ka-GE,ka;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Mon, 26 Jun 2023 03:55:48 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel

GET
H2 200 pixel.gif
static.criteo.net/images/ 43 B
365 B 145ms
144ms Image
image/gif 178.250.1.3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/images/pixel.gif?ch=1

Requested by

Host: www.sanook.com
URL: https://www.sanook.com/women/220941/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Jun 2023 03:55:48 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 09 Dec 2008 16:52:36 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "493ea254-2b"
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 43
expires: Thu, 20 Jun 2024 03:55:48 GMT

GET
H2 200 pixel.gif
static.criteo.net/images/ 43 B
365 B 143ms
142ms Image
image/gif 178.250.1.3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/images/pixel.gif?ch=2

Requested by

Host: www.sanook.com
URL: https://www.sanook.com/women/220941/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Jun 2023 03:55:48 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 09 Dec 2008 16:52:36 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "493ea254-2b"
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 43
expires: Thu, 20 Jun 2024 03:55:48 GMT

POST
H2 204 events
bidder.criteo.com/csm/ 0
78 B 142ms
141ms Ping
text/plain 178.250.7.10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/csm/events

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.7.10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://www.sanook.com/
accept-language: ka-GE,ka;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Mon, 26 Jun 2023 03:55:47 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel

POST
H2 204 events
bidder.criteo.com/csm/ 0
78 B 141ms
140ms Ping
text/plain 178.250.7.10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/csm/events

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.7.10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://www.sanook.com/
accept-language: ka-GE,ka;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Mon, 26 Jun 2023 03:55:48 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel

POST
H2 204 events
bidder.criteo.com/csm/ 0
78 B 138ms
138ms Ping
text/plain 178.250.7.10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/csm/events

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.7.10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://www.sanook.com/
accept-language: ka-GE,ka;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Mon, 26 Jun 2023 03:55:48 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel

POST
H2 200 bid-request Show response
a.teads.tv/hb/ 16 B
497 B 483ms
182ms XHR
application/json 95.101.149.35
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://a.teads.tv/hb/bid-request
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/women/220941/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 95.101.149.35 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a95-101-149-35.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c

Request headers

Referer: https://www.sanook.com/
accept-language: ka-GE,ka;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 26 Jun 2023 03:55:49 GMT
content-encoding: gzip
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://www.sanook.com
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 42
expires: Mon, 26 Jun 2023 03:55:49 GMT

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ 0
57 B 164ms
164ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=ow-client&correlator=30
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/women/220941/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.sanook.com/
accept-language: ka-GE,ka;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.sanook.com
date: Mon, 26 Jun 2023 03:55:47 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ 0
57 B 158ms
158ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=ow-client&correlator=77
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/women/220941/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.sanook.com/
accept-language: ka-GE,ka;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.sanook.com
date: Mon, 26 Jun 2023 03:55:48 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

GET
H2 200 pubmatic_desktop.1.0.0.js Show response
s.isanook.com/sh/0/js/ Frame E81E 1 KB
742 B 153ms
153ms Script
application/javascript 43.152.29.12
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to

Full URL: https://s.isanook.com/sh/0/js/pubmatic_desktop.1.0.0.js
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/video/embed/clip/1537512/?playerType=video-js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 43.152.29.12 , Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: Lego Server /
Resource Hash: f5c2cea9fb4541a86979fdf18bb69f11555678d14a9d0b9be1758b65d180553b

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Jun 2023 05:04:19 GMT
content-encoding: gzip
x-cache-lookup: Cache Hit, Hit From Inner Cluster
last-modified: Wed, 16 May 2018 08:30:09 GMT
server: Lego Server
age: 0
etag: W/"5afbec11-43f"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000, s-maxage=10
x-nws-log-uuid: 13480178234838748984
accept-ranges: bytes
content-length: 550
expires: Fri, 14 Jul 2023 05:04:19 GMT

GET
H2 200 publishertag.js Show response
static.criteo.net/js/ld/ Frame E81E 126 KB
41 KB 171ms
170ms Script
text/javascript 178.250.1.3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.js

Requested by

Host: www.sanook.com
URL: https://www.sanook.com/video/embed/clip/1537512/?playerType=video-js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

ce42adf01899c970e7e1791dc9c4665f8307e40bc6dc1dc7fd20041b8f5f44a6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Jun 2023 03:55:48 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 31 May 2023 13:09:50 GMT
server: nginx
etag: W/"6477471e-1f8af"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Tue, 27 Jun 2023 03:55:48 GMT

GET
H2 200 beacon.v1.js Show response
p3.isanook.com/sh/0/js/ Frame E81E 375 B
412 B 154ms
147ms Script
application/javascript 43.152.29.11
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to

Full URL: https://p3.isanook.com/sh/0/js/beacon.v1.js
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/video/embed/clip/1537512/?playerType=video-js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 43.152.29.11 , Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: Lego Server /
Resource Hash: 5b0a1c9fa55b83f6c2baabc1ff99f48a43294126d03299226c166fb461520305

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 26 May 2023 08:44:39 GMT
content-encoding: gzip
x-cache-lookup: Cache Hit, Hit From Inner Cluster
last-modified: Thu, 28 Nov 2013 06:56:15 GMT
server: Lego Server
age: 1501638
etag: "5296e90f-177"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000, s-maxage=10
x-nws-log-uuid: 3787532751105421694
accept-ranges: bytes
content-length: 266
expires: Sun, 25 Jun 2023 08:44:39 GMT

GET
H2 200 bc1a5e788a33746f4adc.css
s.isanook.com/sr/0/_next/static/css/ Frame E81E 42 KB
9 KB 154ms
153ms Stylesheet
text/css 43.152.29.12
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to

Full URL: https://s.isanook.com/sr/0/_next/static/css/bc1a5e788a33746f4adc.css
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/video/embed/clip/1537512/?playerType=video-js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 43.152.29.12 , Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: Lego Server /
Resource Hash: 63f76efdf34dcee17d568b373f3b6616322a133cf8299dec72a3f9e74789e363

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 12 Jun 2023 05:08:20 GMT
content-encoding: gzip
x-cache-lookup: Cache Hit, Hit From Inner Cluster
last-modified: Fri, 09 Jun 2023 10:07:27 GMT
server: Lego Server
age: 0
etag: W/"6482f9df-a6ad"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=2592000
x-nws-log-uuid: 14448147514409980083
accept-ranges: bytes
content-length: 8901
expires: Wed, 12 Jul 2023 05:08:20 GMT

GET
H2 200 webpack-85ef46c5ff52500835f2.js Show response
s.isanook.com/sr/0/_next/static/chunks/ Frame E81E 9 KB
5 KB 140ms
132ms Script
application/javascript 43.152.29.12
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to

Full URL: https://s.isanook.com/sr/0/_next/static/chunks/webpack-85ef46c5ff52500835f2.js
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/video/embed/clip/1537512/?playerType=video-js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 43.152.29.12 , Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: Lego Server /
Resource Hash: 0a0c71cb2232ffdde95f07b0f6e9a794907328f3f27688ebc789dc1d727f534d

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 23 Jun 2023 03:21:39 GMT
content-encoding: gzip
x-cache-lookup: Cache Hit, Hit From Inner Cluster
x-original-content-length: 9093
server: Lego Server
age: 0
etag: W/"6495047f-2385"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-nws-log-uuid: 13156323659327585660
accept-ranges: bytes
content-length: 4523
expires: Sun, 23 Jul 2023 03:21:39 GMT

GET
H2 200 framework-bccd505f411f10b308c7.js Show response
s.isanook.com/sr/0/_next/static/chunks/ Frame E81E 147 KB
45 KB 140ms
133ms Script
application/javascript 43.152.29.12
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to

Full URL: https://s.isanook.com/sr/0/_next/static/chunks/framework-bccd505f411f10b308c7.js
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/video/embed/clip/1537512/?playerType=video-js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 43.152.29.12 , Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: Lego Server /
Resource Hash: e16941500a7e562826092aa4e31a907a0c6e9354e4c843391cd3fdec33602bb1

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 12 Jun 2023 19:10:59 GMT
content-encoding: gzip
x-cache-lookup: Cache Hit, Hit From Inner Cluster
last-modified: Mon, 22 May 2023 07:38:14 GMT
server: Lego Server
age: 1702601
etag: W/"646b1be6-24b58"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000
x-nws-log-uuid: 2084547069606959244
accept-ranges: bytes
content-length: 45781
expires: Fri, 23 Jun 2023 02:14:19 GMT

GET
H2 200 main-bcf4d111f618a82e6a4e.js Show response
s.isanook.com/sr/0/_next/static/chunks/ Frame E81E 75 KB
24 KB 139ms
131ms Script
application/javascript 43.152.29.12
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to

Full URL: https://s.isanook.com/sr/0/_next/static/chunks/main-bcf4d111f618a82e6a4e.js
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/video/embed/clip/1537512/?playerType=video-js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 43.152.29.12 , Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: Lego Server /
Resource Hash: 1c4ab2f8971959b6a8e4375092eacd41007a97c2078e14af4dd43fdfea43bb6a

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 15 Jun 2023 12:19:53 GMT
content-encoding: gzip
x-cache-lookup: Cache Hit, Hit From Inner Cluster
last-modified: Thu, 15 Jun 2023 02:53:38 GMT
server: Lego Server
age: 0
etag: "648a7d32-12af2"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000, s-maxage=10
x-nws-log-uuid: 2170627830861770256
accept-ranges: bytes
content-length: 23884
expires: Sat, 15 Jul 2023 12:19:53 GMT

GET
H2 200 _app-728bf3a5f2152c8da774.js Show response
s.isanook.com/sr/0/_next/static/chunks/pages/ Frame E81E 551 KB
158 KB 139ms
132ms Script
application/javascript 43.152.29.12
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to

Full URL: https://s.isanook.com/sr/0/_next/static/chunks/pages/_app-728bf3a5f2152c8da774.js
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/video/embed/clip/1537512/?playerType=video-js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 43.152.29.12 , Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: Lego Server /
Resource Hash: f6b2106e1aeb9eb001b22d996135eacf9b6e9d630e0dc80eeb456bcbe0eebe60

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 23 Jun 2023 03:21:39 GMT
content-encoding: gzip
x-cache-lookup: Cache Hit, Hit From Inner Cluster
last-modified: Fri, 23 Jun 2023 02:33:11 GMT
server: Lego Server
age: 0
etag: W/"64950467-89d06"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000, s-maxage=10
x-nws-log-uuid: 13911646677384250891
accept-ranges: bytes
content-length: 161703
expires: Sun, 23 Jul 2023 03:21:39 GMT

GET
H2 200 7918-3bbc8a6036bbcdb09d83.js Show response
s.isanook.com/sr/0/_next/static/chunks/ Frame E81E 29 KB
8 KB 162ms
155ms Script
application/javascript 43.152.29.12
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to

Full URL: https://s.isanook.com/sr/0/_next/static/chunks/7918-3bbc8a6036bbcdb09d83.js
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/video/embed/clip/1537512/?playerType=video-js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 43.152.29.12 , Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: Lego Server /
Resource Hash: 8acb5c888f88d9948d9729db88e737b9dd92ae3653dd11557aa286a55eeaeb09

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Jun 2023 09:43:41 GMT
content-encoding: gzip
x-cache-lookup: Cache Hit, Hit From Inner Cluster
last-modified: Tue, 13 Jun 2023 06:22:50 GMT
server: Lego Server
age: 0
etag: "64880b3a-7567"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000, s-maxage=10
x-nws-log-uuid: 17414424369418270238
accept-ranges: bytes
content-length: 7717
expires: Fri, 14 Jul 2023 09:43:41 GMT

GET
H2 200 8229-a3ffb213d38ea4b85bad.js Show response
s.isanook.com/sr/0/_next/static/chunks/ Frame E81E 29 KB
7 KB 162ms
155ms Script
application/javascript 43.152.29.12
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to

Full URL: https://s.isanook.com/sr/0/_next/static/chunks/8229-a3ffb213d38ea4b85bad.js
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/video/embed/clip/1537512/?playerType=video-js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 43.152.29.12 , Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: Lego Server /
Resource Hash: 0b93fcce3e4ed4086f6f2e19b753dfd7f9e48213ddba0ab5b8c9dfb2dc862ae0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 15 Jun 2023 09:28:46 GMT
content-encoding: gzip
x-cache-lookup: Cache Hit, Hit From Inner Cluster
last-modified: Thu, 15 Jun 2023 02:53:36 GMT
server: Lego Server
age: 0
etag: W/"648a7d30-7506"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000, s-maxage=10
x-nws-log-uuid: 17229882091008744733
accept-ranges: bytes
content-length: 6889
expires: Sat, 15 Jul 2023 09:28:46 GMT

GET
H2 200 9669-b56602280eb9384c191d.js Show response
s.isanook.com/sr/0/_next/static/chunks/ Frame E81E 13 KB
5 KB 162ms
155ms Script
application/javascript 43.152.29.12
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to

Full URL: https://s.isanook.com/sr/0/_next/static/chunks/9669-b56602280eb9384c191d.js
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/video/embed/clip/1537512/?playerType=video-js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 43.152.29.12 , Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: Lego Server /
Resource Hash: 9cd0cf9358f6d9ef9aecc29466faba4f8f2f5b9a79f03be60e6b220558fd4340

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 15:57:25 GMT
content-encoding: gzip
x-cache-lookup: Cache Hit, Hit From Inner Cluster
last-modified: Thu, 15 Jun 2023 02:53:36 GMT
server: Lego Server
age: 2
etag: W/"648a7d30-35e2"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000
x-nws-log-uuid: 14295321894600987328
accept-ranges: bytes
content-length: 4715
expires: Sat, 17 Jun 2023 15:57:35 GMT

GET
H2 200 1354-e6e263fd45386d27bc3d.js Show response
s.isanook.com/sr/0/_next/static/chunks/ Frame E81E 50 KB
16 KB 160ms
154ms Script
application/javascript 43.152.29.12
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to

Full URL: https://s.isanook.com/sr/0/_next/static/chunks/1354-e6e263fd45386d27bc3d.js
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/video/embed/clip/1537512/?playerType=video-js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 43.152.29.12 , Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: Lego Server /
Resource Hash: 6110bd3d72d24a65ab45401d0318208e362f323aca3c84d57a36523d34a60f0b

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 19 Jun 2023 11:57:46 GMT
content-encoding: gzip
x-cache-lookup: Cache Hit, Hit From Inner Cluster
last-modified: Thu, 15 Jun 2023 02:53:37 GMT
server: Lego Server
age: 0
etag: W/"648a7d31-c680"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000, s-maxage=10
x-nws-log-uuid: 13623592932987987450
accept-ranges: bytes
content-length: 16570
expires: Wed, 19 Jul 2023 11:57:46 GMT

GET
H2 200 2962-603a28e62dde6ed2aedb.js Show response
s.isanook.com/sr/0/_next/static/chunks/ Frame E81E 12 KB
3 KB 162ms
156ms Script
application/javascript 43.152.29.12
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to

Full URL: https://s.isanook.com/sr/0/_next/static/chunks/2962-603a28e62dde6ed2aedb.js
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/video/embed/clip/1537512/?playerType=video-js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 43.152.29.12 , Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: Lego Server /
Resource Hash: 39a9767a33fe8b9d31f24bb9f29f98152c9f738a1bf59539cfd87285d30be231

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 18 Jun 2023 19:20:32 GMT
content-encoding: gzip
x-cache-lookup: Cache Hit, Hit From Inner Cluster
last-modified: Thu, 15 Jun 2023 02:53:37 GMT
server: Lego Server
age: 0
etag: W/"648a7d31-2ebe"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000
x-nws-log-uuid: 13120208411384089459
accept-ranges: bytes
content-length: 2738
expires: Sun, 18 Jun 2023 19:20:43 GMT

GET
H2 200 9047-2d652cafc35943e20d62.js Show response
s.isanook.com/sr/0/_next/static/chunks/ Frame E81E 14 KB
5 KB 162ms
156ms Script
application/javascript 43.152.29.12
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to

Full URL: https://s.isanook.com/sr/0/_next/static/chunks/9047-2d652cafc35943e20d62.js
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/video/embed/clip/1537512/?playerType=video-js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 43.152.29.12 , Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: Lego Server /
Resource Hash: 50242617945a6f6a36fe2fd68afa582d0b765e127a17bfe46487e5cc3970bb18

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Jun 2023 05:04:20 GMT
content-encoding: gzip
x-cache-lookup: Cache Hit, Hit From Inner Cluster
last-modified: Tue, 13 Jun 2023 06:22:49 GMT
server: Lego Server
age: 0
etag: "64880b39-38a5"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000, s-maxage=10
x-nws-log-uuid: 5548508523171923139
accept-ranges: bytes
content-length: 4475
expires: Fri, 14 Jul 2023 05:04:20 GMT

GET
H2 200 3253-079293c535abc2a452b6.js Show response
s.isanook.com/sr/0/_next/static/chunks/ Frame E81E 22 KB
7 KB 208ms
202ms Script
application/javascript 43.152.29.12
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to

Full URL: https://s.isanook.com/sr/0/_next/static/chunks/3253-079293c535abc2a452b6.js
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/video/embed/clip/1537512/?playerType=video-js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 43.152.29.12 , Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: Lego Server /
Resource Hash: 3c306814caff0bcd34236c2f17695012ea796e2e7d0d1506ec323773f70596b8

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 19 Jun 2023 08:14:13 GMT
content-encoding: gzip
x-cache-lookup: Cache Hit
last-modified: Thu, 15 Jun 2023 02:53:37 GMT
server: Lego Server
age: 0
etag: W/"648a7d31-57ad"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000
x-nws-log-uuid: 17063290553686184196
accept-ranges: bytes
content-length: 6481
expires: Wed, 19 Jul 2023 08:14:13 GMT

GET
H2 200 1350-ccbe2b949cfdea577ff1.js Show response
s.isanook.com/sr/0/_next/static/chunks/ Frame E81E 14 KB
5 KB 217ms
211ms Script
application/javascript 43.152.29.12
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to

Full URL: https://s.isanook.com/sr/0/_next/static/chunks/1350-ccbe2b949cfdea577ff1.js
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/video/embed/clip/1537512/?playerType=video-js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 43.152.29.12 , Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: Lego Server /
Resource Hash: 7492395fef5caac2500eb07ba8dbc30c0fa593fe2db43e89db33dc0d3af70e41

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Jun 2023 06:39:33 GMT
content-encoding: gzip
x-cache-lookup: Cache Hit, Hit From Inner Cluster
last-modified: Thu, 15 Jun 2023 02:53:37 GMT
server: Lego Server
age: 26711
etag: W/"648a7d31-3614"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000, s-maxage=10
x-nws-log-uuid: 9253948897699889771
accept-ranges: bytes
content-length: 4649
expires: Sun, 16 Jul 2023 06:39:33 GMT

GET
H2 200 391-d65bd606af1dec261c9c.js Show response
s.isanook.com/sr/0/_next/static/chunks/ Frame E81E 14 KB
5 KB 417ms
411ms Script
application/javascript 43.152.29.12
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to

Full URL: https://s.isanook.com/sr/0/_next/static/chunks/391-d65bd606af1dec261c9c.js
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/video/embed/clip/1537512/?playerType=video-js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 43.152.29.12 , Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: Lego Server /
Resource Hash: 3c78f30eae1c546abce28fb3253e8e32612aa206d67c02049b35506691a77ec7

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 12 Jun 2023 23:16:19 GMT
content-encoding: gzip
x-cache-lookup: Cache Hit, Hit From Inner Cluster
last-modified: Mon, 12 Jun 2023 09:36:42 GMT
server: Lego Server
age: 546144
etag: W/"6486e72a-385d"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000, s-maxage=10
x-nws-log-uuid: 427329854694627913
accept-ranges: bytes
content-length: 5053
expires: Wed, 12 Jul 2023 23:16:19 GMT

GET
H2 200 2930-e57bfc69aee05a2179a5.js Show response
s.isanook.com/sr/0/_next/static/chunks/ Frame E81E 204 KB
28 KB 210ms
204ms Script
application/javascript 43.152.29.12
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to

Full URL: https://s.isanook.com/sr/0/_next/static/chunks/2930-e57bfc69aee05a2179a5.js
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/video/embed/clip/1537512/?playerType=video-js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 43.152.29.12 , Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: Lego Server /
Resource Hash: 55bbfc861e7a701243f51f7e35b254b20ec854f162f6f9d37e68a75f90dfcbc8

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 07:30:52 GMT
content-encoding: gzip
x-cache-lookup: Cache Hit, Hit From Inner Cluster
x-original-content-length: 209275
server: Lego Server
age: 1
etag: W/"6492a402-3317b"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-nws-log-uuid: 8564806617993687743
accept-ranges: bytes
content-length: 27887
expires: Fri, 21 Jul 2023 07:28:20 GMT

GET
H2 200 2996-02c93ea9f8ef187330a7.js Show response
s.isanook.com/sr/0/_next/static/chunks/ Frame E81E 92 KB
17 KB 210ms
204ms Script
application/javascript 43.152.29.12
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to

Full URL: https://s.isanook.com/sr/0/_next/static/chunks/2996-02c93ea9f8ef187330a7.js
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/video/embed/clip/1537512/?playerType=video-js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 43.152.29.12 , Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: Lego Server /
Resource Hash: 535499bf25b6a149637ce611286da6239dee803fda1191102371595c8d23d63e

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Jun 2023 14:04:49 GMT
content-encoding: gzip
x-cache-lookup: Cache Hit, Hit From Inner Cluster
last-modified: Thu, 15 Jun 2023 02:53:37 GMT
server: Lego Server
age: 0
etag: W/"648a7d31-16f46"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000, s-maxage=10
x-nws-log-uuid: 5263126047889924205
accept-ranges: bytes
content-length: 16728
expires: Sun, 16 Jul 2023 14:04:49 GMT

GET
H2 200 7263-a62ce33231ab5ee8cb0d.js Show response
s.isanook.com/sr/0/_next/static/chunks/ Frame E81E 197 KB
43 KB 209ms
204ms Script
application/javascript 43.152.29.12
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to

Full URL: https://s.isanook.com/sr/0/_next/static/chunks/7263-a62ce33231ab5ee8cb0d.js
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/video/embed/clip/1537512/?playerType=video-js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 43.152.29.12 , Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: Lego Server /
Resource Hash: b60ab41fb92e80bb9abd19bead792c4276a9a738adeaa23fafabcc875cf5f5f0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 23 Jun 2023 03:21:39 GMT
content-encoding: gzip
x-cache-lookup: Cache Hit, Hit From Inner Cluster
last-modified: Fri, 23 Jun 2023 02:33:36 GMT
server: Lego Server
age: 0
etag: W/"64950480-31365"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000
x-nws-log-uuid: 17424094383571402
accept-ranges: bytes
content-length: 44180
expires: Sun, 23 Jul 2023 03:21:39 GMT

GET
H2 200 3316-c2db2abb0c275a7040e2.js Show response
s.isanook.com/sr/0/_next/static/chunks/ Frame E81E 18 KB
4 KB 210ms
205ms Script
application/javascript 43.152.29.12
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to

Full URL: https://s.isanook.com/sr/0/_next/static/chunks/3316-c2db2abb0c275a7040e2.js
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/video/embed/clip/1537512/?playerType=video-js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 43.152.29.12 , Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: Lego Server /
Resource Hash: d38961bd0b1ca21df559b911d10e02450f663398373f3e6ac76eb31809b5b75e

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 22 Jun 2023 14:28:25 GMT
content-encoding: gzip
x-cache-lookup: Cache Hit, Hit From Inner Cluster
last-modified: Wed, 21 Jun 2023 11:27:45 GMT
server: Lego Server
age: 0
etag: "6492deb1-4663"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000, s-maxage=10
x-nws-log-uuid: 6905515873622327853
accept-ranges: bytes
content-length: 4351
expires: Sat, 22 Jul 2023 14:28:25 GMT

GET
H2 200 8817-667afea6b4063b7df2e9.js Show response
s.isanook.com/sr/0/_next/static/chunks/ Frame E81E 14 KB
4 KB 209ms
204ms Script
application/javascript 43.152.29.12
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to

Full URL: https://s.isanook.com/sr/0/_next/static/chunks/8817-667afea6b4063b7df2e9.js
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/video/embed/clip/1537512/?playerType=video-js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 43.152.29.12 , Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: Lego Server /
Resource Hash: 991b8b544ad11ad8176e3fc1287058425715839ab4c534e61bdc4cd882ea2fee

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 19 Jun 2023 17:03:13 GMT
content-encoding: gzip
x-cache-lookup: Cache Hit, Hit From Inner Cluster
last-modified: Thu, 15 Jun 2023 02:53:37 GMT
server: Lego Server
age: 0
etag: W/"648a7d31-38a3"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000, s-maxage=10
x-nws-log-uuid: 4445647127796673826
accept-ranges: bytes
content-length: 3946
expires: Wed, 19 Jul 2023 17:03:13 GMT

GET
H2 200 695-62c72b2d35df86fa20fb.js Show response
s.isanook.com/sr/0/_next/static/chunks/ Frame E81E 16 KB
5 KB 210ms
205ms Script
application/javascript 43.152.29.12
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to

Full URL: https://s.isanook.com/sr/0/_next/static/chunks/695-62c72b2d35df86fa20fb.js
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/video/embed/clip/1537512/?playerType=video-js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 43.152.29.12 , Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: Lego Server /
Resource Hash: 7f68ee2786c79a1fa01d4a0f41300e20597ae64bb3604fa6441b594ab9ad3353

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 07:28:23 GMT
content-encoding: gzip
x-cache-lookup: Cache Hit, Hit From Inner Cluster
x-original-content-length: 16640
server: Lego Server
age: 0
etag: W/"6492a402-4100"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000, s-maxage=10
x-nws-log-uuid: 13818423520235881507
accept-ranges: bytes
content-length: 5237
expires: Fri, 21 Jul 2023 07:28:23 GMT

GET
H2 200 embed-video-detail-06cfcb98b228afc031c7.js Show response
s.isanook.com/sr/0/_next/static/chunks/pages/channels/video/ Frame E81E 10 KB
4 KB 215ms
210ms Script
application/javascript 43.152.29.12
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to

Full URL: https://s.isanook.com/sr/0/_next/static/chunks/pages/channels/video/embed-video-detail-06cfcb98b228afc031c7.js
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/video/embed/clip/1537512/?playerType=video-js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 43.152.29.12 , Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: Lego Server /
Resource Hash: 5834100b74df5b33141bade07e3c6cc1de333768ad6dfe8f11504c01523d7e94

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 07:28:23 GMT
content-encoding: gzip
x-cache-lookup: Cache Hit, Hit From Inner Cluster
x-original-content-length: 10601
server: Lego Server
age: 0
etag: W/"6492a403-2969"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-nws-log-uuid: 5125635069439347578
accept-ranges: bytes
content-length: 3733
expires: Fri, 21 Jul 2023 07:28:23 GMT

GET
H2 200 _buildManifest.js Show response
s.isanook.com/sr/0/_next/static/w9cWYAHcRxyocyIcD8YLU/ Frame E81E 22 KB
6 KB 208ms
203ms Script
application/javascript 43.152.29.12
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to

Full URL: https://s.isanook.com/sr/0/_next/static/w9cWYAHcRxyocyIcD8YLU/_buildManifest.js
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/video/embed/clip/1537512/?playerType=video-js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 43.152.29.12 , Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: Lego Server /
Resource Hash: a1187a2df40326dac6994a12cc15f688ad94218b7d971c1722e645ed8bc5bb21

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 23 Jun 2023 03:21:42 GMT
content-encoding: gzip
x-cache-lookup: Cache Hit
x-original-content-length: 22689
server: Lego Server
age: 0
etag: W/"64950468-58a1"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-nws-log-uuid: 6370037619029452227
accept-ranges: bytes
content-length: 5787
expires: Sun, 23 Jul 2023 03:21:40 GMT

GET
H2 200 _ssgManifest.js Show response
s.isanook.com/sr/0/_next/static/w9cWYAHcRxyocyIcD8YLU/ Frame E81E 77 B
236 B 215ms
211ms Script
application/javascript 43.152.29.12
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to

Full URL: https://s.isanook.com/sr/0/_next/static/w9cWYAHcRxyocyIcD8YLU/_ssgManifest.js
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/video/embed/clip/1537512/?playerType=video-js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 43.152.29.12 , Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: Lego Server /
Resource Hash: 6f5b4aa00d2f8d6aed9935b471806bf7acef464d0c1d390260e5fe27f800c67e

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 23 Jun 2023 03:21:39 GMT
x-cache-lookup: Cache Hit, Hit From Inner Cluster
last-modified: Fri, 23 Jun 2023 02:33:12 GMT
server: Lego Server
age: 0
etag: "64950468-4d"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000, s-maxage=10
x-nws-log-uuid: 10088662250115951879
accept-ranges: bytes
content-length: 77
expires: Sun, 23 Jul 2023 03:21:39 GMT

GET
H2 200 spacer.gif
p3.isanook.com/sh/0/di/ac/vl/ Frame E81E 43 B
176 B 151ms
147ms Image
image/gif 43.152.29.11
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p3.isanook.com/sh/0/di/ac/vl/spacer.gif
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/video/embed/clip/1537512/?playerType=video-js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 43.152.29.11 , Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: Lego Server /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 22 Jun 2023 01:10:31 GMT
x-cache-lookup: Cache Hit, Hit From Inner Cluster
last-modified: Tue, 08 Feb 2011 09:07:23 GMT
server: Lego Server
age: 0
etag: "4d5107cb-2b"
vary: Accept-Encoding
content-type: image/gif
cache-control: max-age=2592000, s-maxage=10
x-nws-log-uuid: 16190784481365927952
accept-ranges: bytes
content-length: 43
expires: Sat, 22 Jul 2023 01:10:31 GMT

GET
H2 200 oppa.js Show response
p3.isanook.com/sh/0/js/ Frame E81E 537 B
507 B 354ms
350ms Script
application/javascript 43.152.29.11
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to

Full URL: https://p3.isanook.com/sh/0/js/oppa.js
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/video/embed/clip/1537512/?playerType=video-js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 43.152.29.11 , Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: Lego Server /
Resource Hash: 8d9ca9a070463bcbe29e90af7f3b2aff78adce09eb1481d5b261af72ef998f28

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 19 Jun 2023 10:06:39 GMT
content-encoding: gzip
x-cache-lookup: Cache Hit, Hit From Inner Cluster
last-modified: Wed, 17 May 2017 08:37:40 GMT
server: Lego Server
age: 0
etag: "591c0bd4-219"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000, s-maxage=10
x-nws-log-uuid: 2877900169153794518
accept-ranges: bytes
content-length: 363
expires: Wed, 19 Jul 2023 10:06:39 GMT

GET
H2 200 db04b7e80825ebbe7211052ca9638d056f74acc8-1.11.0.js Show response
s.isanook.com/sr/0/js/izooto/ Frame E81E 209 KB
54 KB 215ms
211ms Script
application/javascript 43.152.29.12
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to

Full URL: https://s.isanook.com/sr/0/js/izooto/db04b7e80825ebbe7211052ca9638d056f74acc8-1.11.0.js
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/video/embed/clip/1537512/?playerType=video-js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 43.152.29.12 , Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: Lego Server /
Resource Hash: 04739cdd0a9f88f3ceac9851166b8376d4d10cc38cff7f92edc30d5e298d11b1

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 19:10:10 GMT
content-encoding: gzip
x-cache-lookup: Cache Hit, Hit From Inner Cluster
last-modified: Wed, 21 Jun 2023 11:28:14 GMT
server: Lego Server
age: 0
etag: "6492dece-34574"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000
x-nws-log-uuid: 9519694911096338364
accept-ranges: bytes
content-length: 55174
expires: Fri, 21 Jul 2023 19:10:10 GMT

GET
H2 200 feed-card-placeholder.20230620-21-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ 5 KB
2 KB 135ms
134ms Script
application/javascript 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/feed-card-placeholder.20230620-21-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/sanook/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 53de2f993f55be083141b010738e076a027291e038ca454d686929063b172cbb

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: eivC7qB1rVZAykwDPX3XgEbXI4qP9A8f
content-encoding: gzip
via: 1.1 varnish
date: Mon, 26 Jun 2023 03:55:48 GMT
x-amz-request-id: QYCSC3X1TPFXCM67
age: 388634
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 1263
x-amz-id-2: z83oWt6E3CDbYYFLKV8CS9qfbyY/J1tjp1jtRvMNbndnODR+tzKozqTkzqRakUgYRcXrkh96VBs=
x-served-by: cache-sof1510039-SOF
last-modified: Wed, 21 Jun 2023 15:44:41 GMT
server: AmazonS3
x-tbl-debug: bestatus=200,beresp=OK
x-timer: S1687751749.928691,VS0,VE0
etag: "fc36960a15be855024f0e9be196f1162"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 60
access-control-allow-origin: *
cache-control: private,max-age=2629743
accept-ranges: bytes
x-cache-hits: 44329

GET
H2 200 distance-from-article.20230620-21-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ 2 KB
1 KB 121ms
121ms Script
application/javascript 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/distance-from-article.20230620-21-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/sanook/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d6076f3649035fb86508f0ba58c8a689661edac6fb7ece7ce2cc3395c7b3d492

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: Av3qo36RYFdTe3AeAcxGiJTJiyiSSK6Z
content-encoding: gzip
via: 1.1 varnish
date: Mon, 26 Jun 2023 03:55:48 GMT
x-amz-request-id: QYCTA6V4YH3BDVZS
age: 388634
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 1135
x-amz-id-2: C8N5/yDHYZVJi609M7+E8rxNSdu4+PWMugTThKV/ZpBhHgXDO6hdGAQhRXDVLHEpVitwLkOlIXs=
x-served-by: cache-sof1510039-SOF
last-modified: Wed, 21 Jun 2023 15:44:36 GMT
server: AmazonS3
x-tbl-debug: bestatus=200,beresp=OK
x-timer: S1687751749.947741,VS0,VE0
etag: "abcec2352dff395e1d23200b241894d3"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 20
access-control-allow-origin: *
cache-control: private,max-age=2629743
accept-ranges: bytes
x-cache-hits: 54895

GET
H2 200 article-detection.20230620-21-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ 3 KB
1 KB 120ms
119ms Script
application/javascript 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/article-detection.20230620-21-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/sanook/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 6e148dcdadfa629b3a395feb7b0c6bedf3ca86d21502d89e964f2efb9e2b59c3

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: MnzKNh9BIo6WFQM.emg1B8GqvbnHk2iN
content-encoding: gzip
via: 1.1 varnish
date: Mon, 26 Jun 2023 03:55:48 GMT
x-amz-request-id: QYCT21AC31C8KCCF
age: 388634
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 1236
x-amz-id-2: 3ZQrjy/qEr5I01Jw8k1N5P+Z2nzGNsyub8PR3F7PF7/uWwZ++fUNr7eAyK1xd3D7+SZNyoy1aH0=
x-served-by: cache-sof1510039-SOF
last-modified: Wed, 21 Jun 2023 15:44:29 GMT
server: AmazonS3
x-tbl-debug: bestatus=200,beresp=OK
x-timer: S1687751749.947732,VS0,VE0
etag: "b0845a4ec36ecad608a2739c24182fed"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 51
access-control-allow-origin: *
cache-control: private,max-age=2629743
accept-ranges: bytes
x-cache-hits: 54875

GET
H2 200 f89e1763-220d-4e09-ba69-9e040548fb7a.svg
cdn.taboola.com/static/f8/ 4 KB
2 KB 119ms
119ms Image
image/svg+xml 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.taboola.com/static/f8/f89e1763-220d-4e09-ba69-9e040548fb7a.svg
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/women/220941/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 39b076e4bb4fab9b8a142499cf6155f8c128464974691a04de7e764f71b72618

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: cMrDKn.emLmm9kiiOOF64ulDT4DRy6LK
content-encoding: gzip
via: 1.1 varnish
date: Mon, 26 Jun 2023 03:55:48 GMT
x-amz-request-id: DKWHBZA6EDB45JGV
age: 19
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 1758
x-amz-id-2: FIJvtcR4Qgl/Dvj+kTUODH/tgrcfPeD3Gv/ev/Faq7FQFYwPfSXV58/ZdOuypiTmhHvfvgzkoZg=
x-served-by: cache-sof1510039-SOF
last-modified: Wed, 07 Feb 2018 11:15:52 GMT
server: AmazonS3
x-timer: S1687751749.972816,VS0,VE0
etag: "b8b410e4b18d45aa2f3d9bc09cd335fb"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: image/svg+xml
access-control-allow-origin: *
abp: 43
cache-control: private,max-age=31536000
accept-ranges: bytes
access-control-allow-headers: *
x-cache-hits: 22

GET
H2 200 UnitWidgetItemDesktop.min.js Show response
vidstat.taboola.com/lite-unit/4.0.5/ 112 KB
30 KB 118ms
117ms Script
application/javascript 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vidstat.taboola.com/lite-unit/4.0.5/UnitWidgetItemDesktop.min.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230620-21-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 0e7180a71dde7d28bbb50ea73c1f2687ac78e876e393870c9b9a3b57f7b95986

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Jun 2023 03:55:48 GMT
via: 1.1 7d96f66bed58c00decdf9696146921d8.cloudfront.net (CloudFront), 1.1 varnish
content-encoding: gzip
x-amz-cf-pop: BUD50-C1
age: 154158
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront, HIT
content-length: 30695
x-served-by: cache-sof1510039-SOF
last-modified: Sat, 24 Jun 2023 09:05:21 GMT
server: AmazonS3
x-timer: S1687751749.990799,VS0,VE0
etag: "ef24c9e350329713f3e1415cac9f6f3f"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
access-control-allow-headers: *
x-amz-cf-id: r04iPXP6UabcESmBAB8zavKGSwjEkd03BVQfHI-JgVzhl7J22ulXYA==
x-cache-hits: 7459

GET
H2 200 explore-more.20230620-21-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ 28 KB
8 KB 121ms
120ms Script
application/javascript 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/explore-more.20230620-21-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/sanook/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: cf4ec2276c9bf4e55ecaedece95d49b042ac2fcfc54f0ffbfbe5b731031dc0fb

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: y8nXTzp8fxzIGQSfjqy3m8OGh6UKoVwJ
content-encoding: gzip
via: 1.1 varnish
date: Mon, 26 Jun 2023 03:55:49 GMT
x-amz-request-id: DK56NWRFQBR221XM
age: 388584
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 8242
x-amz-id-2: lMVGpH7eDqw4UpixFUGdtxxgs9dXVsA7+2cDG2lv4LwThilbqFCoFqPyx75MhUvg3s9zQfhW58c=
x-served-by: cache-sof1510039-SOF
last-modified: Wed, 21 Jun 2023 15:44:39 GMT
server: AmazonS3
x-tbl-debug: bestatus=200,beresp=OK
x-timer: S1687751749.008247,VS0,VE0
etag: "0ce097c5b8ab15d7c8197139b586abfb"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 6
access-control-allow-origin: *
cache-control: private,max-age=2629743
accept-ranges: bytes
x-cache-hits: 29161

GET
H2 204 debug
il-trc-events.taboola.com/sanook/log/2/ 0
92 B 591ms
186ms Image
text/plain 185.106.33.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://il-trc-events.taboola.com/sanook/log/2/debug?tim=03%3A55%3A48.880&type=info&msg=%7B%22name%22%3A%22Below%20Article%20Thumbnails%22%2C%22nb%22%3A%222%22%2C%22eof%22%3A%22%22%2C%22fti%22%3A%22delta-override%3A10729751%3APUBLISHED%22%2C%22vsm%22%3Afalse%7D&llvl=2&id=5190&cv=20230620-21-RELEASE&lt=vis-state-roll-disabled_ctrl&pct=1
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/women/220941/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Jun 2023 03:55:49 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 116436

GET
H2 204 debug
il-trc-events.taboola.com/sanook/log/2/ 0
91 B 591ms
188ms Image
text/plain 185.106.33.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://il-trc-events.taboola.com/sanook/log/2/debug?tim=03%3A55%3A48.884&type=info&msg=Start%20Rendering%20Below%20Article%20Thumbnails%20%7C%20Card%201&llvl=2&id=5374&cv=20230620-21-RELEASE&lt=vis-state-roll-disabled_ctrl&pct=1
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/women/220941/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Jun 2023 03:55:49 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 116436

GET
H2 204 debug
il-trc-events.taboola.com/sanook/log/2/ 0
91 B 591ms
188ms Image
text/plain 185.106.33.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://il-trc-events.taboola.com/sanook/log/2/debug?tim=03%3A55%3A48.892&type=info&msg=Finish%20Rendering%20Below%20Article%20Thumbnails%20%7C%20Card%201&llvl=2&id=7209&cv=20230620-21-RELEASE&lt=vis-state-roll-disabled_ctrl&pct=1
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/women/220941/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Jun 2023 03:55:49 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 116436

GET
H2 204 debug
il-trc-events.taboola.com/sanook/log/2/ 0
91 B 593ms
190ms Image
text/plain 185.106.33.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://il-trc-events.taboola.com/sanook/log/2/debug?tim=03%3A55%3A48.898&type=info&msg=%7B%22name%22%3A%22Below%20Article%20Thumbnails%22%2C%22nb%22%3A%222%22%2C%22eof%22%3A%22%22%2C%22fti%22%3A%22delta-override%3A10729751%3APUBLISHED%22%2C%22vsm%22%3Afalse%7D&llvl=2&id=154&cv=20230620-21-RELEASE&lt=vis-state-roll-disabled_ctrl&pct=1
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/women/220941/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Jun 2023 03:55:49 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 116436

GET
H2 204 debug
il-trc-events.taboola.com/sanook/log/2/ 0
91 B 594ms
191ms Image
text/plain 185.106.33.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://il-trc-events.taboola.com/sanook/log/2/debug?tim=03%3A55%3A48.901&type=info&msg=Start%20Rendering%20Below%20Article%20Thumbnails%20%7C%20Card%202&llvl=2&id=2936&cv=20230620-21-RELEASE&lt=vis-state-roll-disabled_ctrl&pct=1
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/women/220941/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Jun 2023 03:55:49 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 116436

GET
H2 204 debug
il-trc-events.taboola.com/sanook/log/2/ 0
91 B 594ms
192ms Image
text/plain 185.106.33.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://il-trc-events.taboola.com/sanook/log/2/debug?tim=03%3A55%3A48.905&type=info&msg=Finish%20Rendering%20Below%20Article%20Thumbnails%20%7C%20Card%202&llvl=2&id=5622&cv=20230620-21-RELEASE&lt=vis-state-roll-disabled_ctrl&pct=1
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/women/220941/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Jun 2023 03:55:49 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 116436

GET
H2 204 debug
il-trc-events.taboola.com/sanook/log/2/ 0
90 B 232ms
184ms Image
text/plain 185.106.33.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://il-trc-events.taboola.com/sanook/log/2/debug?tim=03%3A55%3A48.907&type=info&msg=Start%20Rendering%20Below%20Article%20Thumbnails%20%7C%20Card%203&llvl=2&id=1418&cv=20230620-21-RELEASE&lt=vis-state-roll-disabled_ctrl&pct=1
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/women/220941/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Jun 2023 03:55:49 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 116421

GET
H2 204 debug
il-trc-events.taboola.com/sanook/log/2/ 0
90 B 233ms
185ms Image
text/plain 185.106.33.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://il-trc-events.taboola.com/sanook/log/2/debug?tim=03%3A55%3A48.909&type=info&msg=Finish%20Rendering%20Below%20Article%20Thumbnails%20%7C%20Card%203&llvl=2&id=1034&cv=20230620-21-RELEASE&lt=vis-state-roll-disabled_ctrl&pct=1
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/women/220941/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Jun 2023 03:55:49 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 116421

GET
H2 204 debug
il-trc-events.taboola.com/sanook/log/2/ 0
90 B 233ms
185ms Image
text/plain 185.106.33.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://il-trc-events.taboola.com/sanook/log/2/debug?tim=03%3A55%3A48.912&type=info&msg=Start%20Rendering%20Below%20Article%20Thumbnails%20%7C%20Card%204&llvl=2&id=4760&cv=20230620-21-RELEASE&lt=vis-state-roll-disabled_ctrl&pct=1
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/women/220941/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Jun 2023 03:55:49 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 116421

GET
H2 204 debug
il-trc-events.taboola.com/sanook/log/2/ 0
90 B 231ms
185ms Image
text/plain 185.106.33.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://il-trc-events.taboola.com/sanook/log/2/debug?tim=03%3A55%3A48.914&type=info&msg=Finish%20Rendering%20Below%20Article%20Thumbnails%20%7C%20Card%204&llvl=2&id=2348&cv=20230620-21-RELEASE&lt=vis-state-roll-disabled_ctrl&pct=1
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/women/220941/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Jun 2023 03:55:49 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 116421

GET
H2 204 debug
il-trc-events.taboola.com/sanook/log/2/ 0
90 B 231ms
186ms Image
text/plain 185.106.33.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://il-trc-events.taboola.com/sanook/log/2/debug?tim=03%3A55%3A48.944&type=info&msg=Start%20Rendering%20Below%20Article%20Thumbnails%20%7C%20Card%205&llvl=2&id=9684&cv=20230620-21-RELEASE&lt=vis-state-roll-disabled_ctrl&pct=1
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/women/220941/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Jun 2023 03:55:49 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 116421

GET
H2 204 debug
il-trc-events.taboola.com/sanook/log/2/ 0
90 B 231ms
186ms Image
text/plain 185.106.33.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://il-trc-events.taboola.com/sanook/log/2/debug?tim=03%3A55%3A48.946&type=info&msg=Finish%20Rendering%20Below%20Article%20Thumbnails%20%7C%20Card%205&llvl=2&id=1597&cv=20230620-21-RELEASE&lt=vis-state-roll-disabled_ctrl&pct=1
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/women/220941/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Jun 2023 03:55:49 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 116421

GET
H2 204 debug
il-trc-events.taboola.com/sanook/log/2/ 0
90 B 232ms
187ms Image
text/plain 185.106.33.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://il-trc-events.taboola.com/sanook/log/2/debug?tim=03%3A55%3A48.954&type=info&msg=Start%20Rendering%20Below%20Article%20Thumbnails%20%7C%20Card%206&llvl=2&id=6239&cv=20230620-21-RELEASE&lt=vis-state-roll-disabled_ctrl&pct=1
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/women/220941/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Jun 2023 03:55:49 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 116421

GET
H2 204 debug
il-trc-events.taboola.com/sanook/log/2/ 0
90 B 232ms
187ms Image
text/plain 185.106.33.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://il-trc-events.taboola.com/sanook/log/2/debug?tim=03%3A55%3A48.956&type=info&msg=Finish%20Rendering%20Below%20Article%20Thumbnails%20%7C%20Card%206&llvl=2&id=9420&cv=20230620-21-RELEASE&lt=vis-state-roll-disabled_ctrl&pct=1
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/women/220941/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Jun 2023 03:55:49 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 116421

GET
H2 204 supply-feature
il-trc-events.taboola.com/sanook/log/3/ 0
363 B 234ms
190ms Image
text/plain 185.106.33.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://il-trc-events.taboola.com/sanook/log/3/supply-feature?route=AM:IL:V&lti=vis-state-roll-disabled_ctrl&ri=4dd4b99099da62d611300bc87077e256&sd=v2_fb092fe7b8473f4cde85d6b6e0c11bfd_330b5701-58b6-480a-9089-cdb23d1bc4ff-tuctb9291c3_1687751747_1687751747_CNawjgYQgeA9GPPQ366PMSABKAEwTzj74glAho4QSLLZ2ANQ____________AVgAYABosa_ptcr9986tAXAB&ui=330b5701-58b6-480a-9089-cdb23d1bc4ff-tuctb9291c3&pi=/women/220941&wi=-3636414332327407013&pt=text&vi=1687751747699&d=%7B%22event_type%22%3A%22EXPLORE_MORE%22%2C%22event_state%22%3A%22ADOPTED%22%2C%22event_value%22%3A%22%22%2C%22event_msg%22%3A%22%22%2C%22event_key%22%3A%22%22%7D&tim=03%3A55%3A48.957&id=3528&llvl=2&cv=20230620-21-RELEASE&
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/women/220941/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Mon, 26 Jun 2023 03:55:49 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H2 204 debug
il-trc-events.taboola.com/sanook/log/2/ 0
90 B 232ms
187ms Image
text/plain 185.106.33.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://il-trc-events.taboola.com/sanook/log/2/debug?tim=03%3A55%3A48.959&type=info&msg=%7B%22name%22%3A%22Explore%20More%22%2C%22nb%22%3A%222%22%2C%22eof%22%3A%22%22%2C%22fti%22%3A%22delta-override%3A10642536%3APUBLISHED%22%2C%22vsm%22%3Afalse%7D&llvl=2&id=8219&cv=20230620-21-RELEASE&lt=vis-state-roll-disabled_ctrl&pct=1
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/women/220941/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Jun 2023 03:55:49 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 116421

GET
H2 204 debug
il-trc-events.taboola.com/sanook/log/2/ 0
90 B 233ms
188ms Image
text/plain 185.106.33.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://il-trc-events.taboola.com/sanook/log/2/debug?tim=03%3A55%3A48.961&type=info&msg=Start%20Rendering%20Explore%20More%20%7C%20Card%201&llvl=2&id=3902&cv=20230620-21-RELEASE&lt=vis-state-roll-disabled_ctrl&pct=1
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/women/220941/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Jun 2023 03:55:49 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 116421

GET
H2 204 debug
il-trc-events.taboola.com/sanook/log/2/ 0
90 B 233ms
188ms Image
text/plain 185.106.33.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://il-trc-events.taboola.com/sanook/log/2/debug?tim=03%3A55%3A48.967&type=info&msg=Finish%20Rendering%20Explore%20More%20%7C%20Card%201&llvl=2&id=5010&cv=20230620-21-RELEASE&lt=vis-state-roll-disabled_ctrl&pct=1
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/women/220941/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Jun 2023 03:55:49 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 116421

GET
H2 204 debug
il-trc-events.taboola.com/sanook/log/2/ 0
90 B 233ms
188ms Image
text/plain 185.106.33.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://il-trc-events.taboola.com/sanook/log/2/debug?tim=03%3A55%3A48.976&type=info&msg=Start%20Rendering%20Explore%20More%20%7C%20Card%201&llvl=2&id=3494&cv=20230620-21-RELEASE&lt=vis-state-roll-disabled_ctrl&pct=1
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/women/220941/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Jun 2023 03:55:49 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 116421

GET
H2 204 debug
il-trc-events.taboola.com/sanook/log/2/ 0
90 B 233ms
189ms Image
text/plain 185.106.33.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://il-trc-events.taboola.com/sanook/log/2/debug?tim=03%3A55%3A48.978&type=info&msg=Finish%20Rendering%20Explore%20More%20%7C%20Card%201&llvl=2&id=8692&cv=20230620-21-RELEASE&lt=vis-state-roll-disabled_ctrl&pct=1
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/women/220941/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Jun 2023 03:55:49 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 116421

GET
H2 204 debug
il-trc-events.taboola.com/sanook/log/2/ 0
90 B 234ms
189ms Image
text/plain 185.106.33.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://il-trc-events.taboola.com/sanook/log/2/debug?tim=03%3A55%3A48.979&type=info&msg=%7B%22name%22%3A%22Explore%20More%22%2C%22nb%22%3A%222%22%2C%22eof%22%3A%22%22%2C%22fti%22%3A%22delta-override%3A10642536%3APUBLISHED%22%2C%22vsm%22%3Afalse%7D&llvl=2&id=2656&cv=20230620-21-RELEASE&lt=vis-state-roll-disabled_ctrl&pct=1
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/women/220941/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Jun 2023 03:55:49 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 116421

GET
H2 204 debug
il-trc-events.taboola.com/sanook/log/2/ 0
91 B 238ms
193ms Image
text/plain 185.106.33.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://il-trc-events.taboola.com/sanook/log/2/debug?tim=03%3A55%3A48.981&type=info&msg=Start%20Rendering%20Explore%20More%20%7C%20Card%202&llvl=2&id=6266&cv=20230620-21-RELEASE&lt=vis-state-roll-disabled_ctrl&pct=1
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/women/220941/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Jun 2023 03:55:49 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 117054

GET
H2 204 debug
il-trc-events.taboola.com/sanook/log/2/ 0
91 B 300ms
255ms Image
text/plain 185.106.33.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://il-trc-events.taboola.com/sanook/log/2/debug?tim=03%3A55%3A48.983&type=info&msg=Finish%20Rendering%20Explore%20More%20%7C%20Card%202&llvl=2&id=3243&cv=20230620-21-RELEASE&lt=vis-state-roll-disabled_ctrl&pct=1
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/women/220941/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Jun 2023 03:55:49 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 117054

GET
H2 204 debug
il-trc-events.taboola.com/sanook/log/2/ 0
91 B 301ms
257ms Image
text/plain 185.106.33.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://il-trc-events.taboola.com/sanook/log/2/debug?tim=03%3A55%3A48.985&type=info&msg=Start%20Rendering%20Explore%20More%20%7C%20Card%203&llvl=2&id=618&cv=20230620-21-RELEASE&lt=vis-state-roll-disabled_ctrl&pct=1
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/women/220941/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Jun 2023 03:55:49 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 117054

GET
H2 204 debug
il-trc-events.taboola.com/sanook/log/2/ 0
91 B 302ms
257ms Image
text/plain 185.106.33.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://il-trc-events.taboola.com/sanook/log/2/debug?tim=03%3A55%3A48.988&type=info&msg=Finish%20Rendering%20Explore%20More%20%7C%20Card%203&llvl=2&id=658&cv=20230620-21-RELEASE&lt=vis-state-roll-disabled_ctrl&pct=1
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/women/220941/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Jun 2023 03:55:49 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 117054

GET
H2 204 debug
il-trc-events.taboola.com/sanook/log/2/ 0
91 B 302ms
258ms Image
text/plain 185.106.33.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://il-trc-events.taboola.com/sanook/log/2/debug?tim=03%3A55%3A48.990&type=info&msg=Start%20Rendering%20Explore%20More%20%7C%20Card%204&llvl=2&id=3803&cv=20230620-21-RELEASE&lt=vis-state-roll-disabled_ctrl&pct=1
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/women/220941/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Jun 2023 03:55:49 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 117054

GET
H2 204 debug
il-trc-events.taboola.com/sanook/log/2/ 0
91 B 302ms
258ms Image
text/plain 185.106.33.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://il-trc-events.taboola.com/sanook/log/2/debug?tim=03%3A55%3A48.992&type=info&msg=Finish%20Rendering%20Explore%20More%20%7C%20Card%204&llvl=2&id=927&cv=20230620-21-RELEASE&lt=vis-state-roll-disabled_ctrl&pct=1
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/women/220941/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Jun 2023 03:55:49 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 117054

GET
H2 204 debug
il-trc-events.taboola.com/sanook/log/2/ 0
91 B 299ms
259ms Image
text/plain 185.106.33.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://il-trc-events.taboola.com/sanook/log/2/debug?tim=03%3A55%3A48.994&type=info&msg=Start%20Rendering%20Explore%20More%20%7C%20Card%205&llvl=2&id=1924&cv=20230620-21-RELEASE&lt=vis-state-roll-disabled_ctrl&pct=1
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/women/220941/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Jun 2023 03:55:49 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 117054

GET
H2 204 debug
il-trc-events.taboola.com/sanook/log/2/ 0
91 B 300ms
259ms Image
text/plain 185.106.33.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://il-trc-events.taboola.com/sanook/log/2/debug?tim=03%3A55%3A48.996&type=info&msg=Finish%20Rendering%20Explore%20More%20%7C%20Card%205&llvl=2&id=7123&cv=20230620-21-RELEASE&lt=vis-state-roll-disabled_ctrl&pct=1
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/women/220941/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Jun 2023 03:55:49 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 117054

GET
H2 204 debug
il-trc-events.taboola.com/sanook/log/2/ 0
91 B 300ms
260ms Image
text/plain 185.106.33.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://il-trc-events.taboola.com/sanook/log/2/debug?tim=03%3A55%3A48.998&type=info&msg=Start%20Rendering%20Explore%20More%20%7C%20Card%206&llvl=2&id=429&cv=20230620-21-RELEASE&lt=vis-state-roll-disabled_ctrl&pct=1
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/women/220941/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Jun 2023 03:55:49 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 117054

GET
H2 204 debug
il-trc-events.taboola.com/sanook/log/2/ 0
91 B 301ms
261ms Image
text/plain 185.106.33.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://il-trc-events.taboola.com/sanook/log/2/debug?tim=03%3A55%3A49.000&type=info&msg=Finish%20Rendering%20Explore%20More%20%7C%20Card%206&llvl=2&id=7473&cv=20230620-21-RELEASE&lt=vis-state-roll-disabled_ctrl&pct=1
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/women/220941/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Jun 2023 03:55:49 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 117054

GET
H3 200 gtm.js Show response
www.googletagmanager.com/ Frame E81E 225 KB
73 KB 155ms
152ms Script
application/javascript 142.250.186.104
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-PNXLXRS

Requested by

Host: www.sanook.com
URL: https://www.sanook.com/video/embed/clip/1537512/?playerType=video-js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.104 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

d410ea56a78849fb0fdb4683b9356c0fa89a3ecb392a609e6ce46f2409438298

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Jun 2023 03:55:49 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 74455
x-xss-protection: 0
last-modified: Mon, 26 Jun 2023 03:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 26 Jun 2023 03:55:49 GMT

GET
H/1.1 200
OK a102.js Show response
sal.isanook.com/js/ Frame E81E 23 KB
10 KB 586ms
582ms Script
application/javascript 203.151.133.6
INET-TH-AS Intern...

General

Check archive.org

Show headers Download Go to

Full URL: https://sal.isanook.com/js/a102.js
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/video/embed/clip/1537512/?playerType=video-js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 203.151.133.6 Mueang Samut Prakan, Thailand, ASN4618 (INET-TH-AS Internet Thailand Company Limited, TH),
Reverse DNS: 6.134.151.203.sta.inet.co.th
Software: nginx /
Resource Hash: 65a2c51a124c9c70ba2658a101e28c00535c64651897577b2ed90693e9aeabd4

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 26 Jun 2023 03:55:49 GMT
Content-Encoding: gzip
Last-Modified: Mon, 10 Aug 2020 09:23:14 GMT
Server: nginx
ETag: W/"5f311202-5de3"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=2592000
Connection: keep-alive
Expires: Wed, 26 Jul 2023 03:55:49 GMT

GET
H3 200 fbevents.js Show response
connect.facebook.net/en_US/ Frame E81E 112 KB
28 KB 153ms
150ms Script
application/x-javascript 157.240.0.6
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.sanook.com
URL: https://www.sanook.com/video/embed/clip/1537512/?playerType=video-js

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.0.6 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-02-fra3.fbcdn.net

Software

Resource Hash

21d4a80744b439cb8dd504b6d5f1dd6fd9fe1ddcca9e46ab98d156f51e893c1b

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Mon, 26 Jun 2023 03:55:49 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 28307
x-xss-protection: 0
pragma: public
x-fb-debug: U7gFmf9hGPrXUOuG01ptCRC69c6YaL6SgSP2EDsknNM5ivv3YI2/d7AihRSps4E8pY7Jr0Gi1s3n/rWxNcxkHA==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ 0
57 B 150ms
147ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=ow-client&correlator=778
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/women/220941/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.sanook.com/
accept-language: ka-GE,ka;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.sanook.com
date: Mon, 26 Jun 2023 03:55:49 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

POST
H2 200 bid-request Show response
a.teads.tv/hb/ 16 B
498 B 268ms
173ms XHR
application/json 95.101.149.35
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://a.teads.tv/hb/bid-request
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/women/220941/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 95.101.149.35 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a95-101-149-35.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c

Request headers

Referer: https://www.sanook.com/
accept-language: ka-GE,ka;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 26 Jun 2023 03:55:49 GMT
content-encoding: gzip
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://www.sanook.com
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 42
expires: Mon, 26 Jun 2023 03:55:49 GMT

GET
H2 204 social
il-trc-events.taboola.com/sanook/log/3/ 0
363 B 341ms
301ms Image
text/plain 185.106.33.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://il-trc-events.taboola.com/sanook/log/3/social?route=AM:IL:V&lti=vis-state-roll-disabled_ctrl&ri=4dd4b99099da62d611300bc87077e256&sd=v2_fb092fe7b8473f4cde85d6b6e0c11bfd_330b5701-58b6-480a-9089-cdb23d1bc4ff-tuctb9291c3_1687751747_1687751747_CNawjgYQgeA9GPPQ366PMSABKAEwTzj74glAho4QSLLZ2ANQ____________AVgAYABosa_ptcr9986tAXAB&ui=330b5701-58b6-480a-9089-cdb23d1bc4ff-tuctb9291c3&pi=/women/220941&wi=-3636414332327407013&pt=text&vi=1687751747699&st=social-available&d=%7B%22data%22%3A%5B%7B%22i%22%3A%22ctx%22%2C%22ism%22%3Afalse%2C%22srx%22%3A1600%2C%22sry%22%3A1200%2C%22pd%22%3Anull%2C%22tpl%22%3A%22%22%2C%22url%22%3A%22https%3A%2F%2Fwww.sanook.com%2Fwomen%2F220941%22%2C%22rref%22%3A%22%22%2C%22sref%22%3A%22_sessionPending_%22%2C%22hdl%22%3A%22%E2%80%9C%E0%B8%89%E0%B8%B2%E0%B8%81%E0%B8%81%E0%B8%B1%E0%B9%89%E0%B8%99%E0%B9%82%E0%B8%84%E0%B8%A7%E0%B8%B4%E0%B8%94-19%E2%80%9D%20%E0%B8%AD%E0%B8%A2%E0%B8%B2%E0%B8%81%E0%B9%84%E0%B8%94%E0%B9%89%20%E0%B8%97%E0%B8%B3%E0%B9%80%E0%B8%AD%E0%B8%87%20%E0%B8%AB%E0%B8%A3%E0%B8%B7%E0%B8%AD%E0%B8%97%E0%B8%B5%E0%B9%88%E0%B9%84%E0%B8%AB%E0%B8%99%E0%B8%A1%E0%B8%B5%E0%B8%82%E0%B8%B2%E0%B8%A2%E0%B8%9A%E0%B9%89%E0%B8%B2%E0%B8%87%22%2C%22sec%22%3A%22Baby%27s%20Food%2CBeauty%2CBeauty%2CBeverage%2CBobbi%20Brown%2CBusiness%20Owners%2CChanel%2CClinique%2CCoffee%2CCooking%2CDessert%2CDining%2CEstee%20Lauder%2CFamily%2CFashion%2CFashion%20Trends%2CFitness%2CFood%2CHair%2CHealth%2CJewelry%2CLancome%2CLaneige%2CLoreal%2CMake%20up%2CNew%20Mom%2COOTD%2CParenting%2CPregnant%2CRecipe%2CRecipe%2CRestaurant%2CSKII%2CShiseido%2CSingle%20Mom%2CSkin%20Care%2CSurgery%2CWomen%22%2C%22aut%22%3A%5B%22S!%20Women%20(Rewrite)%22%5D%2C%22img%22%3A%22https%3A%2F%2Fs.isanook.com%2Fwo%2F0%2Fud%2F44%2F220941%2F220941-thumbnail.jpg%22%2C%22v%22%3A15%2C%22pw%22%3Afalse%7D%5D%7D&tim=03%3A55%3A49.055&id=6867&llvl=2&cv=20230620-21-RELEASE&
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/women/220941/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Mon, 26 Jun 2023 03:55:49 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H2 204 debug
il-trc-events.taboola.com/sanook/log/2/ 0
91 B 302ms
262ms Image
text/plain 185.106.33.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://il-trc-events.taboola.com/sanook/log/2/debug?tim=03%3A55%3A49.065&type=info&msg=Finish%20Rendering%20Below%20Article%20Thumbnails%20%7C%20Card%201&llvl=2&id=6612&cv=20230620-21-RELEASE&lt=vis-state-roll-disabled_ctrl&pct=1
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/women/220941/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Jun 2023 03:55:49 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 117054

GET
H2 204 debug
il-trc-events.taboola.com/sanook/log/2/ 0
91 B 302ms
262ms Image
text/plain 185.106.33.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://il-trc-events.taboola.com/sanook/log/2/debug?tim=03%3A55%3A49.066&type=info&msg=Finish%20Rendering%20Below%20Article%20Thumbnails%20%7C%20Card%202&llvl=2&id=4444&cv=20230620-21-RELEASE&lt=vis-state-roll-disabled_ctrl&pct=1
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/women/220941/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Jun 2023 03:55:49 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 117054

GET
H2 204 debug
il-trc-events.taboola.com/sanook/log/2/ 0
91 B 303ms
263ms Image
text/plain 185.106.33.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://il-trc-events.taboola.com/sanook/log/2/debug?tim=03%3A55%3A49.067&type=info&msg=Finish%20Rendering%20Below%20Article%20Thumbnails%20%7C%20Card%203&llvl=2&id=9395&cv=20230620-21-RELEASE&lt=vis-state-roll-disabled_ctrl&pct=1
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/women/220941/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Jun 2023 03:55:49 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 117054

GET
H2 204 debug
il-trc-events.taboola.com/sanook/log/2/ 0
91 B 338ms
298ms Image
text/plain 185.106.33.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://il-trc-events.taboola.com/sanook/log/2/debug?tim=03%3A55%3A49.068&type=info&msg=Finish%20Rendering%20Below%20Article%20Thumbnails%20%7C%20Card%204&llvl=2&id=6671&cv=20230620-21-RELEASE&lt=vis-state-roll-disabled_ctrl&pct=1
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/women/220941/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Jun 2023 03:55:49 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 117054

GET
H2 204 debug
il-trc-events.taboola.com/sanook/log/2/ 0
91 B 339ms
299ms Image
text/plain 185.106.33.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://il-trc-events.taboola.com/sanook/log/2/debug?tim=03%3A55%3A49.072&type=info&msg=Finish%20Rendering%20Below%20Article%20Thumbnails%20%7C%20Card%205&llvl=2&id=9176&cv=20230620-21-RELEASE&lt=vis-state-roll-disabled_ctrl&pct=1
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/women/220941/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Jun 2023 03:55:49 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 117054

GET
H2 204 debug
il-trc-events.taboola.com/sanook/log/2/ 0
91 B 339ms
299ms Image
text/plain 185.106.33.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://il-trc-events.taboola.com/sanook/log/2/debug?tim=03%3A55%3A49.073&type=info&msg=Finish%20Rendering%20Below%20Article%20Thumbnails%20%7C%20Card%206&llvl=2&id=4532&cv=20230620-21-RELEASE&lt=vis-state-roll-disabled_ctrl&pct=1
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/women/220941/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Jun 2023 03:55:49 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 117054

GET
H2 204 abtests
il-trc-events.taboola.com/sanook/log/3/ 0
363 B 341ms
302ms Image
text/plain 185.106.33.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://il-trc-events.taboola.com/sanook/log/3/abtests?route=AM:IL:V&lti=vis-state-roll-disabled_ctrl&ri=4dd4b99099da62d611300bc87077e256&sd=v2_fb092fe7b8473f4cde85d6b6e0c11bfd_330b5701-58b6-480a-9089-cdb23d1bc4ff-tuctb9291c3_1687751747_1687751747_CNawjgYQgeA9GPPQ366PMSABKAEwTzj74glAho4QSLLZ2ANQ____________AVgAYABosa_ptcr9986tAXAB&ui=330b5701-58b6-480a-9089-cdb23d1bc4ff-tuctb9291c3&pi=/women/220941&wi=-3636414332327407013&pt=text&vi=1687751747699&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22recommendation-reel%22%2C%22type%22%3A%22available%22%2C%22eventTime%22%3A1687751749078%7D&tim=03%3A55%3A49.078&id=5920&llvl=2&cv=20230620-21-RELEASE&
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/women/220941/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Mon, 26 Jun 2023 03:55:49 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H2 204 debug
il-trc-events.taboola.com/sanook/log/2/ 0
91 B 339ms
300ms Image
text/plain 185.106.33.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://il-trc-events.taboola.com/sanook/log/2/debug?tim=03%3A55%3A49.102&type=info&msg=Finish%20Rendering%20Explore%20More%20%7C%20Card%202&llvl=2&id=9561&cv=20230620-21-RELEASE&lt=vis-state-roll-disabled_ctrl&pct=1
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/women/220941/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Jun 2023 03:55:49 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 117054

GET
H2 204 debug
il-trc-events.taboola.com/sanook/log/2/ 0
91 B 339ms
300ms Image
text/plain 185.106.33.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://il-trc-events.taboola.com/sanook/log/2/debug?tim=03%3A55%3A49.103&type=info&msg=Finish%20Rendering%20Explore%20More%20%7C%20Card%203&llvl=2&id=5359&cv=20230620-21-RELEASE&lt=vis-state-roll-disabled_ctrl&pct=1
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/women/220941/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Jun 2023 03:55:49 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 117054

GET
H2 204 debug
il-trc-events.taboola.com/sanook/log/2/ 0
91 B 341ms
302ms Image
text/plain 185.106.33.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://il-trc-events.taboola.com/sanook/log/2/debug?tim=03%3A55%3A49.104&type=info&msg=Finish%20Rendering%20Explore%20More%20%7C%20Card%204&llvl=2&id=6478&cv=20230620-21-RELEASE&lt=vis-state-roll-disabled_ctrl&pct=1
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/women/220941/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Jun 2023 03:55:49 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 117054

GET
H2 204 debug
il-trc-events.taboola.com/sanook/log/2/ 0
91 B 341ms
302ms Image
text/plain 185.106.33.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://il-trc-events.taboola.com/sanook/log/2/debug?tim=03%3A55%3A49.105&type=info&msg=Finish%20Rendering%20Explore%20More%20%7C%20Card%205&llvl=2&id=5962&cv=20230620-21-RELEASE&lt=vis-state-roll-disabled_ctrl&pct=1
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/women/220941/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Jun 2023 03:55:49 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 117054

GET
H2 204 debug
il-trc-events.taboola.com/sanook/log/2/ 0
91 B 342ms
303ms Image
text/plain 185.106.33.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://il-trc-events.taboola.com/sanook/log/2/debug?tim=03%3A55%3A49.106&type=info&msg=Finish%20Rendering%20Explore%20More%20%7C%20Card%206&llvl=2&id=4512&cv=20230620-21-RELEASE&lt=vis-state-roll-disabled_ctrl&pct=1
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/women/220941/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Jun 2023 03:55:49 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 117054

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame 30DF 16 KB
6 KB 133ms
133ms Document
text/html 23.32.184.192
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=155976
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.32.184.192 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-32-184-192.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48

Request headers

Referer: https://www.sanook.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: ka-GE,ka;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=43389
content-encoding: gzip
content-length: 5554
content-type: text/html
date: Mon, 26 Jun 2023 03:55:49 GMT
expires: Mon, 26 Jun 2023 15:58:58 GMT
last-modified: Fri, 16 Dec 2022 06:36:49 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: Apache
vary: Accept-Encoding

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame FE74 16 KB
6 KB 135ms
134ms Document
text/html 23.32.184.192
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=155976
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.32.184.192 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-32-184-192.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48

Request headers

Referer: https://www.sanook.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: ka-GE,ka;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=43389
content-encoding: gzip
content-length: 5554
content-type: text/html
date: Mon, 26 Jun 2023 03:55:49 GMT
expires: Mon, 26 Jun 2023 15:58:58 GMT
last-modified: Fri, 16 Dec 2022 06:36:49 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: Apache
vary: Accept-Encoding

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame AFF2 16 KB
6 KB 140ms
140ms Document
text/html 23.32.184.192
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=155976
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.32.184.192 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-32-184-192.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48

Request headers

Referer: https://www.sanook.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: ka-GE,ka;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=43389
content-encoding: gzip
content-length: 5554
content-type: text/html
date: Mon, 26 Jun 2023 03:55:49 GMT
expires: Mon, 26 Jun 2023 15:58:58 GMT
last-modified: Fri, 16 Dec 2022 06:36:49 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: Apache
vary: Accept-Encoding

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame A8CE 16 KB
6 KB 138ms
137ms Document
text/html 23.32.184.192
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=155976
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.32.184.192 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-32-184-192.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48

Request headers

Referer: https://www.sanook.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: ka-GE,ka;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=43389
content-encoding: gzip
content-length: 5554
content-type: text/html
date: Mon, 26 Jun 2023 03:55:49 GMT
expires: Mon, 26 Jun 2023 15:58:58 GMT
last-modified: Fri, 16 Dec 2022 06:36:49 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: Apache
vary: Accept-Encoding

GET
H2 200 AGSKWxX6Gt4DB2L_Wxr0m3TnKPv-GlV9TO7LXmvEmoAeDe2DFOMQwk9c2uR8inxWr5H735kUn68QRXf4f_BSoSc9-Y8= Show response
fundingchoicesmessages.google.com/f/ 4 KB
3 KB 167ms
160ms Script
application/javascript 142.250.184.238
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxX6Gt4DB2L_Wxr0m3TnKPv-GlV9TO7LXmvEmoAeDe2DFOMQwk9c2uR8inxWr5H735kUn68QRXf4f_BSoSc9-Y8=?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNjg3NzUxNzQ5LDIwNzAwMDAwMF0sIjRFRDc1NTRGLTg0RUItNEMxQy04NDlCLTUwRkNDMDNFQzY3OSIsbnVsbCxudWxsLFtudWxsLFs3XV0sImh0dHBzOi8vd3d3LnNhbm9vay5jb20vd29tZW4vMjIwOTQxLyIsbnVsbCxbWzgsIlY5cno4bmQ3ZkY0Il0sWzksImVuLVVTIl0sWzE2LCJbMSwxLDFdIl0sWzE5LCIyIl1dXQ

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.V9rz8nd7fF4.es5.O/d=1/rs=AJlcJMzk3z5fCle2HxR77n6U55O4T5vsmg/m=kernel_loader,loader_js_executable

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.238 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f14.1e100.net

Software

ESF /

Resource Hash

a4ef303cc964ef4a0b1eb5ebc4e20459186cdd1f3f900e0f3d268a9c228ebad9

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-8vcFE8AItVqMUtSCZP636Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Jun 2023 03:55:49 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-8vcFE8AItVqMUtSCZP636Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
457 B 445ms
140ms Script
application/javascript 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.sanook.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306200101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Jun 2023 03:55:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 esp.js Show response
oa.openxcdn.net/ 24 KB
8 KB 429ms
134ms Script
application/javascript 34.102.146.192
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://oa.openxcdn.net/esp.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306200101/pubads_impl.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.102.146.192 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 192.146.102.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 18 Jun 2023 04:47:06 GMT
content-encoding: gzip
age: 688123
x-guploader-uploadid: ADPycdvJ9f2JAcW_u33Wuncj8S73-G6Q6wRUusXGmU1oTYHkwdtBIiLp1LRa7LAdcbtsWxYQGd2x5956XBCXTVQq42M4_Q
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7927
last-modified: Thu, 27 May 2021 18:30:51 GMT
server: UploadServer
etag: "df5542b88bc0e368c6999754a5b9e2ba"
x-goog-generation: 1622140251693895
x-goog-hash: crc32c=f21hYg==, md5=31VCuIvA42jGmZdUpbniug==
content-type: application/javascript
cache-control: no-transform
x-goog-stored-content-length: 7927
accept-ranges: bytes
expires: Mon, 17 Jun 2024 04:47:06 GMT

GET
H2 200 publishertag.ids.js Show response
static.criteo.net/js/ld/ 42 KB
13 KB 160ms
156ms Script
text/javascript 178.250.1.3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.ids.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306200101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

839c424b188a9bdafd46e5b643a2c5afb4b7df5e51f0321ffafd5f23b118e259

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Jun 2023 03:55:49 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 31 May 2023 13:09:50 GMT
server: nginx
etag: W/"6477471e-a980"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Tue, 27 Jun 2023 03:55:49 GMT

GET
H2 200 sync.min.js Show response
tags.crwdcntrl.net/lt/c/16589/ 38 KB
12 KB 475ms
158ms Script
text/javascript 108.138.36.27
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306200101/pubads_impl.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.36.27 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-36-27.muc50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c0c2ec1f2d626ab278d81abe34d30681f0007e8c79a890165f27e3e1550e99b7

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 25 Jun 2023 05:20:10 GMT
content-encoding: gzip
via: 1.1 902186b72e1ae6ba0d22c4a6abfcf004.cloudfront.net (CloudFront)
last-modified: Wed, 31 May 2023 20:34:33 GMT
server: AmazonS3
x-amz-cf-pop: MUC50-P2
age: 81340
x-amz-server-side-encryption: AES256
etag: W/"550ead3a95bd6cfcd917d45c5f8f4553"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: public, max-age=86400
x-amz-cf-id: bS0-XFMqCDxRJrkps-oJxUxrZbpUMgHM8Po7bBNFbdOy76gfL9PYKQ==

GET
H/1.1 200
OK uid2SecureSignal.js Show response
cdn.prod.uidapi.com/ 2 KB
2 KB 455ms
140ms Script
text/javascript 18.66.190.226
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.prod.uidapi.com/uid2SecureSignal.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306200101/pubads_impl.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.190.226 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-190-226.muc50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a695b8b12c7d88355d0b1b33d6c643a7913bcfbeae91553bd7560019188b1032

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: null
Date: Sun, 25 Jun 2023 05:58:55 GMT
Via: 1.1 aedc37d054398c84a361f8542a82efea.cloudfront.net (CloudFront)
Last-Modified: Thu, 04 May 2023 00:14:06 GMT
Server: AmazonS3
X-Amz-Cf-Pop: MUC50-P1
Age: 79015
x-amz-server-side-encryption: AES256
ETag: "4d5acbf33f4a0592ac0515db92fe88e6"
X-Cache: Hit from cloudfront
Content-Type: text/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1858
X-Amz-Cf-Id: 16zKc2aVvNc5cXMHINY0c5xLiTACuhOHcabNvnYUaFqJ1UPVOtsOcg==

GET
H2 200 pubcid.min.js Show response
cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/ 732 B
899 B 413ms
137ms Script
application/javascript 151.101.129.229
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/pubcid.min.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306200101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.129.229 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 26 Jun 2023 03:55:49 GMT
x-content-type-options: nosniff
content-encoding: br
age: 16564
x-jsd-version: master
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 439
x-served-by: cache-fra-eddf8230042-FRA, cache-sof1510028-SOF
x-jsd-version-type: branch
etag: W/"2dc-IrZxm/sP4aqtIfs1EfEw6Dg5q1Y"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 esp.js Show response
cdn.id5-sync.com/api/1.0/ 102 KB
25 KB 247ms
83ms Script
text/javascript 104.22.53.86
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.id5-sync.com/api/1.0/esp.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306200101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.22.53.86 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4924e12a30059184d9bd1c36294dcdf957f5f2da452209448b35a93aa785cca5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Jun 2023 03:55:49 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 22 Jun 2023 08:35:03 GMT
server: cloudflare
x-amz-request-id: F4YJZYC7J5Y19ZS1
age: 3495
etag: W/"9b8b8eb50e4814cbdc325ce477c96910"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: text/javascript;charset=utf-8
cache-control: public, max-age=3600
cf-ray: 7dd284543d9d2dcf-TBS
x-amz-id-2: fDHMmQ29l+JGp6Nt7AIqLl7GDQ/JQHGgpkI8Fj+r5qPVBAlGHynGa4qcaKC+u9tGvyk8emXpg4M=

GET
H2 200 encrypted-tag-g.js Show response
invstatic101.creativecdn.com/encrypted-signals/ 2 KB
2 KB 430ms
140ms Script
text/javascript 34.96.70.87
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://invstatic101.creativecdn.com/encrypted-signals/encrypted-tag-g.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306200101/pubads_impl.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.70.87 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 87.70.96.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 3b89401fea631023de67ae75bf8f246b1af109a9a4247c3862016949eacc462b

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Jun 2023 03:18:18 GMT
via: 1.1 google
age: 2251
x-guploader-uploadid: ADPycdtMkrbj0n-FX9IF5gEOMOKgqfQVFEToZ9z-h1cPOXPh9LgdcmmjeaRQEVvrKt6wDTwVwROnOU2eadITnMiS68gMq_YjuOQE
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1938
last-modified: Thu, 27 Apr 2023 19:53:17 GMT
server: UploadServer
etag: "0a4a90264145ed4c5c647dae5dfb0429"
x-goog-generation: 1682625197861193
x-goog-hash: crc32c=jhvysQ==, md5=CkqQJkFF7UxcZH2uXfsEKQ==
content-type: text/javascript
cache-control: public, max-age=3600
x-goog-stored-content-length: 1938
accept-ranges: bytes
expires: Mon, 26 Jun 2023 04:18:18 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 55 KB
19 KB 365ms
363ms XHR
text/plain 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3658644031018088&correlator=1693742070769464&eid=31075029&output=ldjh&gdfp_req=1&vrg=202306200101&ptt=17&impl=fif&us_privacy=1---&iu_parts=4899711%2Cwomen.sanook%2Cdesktop%2Chome%2Creadpage%2Cinviewadrequest&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4%2F5&prev_iu_szs=640x480%7C640x360&ifi=1&adks=2732521762&didk=2149787503&sfv=1-0-40&prev_scp=category%3Dauthor-profile-display%2Chome%2Cs-women-partner%26subcategory%3Dhometips%26tags%3Dcovid-19%2C%25E0%25B9%2582%25E0%25B8%2584%25E0%25B8%25A7%25E0%25B8%25B4%25E0%25B8%2594-19%2C%25E0%25B8%2589%25E0%25B8%25B2%25E0%25B8%2581%25E0%25B8%2581%25E0%25B8%25B1%25E0%25B9%2589%25E0%25B8%2599%25E0%25B9%2582%25E0%25B8%2584%25E0%25B8%25A7%25E0%25B8%25B4%25E0%25B8%2594-19%2C%25E0%25B8%2589%25E0%25B8%25B2%25E0%25B8%2581%25E0%25B8%2581%25E0%25B8%25B1%25E0%25B9%2589%25E0%25B8%2599%25E0%25B8%259E%25E0%25B8%25A5%25E0%25B8%25B2%25E0%25B8%25AA%25E0%25B8%2595%25E0%25B8%25B4%25E0%25B8%2581%2C%25E0%25B8%2589%25E0%25B8%25B2%25E0%25B8%2581%25E0%25B8%2581%25E0%25B8%25B1%25E0%25B9%2589%25E0%25B8%2599%2520pvc%2C%25E0%25B9%2580%25E0%25B8%2584%25E0%25B8%25A5%25E0%25B9%2587%25E0%25B8%2594%25E0%25B8%25A5%25E0%25B8%25B1%25E0%25B8%259A%25E0%25B9%2580%25E0%25B8%25A3%25E0%25B8%25B7%25E0%25B9%2588%25E0%25B8%25AD%25E0%25B8%2587%25E0%25B8%259A%25E0%25B9%2589%25E0%25B8%25B2%25E0%25B8%2599%2C%25E0%25B9%2581%25E0%25B8%2595%25E0%25B9%2588%25E0%25B8%2587%25E0%25B8%259A%25E0%25B9%2589%25E0%25B8%25B2%25E0%25B8%2599%26partner%3Ds-women-partner%26entry_id%3D220941&eri=1&ppid=38f260ef3018eb99222b52c79979d196&sc=1&cookie_enabled=1&abxe=1&dt=1687751749252&lmt=1687751749&dlt=1687751744839&idt=3471&adxs=1200&adys=1303&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=1&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fwww.sanook.com%2Fwomen%2F220941%2F&frm=20&vis=1&psz=400x-1&msz=400x-1&fws=512&ohw=0&ga_vid=829687064.1687751747&ga_sid=1687751749&ga_hid=1524032784&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQY9Nzfro8xSABSAghkEhkKCnB1YmNpZC5vcmcY9dzfro8xSABSAghkEh0KDmVzcC5jcml0ZW8uY29tGPTc366PMUgAUgIIZBIUCgVvcGVueBj03N-ujzFIAFICCGQSGQoKdWlkYXBpLmNvbRj03N-ujzFIAFICCGQSFwoIcnRiaG91c2UY9dzfro8xSABSAghkEhsKDGlkNS1zeW5jLmNvbRj13N-ujzFIAFICCGQ.

Requested by

Host: www.sanook.com
URL: https://www.sanook.com/women/220941/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

2dbd4806a2dc04f8a94c943500f6c83e624b0d282fa2541b6e88198e196a5d29

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Jun 2023 03:55:49 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19071
x-xss-protection: 0
google-lineitem-id: 4741987593
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138239031270
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.sanook.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 83 KB
38 KB 592ms
591ms XHR
text/plain 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3658644031018088&correlator=3102567687032761&eid=31075029&output=ldjh&gdfp_req=1&vrg=202306200101&ptt=17&impl=fif&us_privacy=1---&iu_parts=4899711%2Cwomen.sanook%2Cdesktop%2Chome%2Creadpage%2Cinviewarticle&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4%2F5&prev_iu_szs=640x480%7C300x250%7C640x360%7C336x280%7C320x480&ifi=2&adks=2428001358&didk=1005935157&sfv=1-0-40&prev_scp=category%3Dauthor-profile-display%2Chome%2Cs-women-partner%26subcategory%3Dhometips%26tags%3Dcovid-19%2C%25E0%25B9%2582%25E0%25B8%2584%25E0%25B8%25A7%25E0%25B8%25B4%25E0%25B8%2594-19%2C%25E0%25B8%2589%25E0%25B8%25B2%25E0%25B8%2581%25E0%25B8%2581%25E0%25B8%25B1%25E0%25B9%2589%25E0%25B8%2599%25E0%25B9%2582%25E0%25B8%2584%25E0%25B8%25A7%25E0%25B8%25B4%25E0%25B8%2594-19%2C%25E0%25B8%2589%25E0%25B8%25B2%25E0%25B8%2581%25E0%25B8%2581%25E0%25B8%25B1%25E0%25B9%2589%25E0%25B8%2599%25E0%25B8%259E%25E0%25B8%25A5%25E0%25B8%25B2%25E0%25B8%25AA%25E0%25B8%2595%25E0%25B8%25B4%25E0%25B8%2581%2C%25E0%25B8%2589%25E0%25B8%25B2%25E0%25B8%2581%25E0%25B8%2581%25E0%25B8%25B1%25E0%25B9%2589%25E0%25B8%2599%2520pvc%2C%25E0%25B9%2580%25E0%25B8%2584%25E0%25B8%25A5%25E0%25B9%2587%25E0%25B8%2594%25E0%25B8%25A5%25E0%25B8%25B1%25E0%25B8%259A%25E0%25B9%2580%25E0%25B8%25A3%25E0%25B8%25B7%25E0%25B9%2588%25E0%25B8%25AD%25E0%25B8%2587%25E0%25B8%259A%25E0%25B9%2589%25E0%25B8%25B2%25E0%25B8%2599%2C%25E0%25B9%2581%25E0%25B8%2595%25E0%25B9%2588%25E0%25B8%2587%25E0%25B8%259A%25E0%25B9%2589%25E0%25B8%25B2%25E0%25B8%2599%26partner%3Ds-women-partner%26entry_id%3D220941&eri=1&ppid=38f260ef3018eb99222b52c79979d196&sc=1&cookie_enabled=1&abxe=1&dt=1687751749270&lmt=1687751749&dlt=1687751744839&idt=3471&adxs=279&adys=4280&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=2&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fwww.sanook.com%2Fwomen%2F220941%2F&frm=20&vis=1&psz=728x0&msz=728x0&fws=0&ohw=0&ga_vid=829687064.1687751747&ga_sid=1687751749&ga_hid=1524032784&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQY9Nzfro8xSABSAghkEhkKCnB1YmNpZC5vcmcY9dzfro8xSABSAghkEh0KDmVzcC5jcml0ZW8uY29tGPTc366PMUgAUgIIZBIUCgVvcGVueBj03N-ujzFIAFICCGQSGQoKdWlkYXBpLmNvbRj03N-ujzFIAFICCGQSFwoIcnRiaG91c2UY9dzfro8xSABSAghkEhsKDGlkNS1zeW5jLmNvbRj13N-ujzFIAFICCGQ.

Requested by

Host: www.sanook.com
URL: https://www.sanook.com/women/220941/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

7f141ae986e6e70d209c50ad1b22c139cee151a28408ef3d25bb850b8b2eb4f3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Jun 2023 03:55:49 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 38494
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.sanook.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 27 KB
12 KB 180ms
179ms XHR
text/plain 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3658644031018088&correlator=216773171163242&eid=31075029&output=ldjh&gdfp_req=1&vrg=202306200101&ptt=17&impl=fif&us_privacy=1---&iu_parts=4899711%2Cwomen.sanook%2Cdesktop%2Chome%2Creadpage%2Cuniversalb&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4%2F5&prev_iu_szs=1x1&ifi=3&adks=1396602897&didk=2096832714&sfv=1-0-40&prev_scp=category%3Dauthor-profile-display%2Chome%2Cs-women-partner%26subcategory%3Dhometips%26tags%3Dcovid-19%2C%25E0%25B9%2582%25E0%25B8%2584%25E0%25B8%25A7%25E0%25B8%25B4%25E0%25B8%2594-19%2C%25E0%25B8%2589%25E0%25B8%25B2%25E0%25B8%2581%25E0%25B8%2581%25E0%25B8%25B1%25E0%25B9%2589%25E0%25B8%2599%25E0%25B9%2582%25E0%25B8%2584%25E0%25B8%25A7%25E0%25B8%25B4%25E0%25B8%2594-19%2C%25E0%25B8%2589%25E0%25B8%25B2%25E0%25B8%2581%25E0%25B8%2581%25E0%25B8%25B1%25E0%25B9%2589%25E0%25B8%2599%25E0%25B8%259E%25E0%25B8%25A5%25E0%25B8%25B2%25E0%25B8%25AA%25E0%25B8%2595%25E0%25B8%25B4%25E0%25B8%2581%2C%25E0%25B8%2589%25E0%25B8%25B2%25E0%25B8%2581%25E0%25B8%2581%25E0%25B8%25B1%25E0%25B9%2589%25E0%25B8%2599%2520pvc%2C%25E0%25B9%2580%25E0%25B8%2584%25E0%25B8%25A5%25E0%25B9%2587%25E0%25B8%2594%25E0%25B8%25A5%25E0%25B8%25B1%25E0%25B8%259A%25E0%25B9%2580%25E0%25B8%25A3%25E0%25B8%25B7%25E0%25B9%2588%25E0%25B8%25AD%25E0%25B8%2587%25E0%25B8%259A%25E0%25B9%2589%25E0%25B8%25B2%25E0%25B8%2599%2C%25E0%25B9%2581%25E0%25B8%2595%25E0%25B9%2588%25E0%25B8%2587%25E0%25B8%259A%25E0%25B9%2589%25E0%25B8%25B2%25E0%25B8%2599%26partner%3Ds-women-partner%26entry_id%3D220941&eri=1&ppid=38f260ef3018eb99222b52c79979d196&sc=1&cookie_enabled=1&abxe=1&dt=1687751749278&lmt=1687751749&dlt=1687751744839&idt=3471&adxs=-12245933&adys=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fwww.sanook.com%2Fwomen%2F220941%2F&frm=20&vis=1&psz=0x0&msz=0x0&fws=128&ohw=0&ga_vid=829687064.1687751747&ga_sid=1687751749&ga_hid=1524032784&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQY9Nzfro8xSABSAghkEhkKCnB1YmNpZC5vcmcY9dzfro8xSABSAghkEh0KDmVzcC5jcml0ZW8uY29tGPTc366PMUgAUgIIZBIUCgVvcGVueBj03N-ujzFIAFICCGQSGQoKdWlkYXBpLmNvbRj03N-ujzFIAFICCGQSFwoIcnRiaG91c2UY9dzfro8xSABSAghkEhsKDGlkNS1zeW5jLmNvbRj13N-ujzFIAFICCGQ.

Requested by

Host: www.sanook.com
URL: https://www.sanook.com/women/220941/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

3a5685c0215d2136463685835e8fd57440f63cd287632ff31b5679f4faf8aa8e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Jun 2023 03:55:49 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11670
x-xss-protection: 0
google-lineitem-id: 5582840632
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138373742424
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.sanook.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 38 KB
15 KB 381ms
380ms XHR
text/plain 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3658644031018088&correlator=3755140718095423&eid=31075029&output=ldjh&gdfp_req=1&vrg=202306200101&ptt=17&impl=fif&us_privacy=1---&iu_parts=4899711%2Cwomen.sanook%2Cdesktop%2Chome%2Creadpage%2Cbillboard&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4%2F5&prev_iu_szs=1x1%7C1150x90%7C1090x250%7C728x90&ifi=4&adks=2779983359&didk=498303882&sfv=1-0-40&prev_scp=category%3Dauthor-profile-display%2Chome%2Cs-women-partner%26subcategory%3Dhometips%26tags%3Dcovid-19%2C%25E0%25B9%2582%25E0%25B8%2584%25E0%25B8%25A7%25E0%25B8%25B4%25E0%25B8%2594-19%2C%25E0%25B8%2589%25E0%25B8%25B2%25E0%25B8%2581%25E0%25B8%2581%25E0%25B8%25B1%25E0%25B9%2589%25E0%25B8%2599%25E0%25B9%2582%25E0%25B8%2584%25E0%25B8%25A7%25E0%25B8%25B4%25E0%25B8%2594-19%2C%25E0%25B8%2589%25E0%25B8%25B2%25E0%25B8%2581%25E0%25B8%2581%25E0%25B8%25B1%25E0%25B9%2589%25E0%25B8%2599%25E0%25B8%259E%25E0%25B8%25A5%25E0%25B8%25B2%25E0%25B8%25AA%25E0%25B8%2595%25E0%25B8%25B4%25E0%25B8%2581%2C%25E0%25B8%2589%25E0%25B8%25B2%25E0%25B8%2581%25E0%25B8%2581%25E0%25B8%25B1%25E0%25B9%2589%25E0%25B8%2599%2520pvc%2C%25E0%25B9%2580%25E0%25B8%2584%25E0%25B8%25A5%25E0%25B9%2587%25E0%25B8%2594%25E0%25B8%25A5%25E0%25B8%25B1%25E0%25B8%259A%25E0%25B9%2580%25E0%25B8%25A3%25E0%25B8%25B7%25E0%25B9%2588%25E0%25B8%25AD%25E0%25B8%2587%25E0%25B8%259A%25E0%25B9%2589%25E0%25B8%25B2%25E0%25B8%2599%2C%25E0%25B9%2581%25E0%25B8%2595%25E0%25B9%2588%25E0%25B8%2587%25E0%25B8%259A%25E0%25B9%2589%25E0%25B8%25B2%25E0%25B8%2599%26partner%3Ds-women-partner%26entry_id%3D220941&eri=1&ppid=38f260ef3018eb99222b52c79979d196&sc=1&cookie_enabled=1&abxe=1&dt=1687751749283&lmt=1687751749&dlt=1687751744839&idt=3471&adxs=225&adys=-90&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fwww.sanook.com%2Fwomen%2F220941%2F&frm=20&vis=1&psz=1150x-1&msz=1150x-1&fws=4&ohw=1150&ga_vid=829687064.1687751747&ga_sid=1687751749&ga_hid=1524032784&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQY9Nzfro8xSABSAghkEhkKCnB1YmNpZC5vcmcY9dzfro8xSABSAghkEh0KDmVzcC5jcml0ZW8uY29tGPTc366PMUgAUgIIZBIUCgVvcGVueBj03N-ujzFIAFICCGQSGQoKdWlkYXBpLmNvbRj03N-ujzFIAFICCGQSFwoIcnRiaG91c2UY9dzfro8xSABSAghkEhsKDGlkNS1zeW5jLmNvbRj13N-ujzFIAFICCGQ.

Requested by

Host: www.sanook.com
URL: https://www.sanook.com/women/220941/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

31e228db7d5dd8261d986df0391178bc231b7a0a501476f121015c68acaec1e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Jun 2023 03:55:49 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15601
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.sanook.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
d0d8b8e6b737a493004210cba1ad57b8.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 332D 6 KB
3 KB 476ms
139ms Document
text/html 142.250.186.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://d0d8b8e6b737a493004210cba1ad57b8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306200101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f1.1e100.net

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.sanook.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: ka-GE,ka;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 26 Jun 2023 03:55:49 GMT
expires: Tue, 25 Jun 2024 03:55:49 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 pwt.js Show response
ads.pubmatic.com/AdServer/js/pwt/155976/781/ Frame E81E 2 MB
238 KB 141ms
140ms Script
application/javascript 23.32.184.192
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js
Requested by: Host: s.isanook.com
URL: https://s.isanook.com/sh/0/js/pubmatic_desktop.1.0.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.32.184.192 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-32-184-192.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 90dc8ea5f4689b21cfb8a0a192e3e017aa6d81ba6eaa93d00b17db3efcbd4121

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Jun 2023 03:55:49 GMT
content-encoding: gzip
last-modified: Tue, 30 May 2023 09:15:23 GMT
server: Apache
vary: Accept-Encoding
content-type: application/javascript
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: max-age=42874
accept-ranges: bytes
content-length: 243421
expires: Mon, 26 Jun 2023 15:50:23 GMT

GET
H2 204 debug
il-trc-events.taboola.com/sanook/log/2/ 0
91 B 223ms
216ms Image
text/plain 185.106.33.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://il-trc-events.taboola.com/sanook/log/2/debug?tim=03%3A55%3A49.336&type=warn&msg=video%20tag%20loader%20-%20didn%27t%20find%20enough%20sponsored%20items%20for%20integrated%20widget%20replacement&llvl=2&id=4100&cv=20230620-21-RELEASE&lt=vis-state-roll-disabled_ctrl&pct=1
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/women/220941/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Jun 2023 03:55:49 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 117054

GET
H2 200 spa-detector.20230620-21-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ 2 KB
1 KB 123ms
122ms Script
application/javascript 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/spa-detector.20230620-21-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/sanook/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 39aa18b7963920d95095fbcffa925d39e22e07ed5ff5aaa2ea37e781b7184cb5

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: FzoaeME3E3F1J3CzbfIPM97KVEHqkxDI
content-encoding: gzip
via: 1.1 varnish
date: Mon, 26 Jun 2023 03:55:49 GMT
x-amz-request-id: DK59W4DCDZBG4SZA
age: 388584
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 810
x-amz-id-2: QGVlVGnV3+Dtu8hb93uAKe6Qw7zVmXznitmpgEvXWQIU92pShUM1XxErM1qhyRjcjYi3f4mwPZ8=
x-served-by: cache-sof1510039-SOF
last-modified: Wed, 21 Jun 2023 15:44:56 GMT
server: AmazonS3
x-tbl-debug: bestatus=200,beresp=OK
x-timer: S1687751749.404583,VS0,VE0
etag: "270cfd8a70c9f1a33e304dfa8dceeb57"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 10
access-control-allow-origin: *
cache-control: private,max-age=2629743
accept-ranges: bytes
x-cache-hits: 29723

GET
H2 204 supply-feature
il-trc-events.taboola.com/sanook/log/3/ 0
363 B 224ms
217ms Image
text/plain 185.106.33.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://il-trc-events.taboola.com/sanook/log/3/supply-feature?route=AM:IL:V&lti=vis-state-roll-disabled_ctrl&ri=4dd4b99099da62d611300bc87077e256&sd=v2_fb092fe7b8473f4cde85d6b6e0c11bfd_330b5701-58b6-480a-9089-cdb23d1bc4ff-tuctb9291c3_1687751747_1687751747_CNawjgYQgeA9GPPQ366PMSABKAEwTzj74glAho4QSLLZ2ANQ____________AVgAYABosa_ptcr9986tAXAB&ui=330b5701-58b6-480a-9089-cdb23d1bc4ff-tuctb9291c3&pi=/women/220941&wi=-3636414332327407013&pt=text&vi=1687751747699&d=%7B%22event_type%22%3A%22EXPLORE_MORE%22%2C%22event_state%22%3A%22AVAILABLE%22%2C%22event_value%22%3A%22%22%2C%22event_msg%22%3A%22%22%2C%22event_key%22%3A%22%22%7D&tim=03%3A55%3A49.344&id=7533&llvl=2&cv=20230620-21-RELEASE&
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/women/220941/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Mon, 26 Jun 2023 03:55:49 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H2 204 abtests
il-trc-events.taboola.com/sanook/log/3/ 0
363 B 224ms
216ms Image
text/plain 185.106.33.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://il-trc-events.taboola.com/sanook/log/3/abtests?route=AM:IL:V&lti=vis-state-roll-disabled_ctrl&ri=4dd4b99099da62d611300bc87077e256&sd=v2_fb092fe7b8473f4cde85d6b6e0c11bfd_330b5701-58b6-480a-9089-cdb23d1bc4ff-tuctb9291c3_1687751747_1687751747_CNawjgYQgeA9GPPQ366PMSABKAEwTzj74glAho4QSLLZ2ANQ____________AVgAYABosa_ptcr9986tAXAB&ui=330b5701-58b6-480a-9089-cdb23d1bc4ff-tuctb9291c3&pi=/women/220941&wi=-3636414332327407013&pt=text&vi=1687751747699&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22explore-more%22%2C%22type%22%3A%22header%20found%22%2C%22eventTime%22%3A1687751749345%7D&tim=03%3A55%3A49.345&id=4054&llvl=2&cv=20230620-21-RELEASE&
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/women/220941/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Mon, 26 Jun 2023 03:55:49 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H2 204 supply-feature
il-trc-events.taboola.com/sanook/log/3/ 0
363 B 225ms
218ms Image
text/plain 185.106.33.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://il-trc-events.taboola.com/sanook/log/3/supply-feature?route=AM:IL:V&lti=vis-state-roll-disabled_ctrl&ri=4dd4b99099da62d611300bc87077e256&sd=v2_fb092fe7b8473f4cde85d6b6e0c11bfd_330b5701-58b6-480a-9089-cdb23d1bc4ff-tuctb9291c3_1687751747_1687751747_CNawjgYQgeA9GPPQ366PMSABKAEwTzj74glAho4QSLLZ2ANQ____________AVgAYABosa_ptcr9986tAXAB&ui=330b5701-58b6-480a-9089-cdb23d1bc4ff-tuctb9291c3&pi=/women/220941&wi=-3636414332327407013&pt=text&vi=1687751747699&d=%7B%22event_type%22%3A%22EXPLORE_MORE%22%2C%22event_state%22%3A%22CLICKABLE%22%2C%22event_value%22%3A%22tblOriginalState%3A%20true%2C%20%22%2C%22event_msg%22%3A%22back%20button%20enabled%2C%20history%20changed.%22%2C%22event_key%22%3A%22%22%7D&tim=03%3A55%3A49.347&id=9852&llvl=2&cv=20230620-21-RELEASE&
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/women/220941/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Mon, 26 Jun 2023 03:55:49 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H2 204 abtests
il-trc-events.taboola.com/sanook/log/3/ 0
363 B 225ms
218ms Image
text/plain 185.106.33.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://il-trc-events.taboola.com/sanook/log/3/abtests?route=AM:IL:V&lti=vis-state-roll-disabled_ctrl&ri=4dd4b99099da62d611300bc87077e256&sd=v2_fb092fe7b8473f4cde85d6b6e0c11bfd_330b5701-58b6-480a-9089-cdb23d1bc4ff-tuctb9291c3_1687751747_1687751747_CNawjgYQgeA9GPPQ366PMSABKAEwTzj74glAho4QSLLZ2ANQ____________AVgAYABosa_ptcr9986tAXAB&ui=330b5701-58b6-480a-9089-cdb23d1bc4ff-tuctb9291c3&pi=/women/220941&wi=-3636414332327407013&pt=text&vi=1687751747699&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22explore-more%22%2C%22type%22%3A%22explore-more-available%22%2C%22eventTime%22%3A1687751749351%7D&tim=03%3A55%3A49.351&id=6319&llvl=2&cv=20230620-21-RELEASE&
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/women/220941/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Mon, 26 Jun 2023 03:55:49 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H2 204 abtests
il-trc-events.taboola.com/sanook/log/3/ 0
363 B 225ms
217ms Image
text/plain 185.106.33.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://il-trc-events.taboola.com/sanook/log/3/abtests?route=AM:IL:V&lti=vis-state-roll-disabled_ctrl&ri=4dd4b99099da62d611300bc87077e256&sd=v2_fb092fe7b8473f4cde85d6b6e0c11bfd_330b5701-58b6-480a-9089-cdb23d1bc4ff-tuctb9291c3_1687751747_1687751747_CNawjgYQgeA9GPPQ366PMSABKAEwTzj74glAho4QSLLZ2ANQ____________AVgAYABosa_ptcr9986tAXAB&ui=330b5701-58b6-480a-9089-cdb23d1bc4ff-tuctb9291c3&pi=/women/220941&wi=-3636414332327407013&pt=text&vi=1687751747699&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22feed-distance-from-article-end%22%2C%22type%22%3A%221427.171875%22%2C%22eventTime%22%3A1687751749384%7D&tim=03%3A55%3A49.384&id=5646&llvl=2&cv=20230620-21-RELEASE&
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/women/220941/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Mon, 26 Jun 2023 03:55:49 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 57 KB
22 KB 326ms
303ms XHR
text/plain 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3658644031018088&correlator=397186847937700&eid=31075029&output=ldjh&gdfp_req=1&vrg=202306200101&ptt=17&impl=fif&us_privacy=1---&iu_parts=4899711%2Cwomen.sanook%2Cdesktop%2Chome%2Creadpage%2Cleaderboard&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4%2F5&prev_iu_szs=728x90%7C468x60&ifi=5&adks=1547059643&didk=3402878632&sfv=1-0-40&prev_scp=category%3Dauthor-profile-display%2Chome%2Cs-women-partner%26subcategory%3Dhometips%26tags%3Dcovid-19%2C%25E0%25B9%2582%25E0%25B8%2584%25E0%25B8%25A7%25E0%25B8%25B4%25E0%25B8%2594-19%2C%25E0%25B8%2589%25E0%25B8%25B2%25E0%25B8%2581%25E0%25B8%2581%25E0%25B8%25B1%25E0%25B9%2589%25E0%25B8%2599%25E0%25B9%2582%25E0%25B8%2584%25E0%25B8%25A7%25E0%25B8%25B4%25E0%25B8%2594-19%2C%25E0%25B8%2589%25E0%25B8%25B2%25E0%25B8%2581%25E0%25B8%2581%25E0%25B8%25B1%25E0%25B9%2589%25E0%25B8%2599%25E0%25B8%259E%25E0%25B8%25A5%25E0%25B8%25B2%25E0%25B8%25AA%25E0%25B8%2595%25E0%25B8%25B4%25E0%25B8%2581%2C%25E0%25B8%2589%25E0%25B8%25B2%25E0%25B8%2581%25E0%25B8%2581%25E0%25B8%25B1%25E0%25B9%2589%25E0%25B8%2599%2520pvc%2C%25E0%25B9%2580%25E0%25B8%2584%25E0%25B8%25A5%25E0%25B9%2587%25E0%25B8%2594%25E0%25B8%25A5%25E0%25B8%25B1%25E0%25B8%259A%25E0%25B9%2580%25E0%25B8%25A3%25E0%25B8%25B7%25E0%25B9%2588%25E0%25B8%25AD%25E0%25B8%2587%25E0%25B8%259A%25E0%25B9%2589%25E0%25B8%25B2%25E0%25B8%2599%2C%25E0%25B9%2581%25E0%25B8%2595%25E0%25B9%2588%25E0%25B8%2587%25E0%25B8%259A%25E0%25B9%2589%25E0%25B8%25B2%25E0%25B8%2599%26partner%3Ds-women-partner%26entry_id%3D220941&eri=1&ppid=38f260ef3018eb99222b52c79979d196&sc=1&cookie_enabled=1&abxe=1&dt=1687751749494&lmt=1687751749&dlt=1687751744839&idt=3471&adxs=235&adys=1023&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=5&oid=2&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fwww.sanook.com%2Fwomen%2F220941%2F&frm=20&vis=1&psz=728x0&msz=728x0&fws=0&ohw=0&ga_vid=829687064.1687751747&ga_sid=1687751749&ga_hid=1524032784&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQY9Nzfro8xSABSAghkEhkKCnB1YmNpZC5vcmcY9dzfro8xSABSAghkEh0KDmVzcC5jcml0ZW8uY29tGPTc366PMUgAUgIIZBIUCgVvcGVueBj03N-ujzFIAFICCGQSGQoKdWlkYXBpLmNvbRj03N-ujzFIAFICCGQSFwoIcnRiaG91c2UY9dzfro8xSABSAghkEhsKDGlkNS1zeW5jLmNvbRj13N-ujzFIAFICCGQ.

Requested by

Host: www.sanook.com
URL: https://www.sanook.com/women/220941/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

635b226d9197965cdb66d6b5828b2193b58767e267ede52857e1850e403b03b3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Jun 2023 03:55:49 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 22335
x-xss-protection: 0
google-lineitem-id: 6232232132
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138424335853
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.sanook.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 beacon.js Show response
sb.scorecardresearch.com/ Frame E81E 4 KB
2 KB 153ms
134ms Script
application/javascript 13.32.99.90
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/beacon.js
Requested by: Host: p3.isanook.com
URL: https://p3.isanook.com/sh/0/js/beacon.v1.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-90.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 1aee66e2e24e851039801c0dace90f3efb7a1a17b033f7d5bbc12ca7c1d19432

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Jun 2023 01:20:21 GMT
content-encoding: gzip
via: 1.1 544814e402956ba93c0a2d2b923e94c2.cloudfront.net (CloudFront)
last-modified: Thu, 09 Mar 2023 09:22:40 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P3
age: 9331
x-amz-server-side-encryption: AES256
etag: W/"a06e7a176f40dc26aa5e9567ac9d2d5e"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=86400
x-amz-cf-id: xXHXxG4WGI6oOTr-gUihoUWm9pQsk0wbPyOtzDW608iD7XQR8sj3tg==

GET
H3 200 1489944661112333 Show response
connect.facebook.net/signals/config/ Frame E81E 300 KB
86 KB 146ms
138ms Script
application/x-javascript 157.240.0.6
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1489944661112333?v=2.9.109&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.0.6 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-02-fra3.fbcdn.net

Software

Resource Hash

1b8ae9585b6cf1b2e44f3326f61905d2dcff7f35a7a31b7334f800ad6367b8d6

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Mon, 26 Jun 2023 03:55:49 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 88179
x-xss-protection: 0
pragma: public
x-fb-debug: pBqedMU/oDfk3fR6BuxOOVPEaUcqgGIBrbbGnXS2iQG8kHBmx00NUo8RrtwFM50MlhkfzDBhQWJp6Z2+zQ1n3g==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 38 KB
16 KB 368ms
363ms XHR
text/plain 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3658644031018088&correlator=2692317839506472&eid=31075029&output=ldjh&gdfp_req=1&vrg=202306200101&ptt=17&impl=fif&us_privacy=1---&iu_parts=4899711%2Cwomen.sanook%2Cdesktop%2Chome%2Creadpage%2Creca&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4%2F5&prev_iu_szs=300x250&ifi=6&adks=1198679254&didk=4218483588&sfv=1-0-40&prev_scp=category%3Dauthor-profile-display%2Chome%2Cs-women-partner%26subcategory%3Dhometips%26tags%3Dcovid-19%2C%25E0%25B9%2582%25E0%25B8%2584%25E0%25B8%25A7%25E0%25B8%25B4%25E0%25B8%2594-19%2C%25E0%25B8%2589%25E0%25B8%25B2%25E0%25B8%2581%25E0%25B8%2581%25E0%25B8%25B1%25E0%25B9%2589%25E0%25B8%2599%25E0%25B9%2582%25E0%25B8%2584%25E0%25B8%25A7%25E0%25B8%25B4%25E0%25B8%2594-19%2C%25E0%25B8%2589%25E0%25B8%25B2%25E0%25B8%2581%25E0%25B8%2581%25E0%25B8%25B1%25E0%25B9%2589%25E0%25B8%2599%25E0%25B8%259E%25E0%25B8%25A5%25E0%25B8%25B2%25E0%25B8%25AA%25E0%25B8%2595%25E0%25B8%25B4%25E0%25B8%2581%2C%25E0%25B8%2589%25E0%25B8%25B2%25E0%25B8%2581%25E0%25B8%2581%25E0%25B8%25B1%25E0%25B9%2589%25E0%25B8%2599%2520pvc%2C%25E0%25B9%2580%25E0%25B8%2584%25E0%25B8%25A5%25E0%25B9%2587%25E0%25B8%2594%25E0%25B8%25A5%25E0%25B8%25B1%25E0%25B8%259A%25E0%25B9%2580%25E0%25B8%25A3%25E0%25B8%25B7%25E0%25B9%2588%25E0%25B8%25AD%25E0%25B8%2587%25E0%25B8%259A%25E0%25B9%2589%25E0%25B8%25B2%25E0%25B8%2599%2C%25E0%25B9%2581%25E0%25B8%2595%25E0%25B9%2588%25E0%25B8%2587%25E0%25B8%259A%25E0%25B9%2589%25E0%25B8%25B2%25E0%25B8%2599%26partner%3Ds-women-partner%26entry_id%3D220941&eri=1&ppid=38f260ef3018eb99222b52c79979d196&sc=1&cookie_enabled=1&abxe=1&dt=1687751749533&lmt=1687751749&dlt=1687751744839&idt=3471&adxs=1065&adys=649&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=6&oid=2&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fwww.sanook.com%2Fwomen%2F220941%2F&frm=20&vis=1&psz=300x0&msz=300x0&fws=0&ohw=0&ga_vid=829687064.1687751747&ga_sid=1687751749&ga_hid=1524032784&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQY9Nzfro8xSABSAghkEhkKCnB1YmNpZC5vcmcY9dzfro8xSABSAghkEh0KDmVzcC5jcml0ZW8uY29tGPTc366PMUgAUgIIZBIUCgVvcGVueBj03N-ujzFIAFICCGQSGQoKdWlkYXBpLmNvbRj03N-ujzFIAFICCGQSFwoIcnRiaG91c2UY9dzfro8xSABSAghkEhsKDGlkNS1zeW5jLmNvbRj13N-ujzFIAFICCGQ.

Requested by

Host: www.sanook.com
URL: https://www.sanook.com/women/220941/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

674239b4abc1695b3d4548fb964cb6a15d21930f20ccb11f8f556a80c54633f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Jun 2023 03:55:49 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: 109357
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16668
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-mediationtag-id: 181916
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.sanook.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 57 KB
22 KB 324ms
324ms XHR
text/plain 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3658644031018088&correlator=3943305020717792&eid=31075029&output=ldjh&gdfp_req=1&vrg=202306200101&ptt=17&impl=fif&us_privacy=1---&iu_parts=4899711%2Cwomen.sanook%2Cdesktop%2Chome%2Creadpage%2Ctower&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4%2F5&prev_iu_szs=300x250%7C300x600%7C160x600%7C120x600%7C240x400&ifi=7&adks=869927549&didk=1425532729&sfv=1-0-40&prev_scp=category%3Dauthor-profile-display%2Chome%2Cs-women-partner%26subcategory%3Dhometips%26tags%3Dcovid-19%2C%25E0%25B9%2582%25E0%25B8%2584%25E0%25B8%25A7%25E0%25B8%25B4%25E0%25B8%2594-19%2C%25E0%25B8%2589%25E0%25B8%25B2%25E0%25B8%2581%25E0%25B8%2581%25E0%25B8%25B1%25E0%25B9%2589%25E0%25B8%2599%25E0%25B9%2582%25E0%25B8%2584%25E0%25B8%25A7%25E0%25B8%25B4%25E0%25B8%2594-19%2C%25E0%25B8%2589%25E0%25B8%25B2%25E0%25B8%2581%25E0%25B8%2581%25E0%25B8%25B1%25E0%25B9%2589%25E0%25B8%2599%25E0%25B8%259E%25E0%25B8%25A5%25E0%25B8%25B2%25E0%25B8%25AA%25E0%25B8%2595%25E0%25B8%25B4%25E0%25B8%2581%2C%25E0%25B8%2589%25E0%25B8%25B2%25E0%25B8%2581%25E0%25B8%2581%25E0%25B8%25B1%25E0%25B9%2589%25E0%25B8%2599%2520pvc%2C%25E0%25B9%2580%25E0%25B8%2584%25E0%25B8%25A5%25E0%25B9%2587%25E0%25B8%2594%25E0%25B8%25A5%25E0%25B8%25B1%25E0%25B8%259A%25E0%25B9%2580%25E0%25B8%25A3%25E0%25B8%25B7%25E0%25B9%2588%25E0%25B8%25AD%25E0%25B8%2587%25E0%25B8%259A%25E0%25B9%2589%25E0%25B8%25B2%25E0%25B8%2599%2C%25E0%25B9%2581%25E0%25B8%2595%25E0%25B9%2588%25E0%25B8%2587%25E0%25B8%259A%25E0%25B9%2589%25E0%25B8%25B2%25E0%25B8%2599%26partner%3Ds-women-partner%26entry_id%3D220941&eri=1&ppid=38f260ef3018eb99222b52c79979d196&sc=1&cookie_enabled=1&abxe=1&dt=1687751749562&lmt=1687751749&dlt=1687751744839&idt=3471&adxs=1065&adys=2685&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=3&ucis=7&oid=2&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fwww.sanook.com%2Fwomen%2F220941%2F&frm=20&vis=1&psz=300x0&msz=300x0&fws=0&ohw=0&ga_vid=829687064.1687751747&ga_sid=1687751749&ga_hid=1524032784&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQY9Nzfro8xSABSAghkEhkKCnB1YmNpZC5vcmcY9dzfro8xSABSAghkEh0KDmVzcC5jcml0ZW8uY29tGPTc366PMUgAUgIIZBIUCgVvcGVueBj03N-ujzFIAFICCGQSGQoKdWlkYXBpLmNvbRj03N-ujzFIAFICCGQSFwoIcnRiaG91c2UY9dzfro8xSABSAghkEhsKDGlkNS1zeW5jLmNvbRj13N-ujzFIAFICCGQ.

Requested by

Host: www.sanook.com
URL: https://www.sanook.com/women/220941/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

01dda40652ac6a6c59e1e8def4908344d05ef937638c5c15e723bb5fde73d480

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Jun 2023 03:55:49 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 22246
x-xss-protection: 0
google-lineitem-id: 5615991028
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138339252621
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.sanook.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame FA44 0
0 178ms
178ms Fetch
image/gif 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvZuUnbbtm9Pk-fxy1OI2I1uZy6R12ycUDIW8ofk4l0WAbF-LIJHA3JLhzNQRi3118QeIXQPBXzYrHp7ltU0GCsqb5-ckk7bg4mytlHnGoRe_j7ehMtn6YuzmzR30bGK67kS6L2f38aJgp1IK9nTwSLY1NHRm1Ohw94xPGrfUojo42Hf4QjA2d17-HaIvE8-B9v_DYVoJnzUSlofkOOWm9E6PabJGSC0h--Rj6rLFHiXXhQN0mTUqE_0goVgha4GqGVdXVvnYseLKxHiLoLcz7NmB5oGNKY6uukXs54jPt4Vm-HrBGynnHkHxwk5TVjenVhFWtrTJK7mH4RJoAq0z0KEL3r4lakYq0tScBXCXjOZZd5&sai=AMfl-YRWGuvquVa1baQoXx-bpx6K0kxfQTqNLNd302PKtM1HNpnfuZFQq7o5sZI5Duwo7z03ymhKGLEbXfCvD3ngNU0brl42R1uE3S3gyvbE8HnJuMrWT5ADdu-ExdmDT-wVtHh5VcsFDJCD2O_m4VtBZ8s&sig=Cg0ArKJSzOPom_7KEQgREAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: www.sanook.com
URL: https://www.sanook.com/women/220941/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Jun 2023 03:55:49 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ Frame FA44 77 KB
26 KB 149ms
148ms Script
text/javascript 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306200101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

4a24ab6fcbc8130b01a4936c05b73ec540f50eb9115f74168d0b1046c234ab7b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Jun 2023 03:55:49 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 26460
x-xss-protection: 0
server: cafe
etag: 184 / 19534 / 31075546 / config-hash: 3635630053877940451
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Mon, 26 Jun 2023 03:55:49 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame FA44 179 KB
56 KB 150ms
149ms Script
text/javascript 172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306200101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f2.1e100.net

Software

sffe /

Resource Hash

13b4bb0bb059eee9a7ddf5b8ae3f395e28e7f81918eeac0ec934f3d050c4d0a2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Jun 2023 03:55:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57242
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1687383875062185"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 26 Jun 2023 03:55:49 GMT

GET
H2 200 PugMaster Show response
image6.pubmatic.com/AdServer/ Frame 30DF 4 KB
4 KB 465ms
146ms Script
text/html 185.64.190.78
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=38260587&p=155976&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=1---
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=155976
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: 7cae54bacd8659b96a6bcd4d2aada5e36ba135a67b375705909b8a4ffeb3a199

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type: text/html; charset=UTF-8
date: Mon, 26 Jun 2023 03:55:49 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 56A5 0
0 170ms
169ms Fetch
image/gif 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssW-1GKgcwM6Oe-1FHHz6BBK17zj4qvkJKkDnwqY2Lgdw0__PbOpvAdMFmCfFgOUz29-sUiskr3uWMeUZfnOHnBLTTBgpmrqnZHWlziwCY_37uEzUoSzU0NUYwHZDMt2rF3gABplkvRVvUZrUsDd-VHAj38SVpP2swxAX5_rqTZE7o_r9l_bWfYzgQ8DEI5CIMEj8r-5uLhSceSrrFVo_QxqX_NxUtfb5VLNjBHoDiB9exiX6VzXRgkPTmB64uiVXeirSVZPn3vLLOB_2p4UINPjYI4DgyzL7rmWJT9Ise-8HTkHQXkB1R4rfcr0dcrTMSus3MMLh--qBpFI8nYcU5T6exG56mHK9Q31XuftOrGUmWoi5xfLlP0eAo&sai=AMfl-YR5Fxz57vM16iuMMT75oj-Ttas7lycAXLG-Um7hMRqdVVBoJwQnc7K8bEfi_3HrZU0mAUKkrfYvo952rEOTY54DCsQpPuGEWz_ChjdMlPuj2xyNsbazhP3S9Uq2H6GX47xT3tHh_cTEPzqiMW0SZIo&sig=Cg0ArKJSzIUtKpxLN6HEEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: www.sanook.com
URL: https://www.sanook.com/women/220941/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Jun 2023 03:55:49 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 video-js.min.css
s.isanook.com/sh/0/ad/inview/ Frame 56A5 38 KB
14 KB 149ms
134ms Stylesheet
text/css 43.152.29.12
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to

Full URL: https://s.isanook.com/sh/0/ad/inview/video-js.min.css
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306200101/pubads_impl.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 43.152.29.12 , Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: Lego Server /
Resource Hash: cbbea5ddef89ab10c3ba4c56b378f820b7426c4da981721ad97f6d7638e0c2b1

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 21:56:28 GMT
content-encoding: gzip
x-cache-lookup: Cache Hit, Hit From Inner Cluster
last-modified: Sun, 02 Jul 2017 11:03:01 GMT
server: Lego Server
age: 13611
etag: W/"5958d2e5-99d1"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=2592000
x-nws-log-uuid: 5310331248856107276
accept-ranges: bytes
content-length: 13670
expires: Fri, 21 Jul 2023 21:56:28 GMT

GET
H2 200 videojs.ads.min.css
s.isanook.com/sh/0/ad/inview/ Frame 56A5 359 B
378 B 145ms
131ms Stylesheet
text/css 43.152.29.12
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to

Full URL: https://s.isanook.com/sh/0/ad/inview/videojs.ads.min.css
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306200101/pubads_impl.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 43.152.29.12 , Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: Lego Server /
Resource Hash: 44ca2146f5e4ac14cbb7e71aefc11dc07792aa5302627fee0209b3ecdab18b25

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 08:43:12 GMT
content-encoding: gzip
x-cache-lookup: Cache Hit, Hit From Inner Cluster
last-modified: Sun, 02 Jul 2017 11:02:59 GMT
server: Lego Server
age: 0
etag: W/"5958d2e3-167"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=2592000, s-maxage=10
x-nws-log-uuid: 9803892197989950231
accept-ranges: bytes
content-length: 197
expires: Wed, 21 Jun 2023 08:43:23 GMT

GET
H2 200 ads-v1.0.3.css
s.isanook.com/sh/0/ad/inview/ Frame 56A5 4 KB
2 KB 149ms
135ms Stylesheet
text/css 43.152.29.12
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to

Full URL: https://s.isanook.com/sh/0/ad/inview/ads-v1.0.3.css
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306200101/pubads_impl.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 43.152.29.12 , Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: Lego Server /
Resource Hash: 63a535305d3b0ca376dd8225cc817b1e6709f346016a99a5aa85c48ca2f77482

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jun 2023 23:51:25 GMT
content-encoding: gzip
x-cache-lookup: Cache Hit, Hit From Inner Cluster
last-modified: Wed, 13 Jun 2018 05:50:00 GMT
server: Lego Server
age: 0
etag: "5b20b088-117d"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=2592000, s-maxage=10
x-nws-log-uuid: 1269284732907773311
accept-ranges: bytes
content-length: 1541
expires: Thu, 20 Jul 2023 23:51:25 GMT

GET
H2 200 jquery-1.8.3.min.js Show response
s.isanook.com/sh/0/ad/inview/ Frame 56A5 91 KB
33 KB 148ms
135ms Script
application/javascript 43.152.29.12
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to

Full URL: https://s.isanook.com/sh/0/ad/inview/jquery-1.8.3.min.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306200101/pubads_impl.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 43.152.29.12 , Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: Lego Server /
Resource Hash: 2295fbd4eed6fa5b0d775a17048a0f73e85c3a347bb384be7b427418cd453d23

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 18 Jun 2023 15:05:08 GMT
content-encoding: gzip
x-cache-lookup: Cache Hit, Hit From Inner Cluster
x-original-content-length: 93583
server: Lego Server
age: 1655230
etag: W/"5958d2e1-16d8f"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-nws-log-uuid: 15680480534854244263
accept-ranges: bytes
content-length: 33384
expires: Thu, 29 Jun 2023 11:17:28 GMT

GET
H2 200 video.min.js Show response
s.isanook.com/sh/0/ad/inview/ Frame 56A5 246 KB
53 KB 148ms
135ms Script
application/javascript 43.152.29.12
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to

Full URL: https://s.isanook.com/sh/0/ad/inview/video.min.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306200101/pubads_impl.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 43.152.29.12 , Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: Lego Server /
Resource Hash: 4b73ba1653aaddc0c19e9729053ed92d6273c68705d70d145bf83080feee8deb

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 22 Jun 2023 05:42:35 GMT
content-encoding: gzip
x-cache-lookup: Cache Hit, Hit From Inner Cluster
last-modified: Sun, 02 Jul 2017 11:02:59 GMT
server: Lego Server
age: 0
etag: "5958d2e3-3d69b"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000, s-maxage=10
x-nws-log-uuid: 4722313607981242688
accept-ranges: bytes
content-length: 54362
expires: Sat, 22 Jul 2023 05:42:35 GMT

GET
H2 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ Frame 56A5 361 KB
121 KB 483ms
158ms Script
text/javascript 142.250.184.202
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306200101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.202 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f10.1e100.net

Software

sffe /

Resource Hash

ed3307c62c0d78bf73af142b4c660e3257374d97385b2f50b28b1003a5c00513

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Jun 2023 03:55:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 123120
x-xss-protection: 0
expires: Mon, 26 Jun 2023 03:55:50 GMT

GET
H2 200 videojs.ads.min.js Show response
s.isanook.com/sh/0/ad/inview/ Frame 56A5 18 KB
5 KB 148ms
136ms Script
application/javascript 43.152.29.12
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to

Full URL: https://s.isanook.com/sh/0/ad/inview/videojs.ads.min.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306200101/pubads_impl.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 43.152.29.12 , Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: Lego Server /
Resource Hash: d021a42429c9121303b4aa9316b84d89377992c1ba5c680eadb5b3e38989fe61

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jun 2023 06:15:01 GMT
content-encoding: gzip
x-cache-lookup: Cache Hit, Hit From Inner Cluster
last-modified: Sun, 02 Jul 2017 11:03:00 GMT
server: Lego Server
age: 0
etag: W/"5958d2e4-490c"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000, s-maxage=10
x-nws-log-uuid: 12889767087014925088
accept-ranges: bytes
content-length: 5317
expires: Thu, 20 Jul 2023 06:15:01 GMT

GET
H2 200 videojs.ima.js Show response
s.isanook.com/sh/0/ad/inview/ Frame 56A5 47 KB
10 KB 151ms
139ms Script
application/javascript 43.152.29.12
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to

Full URL: https://s.isanook.com/sh/0/ad/inview/videojs.ima.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306200101/pubads_impl.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 43.152.29.12 , Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: Lego Server /
Resource Hash: 10b7f660bbe70fc660e99f219bfd972dafc4837c50260a04c0ec63f7a7c2cead

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 18 Jun 2023 12:37:05 GMT
content-encoding: gzip
x-cache-lookup: Cache Hit, Hit From Inner Cluster
x-original-content-length: 48060
server: Lego Server
age: 1998259
etag: W/"5958d2e4-bbbc"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-nws-log-uuid: 14807308249271673261
accept-ranges: bytes
content-length: 10173
expires: Sun, 25 Jun 2023 09:31:46 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 56A5 179 KB
56 KB 170ms
158ms Script
text/javascript 172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306200101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f2.1e100.net

Software

sffe /

Resource Hash

13b4bb0bb059eee9a7ddf5b8ae3f395e28e7f81918eeac0ec934f3d050c4d0a2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Jun 2023 03:55:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57242
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1687383875062185"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 26 Jun 2023 03:55:49 GMT

GET
H2 200 container.html Show response
d0d8b8e6b737a493004210cba1ad57b8.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 3D0E 6 KB
3 KB 136ms
133ms Document
text/html 142.250.186.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://d0d8b8e6b737a493004210cba1ad57b8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306200101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f1.1e100.net

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.sanook.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: ka-GE,ka;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 26 Jun 2023 03:55:49 GMT
expires: Tue, 25 Jun 2024 03:55:49 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 hub.html Show response
p3.isanook.com/jo/0/mu/evt/_cross_storage/ex/ Frame D001 236 B
307 B 1481ms
1481ms Document
text/html 43.152.29.11
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to

Full URL: https://p3.isanook.com/jo/0/mu/evt/_cross_storage/ex/hub.html
Requested by: Host: s.isanook.com
URL: https://s.isanook.com/sr/0/_next/static/chunks/pages/_app-728bf3a5f2152c8da774.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 43.152.29.11 , Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: Lego Server /
Resource Hash: 076d24cbdcf9e0597833fef55d3dca79e6b5fd281e45d85957bea5925473bc6c

Request headers

Referer: https://www.sanook.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: ka-GE,ka;q=0.9

Response headers

accept-ranges: bytes
age: 218
cache-control: no-cache, max-age=0
content-encoding: gzip
content-length: 192
content-type: text/html
date: Mon, 26 Jun 2023 03:52:12 GMT
server: Lego Server
vary: Accept-Encoding
x-cache-lookup: Cache Miss Hit From Inner Cluster Cache Miss Hit From Inner Cluster
x-nws-log-uuid: 15640255804251254106
x-page-speed: 1.13.35.2-0

GET
H2 200 optimize.js Show response
www.googleoptimize.com/ Frame E81E 125 KB
48 KB 141ms
139ms Script
application/javascript 172.217.16.206
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleoptimize.com/optimize.js?id=GTM-NBRLWV4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PNXLXRS

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.206 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f206.1e100.net

Software

Google Tag Manager /

Resource Hash

395c06dc560b79032e4bde085a826c58db346eb4c623689927435700c4dca6b7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Jun 2023 03:55:50 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 49248
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 26 Jun 2023 03:55:50 GMT

GET
H2 200 / Show response
www.googleadservices.com/pagead/conversion/1007499765/ Frame E81E 3 KB
2 KB 162ms
162ms Script
text/javascript 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion/1007499765/?random=1687751749958&cv=11&fst=1687751749958&bg=ffffff&guid=ON&async=1&gtm=45He36l0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.sanook.com%2Fwomen%2F220941%2F&ref=https%3A%2F%2Fwww.sanook.com%2Fwomen%2F220941%2F&label=JxFSCKqXqfMBEPXztOAD&hn=www.googleadservices.com&frm=1&tiba=%E0%B8%A3%E0%B8%B2%E0%B8%A8%E0%B8%B5%E0%B8%97%E0%B8%B5%E0%B9%88%E0%B8%A1%E0%B8%B5%E0%B9%80%E0%B8%81%E0%B8%93%E0%B8%91%E0%B9%8C%20%E0%B9%80%E0%B8%94%E0%B8%B4%E0%B8%99%E0%B8%97%E0%B8%B2%E0%B8%87%E0%B9%81%E0%B8%A5%E0%B9%89%E0%B8%A7%E0%B8%94%E0%B8%B5%20&value=0&bttype=purchase&us_privacy=error&auid=1312455546.1687751746&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PNXLXRS

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

9c05c7371cdf3c451b8a2cdf90e6ac6b8678682606c1edaca2705f926cc9ddd6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 26 Jun 2023 03:55:50 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1686
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/408516141/ Frame E81E 3 KB
1 KB 160ms
160ms Script
text/javascript 216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/408516141/?random=1687751749971&cv=11&fst=1687751749971&bg=ffffff&guid=ON&async=1&gtm=45He36l0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.sanook.com%2Fwomen%2F220941%2F&ref=https%3A%2F%2Fwww.sanook.com%2Fwomen%2F220941%2F&hn=www.googleadservices.com&frm=1&tiba=%E0%B8%A3%E0%B8%B2%E0%B8%A8%E0%B8%B5%E0%B8%97%E0%B8%B5%E0%B9%88%E0%B8%A1%E0%B8%B5%E0%B9%80%E0%B8%81%E0%B8%93%E0%B8%91%E0%B9%8C%20%E0%B9%80%E0%B8%94%E0%B8%B4%E0%B8%99%E0%B8%97%E0%B8%B2%E0%B8%87%E0%B9%81%E0%B8%A5%E0%B9%89%E0%B8%A7%E0%B8%94%E0%B8%B5%20&us_privacy=error&auid=1312455546.1687751746&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PNXLXRS

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f130.1e100.net

Software

cafe /

Resource Hash

c709e2d463c6d880d28797529cff150f9f30659c9afe93c351273f239da3a00f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 26 Jun 2023 03:55:50 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1370
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 6066-d50250a536141f89d39a.js Show response
s.isanook.com/sr/0/_next/static/chunks/ Frame E81E 37 KB
10 KB 131ms
131ms Script
application/javascript 43.152.29.12
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to

Full URL: https://s.isanook.com/sr/0/_next/static/chunks/6066-d50250a536141f89d39a.js
Requested by: Host: s.isanook.com
URL: https://s.isanook.com/sr/0/_next/static/chunks/webpack-85ef46c5ff52500835f2.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 43.152.29.12 , Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: Lego Server /
Resource Hash: 12c77ac611a4332b163f12367043df571ad45e56537880d12235f9aa3376e777

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 10:12:49 GMT
content-encoding: gzip
x-cache-lookup: Cache Hit, Hit From Inner Cluster
last-modified: Thu, 15 Jun 2023 02:53:37 GMT
server: Lego Server
age: 0
etag: W/"648a7d31-95e4"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000, s-maxage=10
x-nws-log-uuid: 5384994200556563662
accept-ranges: bytes
content-length: 9981
expires: Mon, 17 Jul 2023 10:12:49 GMT

GET
H2 200 905ababb31917acf0113.css
s.isanook.com/sr/0/_next/static/css/ Frame E81E 47 KB
13 KB 131ms
131ms Stylesheet
text/css 43.152.29.12
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to

Full URL: https://s.isanook.com/sr/0/_next/static/css/905ababb31917acf0113.css
Requested by: Host: s.isanook.com
URL: https://s.isanook.com/sr/0/_next/static/chunks/webpack-85ef46c5ff52500835f2.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 43.152.29.12 , Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: Lego Server /
Resource Hash: 6573600e0b8e8846b336b6bdd25cf29487f066ed5960befe0a17e9a1d74e6081

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 07:31:36 GMT
content-encoding: gzip
x-cache-lookup: Cache Hit, Hit From Inner Cluster
last-modified: Wed, 21 Jun 2023 07:17:23 GMT
server: Lego Server
age: 0
etag: W/"6492a403-bc92"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=2592000
x-nws-log-uuid: 14141854138270982338
accept-ranges: bytes
content-length: 13298
expires: Fri, 21 Jul 2023 07:31:36 GMT

GET
H2 200 165-175f1657a2ec88c9f4dd.js Show response
s.isanook.com/sr/0/_next/static/chunks/ Frame E81E 19 KB
5 KB 132ms
132ms Script
application/javascript 43.152.29.12
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to

Full URL: https://s.isanook.com/sr/0/_next/static/chunks/165-175f1657a2ec88c9f4dd.js
Requested by: Host: s.isanook.com
URL: https://s.isanook.com/sr/0/_next/static/chunks/webpack-85ef46c5ff52500835f2.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 43.152.29.12 , Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: Lego Server /
Resource Hash: 6f2e467708bf33042629c5ea99418aeb1c3026a41851f320d6dd309c26b667ed

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 07:28:24 GMT
content-encoding: gzip
x-cache-lookup: Cache Hit, Hit From Inner Cluster
x-original-content-length: 19705
server: Lego Server
age: 0
etag: W/"6492a401-4cf9"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000
x-nws-log-uuid: 13492510302604736504
accept-ranges: bytes
content-length: 5113
expires: Fri, 21 Jul 2023 07:28:24 GMT

GET
H2 200 741.14cc4ed0facf93e50925.js Show response
s.isanook.com/sr/0/_next/static/chunks/ Frame E81E 16 KB
6 KB 133ms
133ms Script
application/javascript 43.152.29.12
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to

Full URL: https://s.isanook.com/sr/0/_next/static/chunks/741.14cc4ed0facf93e50925.js
Requested by: Host: s.isanook.com
URL: https://s.isanook.com/sr/0/_next/static/chunks/webpack-85ef46c5ff52500835f2.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 43.152.29.12 , Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: Lego Server /
Resource Hash: 5254ef619ea505e932d4cd0a9a1e4bb2b9520dfde31099e8427b491b3b9dad87

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 07:31:36 GMT
content-encoding: gzip
x-cache-lookup: Cache Hit, Hit From Inner Cluster
last-modified: Wed, 21 Jun 2023 07:17:23 GMT
server: Lego Server
age: 0
etag: W/"6492a403-3e5c"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000, s-maxage=10
x-nws-log-uuid: 5731844198217692357
accept-ranges: bytes
content-length: 5627
expires: Fri, 21 Jul 2023 07:31:36 GMT

GET
H/1.1 200
OK dc-script-v2.min.js Show response
sal.isanook.com/dc/ Frame E81E 25 KB
10 KB 591ms
590ms Script
application/javascript 203.151.133.6
INET-TH-AS Intern...

General

Check archive.org

Show headers Download Go to

Full URL: https://sal.isanook.com/dc/dc-script-v2.min.js
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/women/220941/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 203.151.133.6 Mueang Samut Prakan, Thailand, ASN4618 (INET-TH-AS Internet Thailand Company Limited, TH),
Reverse DNS: 6.134.151.203.sta.inet.co.th
Software: nginx /
Resource Hash: 3742d5b28f7d0667a9e788a9a6867410194c116b62d93bcd6d256dad386189ad

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 26 Jun 2023 03:55:50 GMT
Content-Encoding: gzip
Last-Modified: Mon, 16 Nov 2020 11:46:30 GMT
Server: nginx
ETag: W/"5fb26696-62be"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=2592000
Connection: keep-alive
Expires: Wed, 26 Jul 2023 03:55:50 GMT

GET
H3 200 AGSKWxVn405-UzCYtNfzzIU5iKFwvl5GC9uSat4hDZ5wO25d-JV23upmCP4RBts6lsbW36GAX9HMUEoDcxck13f34MNqK3oF4Xc0EYq4VYZHbd_r7vw2IK6qXFBCR5EjHLUTzahpZotYCQ== Show response
fundingchoicesmessages.google.com/f/ 13 KB
6 KB 176ms
176ms Script
application/javascript 142.250.184.238
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxVn405-UzCYtNfzzIU5iKFwvl5GC9uSat4hDZ5wO25d-JV23upmCP4RBts6lsbW36GAX9HMUEoDcxck13f34MNqK3oF4Xc0EYq4VYZHbd_r7vw2IK6qXFBCR5EjHLUTzahpZotYCQ==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNjg3NzUxNzQ5LDk4NzAwMDAwMF0sIjRFRDc1NTRGLTg0RUItNEMxQy04NDlCLTUwRkNDMDNFQzY3OSIsbnVsbCxudWxsLFtudWxsLFs3LDEwXV0sImh0dHBzOi8vd3d3LnNhbm9vay5jb20vd29tZW4vMjIwOTQxLyIsbnVsbCxbWzgsIlY5cno4bmQ3ZkY0Il0sWzksImVuLVVTIl0sWzE2LCJbMSwxLDFdIl0sWzE5LCIyIl1dXQ

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.238 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f14.1e100.net

Software

ESF /

Resource Hash

44a0f6210e62103c05248a08250ac37eabc1754f9026ec92fce09ff32c2b465a

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-HZvHa73lwQRG2kK5JjD_ZA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Jun 2023 03:55:50 GMT
content-security-policy: script-src 'report-sample' 'nonce-HZvHa73lwQRG2kK5JjD_ZA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK container_57b51f2f1c51b15b6d1e8553.js Show response
avd.innity.net/225/ Frame E81E 8 KB
4 KB 138ms
137ms Script
application/javascript 2.22.155.137
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://avd.innity.net/225/container_57b51f2f1c51b15b6d1e8553.js
Requested by: Host: p3.isanook.com
URL: https://p3.isanook.com/sh/0/js/oppa.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2.22.155.137 Glattbrugg, Switzerland, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-22-155-137.deploy.static.akamaitechnologies.com
Software: nginx/1.20.2 /
Resource Hash: 79e294a7071dc71eebe41f088919fd137441a80f5ba5bd2765b978726ec5ee9d

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 26 Jun 2023 03:55:50 GMT
Content-Encoding: gzip
Last-Modified: Fri, 28 Aug 2020 08:27:45 GMT
Server: nginx/1.20.2
ETag: "5f48c001-20eb-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: public, max-age=1290928
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3217
Expires: Tue, 11 Jul 2023 02:31:18 GMT

GET
H2 200 st Show response
imprammp.taboola.com/ Frame 8E15 422 B
404 B 159ms
157ms Document
text/html 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V8QL8CLAYUpbN0tncZThAoSmfpbO8ynCgAAABgYED8AAksPK6JYWFaSwaDwVo0si3cwtHEs5YNF6uVaWGyGGemISCBhcc1MSxMa8lgMFiLRraFWziaeNay4WK1Mi1MFuPMNAUfxnKZDGqBhGX2-w4KyunpMbsMoqLrbbE7nGbPG5Cg6XT4XPd63e931zzsfr_XrvG7_bq_22X3SyaD5WixlwMAAACAB_____8QAAAAACIAAAAASAAAAACgEFDh34LABQAAAAAM_____xoAnjgc0MVpdnqe_gAAAAAAAgAAAIAEAEHHWgkAC6yqE___________MQboM29k_P___98w6AHw4APgQQgAAIDHEMwwPu0Hf5RlIgXSRRgBAAAA2Hp3rj4ySSeoWFT5___vtwJwBQAgALH-Ot03i-6gxFsYAAAAgTEL9LD4_WaHXeN3u8z_________v5n_M_9ohEyEH9MIzUSxq_kFBABY8wsIAMBG3QAAvAmAE3QIWjEYrM5ArlazAwAAAHDn____Xw-IWQzLyczlmxhHu83MtDG5jKuRbWJbGTaOxcRm8p5Ut-Ur9rj58j4hwjL7fQcF5fT0mF0GUdH1ttgdTrPnID5oGJaTQTQ_E7YYrSaTzXI4Wy4mg-FoOBrtjwAuB2giBsvlZLKY7Faj1Wgz3I1mgwUSiMEEUbRoMFmNRpPFZLgaTVaz5WK32yCKVq1mo81guJpNZrvdajgYLkcjNGGL0Woy2SyHs-ViMhiOhqPREMHMZjBx7QaLtWo4sa1Fw8HCrRwMl2uNyWLZjBwTj2lmc4teH9PFOVkuNp4tEgzw2IvkaZFORCOTaeJcDpbLkcM2GdkWi81gMPEYd4PdbmVZzSZiieZkkU5kl33NYlhOZi7fxDjabWamjcllXI1sE9vKsHEsJjaTv7MZTFy7wWKtGk5sa9FwsHArB8PlWmOyWDYjx8RjmtncotfHdHFOlouNZ9-YDXe71WI32u0bs-Fut1rsRrt9h87wXX3ORs_lYO4IhUZnNhu0OQ0Kl8HinapX32hndhD9pkWnTKZWFnRGv9_v9_v9fr_f7zdoPQezQeF7Hv7C6WN5Loez0YPYoFDEEsFFOtE87H6_1yKWKE0X6USv-7tddr9kMliOFhOxRHC6SCeil_F0Uf-RQy7mks1yLhnM5pLFZpUAAAAAAAAAACzBJNNNAAAAAJwMZLac7VbrdBCj2Wg0WC0XwANcgC5gEAAAAAAAgGKNPWYwD7vf77UyAAjBbGabfUYQa7Va1gAAAASwAQAABHDTjTcBqlDc_____zgAAAAycugBAACI7wMCwoxaL_TA5VcQi8FutX8AKsRarVa3G2u1Wg!&cmcv=&pix=undefined&cb=1687751750007&uv=3290&tms=1687751750007&abt=nonrv_vA!tbt_player!ufm&ft=0&unm=WIDGET_ITEM&aure=false&agl=1&cirid=0ac5b0a4-2000-4d6a-84b3-6815e4adb8f4&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.0.5/UnitWidgetItemDesktop.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 149cc475b3e47b0387d2f935c6e5702f1dd02d9e11044065dd6aa2bec35d6e50

Request headers

Referer: https://www.sanook.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: ka-GE,ka;q=0.9

Response headers

accept-ranges: bytes
content-encoding: gzip
content-type: text/html;charset=ISO-8859-1
date: Mon, 26 Jun 2023 03:55:50 GMT
server: nginx
vary: Accept-Encoding
via: 1.1 varnish
x-cache: MISS
x-cache-hits: 0
x-served-by: cache-sof1510039-SOF
x-timer: S1687751750.071645,VS0,VE34

GET
H2 200 st
am-vid-events.taboola.com/ 0
43 B 153ms
145ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-vid-events.taboola.com/st?cijs=convusmp&ttype=45&cisd=convusmp&cipid=66361655&crid=-1&dast=V8QL8CLAYUpbN0tncZThAoSmfpbO8ynCgAAABgYED8AAksPK6JYWFaSwaDwVo0si3cwtHEs5YNF6uVaWGyGGemISCBhcc1MSxMa8lgMFiLRraFWziaeNay4WK1Mi1MFuPMNAUfxnKZDGqBhGX2-w4KyunpMbsMoqLrbbE7nGbPG5Cg6XT4XPd63e931zzsfr_XrvG7_bq_22X3SyaD5WixlwMAAACAB_____8QAAAAACIAAAAASAAAAACgEFDh34LABQAAAAAM_____xoAnjgc0MVpdnqe_gAAAAAAAgAAAIAEAEHHWgkAC6yqE___________MQboM29k_P___98w6AHw4APgQQgAAIDHEMwwPu0Hf5RlIgXSRRgBAAAA2Hp3rj4ySSeoWFT5___vtwJwBQAgALH-Ot03i-6gxFsYAAAAgTEL9LD4_WaHXeN3u8z_________v5n_M_9ohEyEH9MIzUSxq_kFBABY8wsIAMBG3QAAvAmAE3QIWjEYrM5ArlazAwAAAHDn____Xw-IWQzLyczlmxhHu83MtDG5jKuRbWJbGTaOxcRm8p5Ut-Ur9rj58j4hwjL7fQcF5fT0mF0GUdH1ttgdTrPnID5oGJaTQTQ_E7YYrSaTzXI4Wy4mg-FoOBrtjwAuB2giBsvlZLKY7Faj1Wgz3I1mgwUSiMEEUbRoMFmNRpPFZLgaTVaz5WK32yCKVq1mo81guJpNZrvdajgYLkcjNGGL0Woy2SyHs-ViMhiOhqPREMHMZjBx7QaLtWo4sa1Fw8HCrRwMl2uNyWLZjBwTj2lmc4teH9PFOVkuNp4tEgzw2IvkaZFORCOTaeJcDpbLkcM2GdkWi81gMPEYd4PdbmVZzSZiieZkkU5kl33NYlhOZi7fxDjabWamjcllXI1sE9vKsHEsJjaTv7MZTFy7wWKtGk5sa9FwsHArB8PlWmOyWDYjx8RjmtncotfHdHFOlouNZ9-YDXe71WI32u0bs-Fut1rsRrt9h87wXX3ORs_lYO4IhUZnNhu0OQ0Kl8HinapX32hndhD9pkWnTKZWFnRGv9_v9_v9fr_f7zdoPQezQeF7Hv7C6WN5Loez0YPYoFDEEsFFOtE87H6_1yKWKE0X6USv-7tddr9kMliOFhOxRHC6SCeil_F0Uf-RQy7mks1yLhnM5pLFZpUAAAAAAAAAACzBJNNNAAAAAJwMZLac7VbrdBCj2Wg0WC0XwANcgC5gEAAAAAAAgGKNPWYwD7vf77UyAAjBbGabfUYQa7Va1gAAAASwAQAABHDTjTcBqlDc_____zgAAAAycugBAACI7wMCwoxaL_TA5VcQi8FutX8AKsRarVa3G2u1Wg!&cmcv=&pix=31589837&cb=1687751750006&uv=3290&tms=1687751750006&abt=nonrv_vA!tbt_player!ufm&ft=0&unm=WIDGET_ITEM&debug=pn:!sqg:!torgn:1687751742857.2!ts:1687751750006&mntl=1
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/women/220941/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Jun 2023 03:55:50 GMT
content-length: 0
server: nginx

GET
H2 200 floors.json Show response
ads.pubmatic.com/AdServer/js/pwt/floors/155976/781/ Frame E81E 6 KB
1021 B 139ms
139ms XHR
application/json 23.32.184.192
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/pwt/floors/155976/781/floors.json
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/video/embed/clip/1537512/?playerType=video-js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.32.184.192 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-32-184-192.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: e3254293f9829d2f07914f43cca12765b51a8dd31dbcd6a9efe69f8d8cfbd364

Request headers

Referer: https://www.sanook.com/
accept-language: ka-GE,ka;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 26 Jun 2023 03:55:50 GMT
content-encoding: gzip
last-modified: Sat, 24 Jun 2023 01:24:38 GMT
server: Apache
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
access-control-allow-origin: *
content-type: application/json
cache-control: max-age=146589
access-control-allow-credentials: true
accept-ranges: bytes
content-length: 619
expires: Tue, 27 Jun 2023 20:38:59 GMT

GET
H3 200 gpt.js Show response
www.googletagservices.com/tag/js/ Frame E81E 78 KB
26 KB 160ms
159ms Script
text/javascript 172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: s.isanook.com
URL: https://s.isanook.com/sh/0/js/pubmatic_desktop.1.0.0.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f2.1e100.net

Software

cafe /

Resource Hash

c05b6abc4dd93848694fde2d42919715251e9be993e929072131a4a7330ee914

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Jun 2023 03:55:50 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 26634
x-xss-protection: 0
server: cafe
etag: 480 / 19534 / 31075547 / config-hash: 3635630053877940451
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Mon, 26 Jun 2023 03:55:50 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 697E 0
0 189ms
189ms Fetch
image/gif 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvigX5NuAqKDD9WJeODI0kTCWYu4KdUoIDDZiA5WiQSd4igTzdNunRV8updtDdNCTpzbhQbhK1b63vffvh9ZHRHCUrw5fgmdfpNF105BMI9IngsNS7MErZChSlaOJx-g20kCIbzCNZS4TJXPQewmaydtlCNstvQVpdiTgY8o8-Ta1d1eEAciu3rqc_tVXGaeZUnhQQFIOLEs7WieVi1xMyIxasYwQoSCQnOedXe_jYk37tl_BtaXC8H0ZrDWpiZ5OlB_AuWO4ZuZJ96k4v25YurKj6w8sVdw_pNE0XxsgEAtd1ySruK5M9dvDsdMMMnb_ujYBaOZ0n35P-x9dCqdlAl-M709_QcfbbLxCo7P5R21pwOzw&sai=AMfl-YSp0RJjfeM3pzcm3ZcJtw_KdguMzTLucqUsZab7CTPLtwMX1bDDtf2iU5rcHvt3NOmCLrrqqXpP7niWdAvcG3Jg11bts5kzuAihXi5QBtqtuhJPp2dAmNSghSdO3Y5wtVtp8ls7EwAGHIKR1vw5IG8&sig=Cg0ArKJSzOXKokLoXeO_EAE&uach_m=[UACH]&adurl=

Requested by

Host: www.sanook.com
URL: https://www.sanook.com/women/220941/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Jun 2023 03:55:50 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230620/r20110914/ Frame 697E 22 KB
9 KB 515ms
207ms Script
text/javascript 172.217.18.1
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230620/r20110914/abg_lite_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306200101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.1 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra02s19-in-f1.1e100.net

Software

cafe /

Resource Hash

81f66fb840c902b62f902bc4e27a6e3dee001d2f8babf5e767f78f16136ff0b7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 25 Jun 2023 18:49:13 GMT
content-encoding: br
x-content-type-options: nosniff
age: 32797
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9007
x-xss-protection: 0
server: cafe
etag: 10216374826415589524
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 09 Jul 2023 18:49:13 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230620/r20110914/client/ Frame 697E 3 KB
1 KB 509ms
201ms Script
text/javascript 172.217.18.1
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230620/r20110914/client/window_focus_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306200101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.1 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra02s19-in-f1.1e100.net

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 25 Jun 2023 19:48:41 GMT
content-encoding: br
x-content-type-options: nosniff
age: 29229
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 09 Jul 2023 19:48:41 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 697E 179 KB
56 KB 182ms
181ms Script
text/javascript 172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306200101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f2.1e100.net

Software

sffe /

Resource Hash

13b4bb0bb059eee9a7ddf5b8ae3f395e28e7f81918eeac0ec934f3d050c4d0a2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Jun 2023 03:55:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57242
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1687383875062185"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 26 Jun 2023 03:55:50 GMT

GET
H2 200 o_1gqg7713tf9asg1mu4u1f1le5i.jpg
img-as.fsanook.com/files/uploads/ads/dfp/20230302/ Frame 697E 431 KB
432 KB 2477ms
143ms Image
image/jpeg 43.152.29.14
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img-as.fsanook.com/files/uploads/ads/dfp/20230302/o_1gqg7713tf9asg1mu4u1f1le5i.jpg
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306200101/pubads_impl.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 43.152.29.14 , Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: Lego Server /
Resource Hash: baa62ae304986bf9bcacbc0a2948975c05850f217240ee26c8f1ff968a69bd42

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 18 Jun 2023 14:37:22 GMT
x-cache-lookup: Cache Hit, Hit From Inner Cluster
last-modified: Thu, 02 Mar 2023 03:52:52 GMT
server: Lego Server
age: 0
etag: "64001d94-6bb42"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=2592000
access-control-allow-credentials: true
x-nws-log-uuid: 4270950596920991629
accept-ranges: bytes
content-length: 441154
expires: Tue, 18 Jul 2023 14:37:22 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 697E 0
0 139ms
138ms Image
text/html 142.250.186.132
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSPg62qABP_ndtQQwrx_weLaidt1kz8DvupmF7lAbNcejMZtc5Gzi9Z1EIjDP8uMAOeQrZJhDk0jZ68-ZWPz--WjmuBIg
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306200101/pubads_impl.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.186.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s07-in-f4.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
DATA 200
OK truncated
/ Frame 697E 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 53fb01dd0164dfe68e4a14a16f5b3e4a034238c7429889d16dfb65cdd8fab8b2

Request headers

accept-language: ka-GE,ka;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 container.html Show response
d0d8b8e6b737a493004210cba1ad57b8.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 6917 6 KB
3 KB 131ms
130ms Document
text/html 142.250.186.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://d0d8b8e6b737a493004210cba1ad57b8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306200101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f1.1e100.net

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.sanook.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: ka-GE,ka;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 26 Jun 2023 03:55:49 GMT
expires: Tue, 25 Jun 2024 03:55:49 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame A12E 0
0 173ms
173ms Fetch
image/gif 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjst0kMUu93MNtyBSgYuPtHiERiTeGXUSM7_EjkM-krb1jeshmTYoC4jNLxuQwKNtU5fl66Y5rS5IsI18JcbP21IjqevIR4J-vPxvZHPXDwgtGz7bWNTKXxbw6gpW-MBEUHIXVGBFTgnEbcrbSpAkxtZ7zw5zNSsvJ0mEK1q4Ce1joVjHiTbKEzskof1hVxPCokk2aCBw1667KQhTy1Zl4TgTZ8IoTnnk_61fY0d0pS1duP7FpqQ4w1ElNyOdniDdUckHX9zQEcw4etaAnm-jqcjyWZSIDQReUhzqk776-4RfTj18sHeUiVkTTkSeZVUWIj9SHl_j4sN7b1sLkt37ObVwpQi4ZIzxTOUvjPnOWw&sai=AMfl-YTl_gpjqLsMyIuaNXwoAUN_I_OP-f23E7zYF5Ci7A9esRkhahiSKTgg2BftWXLL_2WUmTovSkh9lAaB-tBuLYIfexBgiL1wh1aREt4fPNHHiLBzyQqXzVuNpf_XhLkdZG3W9gpVhtXggS_E11LWsg&sig=Cg0ArKJSzOIiwJY4GqnsEAE&uach_m=[UACH]&adurl=

Requested by

Host: www.sanook.com
URL: https://www.sanook.com/women/220941/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Jun 2023 03:55:50 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230620/r20110914/ Frame A12E 22 KB
9 KB 480ms
225ms Script
text/javascript 172.217.18.1
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230620/r20110914/abg_lite_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306200101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.1 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra02s19-in-f1.1e100.net

Software

cafe /

Resource Hash

81f66fb840c902b62f902bc4e27a6e3dee001d2f8babf5e767f78f16136ff0b7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 25 Jun 2023 18:49:13 GMT
content-encoding: br
x-content-type-options: nosniff
age: 32797
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9007
x-xss-protection: 0
server: cafe
etag: 10216374826415589524
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 09 Jul 2023 18:49:13 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230620/r20110914/client/ Frame A12E 3 KB
1 KB 499ms
245ms Script
text/javascript 172.217.18.1
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230620/r20110914/client/window_focus_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306200101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.1 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra02s19-in-f1.1e100.net

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 25 Jun 2023 19:48:41 GMT
content-encoding: br
x-content-type-options: nosniff
age: 29229
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 09 Jul 2023 19:48:41 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame A12E 179 KB
56 KB 226ms
223ms Script
text/javascript 172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306200101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f2.1e100.net

Software

sffe /

Resource Hash

13b4bb0bb059eee9a7ddf5b8ae3f395e28e7f81918eeac0ec934f3d050c4d0a2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Jun 2023 03:55:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57242
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1687383875062185"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 26 Jun 2023 03:55:50 GMT

GET
H2 200 o_1eu2h4lre9sijg0k8d12mb6gjd.jpg
img-as.fsanook.com/files/uploads/ads/dfp/20210209/ Frame A12E 118 KB
118 KB 2541ms
259ms Image
image/jpeg 43.152.29.14
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img-as.fsanook.com/files/uploads/ads/dfp/20210209/o_1eu2h4lre9sijg0k8d12mb6gjd.jpg
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306200101/pubads_impl.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 43.152.29.14 , Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: Lego Server /
Resource Hash: f5d027b6bfb5b21a1c2b1dd0a73dbeb1298bd6130bf4f9c9001ba79e2555fb28

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 02:41:44 GMT
x-cache-lookup: Cache Hit, Hit From Inner Cluster
last-modified: Tue, 09 Feb 2021 04:34:43 GMT
server: Lego Server
age: 0
etag: "602210e3-1d831"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=2592000
access-control-allow-credentials: true
x-nws-log-uuid: 8563037627090852707
accept-ranges: bytes
content-length: 120881
expires: Fri, 21 Jul 2023 02:41:44 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame A12E 0
0 141ms
140ms Image
text/html 142.250.186.132
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaS4CrGPIuaRBVNo-hXIpDXOsacQDaO7CyX2OC3I9qjNtFAi36sGj19XujH-uXNpFdYO1zKBptBaaQ6P68O-I2mz7jNXRQ
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306200101/pubads_impl.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.186.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s07-in-f4.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 container.html Show response
d0d8b8e6b737a493004210cba1ad57b8.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 5380 6 KB
3 KB 139ms
138ms Document
text/html 142.250.186.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://d0d8b8e6b737a493004210cba1ad57b8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306200101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f1.1e100.net

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.sanook.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: ka-GE,ka;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 26 Jun 2023 03:55:49 GMT
expires: Tue, 25 Jun 2024 03:55:49 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame A12E 210 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f3e4c0b6a5e7ceccf3ffa1114a3192a528d1b4033658c0493b9b8beccb581335

Request headers

accept-language: ka-GE,ka;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 sync Show response
am-match.taboola.com/ Frame C6D4 439 B
524 B 162ms
152ms Document
text/html 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://am-match.taboola.com/sync?dast=V8QL8CLAYUpbN0tncZThAoSmfpbO8ynCgAAABgYED8AAksPK6JYWFaSwaDwVo0si3cwtHEs5YNF6uVaWGyGGemISCBhcc1MSxMa8lgMFiLRraFWziaeNay4WK1Mi1MFuPMNAUfxnKZDGqBhGX2-w4KyunpMbsMoqLrbbE7nGbPG5Cg6XT4XPd63e931zzsfr_XrvG7_bq_22X3SyaD5WixlwMAAACAB_____8QAAAAACIAAAAASAAAAACgEFDh34LABQAAAAAM_____xoAnjgc0MVpdnqe_gAAAAAAAgAAAIAEAEHHWgkAC6yqE___________MQboM29k_P___98w6AHw4APgQQgAAIDHEMwwPu0Hf5RlIgXSRRgBAAAA2Hp3rj4ySSeoWFT5___vtwJwBQAgALH-Ot03i-6gxFsYAAAAgTEL9LD4_WaHXeN3u8z_________v5n_M_9ohEyEH9MIzUSxq_kFBABY8wsIAMBG3QAAvAmAE3QIWjEYrM5ArlazAwAAAHDn____Xw-IWQzLyczlmxhHu83MtDG5jKuRbWJbGTaOxcRm8p5Ut-Ur9rj58j4hwjL7fQcF5fT0mF0GUdH1ttgdTrPnID5oGJaTQTQ_E7YYrSaTzXI4Wy4mg-FoOBrtjwAuB2giBsvlZLKY7Faj1Wgz3I1mgwUSiMEEUbRoMFmNRpPFZLgaTVaz5WK32yCKVq1mo81guJpNZrvdajgYLkcjNGGL0Woy2SyHs-ViMhiOhqPREMHMZjBx7QaLtWo4sa1Fw8HCrRwMl2uNyWLZjBwTj2lmc4teH9PFOVkuNp4tEgzw2IvkaZFORCOTaeJcDpbLkcM2GdkWi81gMPEYd4PdbmVZzSZiieZkkU5kl33NYlhOZi7fxDjabWamjcllXI1sE9vKsHEsJjaTv7MZTFy7wWKtGk5sa9FwsHArB8PlWmOyWDYjx8RjmtncotfHdHFOlouNZ9-YDXe71WI32u0bs-Fut1rsRrt9h87wXX3ORs_lYO4IhUZnNhu0OQ0Kl8HinapX32hndhD9pkWnTKZWFnRGv9_v9_v9fr_f7zdoPQezQeF7Hv7C6WN5Loez0YPYoFDEEsFFOtE87H6_1yKWKE0X6USv-7tddr9kMliOFhOxRHC6SCeil_F0Uf-RQy7mks1yLhnM5pLFZpUAAAAAAAAAACzBJNNNAAAAAJwMZLac7VbrdBCj2Wg0WC0XwANcgC5gEAAAAAAAgGKNPWYwD7vf77UyAAjBbGabfUYQa7Va1gAAAASwAQAABHDTjTcBqlDc_____zgAAAAycugBAACI7wMCwoxaL_TA5VcQi8FutX8AKsRarVa3G2u1Wg!&excid=22&docw=0&cijs=1&nlb=false
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.0.5/UnitWidgetItemDesktop.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: 1fa2366a889f680dcbc1e269b5c5046842af9078df3106d7be8a29c1b397740a

Request headers

Referer: https://www.sanook.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: ka-GE,ka;q=0.9

Response headers

content-type: text/html;charset=ISO-8859-1
date: Mon, 26 Jun 2023 03:55:50 GMT
machineid: 3407
server: nginx

GET
H2 204 b
sb.scorecardresearch.com/ Frame E81E 0
319 B 143ms
143ms Image
text/plain 13.32.99.90
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b?c1=2&c2=14617386&cs_it=b9&cv=4.0.0%2B2301240627&ns__t=1687751750233&ns_c=UTF-8&ns_if=1&c7=https%3A%2F%2Fwww.sanook.com%2Fvideo%2Fembed%2Fclip%2F1537512%2F%3FplayerType%3Dvideo-js&c8=%E0%B8%A3%E0%B8%B2%E0%B8%A8%E0%B8%B5%E0%B8%97%E0%B8%B5%E0%B9%88%E0%B8%A1%E0%B8%B5%E0%B9%80%E0%B8%81%E0%B8%93%E0%B8%91%E0%B9%8C%20%E0%B9%80%E0%B8%94%E0%B8%B4%E0%B8%99%E0%B8%97%E0%B8%B2%E0%B8%87%E0%B9%81%E0%B8%A5%E0%B9%89%E0%B8%A7%E0%B8%94%E0%B8%B5%20%E0%B9%84%E0%B8%94%E0%B9%89%E0%B8%87%E0%B8%B2%E0%B8%99%E0%B9%83%E0%B8%AB%E0%B8%A1%E0%B9%88%E0%B9%86%20%3AEmbed%20Video&c9=https%3A%2F%2Fwww.sanook.com%2Fwomen%2F220941%2F
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/video/embed/clip/1537512/?playerType=video-js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-90.fra60.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Jun 2023 03:55:50 GMT
via: 1.1 544814e402956ba93c0a2d2b923e94c2.cloudfront.net (CloudFront)
accept-ch: UA, Platform, Arch, Model, Mobile
x-amz-cf-pop: FRA60-P3
x-amz-cf-id: KMBua4R2lj7v0gvGvYb4doUJE5k92lpAq1DyR2DR5Vr9uFioQ9r6cg==
x-cache: Miss from cloudfront

POST
H2 204 bulk Show response
trc.taboola.com/sanook/log/3/ 0
426 B 330ms
330ms XHR
image/gif 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/sanook/log/3/bulk?route=AM%3AIL%3AV&lti=vis-state-roll-disabled_ctrl&bulkSize=12
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/women/220941/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.sanook.com/
accept-language: ka-GE,ka;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-vcl-time-ms: 114
date: Mon, 26 Jun 2023 03:55:50 GMT
via: 1.1 varnish
x-fastly-to-nlb-rtt: 94289
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version: v2
x-served-by: cache-sof1510039-SOF
pragma: no-cache
server: nginx
x-timer: S1687751750.380567,VS0,VE114
content-type: image/gif
access-control-allow-origin: https://www.sanook.com
cache-control: no-cache
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 0

GET
H2

200

esp Show response
oajs.openx.net/
Redirect Chain

https://oajs.openx.net/esp?url=https%3A%2F%2Fwww.sanook.com%2Fwomen%2F220941%2F&rid=esp
https://oajs.openx.net/esp?url=https%3A%2F%2Fwww.sanook.com%2Fwomen%2F220941%2F&rid=esp&cc=1

85 B
202 B

282ms
246ms

Fetch
application/json

34.120.135.53
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://oajs.openx.net/esp?url=https%3A%2F%2Fwww.sanook.com%2Fwomen%2F220941%2F&rid=esp&cc=1
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/women/220941/
Protocol: H2
Server: 34.120.135.53 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 53.135.120.34.bc.googleusercontent.com
Software: / Express
Resource Hash: ef940b8a82212c719d5e6773f6300182c562347e486fc6c355476af17fa0087a

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Jun 2023 03:55:51 GMT
via: 1.1 google
x-powered-by: Express
etag: W/"55-XgRPBeuqFaPaVd9YdscMckTOUZg"
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.sanook.com
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 85

Redirect headers

date: Mon, 26 Jun 2023 03:55:50 GMT
via: 1.1 google
x-powered-by: Express
vary: Origin
access-control-allow-origin: https://www.sanook.com
location: /esp?url=https%3A%2F%2Fwww.sanook.com%2Fwomen%2F220941%2F&rid=esp&cc=1
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2

200

/
trc.taboola.com/sg/thetradedesk-network/1/rtb-h/ Frame 8E15
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?gdpr=0&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
https://match.adsrvr.org/track/cmb/generic?gdpr=0&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=5e7202d9-6874-499f-945e-f77f754f1896

0
64 B

216ms
212ms

Image
text/plain

151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=5e7202d9-6874-499f-945e-f77f754f1896
Requested by: Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V8QL8CLAYUpbN0tncZThAoSmfpbO8ynCgAAABgYED8AAksPK6JYWFaSwaDwVo0si3cwtHEs5YNF6uVaWGyGGemISCBhcc1MSxMa8lgMFiLRraFWziaeNay4WK1Mi1MFuPMNAUfxnKZDGqBhGX2-w4KyunpMbsMoqLrbbE7nGbPG5Cg6XT4XPd63e931zzsfr_XrvG7_bq_22X3SyaD5WixlwMAAACAB_____8QAAAAACIAAAAASAAAAACgEFDh34LABQAAAAAM_____xoAnjgc0MVpdnqe_gAAAAAAAgAAAIAEAEHHWgkAC6yqE___________MQboM29k_P___98w6AHw4APgQQgAAIDHEMwwPu0Hf5RlIgXSRRgBAAAA2Hp3rj4ySSeoWFT5___vtwJwBQAgALH-Ot03i-6gxFsYAAAAgTEL9LD4_WaHXeN3u8z_________v5n_M_9ohEyEH9MIzUSxq_kFBABY8wsIAMBG3QAAvAmAE3QIWjEYrM5ArlazAwAAAHDn____Xw-IWQzLyczlmxhHu83MtDG5jKuRbWJbGTaOxcRm8p5Ut-Ur9rj58j4hwjL7fQcF5fT0mF0GUdH1ttgdTrPnID5oGJaTQTQ_E7YYrSaTzXI4Wy4mg-FoOBrtjwAuB2giBsvlZLKY7Faj1Wgz3I1mgwUSiMEEUbRoMFmNRpPFZLgaTVaz5WK32yCKVq1mo81guJpNZrvdajgYLkcjNGGL0Woy2SyHs-ViMhiOhqPREMHMZjBx7QaLtWo4sa1Fw8HCrRwMl2uNyWLZjBwTj2lmc4teH9PFOVkuNp4tEgzw2IvkaZFORCOTaeJcDpbLkcM2GdkWi81gMPEYd4PdbmVZzSZiieZkkU5kl33NYlhOZi7fxDjabWamjcllXI1sE9vKsHEsJjaTv7MZTFy7wWKtGk5sa9FwsHArB8PlWmOyWDYjx8RjmtncotfHdHFOlouNZ9-YDXe71WI32u0bs-Fut1rsRrt9h87wXX3ORs_lYO4IhUZnNhu0OQ0Kl8HinapX32hndhD9pkWnTKZWFnRGv9_v9_v9fr_f7zdoPQezQeF7Hv7C6WN5Loez0YPYoFDEEsFFOtE87H6_1yKWKE0X6USv-7tddr9kMliOFhOxRHC6SCeil_F0Uf-RQy7mks1yLhnM5pLFZpUAAAAAAAAAACzBJNNNAAAAAJwMZLac7VbrdBCj2Wg0WC0XwANcgC5gEAAAAAAAgGKNPWYwD7vf77UyAAjBbGabfUYQa7Va1gAAAASwAQAABHDTjTcBqlDc_____zgAAAAycugBAACI7wMCwoxaL_TA5VcQi8FutX8AKsRarVa3G2u1Wg!&cmcv=&pix=undefined&cb=1687751750007&uv=3290&tms=1687751750007&abt=nonrv_vA!tbt_player!ufm&ft=0&unm=WIDGET_ITEM&aure=false&agl=1&cirid=0ac5b0a4-2000-4d6a-84b3-6815e4adb8f4&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol: H2
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://imprammp.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 94
date: Mon, 26 Jun 2023 03:55:51 GMT
via: 1.1 varnish
x-served-by: cache-sof1510039-SOF
server: nginx
x-timer: S1687751752.607452,VS0,VE94
x-fastly-to-nlb-rtt: 92090
x-cache: MISS
accept-ranges: bytes
content-length: 0
x-service-version: v2
x-cache-hits: 0

Redirect headers

pragma: no-cache
date: Mon, 26 Jun 2023 03:55:51 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=5e7202d9-6874-499f-945e-f77f754f1896
content-type: text/html
cache-control: private,no-cache, must-revalidate
content-length: 239

GET
H2

200

/
sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/ Frame 8E15
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/taboola/330b5701-58b6-480a-9089-cdb23d1bc4ff-tuctb9291c3?gdpr=0&us_privacy=1---
https://sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/?taboola_hm=y-RqpMTslE2oRFMEhOlckt7hMEiauwYOXQTgAVFw--~A

0
230 B

185ms
149ms

Image
text/plain

141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/?taboola_hm=y-RqpMTslE2oRFMEhOlckt7hMEiauwYOXQTgAVFw--~A
Requested by: Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V8QL8CLAYUpbN0tncZThAoSmfpbO8ynCgAAABgYED8AAksPK6JYWFaSwaDwVo0si3cwtHEs5YNF6uVaWGyGGemISCBhcc1MSxMa8lgMFiLRraFWziaeNay4WK1Mi1MFuPMNAUfxnKZDGqBhGX2-w4KyunpMbsMoqLrbbE7nGbPG5Cg6XT4XPd63e931zzsfr_XrvG7_bq_22X3SyaD5WixlwMAAACAB_____8QAAAAACIAAAAASAAAAACgEFDh34LABQAAAAAM_____xoAnjgc0MVpdnqe_gAAAAAAAgAAAIAEAEHHWgkAC6yqE___________MQboM29k_P___98w6AHw4APgQQgAAIDHEMwwPu0Hf5RlIgXSRRgBAAAA2Hp3rj4ySSeoWFT5___vtwJwBQAgALH-Ot03i-6gxFsYAAAAgTEL9LD4_WaHXeN3u8z_________v5n_M_9ohEyEH9MIzUSxq_kFBABY8wsIAMBG3QAAvAmAE3QIWjEYrM5ArlazAwAAAHDn____Xw-IWQzLyczlmxhHu83MtDG5jKuRbWJbGTaOxcRm8p5Ut-Ur9rj58j4hwjL7fQcF5fT0mF0GUdH1ttgdTrPnID5oGJaTQTQ_E7YYrSaTzXI4Wy4mg-FoOBrtjwAuB2giBsvlZLKY7Faj1Wgz3I1mgwUSiMEEUbRoMFmNRpPFZLgaTVaz5WK32yCKVq1mo81guJpNZrvdajgYLkcjNGGL0Woy2SyHs-ViMhiOhqPREMHMZjBx7QaLtWo4sa1Fw8HCrRwMl2uNyWLZjBwTj2lmc4teH9PFOVkuNp4tEgzw2IvkaZFORCOTaeJcDpbLkcM2GdkWi81gMPEYd4PdbmVZzSZiieZkkU5kl33NYlhOZi7fxDjabWamjcllXI1sE9vKsHEsJjaTv7MZTFy7wWKtGk5sa9FwsHArB8PlWmOyWDYjx8RjmtncotfHdHFOlouNZ9-YDXe71WI32u0bs-Fut1rsRrt9h87wXX3ORs_lYO4IhUZnNhu0OQ0Kl8HinapX32hndhD9pkWnTKZWFnRGv9_v9_v9fr_f7zdoPQezQeF7Hv7C6WN5Loez0YPYoFDEEsFFOtE87H6_1yKWKE0X6USv-7tddr9kMliOFhOxRHC6SCeil_F0Uf-RQy7mks1yLhnM5pLFZpUAAAAAAAAAACzBJNNNAAAAAJwMZLac7VbrdBCj2Wg0WC0XwANcgC5gEAAAAAAAgGKNPWYwD7vf77UyAAjBbGabfUYQa7Va1gAAAASwAQAABHDTjTcBqlDc_____zgAAAAycugBAACI7wMCwoxaL_TA5VcQi8FutX8AKsRarVa3G2u1Wg!&cmcv=&pix=undefined&cb=1687751750007&uv=3290&tms=1687751750007&abt=nonrv_vA!tbt_player!ufm&ft=0&unm=WIDGET_ITEM&aure=false&agl=1&cirid=0ac5b0a4-2000-4d6a-84b3-6815e4adb8f4&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol: H2
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://imprammp.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Jun 2023 03:55:51 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 73499

Redirect headers

date: Mon, 26 Jun 2023 03:55:50 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/?taboola_hm=y-RqpMTslE2oRFMEhOlckt7hMEiauwYOXQTgAVFw--~A
content-length: 0

GET
H2

200

rtb-h
sync-t1.taboola.com/sg/bidswitch-network/1/ Frame 8E15
Redirect Chain

https://x.bidswitch.net/sync?gdpr=0&us_privacy=1---&ssp=taboola
https://x.bidswitch.net/ul_cb/sync?gdpr=0&us_privacy=1---&ssp=taboola
https://u.ipw.metadsp.co.uk/sync?ssp=bidswitch&bidswitch_ssp_id=taboola&bsw_user_id=${BSW_USER_UD}&bsw_param=c34bfbe5-d3c8-4220-bb90-84a9e8560152&gdpr=0&gdpr_consent=&gdpr_pd=&us_privacy=1---
https://u.ipw.metadsp.co.uk/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=taboola&bsw_user_id=${BSW_USER_UD}&bsw_param=c34bfbe5-d3c8-4220-bb90-84a9e8560152&gdpr=0&gdpr_consent=&gdpr_pd=&us_privacy=1---
https://x.bidswitch.net/sync?dsp_id=339&expires=14&gdpr=0&gdpr_consent=&user_group=1&user_id=899a20bf-5e43-4182-9f5b-3c7dccf63804&ssp=taboola&bsw_param=c34bfbe5-d3c8-4220-bb90-84a9e8560152
https://sync-t1.taboola.com/sg/bidswitch-network/1/rtb-h?taboola_hm=c34bfbe5-d3c8-4220-bb90-84a9e8560152&gdpr=0&gdpr_consent=&gdpr_pd=&us_privacy=

0
231 B

144ms
143ms

Image
text/plain

141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync-t1.taboola.com/sg/bidswitch-network/1/rtb-h?taboola_hm=c34bfbe5-d3c8-4220-bb90-84a9e8560152&gdpr=0&gdpr_consent=&gdpr_pd=&us_privacy=
Requested by: Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V8QL8CLAYUpbN0tncZThAoSmfpbO8ynCgAAABgYED8AAksPK6JYWFaSwaDwVo0si3cwtHEs5YNF6uVaWGyGGemISCBhcc1MSxMa8lgMFiLRraFWziaeNay4WK1Mi1MFuPMNAUfxnKZDGqBhGX2-w4KyunpMbsMoqLrbbE7nGbPG5Cg6XT4XPd63e931zzsfr_XrvG7_bq_22X3SyaD5WixlwMAAACAB_____8QAAAAACIAAAAASAAAAACgEFDh34LABQAAAAAM_____xoAnjgc0MVpdnqe_gAAAAAAAgAAAIAEAEHHWgkAC6yqE___________MQboM29k_P___98w6AHw4APgQQgAAIDHEMwwPu0Hf5RlIgXSRRgBAAAA2Hp3rj4ySSeoWFT5___vtwJwBQAgALH-Ot03i-6gxFsYAAAAgTEL9LD4_WaHXeN3u8z_________v5n_M_9ohEyEH9MIzUSxq_kFBABY8wsIAMBG3QAAvAmAE3QIWjEYrM5ArlazAwAAAHDn____Xw-IWQzLyczlmxhHu83MtDG5jKuRbWJbGTaOxcRm8p5Ut-Ur9rj58j4hwjL7fQcF5fT0mF0GUdH1ttgdTrPnID5oGJaTQTQ_E7YYrSaTzXI4Wy4mg-FoOBrtjwAuB2giBsvlZLKY7Faj1Wgz3I1mgwUSiMEEUbRoMFmNRpPFZLgaTVaz5WK32yCKVq1mo81guJpNZrvdajgYLkcjNGGL0Woy2SyHs-ViMhiOhqPREMHMZjBx7QaLtWo4sa1Fw8HCrRwMl2uNyWLZjBwTj2lmc4teH9PFOVkuNp4tEgzw2IvkaZFORCOTaeJcDpbLkcM2GdkWi81gMPEYd4PdbmVZzSZiieZkkU5kl33NYlhOZi7fxDjabWamjcllXI1sE9vKsHEsJjaTv7MZTFy7wWKtGk5sa9FwsHArB8PlWmOyWDYjx8RjmtncotfHdHFOlouNZ9-YDXe71WI32u0bs-Fut1rsRrt9h87wXX3ORs_lYO4IhUZnNhu0OQ0Kl8HinapX32hndhD9pkWnTKZWFnRGv9_v9_v9fr_f7zdoPQezQeF7Hv7C6WN5Loez0YPYoFDEEsFFOtE87H6_1yKWKE0X6USv-7tddr9kMliOFhOxRHC6SCeil_F0Uf-RQy7mks1yLhnM5pLFZpUAAAAAAAAAACzBJNNNAAAAAJwMZLac7VbrdBCj2Wg0WC0XwANcgC5gEAAAAAAAgGKNPWYwD7vf77UyAAjBbGabfUYQa7Va1gAAAASwAQAABHDTjTcBqlDc_____zgAAAAycugBAACI7wMCwoxaL_TA5VcQi8FutX8AKsRarVa3G2u1Wg!&cmcv=&pix=undefined&cb=1687751750007&uv=3290&tms=1687751750007&abt=nonrv_vA!tbt_player!ufm&ft=0&unm=WIDGET_ITEM&aure=false&agl=1&cirid=0ac5b0a4-2000-4d6a-84b3-6815e4adb8f4&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol: H2
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://imprammp.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Jun 2023 03:55:59 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 73480

Redirect headers

location: //sync-t1.taboola.com/sg/bidswitch-network/1/rtb-h?taboola_hm=c34bfbe5-d3c8-4220-bb90-84a9e8560152&gdpr=0&gdpr_consent=&gdpr_pd=&us_privacy=
date: Mon, 26 Jun 2023 03:55:59 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

POST
H2 200 VideoBidRequestHandlerServlet Show response
wf.taboola.com/ 2 KB
690 B 701ms
700ms XHR
application/json 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://wf.taboola.com/VideoBidRequestHandlerServlet?oid=15&width=357&height=200&pubid=169497&tagid=953497&crid=-1&noaop=3&sortOrderType=0&cb=1687751750314&mimes=5,10,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=1&pv=134538391&pt=-1354455745&tz=0&viewable=true&ddast=V8QL8CLAYUpbN0tncZThAoSmfpbO8ynCgAAABgYED8AAksPK6JYWFaSwaDwVo0si3cwtHEs5YNF6uVaWGyGGemISCBhcc1MSxMa8lgMFiLRraFWziaeNay4WK1Mi1MFuPMNAUfxnKZDGqBhGX2-w4KyunpMbsMoqLrbbE7nGbPG5Cg6XT4XPd63e931zzsfr_XrvG7_bq_22X3SyaD5WixlwMAAACAB_____8QAAAAACIAAAAASAAAAACgEFDh34LABQAAAAAM_____xoAnjgc0MVpdnqe_gAAAAAAAgAAAIAEAEHHWgkAC6yqE___________MQboM29k_P___98w6AHw4APgQQgAAIDHEMwwPu0Hf5RlIgXSRRgBAAAA2Hp3rj4ySSeoWFT5___vtwJwBQAgALH-Ot03i-6gxFsYAAAAgTEL9LD4_WaHXeN3u8z_________v5n_M_9ohEyEH9MIzUSxq_kFBABY8wsIAMBG3QAAvAmAE3QIWjEYrM5ArlazAwAAAHDn____Xw-IWQzLyczlmxhHu83MtDG5jKuRbWJbGTaOxcRm8p5Ut-Ur9rj58j4hwjL7fQcF5fT0mF0GUdH1ttgdTrPnID5oGJaTQTQ_E7YYrSaTzXI4Wy4mg-FoOBrtjwAuB2giBsvlZLKY7Faj1Wgz3I1mgwUSiMEEUbRoMFmNRpPFZLgaTVaz5WK32yCKVq1mo81guJpNZrvdajgYLkcjNGGL0Woy2SyHs-ViMhiOhqPREMHMZjBx7QaLtWo4sa1Fw8HCrRwMl2uNyWLZjBwTj2lmc4teH9PFOVkuNp4tEgzw2IvkaZFORCOTaeJcDpbLkcM2GdkWi81gMPEYd4PdbmVZzSZiieZkkU5kl33NYlhOZi7fxDjabWamjcllXI1sE9vKsHEsJjaTv7MZTFy7wWKtGk5sa9FwsHArB8PlWmOyWDYjx8RjmtncotfHdHFOlouNZ9-YDXe71WI32u0bs-Fut1rsRrt9h87wXX3ORs_lYO4IhUZnNhu0OQ0Kl8HinapX32hndhD9pkWnTKZWFnRGv9_v9_v9fr_f7zdoPQezQeF7Hv7C6WN5Loez0YPYoFDEEsFFOtE87H6_1yKWKE0X6USv-7tddr9kMliOFhOxRHC6SCeil_F0Uf-RQy7mks1yLhnM5pLFZpUAAAAAAAAAACzBJNNNAAAAAJwMZLac7VbrdBCj2Wg0WC0XwANcgC5gEAAAAAAAgGKNPWYwD7vf77UyAAjBbGabfUYQa7Va1gAAAASwAQAABHDTjTcBqlDc_____zgAAAAycugBAACI7wMCwoxaL_TA5VcQi8FutX8AKsRarVa3G2u1Wg!&proto=2,3,5,6&encoded=1&pstn=vforce2&callback=&wfv=1&amp=0&qsz=6&ft=0&pb=0&pagg=1&sd=undefined&ctsldr=0&dtagid=1464405&dpubid=269675&abtst=nonrv_vA!tbt_player!ufm&mPre=0.033&cirf=https%3A%2F%2Fwww.sanook.com&en=1
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/women/220941/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 0f24144d2a5d74b60d92c39538d244d619bab0e0b3cf28780f0455c4c6f09a3e

Request headers

Referer: https://www.sanook.com/
accept-language: ka-GE,ka;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type: text/plain

Response headers

x-cache-hits: 0
date: Mon, 26 Jun 2023 03:55:50 GMT
content-encoding: gzip
via: 1.1 varnish
machineid: 1446
x-cache: MISS
x-served-by: cache-sof1510039-SOF
pragma: no-cache
server: nginx
x-timer: S1687751750.387279,VS0,VE559
vary: Accept-Encoding
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.sanook.com
cache-control: no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
access-control-allow-credentials: true
accept-ranges: bytes
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 3D0E 0
0 184ms
184ms Fetch
text/html 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=C_cJnRQyZZOLEF5-17_UP5c6SUKPQ5tRwyfjB39YQwI23ARABIABgjfLSA4IBF2NhLXB1Yi02MTY3MjM4NzEyNzI5MDMyyAEJ4AIAqAMByAMCqgSNAk_QTpU2zGof29Mw1JTPn-6GAZw87gPNbscsCS5G0otl-0gTZXYGQ8pywF4H4zhVZBqZTLmb54Z83dlbtFuFJuhzDEPepiYCpOCymBFrxBbnvbgTd8hk3AUoB3UUGCmAyFxA8EQvDnre6hyXPwlN6WSCkJAIIimFJbP0Bl9XDGQzsUYKuC4NQ6DOVMYsarY03k9gwW4PtUw50Uz4lIJtBdEerOpnOIlCbQ9hSIV-fXA9RcIQq6gOOnvCLAwLgWqu7nbNczA0xckORqnQflXWh8eiVr0lF07_KNol2DIzsoNkCiTizIvYgkbku4xDjYBID782QUsvKmrot6EztLJ0Pw6ouh6mwi6MSvN92C_M4AQBgAak_NHPn8jYwBugBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQIAKA_oLAggBgAwB0BUBgBcBshccChoSFHB1Yi02MTY3MjM4NzEyNzI5MDMyGPeBEA&sigh=QvKhnumvUYI&uach_m=[UACH]&cid=CAQSTgBygQiDt9XT_z-Wx_hRNMK7mpcmYMeUbRQWS4CGqZ0Ruov1w5WfvMc1FRei9FUimcaFVvMuz0UlzsqwJGu7JvTQlB2vLBOYACGZjsYq-RgB
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/women/220941/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s07-in-f2.1e100.net
Software: /
Resource Hash

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://d0d8b8e6b737a493004210cba1ad57b8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 doubleWin Show response
win.eskimi.com/ Frame 3D0E 43 B
99 B 538ms
148ms Fetch
image/gif 130.211.27.62
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://win.eskimi.com/doubleWin?eid=2&w=EiEKFkFUa2FPOElHRDFGYzBjaWNFT3RqNmcQAhjo3t-ujzEYBSCAnL_fBTEfhetRuB7FP0EpXI_C9Si8P0jL97LyRFjbkQpoAnDYnwJ4grUpgAEGmgEbQ0FFU0VMdWU2WHBidTRiUXM2dGVyNDVsbHBnogEbQ0FFU0VMdWU2WHBidTRiUXM2dGVyNDVsbHBnqQHy0k1iEFjJP7IBESACOgd0YmlsaXNpQgJnZUgBwgEmCAIQzPpAGMrf6f8GIAEox4UBMAU4CFiZtEFoBHABeAKIAQGQAQHKASBmMzRlOTY5OTVkZGYzZmY1ZWIxYmZkZTEzOGNmZTI5Y9gBge_qi6Lm0umWAeEBAAAAAADAUEDqAQJ0aPAB3wyAAgE%3D&esc=false&spent=ZJkMRQAF4mIIu9qfAASnZVTEOLRlQFPiOHsjZg
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/women/220941/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 130.211.27.62 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 62.27.211.130.bc.googleusercontent.com
Software: /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://d0d8b8e6b737a493004210cba1ad57b8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Jun 2023 03:55:50 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: image/gif

GET
H2 200 style.css
dsp-media.eskimi.com/upload/rich-media-templates/3d_triangle_templates_v2/728x90/css/ Frame 3D0E 4 KB
2 KB 559ms
160ms Stylesheet
text/css 138.199.36.11
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL

https://dsp-media.eskimi.com/upload/rich-media-templates/3d_triangle_templates_v2/728x90/css/style.css

Requested by

Host: d0d8b8e6b737a493004210cba1ad57b8.safeframe.googlesyndication.com
URL: https://d0d8b8e6b737a493004210cba1ad57b8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

138.199.36.11 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),

Reverse DNS

138-199-36-11.bunnyinfra.net

Software

BunnyCDN-DE1-1054 /

Resource Hash

c46acc09443d7466e26efd2eb3993d5198bbee208e3f8f85aafc8ee6266888e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://d0d8b8e6b737a493004210cba1ad57b8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

expires: Wed, 28 Feb 2024 21:56:30 GMT
date: Mon, 26 Jun 2023 03:55:50 GMT
content-encoding: br
x-content-type-options: nosniff
cdn-edgestorageid: 1047
cdn-cachedat: 02/28/2023 21:56:30
cdn-pullzone: 692289
last-modified: Thu, 08 Dec 2022 11:43:25 GMT
server: BunnyCDN-DE1-1054
cdn-proxyver: 1.03
cdn-requestpullcode: 200
etag: W/"6391cddd-e53"
vary: Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: ce2848ff-13c5-49e5-873d-af24ad423612
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31536000
cdn-requestid: 6904f8256812785bcd2305f8aa839866
cdn-requestcountrycode: GE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 Draggable.min.js Show response
dsp-media.eskimi.com/upload/rich-media-templates/3d_triangle_templates_v2/728x90/js/ Frame 3D0E 36 KB
15 KB 754ms
356ms Script
application/javascript 138.199.36.11
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL

https://dsp-media.eskimi.com/upload/rich-media-templates/3d_triangle_templates_v2/728x90/js/Draggable.min.js

Requested by

Host: d0d8b8e6b737a493004210cba1ad57b8.safeframe.googlesyndication.com
URL: https://d0d8b8e6b737a493004210cba1ad57b8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

138.199.36.11 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),

Reverse DNS

138-199-36-11.bunnyinfra.net

Software

BunnyCDN-DE1-1054 /

Resource Hash

fe3f7794bc945b1a644b921564ace0be833c472cd156fc98ecae3ab3e3732620

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://d0d8b8e6b737a493004210cba1ad57b8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

expires: Wed, 28 Feb 2024 21:56:30 GMT
date: Mon, 26 Jun 2023 03:55:50 GMT
content-encoding: br
x-content-type-options: nosniff
cdn-edgestorageid: 1049
cdn-cachedat: 02/28/2023 21:56:30
cdn-pullzone: 692289
last-modified: Thu, 08 Dec 2022 11:43:25 GMT
server: BunnyCDN-DE1-1054
cdn-proxyver: 1.03
cdn-requestpullcode: 200
etag: W/"6391cddd-8f95"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: ce2848ff-13c5-49e5-873d-af24ad423612
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31536000
cdn-requestid: f8f9390ed320aa0ad613eb5c35990357
cdn-requestcountrycode: GE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 TweenMax.min.js Show response
dsp-media.eskimi.com/upload/rich-media-templates/3d_triangle_templates_v2/728x90/js/ Frame 3D0E 141 KB
40 KB 573ms
175ms Script
application/javascript 138.199.36.11
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL

https://dsp-media.eskimi.com/upload/rich-media-templates/3d_triangle_templates_v2/728x90/js/TweenMax.min.js

Requested by

Host: d0d8b8e6b737a493004210cba1ad57b8.safeframe.googlesyndication.com
URL: https://d0d8b8e6b737a493004210cba1ad57b8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

138.199.36.11 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),

Reverse DNS

138-199-36-11.bunnyinfra.net

Software

BunnyCDN-DE1-1054 /

Resource Hash

ce51cfdb7249f9a7e8c969c6dfe27aa51545fca9a692dca2ab9b36907f402ce5

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://d0d8b8e6b737a493004210cba1ad57b8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

expires: Tue, 30 Apr 2024 14:48:30 GMT
date: Mon, 26 Jun 2023 03:55:50 GMT
content-encoding: br
x-content-type-options: nosniff
cdn-edgestorageid: 1048
cdn-cachedat: 05/01/2023 14:48:30
cdn-pullzone: 692289
last-modified: Thu, 08 Dec 2022 11:43:25 GMT
server: BunnyCDN-DE1-1054
cdn-proxyver: 1.03
cdn-requestpullcode: 200
etag: W/"6391cddd-233c4"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: ce2848ff-13c5-49e5-873d-af24ad423612
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31536000
cdn-requestid: f88d3c2dc48b8ee0a036b4aacf6e7438
cdn-requestcountrycode: GE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 cap
dsp-trk.eskimi.com/ Frame 3D0E 43 B
162 B 531ms
145ms Image
image/gif 34.120.139.69
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsp-trk.eskimi.com/cap?id=CAESELue6Xpbu4bQs6ter45llpg&dc=5&tz=%2B04:00&sgid=18493520843&pid=1878683594&cid=166107&crid=1071641
Requested by: Host: d0d8b8e6b737a493004210cba1ad57b8.safeframe.googlesyndication.com
URL: https://d0d8b8e6b737a493004210cba1ad57b8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.120.139.69 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 69.139.120.34.bc.googleusercontent.com
Software: /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://d0d8b8e6b737a493004210cba1ad57b8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Jun 2023 03:55:49 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: image/gif

GET
H2 200 drag-icon.png
dsp-media.eskimi.com/upload/rich-media-templates/3d_triangle_templates_v2/728x90/images/ Frame 3D0E 4 KB
4 KB 755ms
358ms Image
image/png 138.199.36.11
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsp-media.eskimi.com/upload/rich-media-templates/3d_triangle_templates_v2/728x90/images/drag-icon.png
Requested by: Host: d0d8b8e6b737a493004210cba1ad57b8.safeframe.googlesyndication.com
URL: https://d0d8b8e6b737a493004210cba1ad57b8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 138.199.36.11 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: 138-199-36-11.bunnyinfra.net
Software: BunnyCDN-DE1-1054 /
Resource Hash: a36082e197b71679f6d96df8cb3ee52c9122215b5cc08c0da6b224a905b2806d

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://d0d8b8e6b737a493004210cba1ad57b8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

cdn-requestpullsuccess: True
date: Mon, 26 Jun 2023 03:55:50 GMT
cdn-edgestorageid: 1054
cdn-cachedat: 02/28/2023 21:56:30
cdn-pullzone: 692289
content-length: 4102
last-modified: Thu, 08 Dec 2022 11:43:25 GMT
server: BunnyCDN-DE1-1054
cdn-proxyver: 1.03
cdn-requestpullcode: 200
etag: "6391cddd-1006"
content-type: image/png
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: ce2848ff-13c5-49e5-873d-af24ad423612
cache-control: public, max-age=31536000
cdn-requestid: 286ab665aedb79ea6acec6b374551fbc
accept-ranges: bytes
cdn-requestcountrycode: GE
cdn-status: 200
expires: Wed, 28 Feb 2024 21:56:30 GMT

GET
H2 200 code.js Show response
dsp-media.eskimi.com/upload/rich-media-templates/3d_triangle_templates_v2/728x90/js/ Frame 3D0E 14 KB
5 KB 752ms
354ms Script
application/javascript 138.199.36.11
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL

https://dsp-media.eskimi.com/upload/rich-media-templates/3d_triangle_templates_v2/728x90/js/code.js

Requested by

Host: d0d8b8e6b737a493004210cba1ad57b8.safeframe.googlesyndication.com
URL: https://d0d8b8e6b737a493004210cba1ad57b8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

138.199.36.11 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),

Reverse DNS

138-199-36-11.bunnyinfra.net

Software

BunnyCDN-DE1-1054 /

Resource Hash

ed066772097670e2a506f803ad669d07000d59d64f596416ef5349c09516d170

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://d0d8b8e6b737a493004210cba1ad57b8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

expires: Wed, 28 Feb 2024 21:56:30 GMT
date: Mon, 26 Jun 2023 03:55:50 GMT
content-encoding: br
x-content-type-options: nosniff
cdn-edgestorageid: 1049
cdn-cachedat: 02/28/2023 21:56:30
cdn-pullzone: 692289
last-modified: Thu, 08 Dec 2022 11:43:25 GMT
server: BunnyCDN-DE1-1054
cdn-proxyver: 1.03
cdn-requestpullcode: 200
etag: W/"6391cddd-36c0"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: ce2848ff-13c5-49e5-873d-af24ad423612
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31536000
cdn-requestid: cd301101dff83a44e9abccff6971a9f6
cdn-requestcountrycode: GE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 ad-choice.min.js Show response
dsp-media.eskimi.com/assets/js/e/ Frame 3D0E 3 KB
2 KB 752ms
355ms Script
application/javascript 138.199.36.11
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL

https://dsp-media.eskimi.com/assets/js/e/ad-choice.min.js?_=2.1.0.9

Requested by

Host: d0d8b8e6b737a493004210cba1ad57b8.safeframe.googlesyndication.com
URL: https://d0d8b8e6b737a493004210cba1ad57b8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

138.199.36.11 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),

Reverse DNS

138-199-36-11.bunnyinfra.net

Software

BunnyCDN-DE1-1054 /

Resource Hash

cdc7862ae6f3ae80124d8c672dc6d7a4d892ba42f7d651dbf0bd74d1d9e353ad

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://d0d8b8e6b737a493004210cba1ad57b8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

expires: Sat, 15 Jun 2024 07:16:58 GMT
date: Mon, 26 Jun 2023 03:55:50 GMT
content-encoding: br
x-content-type-options: nosniff
cdn-edgestorageid: 1054
cdn-cachedat: 06/16/2023 07:16:58
cdn-pullzone: 692289
last-modified: Mon, 14 Nov 2022 14:24:28 GMT
server: BunnyCDN-DE1-1054
cdn-proxyver: 1.03
cdn-requestpullcode: 200
etag: W/"63724f9c-bdd"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: ce2848ff-13c5-49e5-873d-af24ad423612
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31536000
cdn-requestid: a2e29bfd44d12394a1c7369f41415af6
cdn-requestcountrycode: GE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 cellularTracking.min.js Show response
dsp-media.eskimi.com/assets/js/e/ Frame 3D0E 803 B
1 KB 754ms
356ms Script
application/javascript 138.199.36.11
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL

https://dsp-media.eskimi.com/assets/js/e/cellularTracking.min.js?v=1

Requested by

Host: d0d8b8e6b737a493004210cba1ad57b8.safeframe.googlesyndication.com
URL: https://d0d8b8e6b737a493004210cba1ad57b8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

138.199.36.11 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),

Reverse DNS

138-199-36-11.bunnyinfra.net

Software

BunnyCDN-DE1-1054 /

Resource Hash

33dc14e1be2ccee701bf1afe545c0602f2723e4bf29a824332bbf55486d38b0d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://d0d8b8e6b737a493004210cba1ad57b8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

expires: Fri, 05 Jan 2024 13:19:14 GMT
date: Mon, 26 Jun 2023 03:55:50 GMT
content-encoding: br
x-content-type-options: nosniff
cdn-edgestorageid: 1082
cdn-cachedat: 01/05/2023 13:19:14
cdn-pullzone: 692289
last-modified: Tue, 18 Aug 2020 12:41:28 GMT
server: BunnyCDN-DE1-1054
cdn-proxyver: 1.03
cdn-requestpullcode: 200
etag: W/"5f3bcc78-323"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: ce2848ff-13c5-49e5-873d-af24ad423612
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31536000
cdn-requestid: 9fc4fb8d87c1730b468c97131cd5883e
cdn-requestcountrycode: GE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 utr
dsp-trk.eskimi.com/ Frame 3D0E 43 B
100 B 531ms
146ms Image
image/gif 34.120.139.69
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsp-trk.eskimi.com/utr?coId=CAESELue6Xpbu4bQs6ter45llpg&e=2
Requested by: Host: d0d8b8e6b737a493004210cba1ad57b8.safeframe.googlesyndication.com
URL: https://d0d8b8e6b737a493004210cba1ad57b8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.120.139.69 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 69.139.120.34.bc.googleusercontent.com
Software: /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://d0d8b8e6b737a493004210cba1ad57b8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Jun 2023 03:55:49 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: image/gif

GET
H2 200 bctr.min.js Show response
dsp-media.eskimi.com/assets/js/e/ Frame 3D0E 1 KB
1 KB 752ms
355ms Script
application/javascript 138.199.36.11
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL

https://dsp-media.eskimi.com/assets/js/e/bctr.min.js?v=1.4

Requested by

Host: d0d8b8e6b737a493004210cba1ad57b8.safeframe.googlesyndication.com
URL: https://d0d8b8e6b737a493004210cba1ad57b8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

138.199.36.11 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),

Reverse DNS

138-199-36-11.bunnyinfra.net

Software

BunnyCDN-DE1-1054 /

Resource Hash

993eff878baaac385889e2599c9b0f03e76b966ab37816f7c71bc3a236190fb1

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://d0d8b8e6b737a493004210cba1ad57b8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

expires: Thu, 23 May 2024 14:29:21 GMT
date: Mon, 26 Jun 2023 03:55:50 GMT
content-encoding: br
x-content-type-options: nosniff
cdn-edgestorageid: 1076
cdn-cachedat: 05/24/2023 14:29:21
cdn-pullzone: 692289
last-modified: Wed, 24 May 2023 14:13:54 GMT
server: BunnyCDN-DE1-1054
cdn-proxyver: 1.03
cdn-requestpullcode: 200
etag: W/"646e1ba2-4b3"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: ce2848ff-13c5-49e5-873d-af24ad423612
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31536000
cdn-requestid: 6d8fb2dc7550210b1a821bdf4b906bbe
cdn-requestcountrycode: GE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230620/r20110914/client/ Frame 3D0E 3 KB
1 KB 254ms
202ms Script
text/javascript 172.217.18.1
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230620/r20110914/client/window_focus_fy2021.js

Requested by

Host: d0d8b8e6b737a493004210cba1ad57b8.safeframe.googlesyndication.com
URL: https://d0d8b8e6b737a493004210cba1ad57b8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.1 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra02s19-in-f1.1e100.net

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://d0d8b8e6b737a493004210cba1ad57b8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 25 Jun 2023 19:48:41 GMT
content-encoding: br
x-content-type-options: nosniff
age: 29229
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 09 Jul 2023 19:48:41 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230620/r20110914/client/ Frame 3D0E 19 KB
8 KB 189ms
138ms Script
text/javascript 172.217.18.1
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230620/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: d0d8b8e6b737a493004210cba1ad57b8.safeframe.googlesyndication.com
URL: https://d0d8b8e6b737a493004210cba1ad57b8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.1 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra02s19-in-f1.1e100.net

Software

cafe /

Resource Hash

8d67e93b773c993230e55a3881853d5e8d399b32fb591d845c41553c0fe8c71b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://d0d8b8e6b737a493004210cba1ad57b8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 25 Jun 2023 19:19:38 GMT
content-encoding: br
x-content-type-options: nosniff
age: 30972
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8131
x-xss-protection: 0
server: cafe
etag: 7076601798724011321
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 09 Jul 2023 19:19:38 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 3D0E 0
0 141ms
139ms Image
text/html 142.250.186.132
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRaNDQ_GFwe4dF2Dnn7nK_XVgzeeZQWKrZmSj2-blrMTrzSlTMix2v08Ci-9SaPSRDlJAmQdIIu9DZnqeAX7La716um_Q
Requested by: Host: d0d8b8e6b737a493004210cba1ad57b8.safeframe.googlesyndication.com
URL: https://d0d8b8e6b737a493004210cba1ad57b8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.186.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s07-in-f4.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://d0d8b8e6b737a493004210cba1ad57b8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 3D0E 24 KB
7 KB 195ms
144ms Script
text/javascript 172.217.18.1
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js

Requested by

Host: d0d8b8e6b737a493004210cba1ad57b8.safeframe.googlesyndication.com
URL: https://d0d8b8e6b737a493004210cba1ad57b8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.1 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra02s19-in-f1.1e100.net

Software

sffe /

Resource Hash

08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://d0d8b8e6b737a493004210cba1ad57b8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 12:02:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 402779
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6402
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Thu, 20 Jun 2024 12:02:51 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 3D0E 179 KB
56 KB 203ms
201ms Script
text/javascript 172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: d0d8b8e6b737a493004210cba1ad57b8.safeframe.googlesyndication.com
URL: https://d0d8b8e6b737a493004210cba1ad57b8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f2.1e100.net

Software

sffe /

Resource Hash

13b4bb0bb059eee9a7ddf5b8ae3f395e28e7f81918eeac0ec934f3d050c4d0a2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://d0d8b8e6b737a493004210cba1ad57b8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Jun 2023 03:55:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57242
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1687383875062185"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 26 Jun 2023 03:55:50 GMT

GET
H/1.1 204 increment Show response
id5-sync.com/api/esp/ 0
323 B 525ms
147ms XHR
text/plain 162.19.138.120
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/api/esp/increment?counter=no-config

Requested by

Host: www.sanook.com
URL: https://www.sanook.com/women/220941/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.120 , France, ASN16276 (OVH, FR),

Reverse DNS

ns31533571.ip-162-19-138.eu

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://www.sanook.com/
accept-language: ka-GE,ka;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.sanook.com
date: Mon, 26 Jun 2023 03:55:50 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin

GET
H3 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306200101/ Frame FA44 393 KB
125 KB 136ms
136ms Script
text/javascript 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306200101/pubads_impl.js?cb=31075546

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

923ac60ae2b51d9cb2025f34d30e8188c5bdfb61e04f7d5c88908b56800c7ed0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 25 Jun 2023 07:21:38 GMT
content-encoding: br
x-content-type-options: nosniff
age: 74052
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 127691
x-xss-protection: 0
server: cafe
etag: 13681810057703077335
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Mon, 24 Jun 2024 07:21:38 GMT

GET
H2 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ Frame FA44 6 KB
1 KB 148ms
145ms XHR
application/json 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.sanook.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

cdff804a874ca5ecf67d2f6c6605826044354c0f24e2e9f20f95c32fe17aa69c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Jun 2023 03:55:50 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 931
x-xss-protection: 0
expires: Mon, 26 Jun 2023 03:55:50 GMT

GET
H3 200 /
www.facebook.com/tr/ Frame E81E 0
18 B 155ms
154ms Image
text/plain 157.240.0.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1489944661112333&ev=PageView&dl=https%3A%2F%2Fwww.sanook.com%2Fvideo%2Fembed%2Fclip%2F1537512%2F%3FplayerType%3Dvideo-js&rl=https%3A%2F%2Fwww.sanook.com%2Fwomen%2F220941%2F&if=true&ts=1687751750383&sw=1600&sh=1200&v=2.9.109&r=stable&ec=0&o=30&fbp=fb.1.1687751745900.417076920&it=1687751749513&coo=false&rqm=GET

Requested by

Host: www.sanook.com
URL: https://www.sanook.com/video/embed/clip/1537512/?playerType=video-js

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.0.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-02-fra3.facebook.com

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Mon, 26 Jun 2023 03:55:50 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

POST
H2 200 map Show response
bcp.crwdcntrl.net/6/ 156 B
612 B 565ms
179ms XHR
application/json 54.229.146.125
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bcp.crwdcntrl.net/6/map
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/women/220941/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.229.146.125 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-229-146-125.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: fed4a76c58f91d89cb593d6ccd9e79e8669b6d02365bd3fbecaec79412d2210b

Request headers

Referer: https://www.sanook.com/
accept-language: ka-GE,ka;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Mon, 26 Jun 2023 03:55:50 GMT
server: Jetty(9.4.38.v20210224)
content-type: application/json;charset=utf-8
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: https://www.sanook.com
cache-control: no-cache
x-server: 10.45.23.58
access-control-allow-credentials: true
content-length: 156
expires: 0

OPTIONS
H2 200 encrypt
esp.rtbhouse.com/ Frame 0
0 426ms
145ms Preflight
text/plain 35.190.39.111
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://esp.rtbhouse.com/encrypt
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.39.111 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 111.39.190.35.bc.googleusercontent.com
Software: Google Frontend /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.sanook.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: POST, GET
access-control-allow-origin: https://www.sanook.com
access-control-max-age: 600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2
content-type: text/plain; charset=utf-8
date: Mon, 26 Jun 2023 03:55:50 GMT
server: Google Frontend
vary: Origin
via: 1.1 google, 1.1 google
x-cloud-trace-context: e62598e3e39426375553f79fd18f4ed9

POST
H2 200 encrypt Show response
esp.rtbhouse.com/ 221 B
315 B 209ms
179ms Fetch
application/json 35.190.39.111
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://esp.rtbhouse.com/encrypt
Requested by: Host: invstatic101.creativecdn.com
URL: https://invstatic101.creativecdn.com/encrypted-signals/encrypted-tag-g.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.39.111 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 111.39.190.35.bc.googleusercontent.com
Software: Google Frontend /
Resource Hash: d72ee5d0b0a79dee19ae7b15abfdb7c30e17a5f1a1f9d1b4cdfcef70b0b46021

Request headers

Referer: https://www.sanook.com/
accept-language: ka-GE,ka;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 26 Jun 2023 03:55:50 GMT
via: 1.1 google, 1.1 google
server: Google Frontend
content-type: application/json
access-control-allow-origin: *
x-cloud-trace-context: b95541ef4df4c49fbd892a4039a91c13
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 221

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 5455 624 B
242 B 169ms
169ms Document
text/html 216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CK6g0PkCEJip0sIEGJ_h7OgBMAE&v=APEucNVnPTX7mty5n0n2j60DTgr_Mx1RWPGBFJmyf4RiuCpNmL4YavLQ4MwbP1lQ1j60t9HiNwA5FazJnoBsLB9l0iTzk5fVBA

Requested by

Host: d0d8b8e6b737a493004210cba1ad57b8.safeframe.googlesyndication.com
URL: https://d0d8b8e6b737a493004210cba1ad57b8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f130.1e100.net

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://d0d8b8e6b737a493004210cba1ad57b8.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: ka-GE,ka;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 26 Jun 2023 03:55:50 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 abg_lite_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20230620/r20110914/ Frame 6917 22 KB
9 KB 471ms
124ms Script
text/javascript 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230620/r20110914/abg_lite_fy2021.js

Requested by

Host: www.sanook.com
URL: https://www.sanook.com/women/220941/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

81f66fb840c902b62f902bc4e27a6e3dee001d2f8babf5e767f78f16136ff0b7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://d0d8b8e6b737a493004210cba1ad57b8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 25 Jun 2023 19:35:35 GMT
content-encoding: br
x-content-type-options: nosniff
age: 30015
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9007
x-xss-protection: 0
server: cafe
etag: 10216374826415589524
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 09 Jul 2023 19:35:35 GMT

GET
H2 200 omrhp_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20230620/r20110914/elements/html/ Frame 6917 7 KB
3 KB 497ms
150ms Script
text/javascript 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230620/r20110914/elements/html/omrhp_fy2021.js

Requested by

Host: www.sanook.com
URL: https://www.sanook.com/women/220941/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

eb97ae42500ac290cc6b1e1c63b0784a790777a63883f57ee7f418b09f448657

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://d0d8b8e6b737a493004210cba1ad57b8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 25 Jun 2023 19:37:03 GMT
content-encoding: br
x-content-type-options: nosniff
age: 29927
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3046
x-xss-protection: 0
server: cafe
etag: 8710410791850112160
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 09 Jul 2023 19:37:03 GMT

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 6917 0
0 529ms
181ms Fetch
image/gif 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstTy2CJ-dXTIja_ptrhL-RSO9yKuvX1KQc8jV-OfkO39q4ruHxk5mAmXCCEP3XtLn7gvglm6Wa8CCmPXyJe2vqJFqYWbnl2G7EAP5gnHdO3RWrASnjs_T9FhfHjaTUcZcLA7eZIwd0HgWO2J_9RSKcY1Owah0ueDkOXVAjOmKFcj-LzugKoGaduHBzmZq0qBBWcRl0gKMuTQGaKXT0QIFJXa6T9KzvZHCaYGqOVTP1FJ0ZcNiOnfADEcmaUNuxzKnBGrt_DjAVj8LPcv49SOLHmf63NuW2upc9BWviRXyHJ3BhFyhfTwGidMHSQlaBNWXUrEdgoyShPpmREz6isZEtS3BjUnJrMxCGwDoFGZy9XcqiHk-ViTV9bdTgF8lpIqfhlaNTSKr7UfOOawfB0OEaFibpH-RRHMBrfVYGXcvUxri-lSbzgIlsN0WBXS97ig2ktel9B0dHzPAxwidIEkYqhkdY9CVXeukp4LocrLb9MSyzDpuwQOm9DbpDv4Lr45at4wvdfEXLWXnTZxydHVzgfNOWw9AbpgrwUXMH8CCeilWECh1FUmvAUBqMrHRESNCvh1picmlEeYt5no54NFqUcYQ-U90E4r05pxvyM48MPv8QeUdT380cgYD4eXAF_skD290Aks70LPA3szdFWYlpJNuAg39q-oSTXPGSKW0Oc5YhCeArcqgmQcswHO_CMtbLHewMPmghck6rnKu1bI5gSideVfC4zYfkD50tud80qWCxq6UjKOKOXnQZxzq4D58hMN5PFrAD95seYxpxwj99pKEt0wAkEG96zsCNltjvW2nIjaFKhPGOzP5gptJylV-md-t7MDKQNKTgJVRLERU8R5bnyS0kJbSiXSJYtnecVnbA5C0dQPL3qqiv-vuyrH3ynjisCYcT9g4_b0Y944ziaEm6V471GesTZjuXjztFcJpGE-xEo89BVZDN-4uFEv8UB-BZhooGQrrxuRb1qe-Vaq6rE5rnsG3cwgASGehXa13GF1OVpq7dD7XsVS9THMNDggX-JCVugrtqJf85_psYMHLoW0EeGpLpSEogeYuMH_otxVlsolQYBxdzqlKKrb_4syKdVxL6MSLV4cUwElbXCgkZqKffSHLJLYa9QGLZadnkIRmSpM91JQyA3vJtEy_1yBG6EG-vjXENJ&sai=AMfl-YRh-bqe1bhQD2AO3k6CqSUl8K0Jmrbhq-JFKyRU3ITcJkt5oLXVye2bbCK46llDuWJGnTtXA7yWQ_oyY50pyXdjhvTipM6i4rY1GB_f766J5p29CTGRAPYxo-DdsT4twsoGxHQIC0dPCn8fQ5gm1nwcwmaKJESR2u4B_UYqU-335BJpayIjegL5bnOff-vLUmDmYtXQmyVrMk8vS4UiQKAzypZ7_Fti1QcwfsI8d6I0b0R1JYKWuxbpgERwTbbv3m0Lun_WWYD-vOpOjCLInb6VA5pZbqtfd1sC4V7MhNsDJ4b4iGAGa0rtVpqLueXcAHhht3onvtQ0QXjYWa4n-1Z9twvkA0_lsaGqyrZUELI-263Gbt4lpa-l5pAXuizhmLa3yiu_7drQ4wwbrC4rot19yFNGkC5LLArb13QJaRDOKNNj1ifY8G8PlxVRgJ2tK-i7B2e67vdMEna-phwCmr1LJjHvX3-uNAutYw&sig=Cg0ArKJSzOrh5j_WiyOQEAE&uach_m=[UACH]&pr=missingexchangepricemacro&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20230620.34634&arae=0&ftch=1&adurl=

Requested by

Host: www.sanook.com
URL: https://www.sanook.com/women/220941/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://d0d8b8e6b737a493004210cba1ad57b8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Mon, 26 Jun 2023 03:55:50 GMT
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
cache-control: private
access-control-allow-credentials: true
timing-allow-origin: *
expires: Mon, 26 Jun 2023 03:55:50 GMT

GET
H2 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 6917 41 KB
15 KB 153ms
153ms Script
text/javascript 172.217.18.1
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: www.sanook.com
URL: https://www.sanook.com/women/220941/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.1 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra02s19-in-f1.1e100.net

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://d0d8b8e6b737a493004210cba1ad57b8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jun 2023 13:52:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 482595
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 19 Jun 2024 13:52:35 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230620/r20110914/client/ Frame 6917 3 KB
1 KB 184ms
183ms Script
text/javascript 172.217.18.1
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230620/r20110914/client/window_focus_fy2021.js

Requested by

Host: d0d8b8e6b737a493004210cba1ad57b8.safeframe.googlesyndication.com
URL: https://d0d8b8e6b737a493004210cba1ad57b8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.1 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra02s19-in-f1.1e100.net

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://d0d8b8e6b737a493004210cba1ad57b8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 25 Jun 2023 19:48:41 GMT
content-encoding: br
x-content-type-options: nosniff
age: 29229
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 09 Jul 2023 19:48:41 GMT

GET
H2 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 655F 1 KB
1002 B 465ms
123ms Document
text/html 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: d0d8b8e6b737a493004210cba1ad57b8.safeframe.googlesyndication.com
URL: https://d0d8b8e6b737a493004210cba1ad57b8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://d0d8b8e6b737a493004210cba1ad57b8.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: ka-GE,ka;q=0.9

Response headers

age: 32324
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 25 Jun 2023 18:57:06 GMT
etag: 48472445140208031
expires: Mon, 26 Jun 2023 18:57:06 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230620/r20110914/client/ Frame 6917 19 KB
8 KB 188ms
188ms Script
text/javascript 172.217.18.1
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230620/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: d0d8b8e6b737a493004210cba1ad57b8.safeframe.googlesyndication.com
URL: https://d0d8b8e6b737a493004210cba1ad57b8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.1 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra02s19-in-f1.1e100.net

Software

cafe /

Resource Hash

8d67e93b773c993230e55a3881853d5e8d399b32fb591d845c41553c0fe8c71b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://d0d8b8e6b737a493004210cba1ad57b8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 25 Jun 2023 19:19:38 GMT
content-encoding: br
x-content-type-options: nosniff
age: 30972
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8131
x-xss-protection: 0
server: cafe
etag: 7076601798724011321
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 09 Jul 2023 19:19:38 GMT

GET
H2 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 6917 42 B
173 B 503ms
161ms Image
image/gif 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DSHxDh57ffcHs34x1oXeC0bKjtzgAemLQnltbkWuJftIkKIMedtReiOo6svWU9Cx52LM9-vu6aYqoKbkVBFLmp9x4mdqVOZA9ttObLdO5a-6CsxNY

Requested by

Host: d0d8b8e6b737a493004210cba1ad57b8.safeframe.googlesyndication.com
URL: https://d0d8b8e6b737a493004210cba1ad57b8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://d0d8b8e6b737a493004210cba1ad57b8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 26 Jun 2023 03:55:50 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 6917 0
0 171ms
170ms Image
text/html 142.250.186.132
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSh2uAUPcA0YlWsH9Eek6Q2h2WgRv0X0HUiIu8Vq6RP-Hb6FDn54ZxMxQM-MHtrdD8TwqzGRUvD6mUFr55eokmPLG97IQ
Requested by: Host: d0d8b8e6b737a493004210cba1ad57b8.safeframe.googlesyndication.com
URL: https://d0d8b8e6b737a493004210cba1ad57b8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.186.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s07-in-f4.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://d0d8b8e6b737a493004210cba1ad57b8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 6917 179 KB
56 KB 228ms
227ms Script
text/javascript 172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: d0d8b8e6b737a493004210cba1ad57b8.safeframe.googlesyndication.com
URL: https://d0d8b8e6b737a493004210cba1ad57b8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f2.1e100.net

Software

sffe /

Resource Hash

13b4bb0bb059eee9a7ddf5b8ae3f395e28e7f81918eeac0ec934f3d050c4d0a2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://d0d8b8e6b737a493004210cba1ad57b8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Jun 2023 03:55:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57242
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1687383875062185"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 26 Jun 2023 03:55:50 GMT

GET
H2 200 16451595124716502134
s0.2mdn.net/simgad/ Frame 6917 269 KB
270 KB 607ms
160ms Image
image/png 142.250.185.198
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/16451595124716502134

Requested by

Host: d0d8b8e6b737a493004210cba1ad57b8.safeframe.googlesyndication.com
URL: https://d0d8b8e6b737a493004210cba1ad57b8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.198 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f6.1e100.net

Software

sffe /

Resource Hash

35a828dd56a2083f21de2853969329e7afdc4fb20c30f1ca102872855d5c29c8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://d0d8b8e6b737a493004210cba1ad57b8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jun 2023 12:45:40 GMT
x-content-type-options: nosniff
age: 486610
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 275802
x-xss-protection: 0
last-modified: Wed, 03 May 2023 11:17:50 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 19 Jun 2024 12:45:40 GMT

GET
H3 200 analytics.js Show response
www.google-analytics.com/ Frame E81E 52 KB
21 KB 215ms
214ms Script
text/javascript 216.239.38.178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PNXLXRS

Protocol

Security

QUIC, , AES_128_GCM

Server

216.239.38.178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 26 Jun 2023 03:04:41 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 3069
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Mon, 26 Jun 2023 05:04:41 GMT

GET
H2

200

/
trc.taboola.com/sg/thetradedesk-network/1/rtb-h/ Frame C6D4
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?gdpr=0&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
https://match.adsrvr.org/track/cmb/generic?gdpr=0&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=5e7202d9-6874-499f-945e-f77f754f1896

0
264 B

215ms
211ms

Image
text/plain

151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=5e7202d9-6874-499f-945e-f77f754f1896
Requested by: Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V8QL8CLAYUpbN0tncZThAoSmfpbO8ynCgAAABgYED8AAksPK6JYWFaSwaDwVo0si3cwtHEs5YNF6uVaWGyGGemISCBhcc1MSxMa8lgMFiLRraFWziaeNay4WK1Mi1MFuPMNAUfxnKZDGqBhGX2-w4KyunpMbsMoqLrbbE7nGbPG5Cg6XT4XPd63e931zzsfr_XrvG7_bq_22X3SyaD5WixlwMAAACAB_____8QAAAAACIAAAAASAAAAACgEFDh34LABQAAAAAM_____xoAnjgc0MVpdnqe_gAAAAAAAgAAAIAEAEHHWgkAC6yqE___________MQboM29k_P___98w6AHw4APgQQgAAIDHEMwwPu0Hf5RlIgXSRRgBAAAA2Hp3rj4ySSeoWFT5___vtwJwBQAgALH-Ot03i-6gxFsYAAAAgTEL9LD4_WaHXeN3u8z_________v5n_M_9ohEyEH9MIzUSxq_kFBABY8wsIAMBG3QAAvAmAE3QIWjEYrM5ArlazAwAAAHDn____Xw-IWQzLyczlmxhHu83MtDG5jKuRbWJbGTaOxcRm8p5Ut-Ur9rj58j4hwjL7fQcF5fT0mF0GUdH1ttgdTrPnID5oGJaTQTQ_E7YYrSaTzXI4Wy4mg-FoOBrtjwAuB2giBsvlZLKY7Faj1Wgz3I1mgwUSiMEEUbRoMFmNRpPFZLgaTVaz5WK32yCKVq1mo81guJpNZrvdajgYLkcjNGGL0Woy2SyHs-ViMhiOhqPREMHMZjBx7QaLtWo4sa1Fw8HCrRwMl2uNyWLZjBwTj2lmc4teH9PFOVkuNp4tEgzw2IvkaZFORCOTaeJcDpbLkcM2GdkWi81gMPEYd4PdbmVZzSZiieZkkU5kl33NYlhOZi7fxDjabWamjcllXI1sE9vKsHEsJjaTv7MZTFy7wWKtGk5sa9FwsHArB8PlWmOyWDYjx8RjmtncotfHdHFOlouNZ9-YDXe71WI32u0bs-Fut1rsRrt9h87wXX3ORs_lYO4IhUZnNhu0OQ0Kl8HinapX32hndhD9pkWnTKZWFnRGv9_v9_v9fr_f7zdoPQezQeF7Hv7C6WN5Loez0YPYoFDEEsFFOtE87H6_1yKWKE0X6USv-7tddr9kMliOFhOxRHC6SCeil_F0Uf-RQy7mks1yLhnM5pLFZpUAAAAAAAAAACzBJNNNAAAAAJwMZLac7VbrdBCj2Wg0WC0XwANcgC5gEAAAAAAAgGKNPWYwD7vf77UyAAjBbGabfUYQa7Va1gAAAASwAQAABHDTjTcBqlDc_____zgAAAAycugBAACI7wMCwoxaL_TA5VcQi8FutX8AKsRarVa3G2u1Wg!&excid=22&docw=0&cijs=1&nlb=false
Protocol: H2
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://am-match.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 94
date: Mon, 26 Jun 2023 03:55:51 GMT
via: 1.1 varnish
x-served-by: cache-sof1510039-SOF
server: nginx
x-timer: S1687751752.607446,VS0,VE94
x-fastly-to-nlb-rtt: 93053
x-cache: MISS
accept-ranges: bytes
content-length: 0
x-service-version: v2
x-cache-hits: 0

Redirect headers

pragma: no-cache
date: Mon, 26 Jun 2023 03:55:51 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=5e7202d9-6874-499f-945e-f77f754f1896
content-type: text/html
cache-control: private,no-cache, must-revalidate
content-length: 239

GET
H2

200

/
sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/ Frame C6D4
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/taboola/330b5701-58b6-480a-9089-cdb23d1bc4ff-tuctb9291c3?gdpr=0&us_privacy=1---
https://sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/?taboola_hm=y-Jj.5AaVE2oRzDqLcg9SRfgIpRLI7carq3Z3UVQ--~A

0
230 B

184ms
147ms

Image
text/plain

141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/?taboola_hm=y-Jj.5AaVE2oRzDqLcg9SRfgIpRLI7carq3Z3UVQ--~A
Requested by: Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V8QL8CLAYUpbN0tncZThAoSmfpbO8ynCgAAABgYED8AAksPK6JYWFaSwaDwVo0si3cwtHEs5YNF6uVaWGyGGemISCBhcc1MSxMa8lgMFiLRraFWziaeNay4WK1Mi1MFuPMNAUfxnKZDGqBhGX2-w4KyunpMbsMoqLrbbE7nGbPG5Cg6XT4XPd63e931zzsfr_XrvG7_bq_22X3SyaD5WixlwMAAACAB_____8QAAAAACIAAAAASAAAAACgEFDh34LABQAAAAAM_____xoAnjgc0MVpdnqe_gAAAAAAAgAAAIAEAEHHWgkAC6yqE___________MQboM29k_P___98w6AHw4APgQQgAAIDHEMwwPu0Hf5RlIgXSRRgBAAAA2Hp3rj4ySSeoWFT5___vtwJwBQAgALH-Ot03i-6gxFsYAAAAgTEL9LD4_WaHXeN3u8z_________v5n_M_9ohEyEH9MIzUSxq_kFBABY8wsIAMBG3QAAvAmAE3QIWjEYrM5ArlazAwAAAHDn____Xw-IWQzLyczlmxhHu83MtDG5jKuRbWJbGTaOxcRm8p5Ut-Ur9rj58j4hwjL7fQcF5fT0mF0GUdH1ttgdTrPnID5oGJaTQTQ_E7YYrSaTzXI4Wy4mg-FoOBrtjwAuB2giBsvlZLKY7Faj1Wgz3I1mgwUSiMEEUbRoMFmNRpPFZLgaTVaz5WK32yCKVq1mo81guJpNZrvdajgYLkcjNGGL0Woy2SyHs-ViMhiOhqPREMHMZjBx7QaLtWo4sa1Fw8HCrRwMl2uNyWLZjBwTj2lmc4teH9PFOVkuNp4tEgzw2IvkaZFORCOTaeJcDpbLkcM2GdkWi81gMPEYd4PdbmVZzSZiieZkkU5kl33NYlhOZi7fxDjabWamjcllXI1sE9vKsHEsJjaTv7MZTFy7wWKtGk5sa9FwsHArB8PlWmOyWDYjx8RjmtncotfHdHFOlouNZ9-YDXe71WI32u0bs-Fut1rsRrt9h87wXX3ORs_lYO4IhUZnNhu0OQ0Kl8HinapX32hndhD9pkWnTKZWFnRGv9_v9_v9fr_f7zdoPQezQeF7Hv7C6WN5Loez0YPYoFDEEsFFOtE87H6_1yKWKE0X6USv-7tddr9kMliOFhOxRHC6SCeil_F0Uf-RQy7mks1yLhnM5pLFZpUAAAAAAAAAACzBJNNNAAAAAJwMZLac7VbrdBCj2Wg0WC0XwANcgC5gEAAAAAAAgGKNPWYwD7vf77UyAAjBbGabfUYQa7Va1gAAAASwAQAABHDTjTcBqlDc_____zgAAAAycugBAACI7wMCwoxaL_TA5VcQi8FutX8AKsRarVa3G2u1Wg!&excid=22&docw=0&cijs=1&nlb=false
Protocol: H2
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://am-match.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Jun 2023 03:55:51 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 73499

Redirect headers

date: Mon, 26 Jun 2023 03:55:50 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/?taboola_hm=y-Jj.5AaVE2oRzDqLcg9SRfgIpRLI7carq3Z3UVQ--~A
content-length: 0

GET
H2

200

/
sync.taboola.com/sg/yahoosspus-network/1/rtb-h/ Frame C6D4
Redirect Chain

https://ups.analytics.yahoo.com/ups/58785/sync?redir=true&gdpr=0&us_privacy=1---
https://ups.analytics.yahoo.com/ups/58785/sync?redir=true&gdpr=0&us_privacy=1---&verify=true
https://sync.taboola.com/sg/yahoosspus-network/1/rtb-h/?taboola_hm=y-S07i3ppE2uFrIe2DseWwgUNw4wqt7y.x~A&gdpr_in_effect=0

0
230 B

144ms
144ms

Image
text/plain

141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.taboola.com/sg/yahoosspus-network/1/rtb-h/?taboola_hm=y-S07i3ppE2uFrIe2DseWwgUNw4wqt7y.x~A&gdpr_in_effect=0
Requested by: Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V8QL8CLAYUpbN0tncZThAoSmfpbO8ynCgAAABgYED8AAksPK6JYWFaSwaDwVo0si3cwtHEs5YNF6uVaWGyGGemISCBhcc1MSxMa8lgMFiLRraFWziaeNay4WK1Mi1MFuPMNAUfxnKZDGqBhGX2-w4KyunpMbsMoqLrbbE7nGbPG5Cg6XT4XPd63e931zzsfr_XrvG7_bq_22X3SyaD5WixlwMAAACAB_____8QAAAAACIAAAAASAAAAACgEFDh34LABQAAAAAM_____xoAnjgc0MVpdnqe_gAAAAAAAgAAAIAEAEHHWgkAC6yqE___________MQboM29k_P___98w6AHw4APgQQgAAIDHEMwwPu0Hf5RlIgXSRRgBAAAA2Hp3rj4ySSeoWFT5___vtwJwBQAgALH-Ot03i-6gxFsYAAAAgTEL9LD4_WaHXeN3u8z_________v5n_M_9ohEyEH9MIzUSxq_kFBABY8wsIAMBG3QAAvAmAE3QIWjEYrM5ArlazAwAAAHDn____Xw-IWQzLyczlmxhHu83MtDG5jKuRbWJbGTaOxcRm8p5Ut-Ur9rj58j4hwjL7fQcF5fT0mF0GUdH1ttgdTrPnID5oGJaTQTQ_E7YYrSaTzXI4Wy4mg-FoOBrtjwAuB2giBsvlZLKY7Faj1Wgz3I1mgwUSiMEEUbRoMFmNRpPFZLgaTVaz5WK32yCKVq1mo81guJpNZrvdajgYLkcjNGGL0Woy2SyHs-ViMhiOhqPREMHMZjBx7QaLtWo4sa1Fw8HCrRwMl2uNyWLZjBwTj2lmc4teH9PFOVkuNp4tEgzw2IvkaZFORCOTaeJcDpbLkcM2GdkWi81gMPEYd4PdbmVZzSZiieZkkU5kl33NYlhOZi7fxDjabWamjcllXI1sE9vKsHEsJjaTv7MZTFy7wWKtGk5sa9FwsHArB8PlWmOyWDYjx8RjmtncotfHdHFOlouNZ9-YDXe71WI32u0bs-Fut1rsRrt9h87wXX3ORs_lYO4IhUZnNhu0OQ0Kl8HinapX32hndhD9pkWnTKZWFnRGv9_v9_v9fr_f7zdoPQezQeF7Hv7C6WN5Loez0YPYoFDEEsFFOtE87H6_1yKWKE0X6USv-7tddr9kMliOFhOxRHC6SCeil_F0Uf-RQy7mks1yLhnM5pLFZpUAAAAAAAAAACzBJNNNAAAAAJwMZLac7VbrdBCj2Wg0WC0XwANcgC5gEAAAAAAAgGKNPWYwD7vf77UyAAjBbGabfUYQa7Va1gAAAASwAQAABHDTjTcBqlDc_____zgAAAAycugBAACI7wMCwoxaL_TA5VcQi8FutX8AKsRarVa3G2u1Wg!&excid=22&docw=0&cijs=1&nlb=false
Protocol: H2
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://am-match.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Jun 2023 03:55:51 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 73493

Redirect headers

location: https://sync.taboola.com/sg/yahoosspus-network/1/rtb-h/?taboola_hm=y-S07i3ppE2uFrIe2DseWwgUNw4wqt7y.x~A&gdpr_in_effect=0
date: Mon, 26 Jun 2023 03:55:51 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.57
age: 0
content-length: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2 200 videojs.min.js Show response
s.isanook.com/sr/0/js/videojs-v8/ Frame E81E 545 KB
164 KB 183ms
140ms Script
application/javascript 43.152.29.12
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to

Full URL: https://s.isanook.com/sr/0/js/videojs-v8/videojs.min.js
Requested by: Host: s.isanook.com
URL: https://s.isanook.com/sr/0/_next/static/chunks/pages/_app-728bf3a5f2152c8da774.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 43.152.29.12 , Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: Lego Server /
Resource Hash: 93191b26f0c23a09a2fabf5e0d71815caab853f55f7ffd3d9b053d7703fadfec

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 07:31:36 GMT
content-encoding: gzip
x-cache-lookup: Cache Hit, Hit From Inner Cluster
last-modified: Wed, 21 Jun 2023 07:17:48 GMT
server: Lego Server
age: 0
etag: W/"6492a41c-88408"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000, s-maxage=10
x-nws-log-uuid: 459912855416968328
accept-ranges: bytes
content-length: 167762
expires: Fri, 21 Jul 2023 07:31:36 GMT

GET
H2 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ Frame E81E 361 KB
120 KB 184ms
150ms Script
text/javascript 142.250.184.202
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: s.isanook.com
URL: https://s.isanook.com/sr/0/_next/static/chunks/pages/_app-728bf3a5f2152c8da774.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.202 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f10.1e100.net

Software

sffe /

Resource Hash

ed3307c62c0d78bf73af142b4c660e3257374d97385b2f50b28b1003a5c00513

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Jun 2023 03:55:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 123120
x-xss-protection: 0
expires: Mon, 26 Jun 2023 03:55:50 GMT

GET
H3

200

/
www.google.ge/pagead/1p-conversion/1007499765/ Frame E81E
Redirect Chain

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1007499765/?random=1668127239&cv=11&fst=1687751749958&bg=ffffff&guid=ON&async=1&gtm=45He36l0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww...
https://www.google.com/pagead/1p-conversion/1007499765/?random=1668127239&cv=11&fst=1687751749958&bg=ffffff&guid=ON&async=1&gtm=45He36l0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.sanook.com%2Fwomen%2...
https://www.google.ge/pagead/1p-conversion/1007499765/?random=1668127239&cv=11&fst=1687751749958&bg=ffffff&guid=ON&async=1&gtm=45He36l0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.sanook.com%2Fwomen%2F...

42 B
64 B

162ms
159ms

Image
image/gif

142.250.181.227
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.ge/pagead/1p-conversion/1007499765/?random=1668127239&cv=11&fst=1687751749958&bg=ffffff&guid=ON&async=1&gtm=45He36l0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.sanook.com%2Fwomen%2F220941%2F&ref=https%3A%2F%2Fwww.sanook.com%2Fwomen%2F220941%2F&label=JxFSCKqXqfMBEPXztOAD&hn=www.googleadservices.com&frm=1&tiba=%E0%B8%A3%E0%B8%B2%E0%B8%A8%E0%B8%B5%E0%B8%97%E0%B8%B5%E0%B9%88%E0%B8%A1%E0%B8%B5%E0%B9%80%E0%B8%81%E0%B8%93%E0%B8%91%E0%B9%8C%20%E0%B9%80%E0%B8%94%E0%B8%B4%E0%B8%99%E0%B8%97%E0%B8%B2%E0%B8%87%E0%B9%81%E0%B8%A5%E0%B9%89%E0%B8%A7%E0%B8%94%E0%B8%B5%20&value=0&us_privacy=error&auid=1312455546.1687751746&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek5DaEFJOE12ZnBBWVE1NGVLajV2NTVLbGFFaVlBcTlpUmh6UTRjajFRbGthYm9ZbXdOa1BtUmhOTXd4Um9hM2FYaHBoaDVJeW9YdE9tVmcaWkNoRUk4TXZmcEFZUXlNS2pscEdOOV9YaUFSSXVBQ0dlaU1fcENfRzItbkhMT1l5eGZWbTFNOXRxck5fMmx0LW92cW1NaW1nS0dRZjZHM2otSlk0VVBHMUI2dyITCJeEn5yF4P8CFTfluwgdVJADyw&is_vtc=1&ocp_id=RgyZZJfJArfK7_UP1KCO2Aw&cid=CAQSKQBygQiDkHwR3Me9vXEeJRb1WKG8nbHhaNGkZt50CLxr9B_QQjNObyV3&eitems=ChEI8MvfpAYQ5KGFy8vn8Nn0ARIdAPl51E9Qrf7CojPW4KBF5E_BYZnpTNQBsT-Q-rY&random=2233665875&ipr=y

Requested by

Host: www.sanook.com
URL: https://www.sanook.com/video/embed/clip/1537512/?playerType=video-js

Protocol

Server

142.250.181.227 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f3.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 26 Jun 2023 03:55:51 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 26 Jun 2023 03:55:51 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://www.google.ge/pagead/1p-conversion/1007499765/?random=1668127239&cv=11&fst=1687751749958&bg=ffffff&guid=ON&async=1&gtm=45He36l0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.sanook.com%2Fwomen%2F220941%2F&ref=https%3A%2F%2Fwww.sanook.com%2Fwomen%2F220941%2F&label=JxFSCKqXqfMBEPXztOAD&hn=www.googleadservices.com&frm=1&tiba=%E0%B8%A3%E0%B8%B2%E0%B8%A8%E0%B8%B5%E0%B8%97%E0%B8%B5%E0%B9%88%E0%B8%A1%E0%B8%B5%E0%B9%80%E0%B8%81%E0%B8%93%E0%B8%91%E0%B9%8C%20%E0%B9%80%E0%B8%94%E0%B8%B4%E0%B8%99%E0%B8%97%E0%B8%B2%E0%B8%87%E0%B9%81%E0%B8%A5%E0%B9%89%E0%B8%A7%E0%B8%94%E0%B8%B5%20&value=0&us_privacy=error&auid=1312455546.1687751746&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek5DaEFJOE12ZnBBWVE1NGVLajV2NTVLbGFFaVlBcTlpUmh6UTRjajFRbGthYm9ZbXdOa1BtUmhOTXd4Um9hM2FYaHBoaDVJeW9YdE9tVmcaWkNoRUk4TXZmcEFZUXlNS2pscEdOOV9YaUFSSXVBQ0dlaU1fcENfRzItbkhMT1l5eGZWbTFNOXRxck5fMmx0LW92cW1NaW1nS0dRZjZHM2otSlk0VVBHMUI2dyITCJeEn5yF4P8CFTfluwgdVJADyw&is_vtc=1&ocp_id=RgyZZJfJArfK7_UP1KCO2Aw&cid=CAQSKQBygQiDkHwR3Me9vXEeJRb1WKG8nbHhaNGkZt50CLxr9B_QQjNObyV3&eitems=ChEI8MvfpAYQ5KGFy8vn8Nn0ARIdAPl51E9Qrf7CojPW4KBF5E_BYZnpTNQBsT-Q-rY&random=2233665875&ipr=y
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/408516141/ Frame E81E 42 B
64 B 203ms
183ms Image
image/gif 142.250.186.132
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/408516141/?random=1687751749971&cv=11&fst=1687748400000&bg=ffffff&guid=ON&async=1&gtm=45He36l0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.sanook.com%2Fwomen%2F220941%2F&ref=https%3A%2F%2Fwww.sanook.com%2Fwomen%2F220941%2F&frm=1&tiba=%E0%B8%A3%E0%B8%B2%E0%B8%A8%E0%B8%B5%E0%B8%97%E0%B8%B5%E0%B9%88%E0%B8%A1%E0%B8%B5%E0%B9%80%E0%B8%81%E0%B8%93%E0%B8%91%E0%B9%8C%20%E0%B9%80%E0%B8%94%E0%B8%B4%E0%B8%99%E0%B8%97%E0%B8%B2%E0%B8%87%E0%B9%81%E0%B8%A5%E0%B9%89%E0%B8%A7%E0%B8%94%E0%B8%B5%20&fmt=3&is_vtc=1&random=894925574&rmt_tld=0&ipr=y

Requested by

Host: www.sanook.com
URL: https://www.sanook.com/video/embed/clip/1537512/?playerType=video-js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f4.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 26 Jun 2023 03:55:50 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.ge/pagead/1p-user-list/408516141/ Frame E81E 42 B
64 B 206ms
186ms Image
image/gif 142.250.181.227
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.ge/pagead/1p-user-list/408516141/?random=1687751749971&cv=11&fst=1687748400000&bg=ffffff&guid=ON&async=1&gtm=45He36l0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.sanook.com%2Fwomen%2F220941%2F&ref=https%3A%2F%2Fwww.sanook.com%2Fwomen%2F220941%2F&frm=1&tiba=%E0%B8%A3%E0%B8%B2%E0%B8%A8%E0%B8%B5%E0%B8%97%E0%B8%B5%E0%B9%88%E0%B8%A1%E0%B8%B5%E0%B9%80%E0%B8%81%E0%B8%93%E0%B8%91%E0%B9%8C%20%E0%B9%80%E0%B8%94%E0%B8%B4%E0%B8%99%E0%B8%97%E0%B8%B2%E0%B8%87%E0%B9%81%E0%B8%A5%E0%B9%89%E0%B8%A7%E0%B8%94%E0%B8%B5%20&fmt=3&is_vtc=1&random=894925574&rmt_tld=1&ipr=y

Requested by

Host: www.sanook.com
URL: https://www.sanook.com/video/embed/clip/1537512/?playerType=video-js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.227 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f3.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 26 Jun 2023 03:55:50 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame 5DCB
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:ee416499-0c47-4900-9866-75ceeafb321f&gdpr=0&gdpr_consent=

42 B
405 B

1574ms
152ms

Document
image/gif

198.47.127.205
GTT-BACKBONE GTT

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:ee416499-0c47-4900-9866-75ceeafb321f&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=155976
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 198.47.127.205 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: ka-GE,ka;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Mon, 26 Jun 2023 03:55:51 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

Access-Control-Allow-Origin: *
Cache-Control: no-cache
Connection: keep-alive
Content-Length: 0
Content-Type: image/gif
Date: Mon, 26 Jun 2023 03:55:51 GMT
Expires: Mon, 26 Jun 2023 03:55:50 GMT
Keep-Alive: timeout=360
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Server: MT3 1031 59fd23a master zrh zrh-pixel-x27 config_version:"1524"
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:ee416499-0c47-4900-9866-75ceeafb321f&gdpr=0&gdpr_consent=

GET pubmatic
d5p.de17a.com/getuid/ Frame 74C8 0
0

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame A14E
Redirect Chain

https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCooki...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=

42 B
245 B

1723ms
150ms

Document
image/gif

198.47.127.205
GTT-BACKBONE GTT

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=155976
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 198.47.127.205 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: ka-GE,ka;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Mon, 26 Jun 2023 03:55:51 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

cache-control: no-cache
content-length: 0
cross-origin-resource-policy: cross-origin
date: Mon, 26 Jun 2023 03:55:50 GMT
expires: Mon, 26 Jun 2023 00:00:00 GMT
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
pragma: no-cache
server: Kestrel
server-processing-duration-in-ticks: 926933
strict-transport-security: max-age=31536000; preload;
x-errorlevel: 0

GET
H2

200

Pug Show response
image2.pubmatic.com/AdServer/ Frame A24F
Redirect Chain

https://p.rfihub.com/cm?pub=224&in=1&getuid=https%3A//image2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=5140084925828741246

42 B
196 B

146ms
146ms

Document
image/gif

185.64.191.210
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=5140084925828741246
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=155976
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: ka-GE,ka;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Mon, 26 Jun 2023 03:55:54 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

Content-Length: 0
Date: Mon, 26 Jun 2023 03:55:54 GMT
Location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=5140084925828741246
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Server: Jetty(9.4.51.v20230217)

GET
H/1.1

200
OK

dcm Show response
aax-eu.amazon-adsystem.com/s/ Frame 7B25
Redirect Chain

https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=B7B76140-5686-45C7-BDB2-CE3A35903DE0&redir=true&gdpr=0&gdpr_consent=
https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=B7B76140-5686-45C7-BDB2-CE3A35903DE0&redir=true&gdpr=0&gdpr_consent=&dcc=t

43 B
855 B

337ms
337ms

Document
image/gif

67.220.228.200
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=B7B76140-5686-45C7-BDB2-CE3A35903DE0&redir=true&gdpr=0&gdpr_consent=&dcc=t

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=155976

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

67.220.228.200 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: ka-GE,ka;q=0.9

Response headers

Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif
Date: Mon, 26 Jun 2023 03:55:54 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Pragma: no-cache
Server: Server
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Vary: Content-Type,Accept-Encoding,User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid: 9ZNZ4ARPH7S24CX2TWCP

Redirect headers

Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 0
Date: Mon, 26 Jun 2023 03:55:54 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Location: https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=B7B76140-5686-45C7-BDB2-CE3A35903DE0&redir=true&gdpr=0&gdpr_consent=&dcc=t
Pragma: no-cache
Server: Server
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Vary: Content-Type,Accept-Encoding,User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid: B4BB8MYE2EW780QHMZKJ

GET p-5aWVS_roA1dVM.gif
cms.quantserve.com/pixel/ Frame 8AB4 0
0

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame F5DA
Redirect Chain

https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA%3D%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=8739825237432947340&gdpr=0&gdpr_consent=

42 B
300 B

149ms
148ms

Document
image/gif

198.47.127.205
GTT-BACKBONE GTT

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=8739825237432947340&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=155976
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 198.47.127.205 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: ka-GE,ka;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Mon, 26 Jun 2023 03:55:55 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

AN-X-Request-Uuid: 37dfcd21-5817-4435-b9b4-e5b93fa91c4f
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Length: 0
Content-Type: text/html; charset=utf-8
Date: Mon, 26 Jun 2023 03:55:55 GMT
Expires: Sat, 15 Nov 2008 16:00:00 GMT
Location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=8739825237432947340&gdpr=0&gdpr_consent=
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Pragma: no-cache
Server: nginx/1.21.3
X-Proxy-Origin: 91.239.206.213; 91.239.206.213; 1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
X-XSS-Protection: 0

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame AE77
Redirect Chain

https://dsp.adfarm1.adition.com/cookie/?ssp=9&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7248838604383385740&gdpr=0&gdpr_consent=

42 B
301 B

147ms
146ms

Document
image/gif

198.47.127.205
GTT-BACKBONE GTT

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7248838604383385740&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=155976
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 198.47.127.205 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: ka-GE,ka;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Mon, 26 Jun 2023 03:55:57 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

Connection: keep-alive
Date: Mon, 26 Jun 2023 03:55:58 GMT
Location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7248838604383385740&gdpr=0&gdpr_consent=
Server: nginx
Transfer-Encoding: chunked
p3p: policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"

GET
H2

200

Pug Show response
image2.pubmatic.com/AdServer/ Frame 0CAF
Redirect Chain

https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent=
https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent=&_bee_ppp=1
https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFDMWYwN0pNaGtBQUItcjQtVHlSUQ&gdpr=0&gdpr_consent=&bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_syn...
https://match.prod.bidr.io/cookie-sync/adx?gdpr=0&gdpr_consent=&bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AAC1f07JMhkAAB-r4-TyRQ&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26bee_sync_partners%3Dpp%252Cpm%26bee...
https://match.prod.bidr.io/cookie-sync?gdpr=0&bee_sync_partners=pp%2Cpm&bee_sync_current_partner=sas&bee_sync_initiator=adx&bee_sync_hop_count=2&userid=2461878853718764298&gdpr=0&gdpr_consent=
https://bh.contextweb.com/bh/rtset?do=add&pid=558502&ev=AAAaCk7JMhkAACA-NRli0w&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26userid%3D2461878853718764298%26gdpr%3D0%26gdpr_consen...
https://match.prod.bidr.io/cookie-sync?gdpr=0&userid=2461878853718764298&gdpr=0&gdpr_consent=&bee_sync_partners=pm&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=3&ev=AAAaCk7...
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAAaCk7JMhkAACA-NRli0w&gdpr=0&gdpr_consent=

42 B
280 B

146ms
146ms

Document
image/gif

185.64.191.210
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAAaCk7JMhkAACA-NRli0w&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=155976
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: ka-GE,ka;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Mon, 26 Jun 2023 03:55:59 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

Connection: keep-alive
Content-Length: 0
Date: Mon, 26 Jun 2023 03:55:59 GMT
Server: gunicorn
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAAaCk7JMhkAACA-NRli0w&gdpr=0&gdpr_consent=
strict-transport-security: max-age=2592000; includeSubDomains

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame C973
Redirect Chain

https://sync.srv.stackadapt.com/sync?nid=11&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=HyGEDPYnWDFb8hkcmLqXflvvztU&gdpr=0&gdpr_consent=

42 B
383 B

147ms
146ms

Document
image/gif

198.47.127.205
GTT-BACKBONE GTT

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=HyGEDPYnWDFb8hkcmLqXflvvztU&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=155976
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 198.47.127.205 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: ka-GE,ka;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Mon, 26 Jun 2023 03:55:58 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

Connection: keep-alive
Content-Length: 188
Content-Type: text/html; charset=utf-8
Date: Mon, 26 Jun 2023 03:55:58 GMT
Location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=HyGEDPYnWDFb8hkcmLqXflvvztU&gdpr=0&gdpr_consent=

GET
H2

200

user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 30DF
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=t7dhQFaGRce9ss46NZA94A%3D%3D&gdpr=0&gdpr_consent=
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=

16 KB
16 KB

135ms
134ms

Image
text/html

23.32.184.192
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/women/220941/
Protocol: H2
Server: 23.32.184.192 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-32-184-192.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Jun 2023 03:55:51 GMT
content-encoding: gzip
last-modified: Fri, 16 Dec 2022 06:36:49 GMT
server: Apache
vary: Accept-Encoding
content-type: text/html
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: max-age=43387
accept-ranges: bytes
content-length: 5554
expires: Mon, 26 Jun 2023 15:58:58 GMT

Redirect headers

pragma: no-cache
date: Mon, 26 Jun 2023 03:55:51 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 301
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

qmap
sync.crwdcntrl.net/ Frame 30DF
Redirect Chain

https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=B7B76140-5686-45C7-BDB2-CE3A35903DE0&gdpr=0&gdpr_consent=
https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=B7B76140-5686-45C7-BDB2-CE3A35903DE0&gdpr=0&gdpr_consent=&ct=y

49 B
264 B

166ms
165ms

Image
image/gif

54.155.201.15
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=B7B76140-5686-45C7-BDB2-CE3A35903DE0&gdpr=0&gdpr_consent=&ct=y
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/women/220941/
Protocol: H2
Server: 54.155.201.15 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-155-201-15.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 26 Jun 2023 03:55:55 GMT
server: Jetty(9.4.38.v20210224)
content-type: image/gif
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: *
cache-control: no-cache
x-server: 10.45.9.2
content-length: 49
expires: 0

Redirect headers

pragma: no-cache
date: Mon, 26 Jun 2023 03:55:54 GMT
server: Jetty(9.4.38.v20210224)
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location: https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=B7B76140-5686-45C7-BDB2-CE3A35903DE0&gdpr=0&gdpr_consent=&ct=y
cache-control: no-cache
x-server: 10.45.15.31
content-length: 0
expires: 0

GET
H2

204

cr
cr.frontend.weborama.fr/ Frame 30DF
Redirect Chain

https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=
https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=&bounce=1&random=2190605136

0
46 B

144ms
142ms

Image
text/plain

34.111.129.221
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=&bounce=1&random=2190605136
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/women/220941/
Protocol: H2
Server: 34.111.129.221 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 221.129.111.34.bc.googleusercontent.com
Software: Weborama Collect Frontend /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 26 Jun 2023 03:55:57 GMT
via: 1.1 google
last-modified: Mon, 26 Jun 2023 03:55:58 GMT
server: Weborama Collect Frontend
vary: Origin
p3p: CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 03 Jul 2001 06:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 26 Jun 2023 03:55:57 GMT
via: 1.1 google
last-modified: Mon, 26 Jun 2023 03:55:58 GMT
server: Weborama Collect Frontend
vary: Origin
p3p: CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
location: https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=&bounce=1&random=2190605136
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Tue, 03 Jul 2001 06:00:00 GMT

GET
H/1.1

200

p
a.audrte.com/ Frame 30DF
Redirect Chain

https://a.audrte.com/match?gdpr=0&gdpr_consent=&p=M1717054901&uid=B7B76140-5686-45C7-BDB2-CE3A35903DE0
https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_hm=MzQ4d2pDVFU3T1JRdWV2MS0tcEgzcDFvZw==&google_redir=https%3A%2F%2Fa.audrte.com%2Fddp%3Fred%3DeyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL...
https://a.audrte.com/ddp?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbeyJuYW1lIjoiYWRmb3JtIn1dfQ%3D%3D&gdpr=0&gdpr_consent=
https://dmp.adform.net/serving/cookie/match/?party=1003&r=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&gdpr=0&gdpr_consent=
https://a.audrte.com/a?adform_uid=976055358127449841&r=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D
https://a.audrte.com/p

68 B
424 B

223ms
222ms

Image
image/png

54.84.97.211
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.audrte.com/p
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/women/220941/
Protocol: HTTP/1.1
Server: 54.84.97.211 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-84-97-211.compute-1.amazonaws.com
Software: nginx/1.18.0 /
Resource Hash: 2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 26 Jun 2023 03:55:55 GMT
Server: nginx/1.18.0
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods: POST, GET, OPTIONS
Content-Type: image/png
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 68

Redirect headers

Date: Mon, 26 Jun 2023 03:55:55 GMT
Server: nginx/1.18.0
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods: POST, GET, OPTIONS
Access-Control-Allow-Origin: *
Location: https://a.audrte.com:443/p
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame 30DF
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=QjdCNzYxNDAtNTY4Ni00NUM3LUJEQjItQ0UzQTM1OTAzREUw&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=

42 B
95 B

697ms
147ms

Image
image/gif

185.64.191.210
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/women/220941/
Protocol: H2
Server: 185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type: image/gif; charset=utf-8
date: Mon, 26 Jun 2023 03:55:51 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Mon, 26 Jun 2023 03:55:51 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame 30DF
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEGWRv0GZWp5Q9lfvJtOlbtY&google_cver=1

42 B
530 B

696ms
147ms

Image
image/gif

185.64.191.210
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEGWRv0GZWp5Q9lfvJtOlbtY&google_cver=1
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/women/220941/
Protocol: H2
Server: 185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type: image/gif; charset=utf-8
date: Mon, 26 Jun 2023 03:55:52 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Mon, 26 Jun 2023 03:55:51 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEGWRv0GZWp5Q9lfvJtOlbtY&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 379
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pubmatic
um.simpli.fi/ Frame 30DF 43 B
614 B 7828ms
209ms Image
image/gif 35.204.74.118
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=

Requested by

Host: www.sanook.com
URL: https://www.sanook.com/women/220941/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

35.204.74.118 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

118.74.204.35.bc.googleusercontent.com

Software

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Jun 2023 03:55:58 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 43
expires: Sun, 25 Jun 2023 03:55:58 GMT

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame 30DF
Redirect Chain

https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=976055358127449841

42 B
241 B

1285ms
153ms

Image
image/gif

198.47.127.205
GTT-BACKBONE GTT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=976055358127449841
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/women/220941/
Protocol: H2
Server: 198.47.127.205 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type: image/gif; charset=utf-8
date: Mon, 26 Jun 2023 03:55:51 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Mon, 26 Jun 2023 03:55:51 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=976055358127449841
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame 30DF
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
https://match.adsrvr.org/track/cmb/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=5e7202d9-6874-499f-945e-f77f754f1896&gdpr=0&gdpr_consent=

42 B
396 B

1294ms
153ms

Image
image/gif

198.47.127.205
GTT-BACKBONE GTT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=5e7202d9-6874-499f-945e-f77f754f1896&gdpr=0&gdpr_consent=
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/women/220941/
Protocol: H2
Server: 198.47.127.205 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type: image/gif; charset=utf-8
date: Mon, 26 Jun 2023 03:55:52 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Mon, 26 Jun 2023 03:55:51 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=5e7202d9-6874-499f-945e-f77f754f1896&gdpr=0&gdpr_consent=
content-type: text/html
cache-control: private,no-cache, must-revalidate
content-length: 355

GET
H2

200

SPug
image4.pubmatic.com/AdServer/ Frame 30DF
Redirect Chain

https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=B7B76140-5686-45C7-BDB2-CE3A35903DE0&redir=true&gdpr=0&gdpr_consent=
https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=B7B76140-5686-45C7-BDB2-CE3A35903DE0&redir=true&gdpr=0&gdpr_consent=&verify=true
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-KcqwIcFE2uWTWgYzWDzyWQsfElqLC.E-~A&gdpr=0

0
262 B

3778ms
212ms

Image
text/plain

198.47.127.20
GTT-BACKBONE GTT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-KcqwIcFE2uWTWgYzWDzyWQsfElqLC.E-~A&gdpr=0
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/women/220941/
Protocol: H2
Server: 198.47.127.20 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Jun 2023 03:55:54 GMT
cache-control: no-store, no-cache, private
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location: https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-KcqwIcFE2uWTWgYzWDzyWQsfElqLC.E-~A&gdpr=0
date: Mon, 26 Jun 2023 03:55:51 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.57
age: 0
content-length: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2 200 B7B76140-5686-45C7-BDB2-CE3A35903DE0
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame 30DF 43 B
601 B 169ms
162ms Image
image/gif 3.251.46.15
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pr-bh.ybp.yahoo.com/sync/pubmatic/B7B76140-5686-45C7-BDB2-CE3A35903DE0?gdpr=0&gdpr_consent=

Requested by

Host: www.sanook.com
URL: https://www.sanook.com/women/220941/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.251.46.15 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-251-46-15.eu-west-1.compute.amazonaws.com

Software

ATS /

Resource Hash

48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Security Headers

Name	Value
Content-Security-Policy	sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Jun 2023 03:55:51 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: image/gif
content-length: 43

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame 30DF
Redirect Chain

https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
https://sync.bumlam.com/?src=bsw2&bsw_ssp=pubmatic&bsw_param=c34bfbe5-d3c8-4220-bb90-84a9e8560152&gdpr=0&gdpr_consent=
https://sync.bumlam.com/?src=bsw2&s_data=CAIQARjImOSkBloJCgRnZHByEgEwWg4KDGdkcHJfY29uc2VudKIBEFhlwzIT1RHuhuAAJZDAZHyqAQhwdWJtYXRpY7IBJGMzNGJmYmU1LWQzYzgtNDIyMC1iYjkwLTg0YTllODU2MDE1Mg**
https://x.bidswitch.net/sync?dsp_id=476&user_id=5865c332-13d5-11ee-86e0-002590c0647c&expires=90&ssp=pubmatic&bsw_param=c34bfbe5-d3c8-4220-bb90-84a9e8560152
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=c34bfbe5-d3c8-4220-bb90-84a9e8560152&gdpr=&gdpr_consent=&gdpr_pd=

1 B
185 B

146ms
146ms

Image
text/html

198.47.127.205
GTT-BACKBONE GTT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=c34bfbe5-d3c8-4220-bb90-84a9e8560152&gdpr=&gdpr_consent=&gdpr_pd=
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/women/220941/
Protocol: H2
Server: 198.47.127.205 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type: text/html; charset=utf-8
date: Mon, 26 Jun 2023 03:55:51 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 1
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location: //simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=c34bfbe5-d3c8-4220-bb90-84a9e8560152&gdpr=&gdpr_consent=&gdpr_pd=
date: Mon, 26 Jun 2023 03:55:52 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame 30DF
Redirect Chain

https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=B7B76140-5686-45C7-BDB2-CE3A35903DE0&gdpr=0&gdpr_consent=
https://pubmatic-match.dotomi.com/match/bounce/current?DotomiTest=7cac6b470cb5240e&is_secure=true&networkId=17100&version=1&nuid=B7B76140-5686-45C7-BDB2-CE3A35903DE0&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAM-uDbUM85CwNhGQY6AAAAAAA&expiration=1687838153&nuid=B7B76140-5686-45C7-BDB2-CE3A35903DE0&...

42 B
347 B

147ms
146ms

Image
image/gif

198.47.127.205
GTT-BACKBONE GTT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAM-uDbUM85CwNhGQY6AAAAAAA&expiration=1687838153&nuid=B7B76140-5686-45C7-BDB2-CE3A35903DE0&is_secure=true&gdpr_consent=&gdpr=0
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/women/220941/
Protocol: H2
Server: 198.47.127.205 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type: image/gif; charset=utf-8
date: Mon, 26 Jun 2023 03:55:54 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Mon, 26 Jun 2023 03:55:53 GMT
server: nginx
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAM-uDbUM85CwNhGQY6AAAAAAA&expiration=1687838153&nuid=B7B76140-5686-45C7-BDB2-CE3A35903DE0&is_secure=true&gdpr_consent=&gdpr=0
cache-control: no-cache, private, max-age=0, no-store
content-length: 0
expires: 0

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame 30DF
Redirect Chain

https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=2992603343639734767&gdpr=0&gdpr_consent=&us_privacy=

1 B
178 B

146ms
146ms

Image
text/html

198.47.127.205
GTT-BACKBONE GTT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=2992603343639734767&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/women/220941/
Protocol: H2
Server: 198.47.127.205 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type: text/html; charset=utf-8
date: Mon, 26 Jun 2023 03:55:54 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 1
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=2992603343639734767&gdpr=0&gdpr_consent=&us_privacy=
pragma: no-cache
date: Mon, 26 Jun 2023 03:55:55 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 0
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 5380 0
0 217ms
206ms Fetch
text/html 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=C7hGQRQyZZMzxJtW8lQfrjrjIDYbK5Z5chIHg9s4CwI23ARABIABgjfLSA4IBF2NhLXB1Yi02MTY3MjM4NzEyNzI5MDMyyAEJ4AIAqAMByAMCqgSEAk_QgiZpcbD4BXAz4_PBhnm7ik8YZrebGkb-rvK93y8MoOG6d4uvHp-Z14_yQ_-zR34ZaJQUZwW212DldlhR--wgCHXLFpGm9kLw32sFksnWOy2wZhm3UYrV0aCgA2-jyEZaytxq4icoxlL5cmBnTUCBriIEVoAvqA9469rUMJb5gVa9X8KYntqOrsAI9fcLRueE1PFuZ-LwKBXZpIMeZo-no0dlAWSaLxzbJKPKbqW1qio7C_G1wjtp57WhN2RDPvHAJU8GphIqXHk2G_LgHF4KuNnEv7BlfDikqUnTrS3JXsqQ-qhgPoovvFDGZtK1mBKnSVFD-f-urG_5I147wDa7WsrZ4AQBgAbUlbycnvf1pUKgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQIAKA_oLAggBgAwB0BUBgBcBshccChoSFHB1Yi02MTY3MjM4NzEyNzI5MDMyGPeBEA&sigh=wwO9y23wJWk&uach_m=[UACH]&cid=CAQSTgBygQiDzWyTx-gmH7a7cEfikGCzcHtPHgejD04Jt4OuiTta_3wAy0H3TNKcetXma3JTgpDZxBKpfHAE7zck12xEYcBZrcIdte2CU4O1BBgB&tpd=AGWhJmtlAT2gV-cOMl0gEj95RYizpxb1EV3XaZ87QoyD0fq19bNduUA3Zqx0NHUEd70HrYMdioiUzyVFkEa8O9e8CUEvSB1E6nNKL5Is_SgoT0DUJLLZn20784XyeKmOEFI7dUdsyCwccXhkxFOZktb14egXarGFqG9DBhvjs-eLeBhbSKFiCjrjb14dzml1u0BHLWjn0Vd3ukcSFc6-wao70rr3T0yg0udUXod2zDEK00RKQwDNMoxHPvNgY-QVJZAUb19ZxXMJvM3bnq7mhBEU7SZ8fuXP9om8sgxU4rLRfO9tvpmkWHF4_lQNrHjrPr4IWGrjoVTDucju__rLRelBGWlWolZeFMkey_wPfZ9bkRrbpCnhRzqBfQYala8RNiWWc7SsSJ2d2aFQiz5QpWyD41YX1SHBSKLSyOZ_WOis5BwStcueOLv0U-bdTkkiLVr72fCcu45N2gRR-OjKPgXCX-hP7s2j_JYeXL6HxuktYshqN1W_kOyGBi81rVZeYkseeAIkGWomo9Cm4fKcwlOgjksVqpa8jwykUtAfOdNyH0cd8BBsVjW4h9Blwr_b8NqisNGX2nkH7FP2IWy2DekEuErQmbcmeHcC1emAL8hCnnJsJEtchH3lmZyRPoT86AjjBPJEOMfH2UvDOBnKD4yGyCxAEvf-lmbLWnAzhhbGWTplBeqxQ1zriADWicou89bZrWT3A4nmHka3elsaGLkKGyET1jOEu2UiHWggktzgNjJ6Z-gfZNUNLeZ9za5P7oNL1ZN4E6prj68H3Pd-5npJ8DsjDjJn9p98mfMULZMJ0n-T7TAmXlWc8HKkZVbwXPJxajhhaJNmX0tOUk0YpHCBvDTgMgA6P5U23WwX2SAAGPp4ihuQdHaJHgNaeFH57Z0ljf8Th-dTUBmemvN2r7RSyvlbk5TAMWzUBH7p8xaqSfVVSd7YCoeP6TH4MoPVrv9-GTz6CONJIcxq9rnSz44-qmuxMF27Ldqm7LHBeBDnB8mXGRNfndphJYrl7vM71P-OFJijL3H1DQfFq-MAF3G6_Xuzgtevj79pFU9s8YEeQGaW7lVhxA
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/women/220941/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s07-in-f2.1e100.net
Software: /
Resource Hash

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://d0d8b8e6b737a493004210cba1ad57b8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 mystyle.css
dsp-media.eskimi.com/upload/rich-media-templates/pixel_pages_templates/300x250/ Frame 5380 852 B
1 KB 284ms
159ms Stylesheet
text/css 138.199.36.11
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL

https://dsp-media.eskimi.com/upload/rich-media-templates/pixel_pages_templates/300x250/mystyle.css

Requested by

Host: d0d8b8e6b737a493004210cba1ad57b8.safeframe.googlesyndication.com
URL: https://d0d8b8e6b737a493004210cba1ad57b8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

138.199.36.11 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),

Reverse DNS

138-199-36-11.bunnyinfra.net

Software

BunnyCDN-DE1-1054 /

Resource Hash

c7cb5af115c5c13717c8851d2f073bc2265ae6e9203a9436cf079b5f52724e7d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://d0d8b8e6b737a493004210cba1ad57b8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

expires: Tue, 30 Apr 2024 15:22:03 GMT
date: Mon, 26 Jun 2023 03:55:50 GMT
content-encoding: br
x-content-type-options: nosniff
cdn-edgestorageid: 722
cdn-cachedat: 05/01/2023 15:22:03
cdn-pullzone: 692289
last-modified: Tue, 29 Nov 2022 08:01:19 GMT
server: BunnyCDN-DE1-1054
cdn-proxyver: 1.03
cdn-requestpullcode: 200
etag: W/"6385bc4f-354"
vary: Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: ce2848ff-13c5-49e5-873d-af24ad423612
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31536000
cdn-requestid: 1236012640a074dece92a1017cbcbe7a
cdn-requestcountrycode: GE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 gsap.min.js Show response
dsp-media.eskimi.com/upload/rich-media-templates/pixel_pages_templates/300x250/js/ Frame 5380 55 KB
24 KB 482ms
357ms Script
application/javascript 138.199.36.11
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL

https://dsp-media.eskimi.com/upload/rich-media-templates/pixel_pages_templates/300x250/js/gsap.min.js

Requested by

Host: d0d8b8e6b737a493004210cba1ad57b8.safeframe.googlesyndication.com
URL: https://d0d8b8e6b737a493004210cba1ad57b8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

138.199.36.11 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),

Reverse DNS

138-199-36-11.bunnyinfra.net

Software

BunnyCDN-DE1-1054 /

Resource Hash

5998fa965b879fadd348d35630c497b56a001b50cb12435b5e750a647092046a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://d0d8b8e6b737a493004210cba1ad57b8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

expires: Sat, 02 Dec 2023 21:37:59 GMT
date: Mon, 26 Jun 2023 03:55:50 GMT
content-encoding: br
x-content-type-options: nosniff
cdn-edgestorageid: 1054
cdn-cachedat: 12/02/2022 21:37:59
cdn-pullzone: 692289
last-modified: Tue, 29 Nov 2022 08:01:19 GMT
server: BunnyCDN-DE1-1054
cdn-proxyver: 1.03
cdn-requestpullcode: 200
etag: W/"6385bc4f-dc43"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: ce2848ff-13c5-49e5-873d-af24ad423612
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31536000
cdn-requestid: e61d00fec4268450f8caab44b85a6b29
cdn-requestcountrycode: GE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 Draggable.min.js Show response
dsp-media.eskimi.com/upload/rich-media-templates/pixel_pages_templates/300x250/js/ Frame 5380 32 KB
14 KB 480ms
356ms Script
application/javascript 138.199.36.11
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL

https://dsp-media.eskimi.com/upload/rich-media-templates/pixel_pages_templates/300x250/js/Draggable.min.js

Requested by

Host: d0d8b8e6b737a493004210cba1ad57b8.safeframe.googlesyndication.com
URL: https://d0d8b8e6b737a493004210cba1ad57b8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

138.199.36.11 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),

Reverse DNS

138-199-36-11.bunnyinfra.net

Software

BunnyCDN-DE1-1054 /

Resource Hash

56c670e541dd67c646550b405db58383a296966c35fb1607b6dced9307ce68ad

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://d0d8b8e6b737a493004210cba1ad57b8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

expires: Fri, 24 May 2024 17:09:21 GMT
date: Mon, 26 Jun 2023 03:55:50 GMT
content-encoding: br
x-content-type-options: nosniff
cdn-edgestorageid: 1053
cdn-cachedat: 05/25/2023 17:09:21
cdn-pullzone: 692289
last-modified: Tue, 29 Nov 2022 08:01:19 GMT
server: BunnyCDN-DE1-1054
cdn-proxyver: 1.03
cdn-requestpullcode: 200
etag: W/"6385bc4f-809e"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: ce2848ff-13c5-49e5-873d-af24ad423612
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31536000
cdn-requestid: 827c3e1da904b5a2d6df4bb9f5ca4ca6
cdn-requestcountrycode: GE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 openxWin
win.eskimi.com/ Frame 5380 43 B
161 B 260ms
147ms Image
image/gif 130.211.27.62
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://win.eskimi.com/openxWin?eid=14&w=Ei8KJGVkOThlZjA3LTYwNWYtNDNmNC05NmI4LWY4MWI1ZWU2ZGJjNBAOGP7g366PMRgFIICcv98FMbgehetRuL4_QcHKoUW2870_SJXx088pWI_uCWgCcNifAniCtSmAAQaiARY2Xy02OTYzMjgwNDQ4MDkyOTQ5MzU3qQEnMQisHFrEP7IBESACOgd0YmlsaXNpQgJnZUgBwgE2CA4QxN6vDRjsguaJBSABKMAkMAU4CFi2hUBoAXABeAKCAQ1PWC1iZWYtUWNmTUZniAEBkAECygEgZjM0ZTk2OTk1ZGRmM2ZmNWViMWJmZGUxMzhjZmUyOWPYAb6Bsaz_tcbdzgHhAQAAAAAAgFFA6gECdGjwAd8MgAIB&esc=false&spent=AAABiPXX8KLkE-0wlSSqwDGUcKjle3MvrROINA&adId=161551&auctionId=ed98ef07-605f-43f4-96b8-f81b5ee6dbc4
Requested by: Host: d0d8b8e6b737a493004210cba1ad57b8.safeframe.googlesyndication.com
URL: https://d0d8b8e6b737a493004210cba1ad57b8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 130.211.27.62 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 62.27.211.130.bc.googleusercontent.com
Software: /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://d0d8b8e6b737a493004210cba1ad57b8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Jun 2023 03:55:50 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: image/gif

GET
H2 200 code.js Show response
dsp-media.eskimi.com/upload/rich-media-templates/pixel_pages_templates/300x250/ Frame 5380 10 KB
4 KB 479ms
355ms Script
application/javascript 138.199.36.11
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL

https://dsp-media.eskimi.com/upload/rich-media-templates/pixel_pages_templates/300x250/code.js

Requested by

Host: d0d8b8e6b737a493004210cba1ad57b8.safeframe.googlesyndication.com
URL: https://d0d8b8e6b737a493004210cba1ad57b8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

138.199.36.11 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),

Reverse DNS

138-199-36-11.bunnyinfra.net

Software

BunnyCDN-DE1-1054 /

Resource Hash

c327099ec717a76d26d1ecdf7a6361aa1f613c05549127bfc45416166dc514bb

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://d0d8b8e6b737a493004210cba1ad57b8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

expires: Thu, 04 Jan 2024 07:40:47 GMT
date: Mon, 26 Jun 2023 03:55:50 GMT
content-encoding: br
x-content-type-options: nosniff
cdn-edgestorageid: 1075
cdn-cachedat: 01/04/2023 07:40:47
cdn-pullzone: 692289
last-modified: Tue, 29 Nov 2022 08:01:19 GMT
server: BunnyCDN-DE1-1054
cdn-proxyver: 1.03
cdn-requestpullcode: 200
etag: W/"6385bc4f-2998"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: ce2848ff-13c5-49e5-873d-af24ad423612
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31536000
cdn-requestid: 4ec42d7a6f05d50aa4633e22151948f1
cdn-requestcountrycode: GE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 ad-choice.min.js Show response
dsp-media.eskimi.com/assets/js/e/ Frame 5380 3 KB
2 KB 481ms
357ms Script
application/javascript 138.199.36.11
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL

https://dsp-media.eskimi.com/assets/js/e/ad-choice.min.js?_=2.1.0.9

Requested by

Host: d0d8b8e6b737a493004210cba1ad57b8.safeframe.googlesyndication.com
URL: https://d0d8b8e6b737a493004210cba1ad57b8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

138.199.36.11 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),

Reverse DNS

138-199-36-11.bunnyinfra.net

Software

BunnyCDN-DE1-1054 /

Resource Hash

cdc7862ae6f3ae80124d8c672dc6d7a4d892ba42f7d651dbf0bd74d1d9e353ad

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://d0d8b8e6b737a493004210cba1ad57b8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

expires: Sat, 15 Jun 2024 07:16:58 GMT
date: Mon, 26 Jun 2023 03:55:50 GMT
content-encoding: br
x-content-type-options: nosniff
cdn-edgestorageid: 1054
cdn-cachedat: 06/16/2023 07:16:58
cdn-pullzone: 692289
last-modified: Mon, 14 Nov 2022 14:24:28 GMT
server: BunnyCDN-DE1-1054
cdn-proxyver: 1.03
cdn-requestpullcode: 200
etag: W/"63724f9c-bdd"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: ce2848ff-13c5-49e5-873d-af24ad423612
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31536000
cdn-requestid: 4c43dfc6be1cb4df8cdc51b34eacbf95
cdn-requestcountrycode: GE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 bctr.min.js Show response
dsp-media.eskimi.com/assets/js/e/ Frame 5380 1 KB
1 KB 480ms
357ms Script
application/javascript 138.199.36.11
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL

https://dsp-media.eskimi.com/assets/js/e/bctr.min.js?v=1.4

Requested by

Host: d0d8b8e6b737a493004210cba1ad57b8.safeframe.googlesyndication.com
URL: https://d0d8b8e6b737a493004210cba1ad57b8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

138.199.36.11 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),

Reverse DNS

138-199-36-11.bunnyinfra.net

Software

BunnyCDN-DE1-1054 /

Resource Hash

993eff878baaac385889e2599c9b0f03e76b966ab37816f7c71bc3a236190fb1

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://d0d8b8e6b737a493004210cba1ad57b8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

expires: Thu, 23 May 2024 14:29:21 GMT
date: Mon, 26 Jun 2023 03:55:50 GMT
content-encoding: br
x-content-type-options: nosniff
cdn-edgestorageid: 1076
cdn-cachedat: 05/24/2023 14:29:21
cdn-pullzone: 692289
last-modified: Wed, 24 May 2023 14:13:54 GMT
server: BunnyCDN-DE1-1054
cdn-proxyver: 1.03
cdn-requestpullcode: 200
etag: W/"646e1ba2-4b3"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: ce2848ff-13c5-49e5-873d-af24ad423612
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31536000
cdn-requestid: 0518a5b5527d6af30548cbcc14ae6d62
cdn-requestcountrycode: GE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230620/r20110914/client/ Frame 5380 3 KB
1 KB 255ms
144ms Script
text/javascript 172.217.18.1
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230620/r20110914/client/window_focus_fy2021.js

Requested by

Host: d0d8b8e6b737a493004210cba1ad57b8.safeframe.googlesyndication.com
URL: https://d0d8b8e6b737a493004210cba1ad57b8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.1 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra02s19-in-f1.1e100.net

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://d0d8b8e6b737a493004210cba1ad57b8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 25 Jun 2023 19:48:41 GMT
content-encoding: br
x-content-type-options: nosniff
age: 29229
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 09 Jul 2023 19:48:41 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230620/r20110914/client/ Frame 5380 19 KB
8 KB 251ms
141ms Script
text/javascript 172.217.18.1
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230620/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: d0d8b8e6b737a493004210cba1ad57b8.safeframe.googlesyndication.com
URL: https://d0d8b8e6b737a493004210cba1ad57b8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.1 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra02s19-in-f1.1e100.net

Software

cafe /

Resource Hash

8d67e93b773c993230e55a3881853d5e8d399b32fb591d845c41553c0fe8c71b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://d0d8b8e6b737a493004210cba1ad57b8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 25 Jun 2023 19:19:38 GMT
content-encoding: br
x-content-type-options: nosniff
age: 30972
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8131
x-xss-protection: 0
server: cafe
etag: 7076601798724011321
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 09 Jul 2023 19:19:38 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 5380 0
0 154ms
137ms Image
text/html 142.250.186.132
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSOMmppPWC-drkdh4oGNaL7lhzsXCw3VWFjhIQ51QPCeOsz02kWHUifjkRgdcuq33RY4FT46pUoFQ9ANnp-GuWi16DVFQ
Requested by: Host: d0d8b8e6b737a493004210cba1ad57b8.safeframe.googlesyndication.com
URL: https://d0d8b8e6b737a493004210cba1ad57b8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.186.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s07-in-f4.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://d0d8b8e6b737a493004210cba1ad57b8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 5380 24 KB
6 KB 252ms
143ms Script
text/javascript 172.217.18.1
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js

Requested by

Host: d0d8b8e6b737a493004210cba1ad57b8.safeframe.googlesyndication.com
URL: https://d0d8b8e6b737a493004210cba1ad57b8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.1 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra02s19-in-f1.1e100.net

Software

sffe /

Resource Hash

08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://d0d8b8e6b737a493004210cba1ad57b8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 12:02:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 402779
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6402
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Thu, 20 Jun 2024 12:02:51 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 5380 179 KB
56 KB 213ms
179ms Script
text/javascript 172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: d0d8b8e6b737a493004210cba1ad57b8.safeframe.googlesyndication.com
URL: https://d0d8b8e6b737a493004210cba1ad57b8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f2.1e100.net

Software

sffe /

Resource Hash

13b4bb0bb059eee9a7ddf5b8ae3f395e28e7f81918eeac0ec934f3d050c4d0a2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://d0d8b8e6b737a493004210cba1ad57b8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Jun 2023 03:55:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57242
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1687383875062185"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 26 Jun 2023 03:55:50 GMT

GET
H/1.1 200
OK c
sal.isanook.com/sa/ Frame E81E 35 B
376 B 463ms
370ms Image
image/gif 203.151.133.6
INET-TH-AS Intern...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sal.isanook.com/sa/c?v=1&_v=j41&a=815967457&t=pageview&_s=1&dl=https%3A%2F%2Fwww.sanook.com%2Fvideo%2Fembed%2Fclip%2F1537512%2F%3FplayerType%3Dvideo-js&dp=%2Fvideo%2Fembed%2Fclip%2F1537512%2F%3FplayerType%3Dvideo-js&ul=en-us&de=UTF-8&dt=%E0%B8%A3%E0%B8%B2%E0%B8%A8%E0%B8%B5%E0%B8%97%E0%B8%B5%E0%B9%88%E0%B8%A1%E0%B8%B5%E0%B9%80%E0%B8%81%E0%B8%93%E0%B8%91%E0%B9%8C%20%E0%B9%80%E0%B8%94%E0%B8%B4%E0%B8%99%E0%B8%97%E0%B8%B2%E0%B8%87%E0%B9%81%E0%B8%A5%E0%B9%89%E0%B8%A7%E0%B8%94%E0%B8%B5%20%E0%B9%84%E0%B8%94%E0%B9%89%E0%B8%87%E0%B8%B2%E0%B8%99%E0%B9%83%E0%B8%AB%E0%B8%A1%E0%B9%88%E0%B9%86%20%3AEmbed%20Video&sd=24-bit&sr=1600x1200&vp=728x410&je=0&_u=SAAAAAABC~&cid=1893576059.1687751748&tid=SA-8147095-6&cd4=0&cd8=b&z=1999165066
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/video/embed/clip/1537512/?playerType=video-js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 203.151.133.6 Mueang Samut Prakan, Thailand, ASN4618 (INET-TH-AS Internet Thailand Company Limited, TH),
Reverse DNS: 6.134.151.203.sta.inet.co.th
Software: nginx /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
Date: Mon, 26 Jun 2023 03:55:50 GMT
Server: nginx
ETag: "5791d98d-23"
Vary: Accept-Encoding
Content-Type: image/gif
Cache-Control: no-cache, no-cache, no-store, must-revalidate
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 35
Expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ Frame E81E 240 KB
83 KB 243ms
151ms Script
application/javascript 142.250.186.104
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-M0RYDTKBFK&l=dataLayer&cx=c

Requested by

Host: www.googleoptimize.com
URL: https://www.googleoptimize.com/optimize.js?id=GTM-NBRLWV4

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.104 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

5368565b98e1bf1a330da79b5effeb6cefa0d3a87e0b2c4b1386056f4d5d3499

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Jun 2023 03:55:50 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 85158
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 26 Jun 2023 03:55:50 GMT

GET
DATA 200
OK truncated
/ Frame 56A5 210 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0243816ae4ef10bd54c4dba1a5519766107b237cf4603fa15d76d16bcb95dae5

Request headers

accept-language: ka-GE,ka;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1 200
OK dc.js Show response
avd.innity.net/lib/ Frame E81E 20 KB
7 KB 157ms
149ms Script
application/javascript 2.22.155.137
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://avd.innity.net/lib/dc.js
Requested by: Host: avd.innity.net
URL: https://avd.innity.net/225/container_57b51f2f1c51b15b6d1e8553.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2.22.155.137 Glattbrugg, Switzerland, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-22-155-137.deploy.static.akamaitechnologies.com
Software: nginx/1.20.2 /
Resource Hash: 0014ffccade01ae1ab385b85433decef0f11f26cbe25721faa0d13bb5c0badda

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 26 Jun 2023 03:55:50 GMT
Content-Encoding: gzip
Last-Modified: Fri, 22 Oct 2021 06:40:46 GMT
Server: nginx/1.20.2
ETag: "61725cee-5149-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: public, max-age=2115708
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 6412
Expires: Thu, 20 Jul 2023 15:37:38 GMT

GET
H/1.1 200
OK container_5f47736a47e7049801000002.js Show response
avd.innity.net/261/ Frame E81E 8 KB
3 KB 194ms
186ms Script
application/javascript 2.22.155.137
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://avd.innity.net/261/container_5f47736a47e7049801000002.js
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/women/220941/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2.22.155.137 Glattbrugg, Switzerland, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-22-155-137.deploy.static.akamaitechnologies.com
Software: nginx/1.20.2 /
Resource Hash: 2c3282f6361e85f669bc3d248b8693c53dd22f8f06488c99beb57258e6e00f87

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 26 Jun 2023 03:55:50 GMT
Content-Encoding: gzip
Last-Modified: Wed, 30 Sep 2020 01:58:26 GMT
Server: nginx/1.20.2
ETag: "5f73e642-1eac-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: public, max-age=1347177
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2875
Expires: Tue, 11 Jul 2023 18:08:47 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 5455
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJcqOdaRYtCdx4RsXUUIB-0&google_cver=1

43 B
766 B

140ms
140ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJcqOdaRYtCdx4RsXUUIB-0&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CK6g0PkCEJip0sIEGJ_h7OgBMAE&v=APEucNVnPTX7mty5n0n2j60DTgr_Mx1RWPGBFJmyf4RiuCpNmL4YavLQ4MwbP1lQ1j60t9HiNwA5FazJnoBsLB9l0iTzk5fVBA
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 26 Jun 2023 03:55:51 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=499
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Mon, 26 Jun 2023 03:55:51 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJcqOdaRYtCdx4RsXUUIB-0&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 5455
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZJkMRw7ibFhG2uyiH-3BUQAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJcqOdaRYtCdx4RsXUUIB-0&google_cver=1

43 B
766 B

140ms
139ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJcqOdaRYtCdx4RsXUUIB-0&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CK6g0PkCEJip0sIEGJ_h7OgBMAE&v=APEucNVnPTX7mty5n0n2j60DTgr_Mx1RWPGBFJmyf4RiuCpNmL4YavLQ4MwbP1lQ1j60t9HiNwA5FazJnoBsLB9l0iTzk5fVBA
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 26 Jun 2023 03:55:52 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=497
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Mon, 26 Jun 2023 03:55:52 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJcqOdaRYtCdx4RsXUUIB-0&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

bounce
ib.adnxs.com/ Frame 5455
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESED54lYb5gla2d8xvm6t3zzo&google_cver=1
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESED54lYb5gla2d8xvm6t3zzo%26google_cver%3D1

43 B
1 KB

398ms
132ms

Image
image/gif

37.252.171.53
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESED54lYb5gla2d8xvm6t3zzo%26google_cver%3D1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CK6g0PkCEJip0sIEGJ_h7OgBMAE&v=APEucNVnPTX7mty5n0n2j60DTgr_Mx1RWPGBFJmyf4RiuCpNmL4YavLQ4MwbP1lQ1j60t9HiNwA5FazJnoBsLB9l0iTzk5fVBA

Protocol

HTTP/1.1

Server

37.252.171.53 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 26 Jun 2023 03:55:56 GMT
AN-X-Request-Uuid: fb52be44-104a-4b7c-883d-cff110cb8d93
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: image/gif
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 91.239.206.213; 91.239.206.213; 1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 26 Jun 2023 03:55:55 GMT
AN-X-Request-Uuid: 4fda19ef-444c-4348-bec7-cd631bc31ce2
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESED54lYb5gla2d8xvm6t3zzo%26google_cver%3D1
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 91.239.206.213; 91.239.206.213; 1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 5455
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTI4MjYzMjMxOTA0ODU5MDAxOA%3D%3D

170 B
188 B

148ms
148ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTI4MjYzMjMxOTA0ODU5MDAxOA%3D%3D

Requested by

Protocol

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 26 Jun 2023 03:55:56 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Mon, 26 Jun 2023 03:55:56 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 91.239.206.213; 91.239.206.213; 1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: 7ef46dca-bdf0-4c44-b41d-f5edaf2726ec
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTI4MjYzMjMxOTA0ODU5MDAxOA%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 206 default_video.mp4
s.isanook.com/vi/0/ud/1/ext/video/ Frame 56A5 23 KB
23 KB 204ms
128ms Media
video/mp4 43.152.29.12
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to

Full URL: https://s.isanook.com/vi/0/ud/1/ext/video/default_video.mp4
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/women/220941/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 43.152.29.12 , Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: Lego Server /
Resource Hash: c7e91ec737c4456ae82d47d50d3099d60105d58ddfe04c0001b9b13887d41d21

Request headers

Referer: https://www.sanook.com/
Accept-Encoding: identity;q=1, *;q=0
accept-language: ka-GE,ka;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range: bytes=0-

Response headers

date: Fri, 23 Jun 2023 11:43:46 GMT
x-cache-lookup: Cache Hit, Hit From Inner Cluster
last-modified: Thu, 20 Aug 2015 06:26:08 GMT
server: Lego Server
age: 0
etag: "55d57300-5b54"
content-type: video/mp4
Content-Range: bytes 0-23379/23380
cache-control: s-maxage=10
x-nws-log-uuid: 13203885670687453497
Content-Length: 23380

OPTIONS
H2 200 json
gum.criteo.com/sid/ Frame 0
0 446ms
147ms Preflight
application/json 178.250.1.11
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.sanook.com%2F&domain=www.sanook.com&cw=1&pbt=1&lsw=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://www.sanook.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: https://www.sanook.com
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-type: application/json; charset=utf-8
date: Mon, 26 Jun 2023 03:55:51 GMT
expires: 0
pragma: no-cache
server: Kestrel
server-processing-duration-in-ticks: 183983
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 json Show response
gum.criteo.com/sid/ 2 B
372 B 143ms
142ms XHR
application/json 178.250.1.11
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.sanook.com%2F&domain=www.sanook.com&cw=1&pbt=1&lsw=1

Requested by

Host: www.sanook.com
URL: https://www.sanook.com/women/220941/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://www.sanook.com/
accept-language: ka-GE,ka;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

pragma: no-cache
date: Mon, 26 Jun 2023 03:55:50 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.sanook.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 197388
expires: 0

POST
H/1.1 200 prebid Show response
id5-sync.com/api/config/ 135 B
543 B 159ms
133ms XHR
application/json 162.19.138.120
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/api/config/prebid

Requested by

Host: www.sanook.com
URL: https://www.sanook.com/women/220941/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.120 , France, ASN16276 (OVH, FR),

Reverse DNS

ns31533571.ip-162-19-138.eu

Software

Resource Hash

0b55ec4e5aa91ac70224085c402a372fcdd954dd4df3229b7de7efbfa86cff3c

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://www.sanook.com/
accept-language: ka-GE,ka;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.sanook.com
date: Mon, 26 Jun 2023 03:55:51 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding: chunked
content-type: application/json;charset=UTF-8

GET envelope
api.rlcdn.com/api/identity/ 0
0

GET
H2 200 id Show response
id.crwdcntrl.net/ 152 B
820 B 193ms
172ms XHR
application/json 54.229.146.125
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://id.crwdcntrl.net/id
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/women/220941/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.229.146.125 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-229-146-125.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 6b47a4a3528c95cf5d039727a5e530e0833151c38254c79c2313be62b3635249

Request headers

Referer: https://www.sanook.com/
accept-language: ka-GE,ka;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 26 Jun 2023 03:55:51 GMT
server: Jetty(9.4.38.v20210224)
content-type: application/json;charset=utf-8
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: https://www.sanook.com
cache-control: no-cache
x-server: 10.45.30.53
access-control-allow-credentials: true
content-length: 152
expires: 0

GET
H2 200 rid Show response
match.adsrvr.org/track/ 108 B
647 B 207ms
191ms XHR
application/json 15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://match.adsrvr.org/track/rid?ttd_pid=pubmatic&fmt=json
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/women/220941/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 118953d8a83c1ff120e5a1f85e67a43d2c2b138935a6c7533a24830d282b46e0

Request headers

Referer: https://www.sanook.com/
accept-language: ka-GE,ka;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 26 Jun 2023 03:55:51 GMT
x-aspnet-version: 4.0.30319
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.sanook.com
cache-control: private
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length: 108
expires: Wed, 26 Jul 2023 03:55:51 GMT

POST
H2 200 wl Show response
t.pubmatic.com/ 17 B
181 B 580ms
147ms XHR
text/plain 185.64.190.82
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://t.pubmatic.com/wl?pubid=155976
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/women/220941/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.64.190.82 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: 0d111d61901004eafd87c672f12f6cd54b3c376513aa672bf58100506dfe76f5

Request headers

Referer: https://www.sanook.com/
accept-language: ka-GE,ka;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Mon, 26 Jun 2023 03:55:51 GMT
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://www.sanook.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 17
expires: 0

POST
H2 200 wl Show response
t.pubmatic.com/ 17 B
93 B 667ms
245ms XHR
text/plain 185.64.190.82
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://t.pubmatic.com/wl?pubid=155976
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/women/220941/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.64.190.82 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: 0d111d61901004eafd87c672f12f6cd54b3c376513aa672bf58100506dfe76f5

Request headers

Referer: https://www.sanook.com/
accept-language: ka-GE,ka;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Mon, 26 Jun 2023 03:55:51 GMT
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://www.sanook.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 17
expires: 0

GET idsync
tg.socdm.com/aux/ Frame 433E 0
0

GET su
ih.adscale.de/ Frame 433E 0
0

GET
H2 200 sync
ssbsync.smartadserver.com/api/ Frame 433E 0
0 3623ms
211ms Image
text/html 185.86.139.94
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssbsync.smartadserver.com/api/sync?callerId=4
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/women/220941/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.139.94 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: ka-GE,ka;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2

200

/
sync.taboola.com/sg/rubiconvideo-network/1/rtb-h/ Frame 433E
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=16698
https://sync.taboola.com/sg/rubiconvideo-network/1/rtb-h/?taboola_hm=LJCBTGRE-O-6ART

0
231 B

147ms
146ms

Image
text/plain

141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.taboola.com/sg/rubiconvideo-network/1/rtb-h/?taboola_hm=LJCBTGRE-O-6ART
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/women/220941/
Protocol: H2
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: ka-GE,ka;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Jun 2023 03:55:55 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 73494

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://sync.taboola.com/sg/rubiconvideo-network/1/rtb-h/?taboola_hm=LJCBTGRE-O-6ART
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 4cdacfaa68e4ab216fffbcc107c5b898
Expires: 0

GET
H2

200

/
sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/ Frame 433E
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/taboola/330b5701-58b6-480a-9089-cdb23d1bc4ff-tuctb9291c3?gdpr=0&gdpr_consent=&us_privacy=
https://sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/?taboola_hm=y-RqpMTslE2oRFMEhOlckt7hMEiauwYOXQTgAVFw--~A

0
230 B

144ms
143ms

Image
text/plain

141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/?taboola_hm=y-RqpMTslE2oRFMEhOlckt7hMEiauwYOXQTgAVFw--~A
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/women/220941/
Protocol: H2
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: ka-GE,ka;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Jun 2023 03:55:51 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 73493

Redirect headers

date: Mon, 26 Jun 2023 03:55:51 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/?taboola_hm=y-RqpMTslE2oRFMEhOlckt7hMEiauwYOXQTgAVFw--~A
content-length: 0

GET taboola
trace.mediago.io/ju/cs/ Frame 433E 0
0

GET
H2

200

/
trc.taboola.com/sg/google-network/1/rtb-h/ Frame 433E
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_cm&google_sc
https://trc.taboola.com/sg/google-network/1/rtb-h/?taboola_hm=CAESELl9k-JAUtwJvXhnPrrdrWs&google_cver=1

0
68 B

210ms
209ms

Image
text/plain

151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc.taboola.com/sg/google-network/1/rtb-h/?taboola_hm=CAESELl9k-JAUtwJvXhnPrrdrWs&google_cver=1
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/women/220941/
Protocol: H2
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: ka-GE,ka;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 93
date: Mon, 26 Jun 2023 03:55:51 GMT
via: 1.1 varnish
x-served-by: cache-sof1510039-SOF
server: nginx
x-timer: S1687751752.613443,VS0,VE93
x-fastly-to-nlb-rtt: 92244
x-cache: MISS
accept-ranges: bytes
content-length: 0
x-service-version: v2
x-cache-hits: 0

Redirect headers

pragma: no-cache
date: Mon, 26 Jun 2023 03:55:51 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://trc.taboola.com/sg/google-network/1/rtb-h/?taboola_hm=CAESELl9k-JAUtwJvXhnPrrdrWs&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 304
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 Pug
simage2.pubmatic.com/AdServer/ Frame 433E 42 B
95 B 1712ms
151ms Image
image/gif 198.47.127.205
GTT-BACKBONE GTT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw&piggybackCookie=330b5701-58b6-480a-9089-cdb23d1bc4ff-tuctb9291c3:$UID
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/women/220941/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 198.47.127.205 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: ka-GE,ka;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type: image/gif; charset=utf-8
date: Mon, 26 Jun 2023 03:55:52 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 433E
Redirect Chain

https://sync.taboola.com/sg/google-network/1/rtb/?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dtaboola_dbm%26google_sc%26gdpr%3D0%26gdpr_consent%3D&orig=trc
https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_sc&gdpr=0&gdpr_consent=&google_hm=330b5701-58b6-480a-9089-cdb23d1bc4ff-tuctb9291c3

170 B
243 B

154ms
150ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_sc&gdpr=0&gdpr_consent=&google_hm=330b5701-58b6-480a-9089-cdb23d1bc4ff-tuctb9291c3

Requested by

Host: www.sanook.com
URL: https://www.sanook.com/women/220941/

Protocol

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 26 Jun 2023 03:55:51 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_sc&gdpr=0&gdpr_consent=&google_hm=330b5701-58b6-480a-9089-cdb23d1bc4ff-tuctb9291c3
date: Mon, 26 Jun 2023 03:55:51 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 73499

GET
H2

200

/
trc.taboola.com/sg/thetradedesk-network/1/rtb-h/ Frame 433E
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=054f32o&ttd_tpi=1
https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=5e7202d9-6874-499f-945e-f77f754f1896

0
68 B

218ms
214ms

Image
text/plain

151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=5e7202d9-6874-499f-945e-f77f754f1896
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/women/220941/
Protocol: H2
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: ka-GE,ka;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 97
date: Mon, 26 Jun 2023 03:55:51 GMT
via: 1.1 varnish
x-served-by: cache-sof1510039-SOF
server: nginx
x-timer: S1687751752.607480,VS0,VE97
x-fastly-to-nlb-rtt: 94629
x-cache: MISS
accept-ranges: bytes
content-length: 0
x-service-version: v2
x-cache-hits: 0

Redirect headers

pragma: no-cache
date: Mon, 26 Jun 2023 03:55:51 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=5e7202d9-6874-499f-945e-f77f754f1896
content-type: text/html
cache-control: private,no-cache, must-revalidate
content-length: 239

GET
H/1.1

200
OK

merge
ce.lijit.com/ Frame 433E
Redirect Chain

https://ce.lijit.com/merge?pid=42&3pid=330b5701-58b6-480a-9089-cdb23d1bc4ff-tuctb9291c3&us_privacy=&gdpr=0&gdpr_consent=
https://ce.lijit.com/merge?pid=42&3pid=330b5701-58b6-480a-9089-cdb23d1bc4ff-tuctb9291c3&us_privacy=&gdpr=0&gdpr_consent=&dnr=1

43 B
696 B

142ms
142ms

Image
image/gif

216.52.2.86
AS-INAPCDN-OCY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ce.lijit.com/merge?pid=42&3pid=330b5701-58b6-480a-9089-cdb23d1bc4ff-tuctb9291c3&us_privacy=&gdpr=0&gdpr_consent=&dnr=1
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/women/220941/
Protocol: HTTP/1.1
Server: 216.52.2.86 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: ka-GE,ka;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 26 Jun 2023 03:55:51 GMT
P3P: CP="CUR ADM OUR NOR STA NID"
Content-Type: image/gif
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod: ad_ap4ams1
Content-Length: 43
Expires: Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 26 Jun 2023 03:55:51 GMT
P3P: CP="CUR ADM OUR NOR STA NID"
Location: https://ce.lijit.com/merge?pid=42&3pid=330b5701-58b6-480a-9089-cdb23d1bc4ff-tuctb9291c3&us_privacy=&gdpr=0&gdpr_consent=&dnr=1
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod: ad_ap4ams1
Content-Length: 0
Expires: Fri, 20 Mar 2009 00:00:00 GMT

GET
H2 200 rtset
bh.contextweb.com/bh/ Frame 433E 49 B
863 B 7796ms
209ms Image
image/gif 208.93.169.131
WEBMD-IDC1-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bh.contextweb.com/bh/rtset?do=add&pid=553204&ev=330b5701-58b6-480a-9089-cdb23d1bc4ff-tuctb9291c3

Requested by

Host: www.sanook.com
URL: https://www.sanook.com/women/220941/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

208.93.169.131 , United States, ASN46244 (WEBMD-IDC1-AS, US),

Reverse DNS

Software

Jetty(10.0.14) /

Resource Hash

d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: ka-GE,ka;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=15768000
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
server: Jetty(10.0.14)
content-language: ka-GE
content-type: image/gif
p3p: policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control: private, max-age=0, no-cache, no-store
cw-server: bh-deployment-6d945594b4-g75q2
expires: -1

GET
H/1.1 200
OK /
rtb-csync.smartadserver.com/redir/ Frame 433E 43 B
697 B 5089ms
142ms Image
image/gif 185.86.138.152
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb-csync.smartadserver.com/redir/?partnerid=107&partneruserid=330b5701-58b6-480a-9089-cdb23d1bc4ff-tuctb9291c3&gdpr=0&gdpr_consent=
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/women/220941/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.138.152 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language: ka-GE,ka;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Mon, 26 Jun 2023 03:55:56 GMT
cache-control: no-cache,no-store
transfer-encoding: chunked
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

GET
H2

200

/
sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/ Frame 433E
Redirect Chain

https://dis.criteo.com/dis/usersync.aspx?r=29&p=282&cp=taboolaortb&cu=1&url=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fcriteortb-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%40%40CRITEO_USERID%40%40
https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=23147ba8-9dce-4280-9b33-0326e7f1884a

0
230 B

163ms
146ms

Image
text/plain

141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=23147ba8-9dce-4280-9b33-0326e7f1884a
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/women/220941/
Protocol: H2
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: ka-GE,ka;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Jun 2023 03:55:51 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 73493

Redirect headers

pragma: no-cache
date: Mon, 26 Jun 2023 03:55:50 GMT
x-errorlevel: 0
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location: https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=23147ba8-9dce-4280-9b33-0326e7f1884a
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 842531
content-length: 0
expires: Mon, 26 Jun 2023 00:00:00 GMT

GET
H2

200

/
sync.taboola.com/sg/id5-network/1/rtb-h/ Frame 433E
Redirect Chain

https://id5-sync.com/s/464/9.gif?puid=330b5701-58b6-480a-9089-cdb23d1bc4ff-tuctb9291c3&gdpr=0&gdpr_consent=&callback=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fid5-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D...
https://id5-sync.com/c/464/464/7/1.gif?puid=330b5701-58b6-480a-9089-cdb23d1bc4ff-tuctb9291c3&gdpr=0&gdpr_consent=&us_privacy=
https://sync.mathtag.com/sync/img?mt_exid=10089&mt_exuid=ID5-8382zvmjJAqFuNN4znWypfEIoBKdaZiM67JbDOmiow&redir=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F3%2F6%2F2.gif%3Fpuid%3D%5BUUID%5D%26gdpr%3D0%26g...
https://id5-sync.com/c/464/3/6/2.gif?puid=ee416499-0c47-4900-9866-75ceeafb321f&gdpr=0&gdpr_consent=
https://match.adsrvr.org/track/cmf/generic?ttd_pid=8h9u11h&ttd_tpi=1&gdpr=0&gdpr_consent=
https://id5-sync.com/k/264.gif?puid=5e7202d9-6874-499f-945e-f77f754f1896&ttl=%%TTL%%
https://sync.crwdcntrl.net/map/c=13953/tp=IDFI/gdpr=0/gdpr_consent=?https://id5-sync.com/c/464/19/4/4.gif?puid=${profile_id}&gdpr=0&gdpr_consent=
https://id5-sync.com/c/464/19/4/4.gif?puid=eb6079d1e598c4acd9508a7f7c38cd63&gdpr=0&gdpr_consent=
https://token.rubiconproject.com/token?pid=49266&puid={ID5UID}&gdpr=0&gdpr_consent=
https://id5-sync.com/k/285.gif?puid=LJCBTGRE-O-6ART&gdpr=0
https://dpm.demdex.net/ibs:dpid=121998&dpuuid=eb6079d1e598c4acd9508a7f7c38cd63&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F485%2F2%2F6.gif%3Fpuid%3D%24%7BDD_UUID%7D%26gdpr%3D0...
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=121998&dpuuid=eb6079d1e598c4acd9508a7f7c38cd63&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F485%2F2%2F6.gif%3Fpuid%3D%24%7...
https://id5-sync.com/c/464/485/2/6.gif?puid=76286581780712167101442776588903371845&gdpr=0&gdpr_consent=
https://x.bidswitch.net/check_uuid/https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F104%2F1%2F7.gif%3Fpuid%3D%24%7BBSW_UUID%7D%26gdpr%3D0%26gdpr_consent%3D?gdpr=0&gdpr_consent=
https://id5-sync.com/c/464/104/1/7.gif?puid=c34bfbe5-d3c8-4220-bb90-84a9e8560152&gdpr=0&gdpr_consent=
https://ssum-sec.casalemedia.com/usermatchredir?s=198601&cb=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F165%2F0%2F8.gif%3Fpuid%3D__UID__%26gdpr%3D0%26gdpr_consent%3D&gdpr_consent=&gdpr=0
https://id5-sync.com/c/464/165/0/8.gif?puid=ZJkMRw7ibFhG2uyiH-3BUQAA%265142&gdpr=0&gdpr_consent=
https://sync.taboola.com/sg/id5-network/1/rtb-h/?taboola_hm=ID5-8382zvmjJAqFuNN4znWypfEIoBKdaZiM67JbDOmiow

0
231 B

143ms
143ms

Image
text/plain

141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.taboola.com/sg/id5-network/1/rtb-h/?taboola_hm=ID5-8382zvmjJAqFuNN4znWypfEIoBKdaZiM67JbDOmiow
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/women/220941/
Protocol: H2
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: ka-GE,ka;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Jun 2023 03:55:59 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 73475

Redirect headers

location: https://sync.taboola.com/sg/id5-network/1/rtb-h/?taboola_hm=ID5-8382zvmjJAqFuNN4znWypfEIoBKdaZiM67JbDOmiow
date: Mon, 26 Jun 2023 03:55:59 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
transfer-encoding: chunked
p3p: CP="CAO PSA OUR"

GET
H2

200

rtb-h
sync-t1.taboola.com/sg/bidswitch-network/1/ Frame 433E
Redirect Chain

https://x.bidswitch.net/sync?ssp=taboola&gdpr=0&gdpr_consent=&us_privacy=
https://rtb.mfadsrvr.com/sync?ssp=bidswitch&bidswitch_ssp_id=taboola&bsw_user_id=c34bfbe5-d3c8-4220-bb90-84a9e8560152&gdpr=0&gdpr_consent=&us_privacy=
https://rtb.mfadsrvr.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=taboola&bsw_user_id=c34bfbe5-d3c8-4220-bb90-84a9e8560152&gdpr=0&gdpr_consent=&us_privacy=
https://x.bidswitch.net/sync?dsp_id=250&expires=14&user_id=065d7fef-6ff6-439d-a11b-307399f3e66b&ssp=taboola&gdpr=0
https://sync-t1.taboola.com/sg/bidswitch-network/1/rtb-h?taboola_hm=c34bfbe5-d3c8-4220-bb90-84a9e8560152&gdpr=0&gdpr_consent=&gdpr_pd=&us_privacy=

0
230 B

145ms
144ms

Image
text/plain

141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync-t1.taboola.com/sg/bidswitch-network/1/rtb-h?taboola_hm=c34bfbe5-d3c8-4220-bb90-84a9e8560152&gdpr=0&gdpr_consent=&gdpr_pd=&us_privacy=
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/women/220941/
Protocol: H2
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: ka-GE,ka;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Jun 2023 03:55:52 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 73498

Redirect headers

location: //sync-t1.taboola.com/sg/bidswitch-network/1/rtb-h?taboola_hm=c34bfbe5-d3c8-4220-bb90-84a9e8560152&gdpr=0&gdpr_consent=&gdpr_pd=&us_privacy=
date: Mon, 26 Jun 2023 03:55:52 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H2

200

rtb-h
match.taboola.com/sg/mediaforcebidder-network/1/ Frame 433E
Redirect Chain

https://rtb.mfadsrvr.com/sync?ssp=taboola
https://rtb.mfadsrvr.com/ul_cb/sync?ssp=taboola
https://sync.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=804f59f7-bc60-484a-9eed-7698cacb7469
https://match.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=804f59f7-bc60-484a-9eed-7698cacb7469&tbid=330b5701-58b6-480a-9089-cdb23d1bc4ff-tuctb9291c3&query=taboola_hm%3D804f59f7-bc60-...

0
77 B

155ms
154ms

Image
text/plain

151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=804f59f7-bc60-484a-9eed-7698cacb7469&tbid=330b5701-58b6-480a-9089-cdb23d1bc4ff-tuctb9291c3&query=taboola_hm%3D804f59f7-bc60-484a-9eed-7698cacb7469&isDirect=0
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/women/220941/
Protocol: H2
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: ka-GE,ka;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-cache-hits: 0
date: Mon, 26 Jun 2023 03:55:52 GMT
via: 1.1 varnish
server: nginx
x-timer: S1687751753.936721,VS0,VE34
x-cache: MISS
accept-ranges: bytes
content-length: 0
x-served-by: cache-sof1510039-SOF

Redirect headers

location: https://match.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=804f59f7-bc60-484a-9eed-7698cacb7469&tbid=330b5701-58b6-480a-9089-cdb23d1bc4ff-tuctb9291c3&query=taboola_hm%3D804f59f7-bc60-484a-9eed-7698cacb7469&isDirect=0
date: Mon, 26 Jun 2023 03:55:52 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 73498

GET
H2 200 sd
u.openx.net/w/1.0/ Frame 433E 43 B
106 B 161ms
144ms Image
image/gif 34.98.64.218
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://u.openx.net/w/1.0/sd?id=543998486&val=330b5701-58b6-480a-9089-cdb23d1bc4ff-tuctb9291c3&gdpr=0&gdpr_consent=
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/women/220941/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: ka-GE,ka;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 26 Jun 2023 03:55:52 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2

200

xuid
eb2.3lift.com/ Frame 433E
Redirect Chain

https://eb2.3lift.com/xuid?mid=7772&xuid=330b5701-58b6-480a-9089-cdb23d1bc4ff-tuctb9291c3&dongle=tbla&gdpr=0&gdpr_consent=&us_privacy=
https://eb2.3lift.com/xuid?ld=1&mid=7772&xuid=330b5701-58b6-480a-9089-cdb23d1bc4ff-tuctb9291c3&dongle=tbla&gdpr=0&cmp_cs=&us_privacy=

37 B
356 B

162ms
162ms

Image
image/gif

76.223.111.18
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?ld=1&mid=7772&xuid=330b5701-58b6-480a-9089-cdb23d1bc4ff-tuctb9291c3&dongle=tbla&gdpr=0&cmp_cs=&us_privacy=
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/women/220941/
Protocol: H2
Server: 76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: ka-GE,ka;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type: image/gif
date: Mon, 26 Jun 2023 03:55:55 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location: /xuid?ld=1&mid=7772&xuid=330b5701-58b6-480a-9089-cdb23d1bc4ff-tuctb9291c3&dongle=tbla&gdpr=0&cmp_cs=&us_privacy=
date: Mon, 26 Jun 2023 03:55:53 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H2

204

rtb-h
sync.taboola.com/sg/stackadaptrtb-network/1/ Frame 433E
Redirect Chain

https://sync.srv.stackadapt.com/sync?nid=140
https://sync.taboola.com/sg/stackadaptrtb-network/1/rtb-h?taboola_hm=HyGEDPYnWDFb8hkcmLqXflvvztU

0
222 B

143ms
143ms

Image
text/plain

141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.taboola.com/sg/stackadaptrtb-network/1/rtb-h?taboola_hm=HyGEDPYnWDFb8hkcmLqXflvvztU
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/women/220941/
Protocol: H2
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: ka-GE,ka;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Jun 2023 03:55:58 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 73477

Redirect headers

Location: https://sync.taboola.com/sg/stackadaptrtb-network/1/rtb-h?taboola_hm=HyGEDPYnWDFb8hkcmLqXflvvztU
Date: Mon, 26 Jun 2023 03:55:58 GMT
Connection: keep-alive
Content-Length: 119
Content-Type: text/html; charset=utf-8

GET
H2 200 sync
t.adx.opera.com/ Frame 433E 35 B
467 B 472ms
151ms Image
image/gif 82.145.213.8
NO-OPERA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t.adx.opera.com/sync?vendor=60151&uid=330b5701-58b6-480a-9089-cdb23d1bc4ff-tuctb9291c3
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/women/220941/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 82.145.213.8 , Norway, ASN39832 (NO-OPERA, NO),
Reverse DNS: n-sysadmin-jumpbox-03.feednews.opera.technology
Software: nginx /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language: ka-GE,ka;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 26 Jun 2023 03:55:55 GMT
server: nginx
access-control-allow-methods: POST, GET
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, accept, origin, Cache-Control, X-Requested-With
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2

200

/
sync-t1.taboola.com/sg/openxrtb-network/1/rtb-h/ Frame 433E
Redirect Chain

https://u.openx.net/w/1.0/cm?gdpr=0&gdpr_consent=&ph=295bf259-a378-4089-aae8-a2a995ba8627&id=37f45540-fa88-4005-bf73-8a7ac39467e3&r=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fopenxrtb-network%2F1%2Fr...
https://sync-t1.taboola.com/sg/openxrtb-network/1/rtb-h/?gdpr=0&us_privacy=1---&orig=video&taboola_hm=08f6c4d5-d5ca-4f5a-aef9-71664733e5bb

0
231 B

147ms
146ms

Image
text/plain

141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync-t1.taboola.com/sg/openxrtb-network/1/rtb-h/?gdpr=0&us_privacy=1---&orig=video&taboola_hm=08f6c4d5-d5ca-4f5a-aef9-71664733e5bb
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/women/220941/
Protocol: H2
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: ka-GE,ka;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Jun 2023 03:55:55 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 73494

Redirect headers

date: Mon, 26 Jun 2023 03:55:54 GMT
content-encoding: gzip
via: 1.1 google
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
content-type: image/gif
location: https://sync-t1.taboola.com/sg/openxrtb-network/1/rtb-h/?gdpr=0&us_privacy=1---&orig=video&taboola_hm=08f6c4d5-d5ca-4f5a-aef9-71664733e5bb
p3p: CP="CUR ADM OUR NOR STA NID"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 cds-pips.js Show response
cdn.taboola.com/scripts/ 3 KB
2 KB 121ms
117ms Script
application/javascript 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/scripts/cds-pips.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230620-21-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 3e7d49f24d56db02c7baca8ae3a17555c2e527571450e8c24c77b453407e267a

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: z5FoayaLm_Bvew3pbkytkoHczFCvkPwT
content-encoding: gzip
via: 1.1 varnish
date: Mon, 26 Jun 2023 03:55:51 GMT
x-amz-request-id: Y9HM0FG4CEQVXQW5
age: 3350
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 1340
x-amz-id-2: L1qJGtGoLr2a/9G/fjQBT+Qy6sxprAItOBmFc1iVgIqFJeLifbQzKhzoFLr/3xtR/NdHYx1LTx6wha/vQZeRsQ==
x-served-by: cache-sof1510039-SOF
last-modified: Wed, 12 Oct 2022 13:57:57 GMT
server: AmazonS3
x-timer: S1687751751.190503,VS0,VE0
etag: "383fa66d2a0a09f4a6e64a9593ad43bb"
vary: Accept-Encoding
content-type: application/javascript
abp: 30
access-control-allow-origin: *
cache-control: private, max-age=3600
accept-ranges: bytes
x-cache-hits: 12367

GET
H2 200 fraud-detect.js Show response
cdn.taboola.com/scripts/ 121 B
395 B 125ms
121ms Script
application/javascript 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/scripts/fraud-detect.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230620-21-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 392c32f20b9f867852a946a6ed1c5e21476df9619083548b6585d80a3b5f9bd4

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: vOXBAr_FxKHpU348.XTQhP6DWnVyKple
content-encoding: gzip
via: 1.1 varnish
date: Mon, 26 Jun 2023 03:55:51 GMT
x-amz-request-id: P6T6PP6XFNH8SVTF
age: 5286
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 125
x-amz-id-2: Qmf1NzI8yZUZdy3o4PM32OD+iPFg9AS3wHasA/5wQAh4nA5dhO9GxDqQXRemtlNTNVLhMEvebAU=
x-served-by: cache-sof1510039-SOF
last-modified: Thu, 15 Dec 2022 16:50:08 GMT
server: AmazonS3
x-timer: S1687751751.190502,VS0,VE0
etag: "f7a185d92ac2162dc0bc36c5d7ef7dfe"
vary: Accept-Encoding
content-type: application/javascript
abp: 61
access-control-allow-origin: *
cache-control: private,max-age=14400
accept-ranges: bytes
x-cache-hits: 12236

GET
H2 200 eidf.es5.js Show response
cdn.taboola.com/scripts/ 17 KB
7 KB 125ms
122ms Script
application/javascript 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/scripts/eidf.es5.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230620-21-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 12b5eaccd8a9d81a6a12512566d2b72aa7c100b4a261a08ee6aae4679a9e36b4

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: 3979WkHCSLO5cQCJAWoE4w7tW4Dv40AW
content-encoding: gzip
via: 1.1 varnish
date: Mon, 26 Jun 2023 03:55:51 GMT
x-amz-request-id: 7QVH5HCARX8WBYH3
age: 21810
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 6467
x-amz-id-2: XHEpN8NTCiFG8dCTiOn5f9Rdu5JwzWZMk+3GIoygxIcVkWruLwdnVCiLFbMy0/04g+EPkvpy29s=
x-served-by: cache-sof1510039-SOF
last-modified: Sun, 02 Apr 2023 13:49:08 GMT
server: AmazonS3
x-timer: S1687751751.190721,VS0,VE0
etag: "2fdf3e79d5e851201a0d52a886453d8b"
vary: Accept-Encoding
content-type: application/javascript
abp: 9
access-control-allow-origin: *
cache-control: private,max-age=14400
accept-ranges: bytes
x-cache-hits: 45148

GET
H3 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306210101/ Frame E81E 393 KB
125 KB 138ms
138ms Script
text/javascript 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306210101/pubads_impl.js?cb=31075547

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

2b682cb846d14bb05298861383969201f50f3334cd261828d904b198b21a81c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 25 Jun 2023 10:36:04 GMT
content-encoding: br
x-content-type-options: nosniff
age: 62387
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 127958
x-xss-protection: 0
server: cafe
etag: 9594374905283295825
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Mon, 24 Jun 2024 10:36:04 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ Frame E81E 6 KB
956 B 148ms
148ms XHR
application/json 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.sanook.com

Requested by

Host: www.sanook.com
URL: https://www.sanook.com/video/embed/clip/1537512/?playerType=video-js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

cdff804a874ca5ecf67d2f6c6605826044354c0f24e2e9f20f95c32fe17aa69c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Jun 2023 03:55:51 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 931
x-xss-protection: 0
expires: Mon, 26 Jun 2023 03:55:51 GMT

GET
H2 200 cmTagWIDGET_ITEM.js Show response
vidstat.taboola.com/vpaid/units/32_9_0/infra/ 772 KB
132 KB 130ms
129ms Script
application/javascript 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vidstat.taboola.com/vpaid/units/32_9_0/infra/cmTagWIDGET_ITEM.js
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.0.5/UnitWidgetItemDesktop.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3-br /
Resource Hash: 22a191737d58e91e6ea2b8bfbdcded9a8c184ea7b438cebb84f65e107bdab663

Request headers

Referer: https://www.sanook.com/
Origin: https://www.sanook.com
accept-language: ka-GE,ka;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-meta-mtime: 1687597745
date: Mon, 26 Jun 2023 03:55:55 GMT
via: 1.1 varnish
content-encoding: br
x-amz-request-id: WS2AMCN5F25CZEW0
age: 153842
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-meta-ctime: 1687597746
x-amz-meta-mode: 33188
content-length: 134841
x-amz-id-2: 6HQuQEwLMZw5Vhuh+q4mtLbiqTpvyVdTUidAxcRptv2l7FsUz0102ek7xVmuStyLCRDzlevgjV0=
x-served-by: cache-sof1510034-SOF
last-modified: Sat, 24 Jun 2023 09:09:07 GMT
server: AmazonS3-br
x-timer: S1687751755.294248,VS0,VE0
etag: "7794504a8074c13d0b28454ee6f9a0f6"
x-amz-meta-uid: 0
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
x-amz-meta-gid: 0
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
access-control-allow-headers: *
x-cache-hits: 68879

GET
H2 200 cmOsUnit.css
vidstat.taboola.com/vpaid/units/32_9_0/assets/css/ 60 KB
8 KB 121ms
121ms Stylesheet
text/css 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vidstat.taboola.com/vpaid/units/32_9_0/assets/css/cmOsUnit.css
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.0.5/UnitWidgetItemDesktop.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3-br /
Resource Hash: a6571199455f009b27bb8719e76ab06240bb4c9246f6b8915e3119ced168c132

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-meta-mtime: 1687597807
date: Mon, 26 Jun 2023 03:55:51 GMT
via: 1.1 varnish
content-encoding: br
x-amz-request-id: ZT2KH8PMH66Z9C8R
age: 153842
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-meta-ctime: 1687597807
x-amz-meta-mode: 33188
content-length: 7877
x-amz-id-2: ZpBOCAMy/kHGKSY5D17JW9WvFTClcJ4uKliKgaMb9OuEgFHsTxmtHFQII9/qjj7HmkWscbDtnKM=
x-served-by: cache-sof1510039-SOF
last-modified: Sat, 24 Jun 2023 09:10:08 GMT
server: AmazonS3-br
x-timer: S1687751751.244641,VS0,VE0
etag: "92502277b3d6d05481ffd7687771377e"
x-amz-meta-uid: 0
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
x-amz-meta-gid: 0
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
access-control-allow-headers: *
x-cache-hits: 184330

POST
H2 200 wl Show response
t.pubmatic.com/ 17 B
93 B 523ms
214ms XHR
text/plain 185.64.190.82
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://t.pubmatic.com/wl?pubid=155976
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/women/220941/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.64.190.82 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: 0d111d61901004eafd87c672f12f6cd54b3c376513aa672bf58100506dfe76f5

Request headers

Referer: https://www.sanook.com/
accept-language: ka-GE,ka;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Mon, 26 Jun 2023 03:55:51 GMT
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://www.sanook.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 17
expires: 0

POST
H3 200 / Show response
www.facebook.com/tr/ Frame FC1C 0
15 B 141ms
140ms Document
text/plain 157.240.0.35
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Host: www.sanook.com
URL: https://www.sanook.com/video/embed/clip/1537512/?playerType=video-js

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.0.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-02-fra3.facebook.com

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Content-Type: application/x-www-form-urlencoded
Origin: https://www.sanook.com
Referer: https://www.sanook.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: ka-GE,ka;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-origin: https://www.sanook.com
alt-svc: h3=":443"; ma=86400
content-length: 0
content-type: text/plain
cross-origin-resource-policy: cross-origin
date: Mon, 26 Jun 2023 03:55:51 GMT
priority: u=0,i
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains

GET
H/1.1 200
OK d
dc.sanook.com/sanookStat/userActBinary/ Frame E81E 0
130 B 4676ms
382ms Image
text/plain 61.91.93.45
TRUEINTERNET-AS-A...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dc.sanook.com/sanookStat/userActBinary/d?v=1&_v=j41&a=815967457&t=pageview&_s=1&dl=https%3A%2F%2Fwww.sanook.com%2Fvideo%2Fembed%2Fclip%2F1537512%2F%3FplayerType%3Dvideo-js&ul=en-us&de=UTF-8&dt=%E0%B8%A3%E0%B8%B2%E0%B8%A8%E0%B8%B5%E0%B8%97%E0%B8%B5%E0%B9%88%E0%B8%A1%E0%B8%B5%E0%B9%80%E0%B8%81%E0%B8%93%E0%B8%91%E0%B9%8C%20%E0%B9%80%E0%B8%94%E0%B8%B4%E0%B8%99%E0%B8%97%E0%B8%B2%E0%B8%87%E0%B9%81%E0%B8%A5%E0%B9%89%E0%B8%A7%E0%B8%94%E0%B8%B5%20%E0%B9%84%E0%B8%94%E0%B9%89%E0%B8%87%E0%B8%B2%E0%B8%99%E0%B9%83%E0%B8%AB%E0%B8%A1%E0%B9%88%E0%B9%86%20%3AEmbed%20Video&sd=24-bit&sr=1600x1200&vp=728x410&je=0&cd1=newsgroup&cd4=0&cd13=%E0%B8%84%E0%B8%A5%E0%B8%B4%E0%B8%9B%E0%B8%99%E0%B9%88%E0%B8%B2%E0%B8%AA%E0%B8%99%E0%B9%83%E0%B8%88&cd14=%E0%B8%94%E0%B8%B9%E0%B8%94%E0%B8%A7%E0%B8%87&cd15=1537512&cd16=user%20generated%20content%20(ugc)&cd21=40&cd22=video&cd23=embedplayer&cd33=%E0%B8%84%E0%B8%A5%E0%B8%B4%E0%B8%9B%E0%B8%99%E0%B9%88%E0%B8%B2%E0%B8%AA%E0%B8%99%E0%B9%83%E0%B8%88%2C%E0%B8%94%E0%B8%B9%E0%B8%94%E0%B8%A7%E0%B8%87%2CHoroscope%20Clip&cd34=video&cd35=newsgroup&cd36=interest&_gid=1856301452.1687751747&_u=AAAAAEABC~&cid=829687064.1687751747&tid=DC-8147095-6&z=1264510167
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/video/embed/clip/1537512/?playerType=video-js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 61.91.93.45 Bangkok, Thailand, ASN7470 (TRUEINTERNET-AS-AP TRUE INTERNET Co.,Ltd., TH),
Reverse DNS: 61-91-93-45.static.asianet.co.th
Software: / ARR/3.0
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Mon, 26 Jun 2023 15:48:15 GMT
X-Powered-By: ARR/3.0
Content-Length: 0

POST
H2 200 wl Show response
t.pubmatic.com/ 17 B
93 B 391ms
149ms XHR
text/plain 185.64.190.82
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://t.pubmatic.com/wl?pubid=155976
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/women/220941/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.64.190.82 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: 0d111d61901004eafd87c672f12f6cd54b3c376513aa672bf58100506dfe76f5

Request headers

Referer: https://www.sanook.com/
accept-language: ka-GE,ka;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Mon, 26 Jun 2023 03:55:51 GMT
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://www.sanook.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 17
expires: 0

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 7C19 22 KB
8 KB 163ms
159ms Document
text/html 172.217.18.1
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.1 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra02s19-in-f1.1e100.net

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://d0d8b8e6b737a493004210cba1ad57b8.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: ka-GE,ka;q=0.9

Response headers

accept-ranges: bytes
age: 482564
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 20 Jun 2023 13:53:07 GMT
expires: Wed, 19 Jun 2024 13:53:07 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 6917 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e621342aa9356bb83683d9b9aa28d5ef8b909c1e9336225d066391fedab88b26

Request headers

accept-language: ka-GE,ka;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

POST
H3 200 collect Show response
www.google-analytics.com/j/ Frame E81E 3 B
23 B 142ms
141ms XHR
text/plain 216.239.38.178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=806708042&t=pageview&_s=1&dl=https%3A%2F%2Fwww.sanook.com%2Fvideo%2Fembed%2Fclip%2F1537512%2F%3FplayerType%3Dvideo-js&ul=en-us&de=UTF-8&dt=%E0%B8%A3%E0%B8%B2%E0%B8%A8%E0%B8%B5%E0%B8%97%E0%B8%B5%E0%B9%88%E0%B8%A1%E0%B8%B5%E0%B9%80%E0%B8%81%E0%B8%93%E0%B8%91%E0%B9%8C%20%E0%B9%80%E0%B8%94%E0%B8%B4%E0%B8%99%E0%B8%97%E0%B8%B2%E0%B8%87%E0%B9%81%E0%B8%A5%E0%B9%89%E0%B8%A7%E0%B8%94%E0%B8%B5%20%E0%B9%84%E0%B8%94%E0%B9%89%E0%B8%87%E0%B8%B2%E0%B8%99%E0%B9%83%E0%B8%AB%E0%B8%A1%E0%B9%88%E0%B9%86%20%3AEmbed%20Video&sd=24-bit&sr=1600x1200&vp=728x410&je=0&_u=QACAAEABQAAAACAEK~&jid=&gjid=&cid=829687064.1687751747&tid=UA-8147095-6&_gid=1856301452.1687751747&_slc=1&gtm=45He36l0n81PNXLXRS&cd1=newsgroup&cd2=newsgroup&cd3=interest&cd4=0&cd12=1687751750490.gza8mmwr&cd13=%E0%B8%84%E0%B8%A5%E0%B8%B4%E0%B8%9B%E0%B8%99%E0%B9%88%E0%B8%B2%E0%B8%AA%E0%B8%99%E0%B9%83%E0%B8%88&cd14=%E0%B8%94%E0%B8%B9%E0%B8%94%E0%B8%A7%E0%B8%87&cd15=1537512&cd16=user%20generated%20content%20(ugc)&cd21=40&cd22=video&cd23=embedplayer&cd33=%E0%B8%84%E0%B8%A5%E0%B8%B4%E0%B8%9B%E0%B8%99%E0%B9%88%E0%B8%B2%E0%B8%AA%E0%B8%99%E0%B9%83%E0%B8%88%2C%E0%B8%94%E0%B8%B9%E0%B8%94%E0%B8%A7%E0%B8%87%2CHoroscope%20Clip&cd34=video&cd35=newsgroup&cd36=interest&cd43=0&cd44=2&cm5=1&z=281251675

Requested by

Host: www.sanook.com
URL: https://www.sanook.com/video/embed/clip/1537512/?playerType=video-js

Protocol

Security

QUIC, , AES_128_GCM

Server

216.239.38.178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.sanook.com/
accept-language: ka-GE,ka;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 26 Jun 2023 03:55:51 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.sanook.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame FA44 0
0 170ms
170ms Fetch
image/gif 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjst3bGRrBSdQE-MjRpm8OSX7w-i1Ky5kJRTJ292haRliua0rAN3G4TSXrkNb-zVXkvRUPHytRhjJVJoh2If3oHq21ZbpzCqBC6caQYHlwoSfcdSwaHY3oozeWbr2Tk0Qa4hPe_wWHLgTpPaBNectrzIMTD2Nbh7uOORMB8UO9140gGnwNxoOO4bcabMpy9h4RAzXaKkMj8erxTXApPaM-WdvVo5k4WBlzI2IcPSATXdWI8FLoLS1f_nMXB3D__A24YWvEBvaRPJhRfi2C_oXBpl-CRqMLYj_j6wuex621ulTt8WVyNyni5BDCcdyB3NBs2IcnbcqNtppgctN8seMk1Y8XUQL50Bu6uuZfQ1fXJMU_2P16Qc&sai=AMfl-YR7S2tf2WMnQZKxVHk4Hj2LsUoJQCe3Is8y6yUaZ8dhcnSsmzsIPgVE1O0qQOOGWNVR0UHePBryGq43YVrjqsNTmvmBuZoiBCSJxoGglkzwB5LXeCZbFd0PAuWnIgqrpXM8k-q_tOyHgp3CitzkfK4&sig=Cg0ArKJSzGcd-zzipf9iEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Jun 2023 03:55:51 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Mon, 26 Jun 2023 03:55:51 GMT

GET
H2 200 videojs-hlsjs-plugin.js Show response
cdn.streamroot.io/videojs-hlsjs-plugin/1/stable/ Frame E81E 236 KB
71 KB 1099ms
296ms Script
application/javascript 207.120.34.9
LEVEL3

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.streamroot.io/videojs-hlsjs-plugin/1/stable/videojs-hlsjs-plugin.js
Requested by: Host: s.isanook.com
URL: https://s.isanook.com/sr/0/_next/static/chunks/pages/_app-728bf3a5f2152c8da774.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 207.120.34.9 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: /
Resource Hash: f022d004b222efee610e30fd68b5be41fe393cfe9212ad27612762bf08e6938e

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Jun 2023 03:55:52 GMT
x-amz-version-id: Y7fWyjM.VjxPjeforXx3R_XdWuNXr1zZ
section-io-cache-id: 824669a726e7c3ffc5dd7200e6ae000e
via: 1.1 varnish (Varnish/6.6)
x-amz-request-id: 8NZMQRBA67BHR964
age: 0
content-encoding: gzip
x-amz-meta-version: 1.0.16
section-io-cache: Hit
x-amz-id-2: 6x0CRkS4Plhz/evn5ju3J66WfAkcJXOnVfOESoX3owZiYFs7gJ6vVZV3RP+Nw/mJNMHvHAczYGA=
last-modified: Thu, 03 Feb 2022 16:33:36 GMT
etag: W/"605e257f5b6ad2780ea4f907a0f1157e"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: application/javascript
x-varnish: 330751 65548
access-control-allow-origin: *
cache-control: must-revalidate, max-age=600
section-io-id: 59645846293946052ad2a7f734fe75d0

GET
H2 200 videojs-contrib-ads.min.js Show response
s.isanook.com/sr/0/js/videojs-v8/ Frame E81E 30 KB
9 KB 141ms
141ms Script
application/javascript 43.152.29.12
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to

Full URL: https://s.isanook.com/sr/0/js/videojs-v8/videojs-contrib-ads.min.js
Requested by: Host: s.isanook.com
URL: https://s.isanook.com/sr/0/_next/static/chunks/pages/_app-728bf3a5f2152c8da774.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 43.152.29.12 , Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: Lego Server /
Resource Hash: 1fbcc7f3b789fe32c35941497b721bb531abec0f03d77ccdee56119af3f27bdc

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 07:31:36 GMT
content-encoding: gzip
x-cache-lookup: Cache Hit, Hit From Inner Cluster
last-modified: Wed, 21 Jun 2023 07:17:48 GMT
server: Lego Server
age: 0
etag: W/"6492a41c-78f4"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000, s-maxage=10
x-nws-log-uuid: 7193376842765085857
accept-ranges: bytes
content-length: 8964
expires: Fri, 21 Jul 2023 07:31:36 GMT

GET
H2 200 videojs-ima.min.js Show response
s.isanook.com/sr/0/js/videojs-v8/ Frame E81E 47 KB
10 KB 143ms
143ms Script
application/javascript 43.152.29.12
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to

Full URL: https://s.isanook.com/sr/0/js/videojs-v8/videojs-ima.min.js
Requested by: Host: s.isanook.com
URL: https://s.isanook.com/sr/0/_next/static/chunks/pages/_app-728bf3a5f2152c8da774.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 43.152.29.12 , Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: Lego Server /
Resource Hash: 64faf061ed09cea996b42e0975d7b0425b77b4b50967b211bd5cf375508df564

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 07:31:36 GMT
content-encoding: gzip
x-cache-lookup: Cache Hit, Hit From Inner Cluster
last-modified: Wed, 21 Jun 2023 07:17:48 GMT
server: Lego Server
age: 0
etag: W/"6492a41c-bb01"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000, s-maxage=10
x-nws-log-uuid: 773600003949082379
accept-ranges: bytes
content-length: 9880
expires: Fri, 21 Jul 2023 07:31:36 GMT

GET
H2 200 videojs-titleoverlay.js Show response
s.isanook.com/sr/0/js/videojs-v8/ Frame E81E 6 KB
2 KB 144ms
143ms Script
application/javascript 43.152.29.12
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to

Full URL: https://s.isanook.com/sr/0/js/videojs-v8/videojs-titleoverlay.js
Requested by: Host: s.isanook.com
URL: https://s.isanook.com/sr/0/_next/static/chunks/pages/_app-728bf3a5f2152c8da774.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 43.152.29.12 , Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: Lego Server /
Resource Hash: 9c3414876f3603f781a46bc8642c58b25d5ebd027f56367f0a1487de285c6e63

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 07:32:35 GMT
content-encoding: gzip
x-cache-lookup: Cache Hit, Hit From Inner Cluster
last-modified: Wed, 21 Jun 2023 07:17:48 GMT
server: Lego Server
age: 0
etag: W/"6492a41c-1747"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000, s-maxage=10
x-nws-log-uuid: 18413670122629662853
accept-ranges: bytes
content-length: 1818
expires: Fri, 21 Jul 2023 07:32:35 GMT

GET
H2 200 videojs-vtt-thumbnails.min.js Show response
s.isanook.com/sr/0/js/videojs-v8/ Frame E81E 13 KB
3 KB 143ms
143ms Script
application/javascript 43.152.29.12
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to

Full URL: https://s.isanook.com/sr/0/js/videojs-v8/videojs-vtt-thumbnails.min.js
Requested by: Host: s.isanook.com
URL: https://s.isanook.com/sr/0/_next/static/chunks/pages/_app-728bf3a5f2152c8da774.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 43.152.29.12 , Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: Lego Server /
Resource Hash: b79ae3695c2658408d8e846750080aed460c56994fe8cbfcfa0bd1b77e249604

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 07:33:13 GMT
content-encoding: gzip
x-cache-lookup: Cache Hit, Hit From Inner Cluster
last-modified: Wed, 21 Jun 2023 07:17:48 GMT
server: Lego Server
age: 0
etag: W/"6492a41c-3219"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000
x-nws-log-uuid: 11855272570381207578
accept-ranges: bytes
content-length: 3295
expires: Fri, 21 Jul 2023 07:33:13 GMT

GET
H/1.1 200 v1 Show response
lb.eu-1-id5-sync.com/lb/ 33 B
401 B 417ms
134ms XHR
application/json 162.19.138.83
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://lb.eu-1-id5-sync.com/lb/v1

Requested by

Host: www.sanook.com
URL: https://www.sanook.com/women/220941/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.83 , France, ASN16276 (OVH, FR),

Reverse DNS

ns31532338.ip-162-19-138.eu

Software

Resource Hash

19420defb20241086bf847a0c6c7cf44bd985cf7a939669755fd679f5eded955

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://www.sanook.com/
accept-language: ka-GE,ka;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.sanook.com
date: Mon, 26 Jun 2023 03:55:51 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding: chunked
content-type: application/json;charset=UTF-8

GET
H2 200 97017_304628493_025c14e4b95d933d7eddcf5865cba469.png
dsp-media.eskimi.com/upload/ Frame 5380 121 KB
122 KB 159ms
157ms Image
image/png 138.199.36.11
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsp-media.eskimi.com/upload/97017_304628493_025c14e4b95d933d7eddcf5865cba469.png
Requested by: Host: d0d8b8e6b737a493004210cba1ad57b8.safeframe.googlesyndication.com
URL: https://d0d8b8e6b737a493004210cba1ad57b8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 138.199.36.11 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: 138-199-36-11.bunnyinfra.net
Software: BunnyCDN-DE1-1054 /
Resource Hash: 95988cf2d891f35c99c3424c102fddddcbb01d89fff3536b5bccb24362f3689c

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://d0d8b8e6b737a493004210cba1ad57b8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

cdn-requestpullsuccess: True
date: Mon, 26 Jun 2023 03:55:51 GMT
cdn-edgestorageid: 756
cdn-cachedat: 04/04/2023 14:00:17
cdn-pullzone: 692289
content-length: 123806
last-modified: Tue, 04 Apr 2023 11:50:51 GMT
server: BunnyCDN-DE1-1054
cdn-proxyver: 1.03
cdn-requestpullcode: 200
etag: "642c0f1b-1e39e"
content-type: image/png
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: ce2848ff-13c5-49e5-873d-af24ad423612
cache-control: public, max-age=31536000
cdn-requestid: 58b2e82458d9c97f1214a22276c96cc1
accept-ranges: bytes
cdn-requestcountrycode: GE
cdn-status: 200
expires: Wed, 03 Apr 2024 14:00:17 GMT

GET
H2 200 adchoice_logo_15x15_v2.png
dsp-media.eskimi.com/upload/wl/eskimi/ Frame 5380 360 B
833 B 188ms
188ms Image
image/png 138.199.36.11
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsp-media.eskimi.com/upload/wl/eskimi/adchoice_logo_15x15_v2.png?_=2.1.0.9
Requested by: Host: d0d8b8e6b737a493004210cba1ad57b8.safeframe.googlesyndication.com
URL: https://d0d8b8e6b737a493004210cba1ad57b8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 138.199.36.11 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: 138-199-36-11.bunnyinfra.net
Software: BunnyCDN-DE1-1054 /
Resource Hash: 04dd17131968a07c34224fb2e34a25d3bdd06fed40c6025f20ecdfc9e6eff2a0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://d0d8b8e6b737a493004210cba1ad57b8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

cdn-requestpullsuccess: True
date: Mon, 26 Jun 2023 03:55:51 GMT
cdn-edgestorageid: 755
cdn-cachedat: 06/16/2023 07:15:44
cdn-pullzone: 692289
content-length: 360
last-modified: Tue, 28 Feb 2023 09:21:44 GMT
server: BunnyCDN-DE1-1054
cdn-proxyver: 1.03
cdn-requestpullcode: 200
etag: "63fdc7a8-168"
content-type: image/png
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: ce2848ff-13c5-49e5-873d-af24ad423612
cache-control: public, max-age=31536000
cdn-requestid: 8cab977632195d9d56754279aa47476f
accept-ranges: bytes
cdn-requestcountrycode: GE
cdn-status: 200
expires: Sat, 15 Jun 2024 07:15:44 GMT

GET
H2 200 utr.min.js Show response
dsp-media.eskimi.com/assets/js/e/ Frame 5380 10 KB
5 KB 234ms
233ms Script
application/javascript 138.199.36.11
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL

https://dsp-media.eskimi.com/assets/js/e/utr.min.js?vv=0&trv=0&trve=0&src=utr&bId=1687751749758.14.ed98ef07-605f-43f4-96b8-f81b5ee6dbc4&baId=ead-b79ec198bb41c0cec8271dc454a990f5&mr=0

Requested by

Host: d0d8b8e6b737a493004210cba1ad57b8.safeframe.googlesyndication.com
URL: https://d0d8b8e6b737a493004210cba1ad57b8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

138.199.36.11 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),

Reverse DNS

138-199-36-11.bunnyinfra.net

Software

BunnyCDN-DE1-1054 /

Resource Hash

7f5feab8115fb17c8945b5b22a6382315c264a9878b2de8d1916013720e496ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://d0d8b8e6b737a493004210cba1ad57b8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

expires: Tue, 25 Jun 2024 03:55:51 GMT
date: Mon, 26 Jun 2023 03:55:51 GMT
content-encoding: br
x-content-type-options: nosniff
cdn-edgestorageid: 1049
cdn-cachedat: 06/26/2023 03:55:51
cdn-pullzone: 692289
last-modified: Thu, 01 Dec 2022 09:59:55 GMT
server: BunnyCDN-DE1-1054
cdn-proxyver: 1.03
cdn-requestpullcode: 200
etag: W/"63887b1b-29ad"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cdn-cache: MISS
cdn-uid: ce2848ff-13c5-49e5-873d-af24ad423612
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31536000
cdn-requestid: 652268212abd7594e9e982b83ed80845
cdn-requestcountrycode: GE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 gtr.min.js Show response
dsp-media.eskimi.com/assets/js/e/ Frame 5380 6 KB
3 KB 189ms
189ms Script
application/javascript 138.199.36.11
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL

https://dsp-media.eskimi.com/assets/js/e/gtr.min.js?_=0.0.0.2

Requested by

Host: d0d8b8e6b737a493004210cba1ad57b8.safeframe.googlesyndication.com
URL: https://d0d8b8e6b737a493004210cba1ad57b8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

138.199.36.11 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),

Reverse DNS

138-199-36-11.bunnyinfra.net

Software

BunnyCDN-DE1-1054 /

Resource Hash

c82c372cd5c4a3b46fddb13499d36d8818044e818b53a6794f340effeea5673a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://d0d8b8e6b737a493004210cba1ad57b8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

expires: Tue, 27 Feb 2024 09:17:18 GMT
date: Mon, 26 Jun 2023 03:55:51 GMT
content-encoding: br
x-content-type-options: nosniff
cdn-edgestorageid: 1082
cdn-cachedat: 02/27/2023 09:17:18
cdn-pullzone: 692289
last-modified: Fri, 24 Feb 2023 12:08:35 GMT
server: BunnyCDN-DE1-1054
cdn-proxyver: 1.03
cdn-requestpullcode: 200
etag: W/"63f8a8c3-19cc"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: ce2848ff-13c5-49e5-873d-af24ad423612
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31536000
cdn-requestid: 42a53b924dc7007513590d1d8b3f82ee
cdn-requestcountrycode: GE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 pd Show response
jp-u.openx.net/w/1.0/ Frame 446F 1004 B
973 B 426ms
144ms Document
text/html 34.98.64.218
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://jp-u.openx.net/w/1.0/pd?plm=10&ph=41369f8c-6fd8-4c86-b8bb-fad81774416e
Requested by: Host: d0d8b8e6b737a493004210cba1ad57b8.safeframe.googlesyndication.com
URL: https://d0d8b8e6b737a493004210cba1ad57b8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 2d8d735badb9fea9b426906d13d99ea68436a5d0637ec8866b186fa90cdc390a

Request headers

Referer: https://d0d8b8e6b737a493004210cba1ad57b8.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: ka-GE,ka;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: gzip
content-length: 539
content-type: text/html
date: Mon, 26 Jun 2023 03:55:51 GMT
p3p: CP="CUR ADM OUR NOR STA NID"
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
via: 1.1 google

GET
H2 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame CC71 1 KB
683 B 134ms
132ms Document
text/html 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: d0d8b8e6b737a493004210cba1ad57b8.safeframe.googlesyndication.com
URL: https://d0d8b8e6b737a493004210cba1ad57b8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://d0d8b8e6b737a493004210cba1ad57b8.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: ka-GE,ka;q=0.9

Response headers

age: 32325
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 25 Jun 2023 18:57:06 GMT
etag: 48472445140208031
expires: Mon, 26 Jun 2023 18:57:06 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 655F
Redirect Chain

https://match.adsby.bidtheatre.com/adxcookie?id=&google_gid=CAESEM9FJCzL_gtRm0F-kxyMypE&google_cver=1&google_push=ATf1kGOPSSIAbnOVNwOZk1eNWapHYVwhYUUqh3iFwOTgk0W363NWy-B8ncDLzYXgtBaq11V11u_U1nWW5Bq...
https://cm.g.doubleclick.net/pixel?google_nid=bt&google_push=ATf1kGOPSSIAbnOVNwOZk1eNWapHYVwhYUUqh3iFwOTgk0W363NWy-B8ncDLzYXgtBaq11V11u_U1nWW5Bqun36yVFeqHMQ2D_Kn

170 B
188 B

147ms
147ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=bt&google_push=ATf1kGOPSSIAbnOVNwOZk1eNWapHYVwhYUUqh3iFwOTgk0W363NWy-B8ncDLzYXgtBaq11V11u_U1nWW5Bqun36yVFeqHMQ2D_Kn

Requested by

Host: d0d8b8e6b737a493004210cba1ad57b8.safeframe.googlesyndication.com
URL: https://d0d8b8e6b737a493004210cba1ad57b8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 26 Jun 2023 03:55:55 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=bt&google_push=ATf1kGOPSSIAbnOVNwOZk1eNWapHYVwhYUUqh3iFwOTgk0W363NWy-B8ncDLzYXgtBaq11V11u_U1nWW5Bqun36yVFeqHMQ2D_Kn
Date: Mon, 26 Jun 2023 03:55:55 GMT
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=5, max=3000
Content-Length: 0
P3P: policyref="/w3c/p3p.xml", CP="DSP NON LAW OUR CUR DEVo PSAo PSDo IND STA NAV COM INT"

GET dds
rtb.openx.net/sync/ Frame 655F 0
0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 655F
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEO_Wkgcvf9U77XvtLlSMiRA&google_cver=1&google_push=ATf1kGN1gbeVK80acyK0hI3zKNsREYuM2UruoKVGE8thXbfVp1ZJy9Ah6Ntg-KRo7HPLSj_kH9n...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEpDQlRHWjYtMVYtTUNSTA==&google_push=ATf1kGN1gbeVK80acyK0hI3zKNsREYuM2UruoKVGE8thXbfVp1ZJy9Ah6Ntg-KRo7HPLSj_kH9nQIHzqTsAfCbv5g_eIlYvSVATD

170 B
188 B

155ms
154ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEpDQlRHWjYtMVYtTUNSTA==&google_push=ATf1kGN1gbeVK80acyK0hI3zKNsREYuM2UruoKVGE8thXbfVp1ZJy9Ah6Ntg-KRo7HPLSj_kH9nQIHzqTsAfCbv5g_eIlYvSVATD

Requested by

Host: d0d8b8e6b737a493004210cba1ad57b8.safeframe.googlesyndication.com
URL: https://d0d8b8e6b737a493004210cba1ad57b8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 26 Jun 2023 03:55:55 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEpDQlRHWjYtMVYtTUNSTA==&google_push=ATf1kGN1gbeVK80acyK0hI3zKNsREYuM2UruoKVGE8thXbfVp1ZJy9Ah6Ntg-KRo7HPLSj_kH9nQIHzqTsAfCbv5g_eIlYvSVATD
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 4cdacfaa68e4ab216fffbcc107c5b898
Expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 655F
Redirect Chain

https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dsonobi%26google_push%3DATf1kGNrmJ9toIaAshxrm7EEqs-oyvS2sS_keNgZq8TaxBhp5YvGHf1AgKEMDVdzPVpQZGuKGgAJOC82hp...
https://cm.g.doubleclick.net/pixel?google_nid=sonobi&google_push=ATf1kGNrmJ9toIaAshxrm7EEqs-oyvS2sS_keNgZq8TaxBhp5YvGHf1AgKEMDVdzPVpQZGuKGgAJOC82hpDiJwWOnR2isy75KC0N&google_hm=57439a8a-80a9-45d0-80...

170 B
188 B

148ms
148ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=sonobi&google_push=ATf1kGNrmJ9toIaAshxrm7EEqs-oyvS2sS_keNgZq8TaxBhp5YvGHf1AgKEMDVdzPVpQZGuKGgAJOC82hpDiJwWOnR2isy75KC0N&google_hm=57439a8a-80a9-45d0-800e-78cd74cabc7e

Requested by

Host: d0d8b8e6b737a493004210cba1ad57b8.safeframe.googlesyndication.com
URL: https://d0d8b8e6b737a493004210cba1ad57b8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 26 Jun 2023 03:55:55 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 26 Jun 2023 03:55:53 GMT
Server: sonobi-go
Vary: negotiate,Accept-Encoding
X-Go-Server: go-iad-2-5-91
Content-Type: text/plain; charset=utf8
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Location: https://cm.g.doubleclick.net/pixel?google_nid=sonobi&google_push=ATf1kGNrmJ9toIaAshxrm7EEqs-oyvS2sS_keNgZq8TaxBhp5YvGHf1AgKEMDVdzPVpQZGuKGgAJOC82hpDiJwWOnR2isy75KC0N&google_hm=57439a8a-80a9-45d0-800e-78cd74cabc7e
Cache-Control: no-cache, no-store, private
Tcn: Choice
Content-Length: 0
X-Xss-Protection: 0
Expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 655F
Redirect Chain

https://rtb2-useast.e-volution.ai/sync?exchange=193&google_gid=CAESEHNjqDo9NaqZt8YGFMh2OhI&google_cver=1&google_push=ATf1kGNPLdJ1FRA5EDRO9LoGMt69fWjviRsonqLzJEQKnIfz1-UWXVuJWaXrjbHT2RFWtpp-lyDUja-x...
https://dsp.adkernel.com/adkuid?r=https%3A%2F%2Frtb2-useast.e-volution.ai%2Fsync%3Fexchange%3D193%26google_gid%3DCAESEHNjqDo9NaqZt8YGFMh2OhI%26google_cver%3D1%26google_push%3DATf1kGNPLdJ1FRA5EDRO9L...
https://rtb2-useast.e-volution.ai/sync?adkuid=A2175767589467416057&exchange=193&google_gid=CAESEHNjqDo9NaqZt8YGFMh2OhI&google_cver=1&google_push=ATf1kGNPLdJ1FRA5EDRO9LoGMt69fWjviRsonqLzJEQKnIfz1-UW...
https://cm.g.doubleclick.net/pixel?google_nid=metup_srl_w_bidswitch&google_hm=QTIxNzU3Njc1ODk0Njc0MTYwNTc&google_push=ATf1kGNPLdJ1FRA5EDRO9LoGMt69fWjviRsonqLzJEQKnIfz1-UWXVuJWaXrjbHT2RFWtpp-lyDUja-...

170 B
188 B

155ms
155ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=metup_srl_w_bidswitch&google_hm=QTIxNzU3Njc1ODk0Njc0MTYwNTc&google_push=ATf1kGNPLdJ1FRA5EDRO9LoGMt69fWjviRsonqLzJEQKnIfz1-UWXVuJWaXrjbHT2RFWtpp-lyDUja-xI5HpLNkzp5XJv2zeKa6axA

Requested by

Host: d0d8b8e6b737a493004210cba1ad57b8.safeframe.googlesyndication.com
URL: https://d0d8b8e6b737a493004210cba1ad57b8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 26 Jun 2023 03:55:55 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=metup_srl_w_bidswitch&google_hm=QTIxNzU3Njc1ODk0Njc0MTYwNTc&google_push=ATf1kGNPLdJ1FRA5EDRO9LoGMt69fWjviRsonqLzJEQKnIfz1-UWXVuJWaXrjbHT2RFWtpp-lyDUja-xI5HpLNkzp5XJv2zeKa6axA
Date: Mon, 26 Jun 2023 03:55:55 GMT
Server: nginx
Connection: keep-alive
Content-Length: 0

GET /
onetag-sys.com/match/ Frame 655F 0
0

GET
H2

200

spacer.gif
an.yandex.ru/resource/ Frame 655F
Redirect Chain

https://an.yandex.ru/mapuid/google/CAESEJ_sa0iY2bkLo6ezmMEhbug?ext-param=ATf1kGNaV4cWBQnG6DLb4G57_y3ekQa5jRxutxDxvDCq4_HB4tRr8RE3R-1UQVSa0zPlTCRi5h4on0w8DGid5UTxvT42FQKgCIEAfg&partner-tag=yandex_ag...
https://an.yandex.ru/mapuid/google/CAESEJ_sa0iY2bkLo6ezmMEhbug?redir-setuniq=1&ext-param=ATf1kGNaV4cWBQnG6DLb4G57_y3ekQa5jRxutxDxvDCq4_HB4tRr8RE3R-1UQVSa0zPlTCRi5h4on0w8DGid5UTxvT42FQKgCIEAfg&partn...
https://cm.g.doubleclick.net/pixel?google_nid=yandex_ag&google_hm=CAESEJ_sa0iY2bkLo6ezmMEhbug&google_redir=https%3A%2F%2Fan.yandex.ru%2Fresource%2Fspacer.gif
https://an.yandex.ru/resource/spacer.gif

43 B
144 B

116ms
116ms

Image
image/gif

213.180.193.90
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://an.yandex.ru/resource/spacer.gif

Requested by

Host: d0d8b8e6b737a493004210cba1ad57b8.safeframe.googlesyndication.com
URL: https://d0d8b8e6b737a493004210cba1ad57b8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

213.180.193.90 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

bs.yandex.ru

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Jun 2023 03:55:55 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
last-modified: Wed, 18 Apr 2001 10:28:03 GMT
content-type: image/gif
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Mon, 10 Jun 2024 03:55:55 GMT

Redirect headers

pragma: no-cache
date: Mon, 26 Jun 2023 03:55:55 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://an.yandex.ru/resource/spacer.gif
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 237
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame 655F 0
59 B 149ms
140ms Image
text/html 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KZ2hLIVxyE0qZig931FsEn61OEJPLwaKRW5HyGUmyJSDNawbQ-kt9juKalyzlC7f8f5SHdb7R1

Requested by

Host: d0d8b8e6b737a493004210cba1ad57b8.safeframe.googlesyndication.com
URL: https://d0d8b8e6b737a493004210cba1ad57b8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Jun 2023 03:55:51 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2 200 icon.png
dsp-media.eskimi.com/upload/rich-media-templates/pixel_pages_templates/300x250/images/ Frame 5380 7 KB
7 KB 159ms
159ms Image
image/png 138.199.36.11
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsp-media.eskimi.com/upload/rich-media-templates/pixel_pages_templates/300x250/images/icon.png
Requested by: Host: dsp-media.eskimi.com
URL: https://dsp-media.eskimi.com/upload/rich-media-templates/pixel_pages_templates/300x250/mystyle.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 138.199.36.11 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: 138-199-36-11.bunnyinfra.net
Software: BunnyCDN-DE1-1054 /
Resource Hash: 35ab6b849009dca5d51bfcf9c85b80b2de2e00b1ae79158cd2338964540c27f8

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://dsp-media.eskimi.com/upload/rich-media-templates/pixel_pages_templates/300x250/mystyle.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

cdn-requestpullsuccess: True
date: Mon, 26 Jun 2023 03:55:51 GMT
cdn-edgestorageid: 1075
cdn-cachedat: 01/04/2023 07:41:26
cdn-pullzone: 692289
content-length: 6747
last-modified: Tue, 29 Nov 2022 08:01:19 GMT
server: BunnyCDN-DE1-1054
cdn-proxyver: 1.03
cdn-requestpullcode: 200
etag: "6385bc4f-1a5b"
content-type: image/png
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: ce2848ff-13c5-49e5-873d-af24ad423612
cache-control: public, max-age=31536000
cdn-requestid: f317521514cc44a64a4137dc98ebfbef
accept-ranges: bytes
cdn-requestcountrycode: GE
cdn-status: 200
expires: Thu, 04 Jan 2024 07:41:26 GMT

POST
H2 200 wl Show response
t.pubmatic.com/ 17 B
93 B 190ms
190ms XHR
text/plain 185.64.190.82
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://t.pubmatic.com/wl?pubid=155976
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/women/220941/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.64.190.82 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: 0d111d61901004eafd87c672f12f6cd54b3c376513aa672bf58100506dfe76f5

Request headers

Referer: https://www.sanook.com/
accept-language: ka-GE,ka;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Mon, 26 Jun 2023 03:55:51 GMT
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://www.sanook.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 17
expires: 0

GET
H2 200 hub.js Show response
p3.isanook.com/jo/0/mu/evt/_cross_storage/lib/ Frame D001 3 KB
1 KB 144ms
143ms Script
application/javascript 43.152.29.11
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to

Full URL: https://p3.isanook.com/jo/0/mu/evt/_cross_storage/lib/hub.js
Requested by: Host: p3.isanook.com
URL: https://p3.isanook.com/jo/0/mu/evt/_cross_storage/ex/hub.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 43.152.29.11 , Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: Lego Server /
Resource Hash: 776a28e191f05a078df0df129f85d0365d274ac128afd1342265570deac8aaf8

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://p3.isanook.com/jo/0/mu/evt/_cross_storage/ex/hub.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 19 Jun 2023 08:58:46 GMT
content-encoding: gzip
x-cache-lookup: Cache Hit, Hit From Inner Cluster
x-original-content-length: 3222
server: Lego Server
age: 102305
etag: W/"PSA-aj-UwdRNtHGhk"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-nws-log-uuid: 3046223341312287742
accept-ranges: bytes
content-length: 1062
expires: Sat, 15 Jul 2023 18:27:19 GMT

POST
H2 204 collect
analytics.google.com/g/ Frame E81E 0
54 B 167ms
167ms Ping
text/plain 216.239.34.181
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-M0RYDTKBFK&gtm=45je36l0&_p=806708042&cid=829687064.1687751747&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&dl=https%3A%2F%2Fwww.sanook.com%2Fvideo%2Fembed%2Fclip%2F1537512%2F%3FplayerType%3Dvideo-js&sid=1687751747&sct=1&seg=1&dr=https%3A%2F%2Fwww.sanook.com%2Fwomen%2F220941%2F&dt=%E0%B8%A3%E0%B8%B2%E0%B8%A8%E0%B8%B5%E0%B8%97%E0%B8%B5%E0%B9%88%E0%B8%A1%E0%B8%B5%E0%B9%80%E0%B8%81%E0%B8%93%E0%B8%91%E0%B9%8C%20%E0%B9%80%E0%B8%94%E0%B8%B4%E0%B8%99%E0%B8%97%E0%B8%B2%E0%B8%87%E0%B9%81%E0%B8%A5%E0%B9%89%E0%B8%A7%E0%B8%94%E0%B8%B5%20%E0%B9%84%E0%B8%94%E0%B9%89%E0%B8%87%E0%B8%B2%E0%B8%99%E0%B9%83%E0%B8%AB%E0%B8%A1%E0%B9%88%E0%B9%86%20%3AEmbed%20Video&en=page_view&ep.content_editor=newsgroup&ep.content_source=newsgroup&ep.content_category=interest&ep.user_session_id=1687751750488.k6g4af9s&ep.content_tag_primary=%E0%B8%84%E0%B8%A5%E0%B8%B4%E0%B8%9B%E0%B8%99%E0%B9%88%E0%B8%B2%E0%B8%AA%E0%B8%99%E0%B9%83%E0%B8%88&ep.content_tag_secondary=%E0%B8%94%E0%B8%B9%E0%B8%94%E0%B8%A7%E0%B8%87&ep.content_unique_id=1537512&ep.content_editorial_type=user%20generated%20content%20(ugc)&ep.content_number_of_characters=40&ep.content_channel=video&ep.content_page_format=embedplayer&ep.content_tags=%E0%B8%84%E0%B8%A5%E0%B8%B4%E0%B8%9B%E0%B8%99%E0%B9%88%E0%B8%B2%E0%B8%AA%E0%B8%99%E0%B9%83%E0%B8%88%2C%E0%B8%94%E0%B8%B9%E0%B8%94%E0%B8%A7%E0%B8%87%2CHoroscope%20Clip&ep.content_type=video&ep.adblock_tracker=false&ep.article_read=1&epn.user_non_personalized_ads=2&upn.user_login=0
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-M0RYDTKBFK&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 216.239.34.181 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 26 Jun 2023 03:55:51 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.sanook.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 wl Show response
t.pubmatic.com/ 17 B
93 B 177ms
177ms XHR
text/plain 185.64.190.82
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://t.pubmatic.com/wl?pubid=155976
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/women/220941/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.64.190.82 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: 0d111d61901004eafd87c672f12f6cd54b3c376513aa672bf58100506dfe76f5

Request headers

Referer: https://www.sanook.com/
accept-language: ka-GE,ka;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Mon, 26 Jun 2023 03:55:51 GMT
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://www.sanook.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 17
expires: 0

POST
H2 200 wl Show response
t.pubmatic.com/ 17 B
93 B 176ms
175ms XHR
text/plain 185.64.190.82
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://t.pubmatic.com/wl?pubid=155976
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/women/220941/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.64.190.82 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: 0d111d61901004eafd87c672f12f6cd54b3c376513aa672bf58100506dfe76f5

Request headers

Referer: https://www.sanook.com/
accept-language: ka-GE,ka;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Mon, 26 Jun 2023 03:55:51 GMT
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://www.sanook.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 17
expires: 0

GET
H/1.1 200
OK /
avd.innity.com/dc/ Frame E81E 43 B
471 B 8168ms
367ms Image
image/gif 119.81.216.16
SOFTLAYER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://avd.innity.com/dc/?cl=225&cuid=67ac1c270c2e1f591648c9eeff45189b&cb=1687751751626&douid=&sess=261462602.225.1687751748749&dur=3&ref=https%3A%2F%2Fwww.sanook.com%2Fwomen%2F220941%2F&srf=&pk=&pt=%E2%80%9C%E0%B8%89%E0%B8%B2%E0%B8%81%E0%B8%81%E0%B8%B1%E0%B9%89%E0%B8%99%E0%B9%82%E0%B8%84%E0%B8%A7%E0%B8%B4%E0%B8%94-19%E2%80%9D%20%E0%B8%AD%E0%B8%A2%E0%B8%B2%E0%B8%81%E0%B9%84%E0%B8%94%E0%B9%89%20%E0%B8%97%E0%B8%B3%E0%B9%80%E0%B8%AD%E0%B8%87%20%E0%B8%AB%E0%B8%A3%E0%B8%B7%E0%B8%AD%E0%B8%97%E0%B8%B5%E0%B9%88%E0%B9%84%E0%B8%AB%E0%B8%99%E0%B8%A1%E0%B8%B5%E0%B8%82%E0%B8%B2%E0%B8%A2%E0%B8%9A%E0%B9%89%E0%B8%B2%E0%B8%87&sr=1600x1200&ul=en-US&de=UTF-8&vp=1600x1200
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/video/embed/clip/1537512/?playerType=video-js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 119.81.216.16 , Singapore, ASN36351 (SOFTLAYER, US),
Reverse DNS: 10.d8.5177.ip4.static.sl-reverse.com
Software: Apache /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 26 Jun 2023 03:55:59 GMT
Last-Modified: Mon, 26 Jun 2023 03:55:59 GMT
Server: Apache
P3P: policyref=http://www.innity.com/p3p/p3p.xml,CP="CURa ADMa DEVa OUR BUS UNI COM NAV INT"
Content-Type: image/gif
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Content-Length: 43
Expires: Wed, 04 Aug 1985 12:59:00 GMT

GET
H3 200 px.gif
fundingchoicesmessages.google.com/img/ 43 B
68 B 148ms
147ms Image
image/gif 142.250.184.238
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fundingchoicesmessages.google.com/img/px.gif?ch=1&rn=8.914339010514665

Requested by

Host: www.sanook.com
URL: https://www.sanook.com/women/220941/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.238 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f14.1e100.net

Software

ESF /

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-3zd03qOfQ2AEK14ZygnkJQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Jun 2023 03:55:51 GMT
content-security-policy: script-src 'report-sample' 'nonce-3zd03qOfQ2AEK14ZygnkJQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: image/gif
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 px.gif
fundingchoicesmessages.google.com/img/ 43 B
68 B 182ms
182ms Image
image/gif 142.250.184.238
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fundingchoicesmessages.google.com/img/px.gif?ch=2&rn=7.366104553617581

Requested by

Host: www.sanook.com
URL: https://www.sanook.com/women/220941/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.238 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f14.1e100.net

Software

ESF /

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport, script-src 'report-sample' 'nonce-k__N9fKhE1-FPNazbVH4jQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Jun 2023 03:55:51 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport, script-src 'report-sample' 'nonce-k__N9fKhE1-FPNazbVH4jQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport/allowlist
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: image/gif
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 101076_114052452_991ca1ae2faa4074fda32a5361ec636c.png
dsp-media.eskimi.com/upload/ Frame 3D0E 71 KB
72 KB 154ms
153ms Image
image/png 138.199.36.11
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsp-media.eskimi.com/upload/101076_114052452_991ca1ae2faa4074fda32a5361ec636c.png
Requested by: Host: d0d8b8e6b737a493004210cba1ad57b8.safeframe.googlesyndication.com
URL: https://d0d8b8e6b737a493004210cba1ad57b8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 138.199.36.11 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: 138-199-36-11.bunnyinfra.net
Software: BunnyCDN-DE1-1054 /
Resource Hash: 2f6593a45a7df5c2ee5ab66ee03a4b13cf1d7cec484bee49e5eb54946eecf063

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://d0d8b8e6b737a493004210cba1ad57b8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

cdn-requestpullsuccess: True
date: Mon, 26 Jun 2023 03:55:51 GMT
cdn-edgestorageid: 864
cdn-cachedat: 05/17/2023 15:55:12
cdn-pullzone: 692289
content-length: 73104
last-modified: Mon, 15 May 2023 12:26:04 GMT
server: BunnyCDN-DE1-1054
cdn-proxyver: 1.03
cdn-requestpullcode: 200
etag: "646224dc-11d90"
content-type: image/png
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: ce2848ff-13c5-49e5-873d-af24ad423612
cache-control: public, max-age=31536000
cdn-requestid: f43faf6974d8c553a284cf8a68342034
accept-ranges: bytes
cdn-requestcountrycode: GE
cdn-status: 200
expires: Thu, 16 May 2024 15:55:12 GMT

GET
H2 200 101076_114052452_7cf0cbc1966f83864cc770d260034e8b.png
dsp-media.eskimi.com/upload/ Frame 3D0E 85 KB
86 KB 168ms
168ms Image
image/png 138.199.36.11
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsp-media.eskimi.com/upload/101076_114052452_7cf0cbc1966f83864cc770d260034e8b.png
Requested by: Host: d0d8b8e6b737a493004210cba1ad57b8.safeframe.googlesyndication.com
URL: https://d0d8b8e6b737a493004210cba1ad57b8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 138.199.36.11 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: 138-199-36-11.bunnyinfra.net
Software: BunnyCDN-DE1-1054 /
Resource Hash: 10d0f3790a633e0dd1625e0fd9867bc2d8f8d28fa0195f3927eda5cef45641ae

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://d0d8b8e6b737a493004210cba1ad57b8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

cdn-requestpullsuccess: True
date: Mon, 26 Jun 2023 03:55:51 GMT
cdn-edgestorageid: 1076
cdn-cachedat: 05/17/2023 15:55:13
cdn-pullzone: 692289
content-length: 87478
last-modified: Mon, 15 May 2023 12:26:04 GMT
server: BunnyCDN-DE1-1054
cdn-proxyver: 1.03
cdn-requestpullcode: 200
etag: "646224dc-155b6"
content-type: image/png
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: ce2848ff-13c5-49e5-873d-af24ad423612
cache-control: public, max-age=31536000
cdn-requestid: 80efd7cb918f91e18b94aa789256b608
accept-ranges: bytes
cdn-requestcountrycode: GE
cdn-status: 200
expires: Thu, 16 May 2024 15:55:12 GMT

GET
H2 200 101076_114052452_bc4041bd6b88b188ad31f47a39adf36e.png
dsp-media.eskimi.com/upload/ Frame 3D0E 73 KB
74 KB 167ms
167ms Image
image/png 138.199.36.11
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsp-media.eskimi.com/upload/101076_114052452_bc4041bd6b88b188ad31f47a39adf36e.png
Requested by: Host: d0d8b8e6b737a493004210cba1ad57b8.safeframe.googlesyndication.com
URL: https://d0d8b8e6b737a493004210cba1ad57b8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 138.199.36.11 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: 138-199-36-11.bunnyinfra.net
Software: BunnyCDN-DE1-1054 /
Resource Hash: f3c4516d212a69c90360b4031245c04dcb86fa592e060fe8a27c57870de50e47

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://d0d8b8e6b737a493004210cba1ad57b8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

cdn-requestpullsuccess: True
date: Mon, 26 Jun 2023 03:55:51 GMT
cdn-edgestorageid: 874
cdn-cachedat: 05/17/2023 15:55:12
cdn-pullzone: 692289
content-length: 74920
last-modified: Mon, 15 May 2023 12:26:04 GMT
server: BunnyCDN-DE1-1054
cdn-proxyver: 1.03
cdn-requestpullcode: 200
etag: "646224dc-124a8"
content-type: image/png
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: ce2848ff-13c5-49e5-873d-af24ad423612
cache-control: public, max-age=31536000
cdn-requestid: 484e36536faa31817c599ec8d3187bb1
accept-ranges: bytes
cdn-requestcountrycode: GE
cdn-status: 200
expires: Thu, 16 May 2024 15:55:12 GMT

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 6917 0
0 170ms
170ms Fetch
image/gif 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstTy2CJ-dXTIja_ptrhL-RSO9yKuvX1KQc8jV-OfkO39q4ruHxk5mAmXCCEP3XtLn7gvglm6Wa8CCmPXyJe2vqJFqYWbnl2G7EAP5gnHdO3RWrASnjs_T9FhfHjaTUcZcLA7eZIwd0HgWO2J_9RSKcY1Owah0ueDkOXVAjOmKFcj-LzugKoGaduHBzmZq0qBBWcRl0gKMuTQGaKXT0QIFJXa6T9KzvZHCaYGqOVTP1FJ0ZcNiOnfADEcmaUNuxzKnBGrt_DjAVj8LPcv49SOLHmf63NuW2upc9BWviRXyHJ3BhFyhfTwGidMHSQlaBNWXUrEdgoyShPpmREz6isZEtS3BjUnJrMxCGwDoFGZy9XcqiHk-ViTV9bdTgF8lpIqfhlaNTSKr7UfOOawfB0OEaFibpH-RRHMBrfVYGXcvUxri-lSbzgIlsN0WBXS97ig2ktel9B0dHzPAxwidIEkYqhkdY9CVXeukp4LocrLb9MSyzDpuwQOm9DbpDv4Lr45at4wvdfEXLWXnTZxydHVzgfNOWw9AbpgrwUXMH8CCeilWECh1FUmvAUBqMrHRESNCvh1picmlEeYt5no54NFqUcYQ-U90E4r05pxvyM48MPv8QeUdT380cgYD4eXAF_skD290Aks70LPA3szdFWYlpJNuAg39q-oSTXPGSKW0Oc5YhCeArcqgmQcswHO_CMtbLHewMPmghck6rnKu1bI5gSideVfC4zYfkD50tud80qWCxq6UjKOKOXnQZxzq4D58hMN5PFrAD95seYxpxwj99pKEt0wAkEG96zsCNltjvW2nIjaFKhPGOzP5gptJylV-md-t7MDKQNKTgJVRLERU8R5bnyS0kJbSiXSJYtnecVnbA5C0dQPL3qqiv-vuyrH3ynjisCYcT9g4_b0Y944ziaEm6V471GesTZjuXjztFcJpGE-xEo89BVZDN-4uFEv8UB-BZhooGQrrxuRb1qe-Vaq6rE5rnsG3cwgASGehXa13GF1OVpq7dD7XsVS9THMNDggX-JCVugrtqJf85_psYMHLoW0EeGpLpSEogeYuMH_otxVlsolQYBxdzqlKKrb_4syKdVxL6MSLV4cUwElbXCgkZqKffSHLJLYa9QGLZadnkIRmSpM91JQyA3vJtEy_1yBG6EG-vjXENJ&sai=AMfl-YRh-bqe1bhQD2AO3k6CqSUl8K0Jmrbhq-JFKyRU3ITcJkt5oLXVye2bbCK46llDuWJGnTtXA7yWQ_oyY50pyXdjhvTipM6i4rY1GB_f766J5p29CTGRAPYxo-DdsT4twsoGxHQIC0dPCn8fQ5gm1nwcwmaKJESR2u4B_UYqU-335BJpayIjegL5bnOff-vLUmDmYtXQmyVrMk8vS4UiQKAzypZ7_Fti1QcwfsI8d6I0b0R1JYKWuxbpgERwTbbv3m0Lun_WWYD-vOpOjCLInb6VA5pZbqtfd1sC4V7MhNsDJ4b4iGAGa0rtVpqLueXcAHhht3onvtQ0QXjYWa4n-1Z9twvkA0_lsaGqyrZUELI-263Gbt4lpa-l5pAXuizhmLa3yiu_7drQ4wwbrC4rot19yFNGkC5LLArb13QJaRDOKNNj1ifY8G8PlxVRgJ2tK-i7B2e67vdMEna-phwCmr1LJjHvX3-uNAutYw&sig=Cg0ArKJSzOrh5j_WiyOQEAE&uach_m=[UACH]&pr=missingexchangepricemacro&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1193&vt=11&dtpt=1192&dett=2&cstd=0&cisv=r20230620.34634&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=

Requested by

Host: www.sanook.com
URL: https://www.sanook.com/women/220941/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://d0d8b8e6b737a493004210cba1ad57b8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Jun 2023 03:55:51 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Mon, 26 Jun 2023 03:55:51 GMT

GET
DATA 200
OK truncated
/ Frame 5380 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 97811d555f03c571b9da18bd06f5695b50546b862c9cb42e32f78a87efcfe363

Request headers

accept-language: ka-GE,ka;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 56A5 0
0 175ms
169ms Fetch
image/gif 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstTXwaKU5Xd-0PiYFIqBrrhD6SF3zWgsBrkPw7MikjWZoxCSAThOaspgPLEssGI0HMQOu-FdQnZ0Zj8q_qMqXhHHY7sM4F18dFsZTfS_kfRWyaI2T7ZnNeOCGDrMSb4-5SoLpowuo_Moqnv-M5pDN51V821DSAyx0gNeU_eLmb2vddaXlsevsa4cm1PK_hfW4GelCUJ2gyb9Lgl5No74awvkVz3K5Md-0KIz3JtHe0mksXOYQDJ-vsldhMcEgiRy_Gf6ghgiWed8Vy2nDp2vslnnNxpUQcuuHrpx_nZB8i-N6xERZz-YDMShOw2v9MsJxrgJMPVQjQwUDx_H9zXlvk1h61EgLt4lSb2OslGo-wRZ-hLGCjnrMBaFf39DA&sai=AMfl-YTfNRjqcMfuFHMMtn_rL1ufNufwykADxa1CBinw5kch8Yd53x0uQXaAzNY08Dp0vtDaOKJ8V8Lc4IMf7gWIGWr4YVadZH99ezH856lcvsoNOWbYp9s3AmBX2fsVW9574ZHT4iRsOZ-TET6g6bh7wug&sig=Cg0ArKJSzG52ASkK-ZGYEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Jun 2023 03:55:51 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Mon, 26 Jun 2023 03:55:51 GMT

GET
H2 200 / Show response
pips.taboola.com/ 4 B
181 B 1435ms
127ms XHR
text/plain 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://pips.taboola.com/
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/women/220941/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Varnish /
Resource Hash: fb329000228cc5a24c264c57139de8bf854fc86fc18bf1c04ab61a2b5cb4b921

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-served-by: cache-sof1510034-SOF
date: Mon, 26 Jun 2023 03:55:53 GMT
via: 1.1 varnish
server: Varnish
access-control-allow-methods: GET
x-cache: HIT
access-control-allow-origin: https://www.sanook.com
cache-control: no-store
accept-ranges: bytes
content-length: 4
retry-after: 0
x-cache-hits: 0

GET
H2 200 adchoice_logo_15x15_v2.png
dsp-media.eskimi.com/upload/wl/eskimi/ Frame 3D0E 360 B
832 B 187ms
179ms Image
image/png 138.199.36.11
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsp-media.eskimi.com/upload/wl/eskimi/adchoice_logo_15x15_v2.png?_=2.1.0.9
Requested by: Host: dsp-media.eskimi.com
URL: https://dsp-media.eskimi.com/assets/js/e/ad-choice.min.js?_=2.1.0.9
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 138.199.36.11 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: 138-199-36-11.bunnyinfra.net
Software: BunnyCDN-DE1-1054 /
Resource Hash: 04dd17131968a07c34224fb2e34a25d3bdd06fed40c6025f20ecdfc9e6eff2a0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://d0d8b8e6b737a493004210cba1ad57b8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

cdn-requestpullsuccess: True
date: Mon, 26 Jun 2023 03:55:51 GMT
cdn-edgestorageid: 755
cdn-cachedat: 06/16/2023 07:15:44
cdn-pullzone: 692289
content-length: 360
last-modified: Tue, 28 Feb 2023 09:21:44 GMT
server: BunnyCDN-DE1-1054
cdn-proxyver: 1.03
cdn-requestpullcode: 200
etag: "63fdc7a8-168"
content-type: image/png
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: ce2848ff-13c5-49e5-873d-af24ad423612
cache-control: public, max-age=31536000
cdn-requestid: def81e1d4a59822ef9f9fac8096fe0bc
accept-ranges: bytes
cdn-requestcountrycode: GE
cdn-status: 200
expires: Sat, 15 Jun 2024 07:15:44 GMT

GET
H2 200 col
dsp-trk.eskimi.com/ Frame 3D0E 43 B
99 B 145ms
137ms Image
image/gif 34.120.139.69
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsp-trk.eskimi.com/col?u=CAESELue6Xpbu4bQs6ter45llpg&exid=JgjjbQiU9AthC0eWxEwLOSI6lJzqwWvkhSzk1rHd-vZes10T6famaGYLrsbAvLRe&exidtmp=1&ct=0&cntr=ge&ipl=1542442496&op=0&conn=0&extid=2
Requested by: Host: d0d8b8e6b737a493004210cba1ad57b8.safeframe.googlesyndication.com
URL: https://d0d8b8e6b737a493004210cba1ad57b8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.120.139.69 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 69.139.120.34.bc.googleusercontent.com
Software: /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://d0d8b8e6b737a493004210cba1ad57b8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Jun 2023 03:55:51 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: image/gif

GET
H2 200 utr.min.js Show response
dsp-media.eskimi.com/assets/js/e/ Frame 3D0E 10 KB
5 KB 187ms
180ms Script
application/javascript 138.199.36.11
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL

https://dsp-media.eskimi.com/assets/js/e/utr.min.js?vv=0&trv=0&trve=0&src=utr&bId=1687751749480.2.ATkaO8IGD1Fc0cicEOtj6g&baId=ead-7e03cf58f52a642afb139aa498962660&mr=0

Requested by

Host: d0d8b8e6b737a493004210cba1ad57b8.safeframe.googlesyndication.com
URL: https://d0d8b8e6b737a493004210cba1ad57b8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

138.199.36.11 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),

Reverse DNS

138-199-36-11.bunnyinfra.net

Software

BunnyCDN-DE1-1054 /

Resource Hash

7f5feab8115fb17c8945b5b22a6382315c264a9878b2de8d1916013720e496ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://d0d8b8e6b737a493004210cba1ad57b8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

expires: Tue, 25 Jun 2024 03:55:51 GMT
date: Mon, 26 Jun 2023 03:55:51 GMT
content-encoding: br
x-content-type-options: nosniff
cdn-edgestorageid: 1082
cdn-cachedat: 06/26/2023 03:55:51
cdn-pullzone: 692289
last-modified: Thu, 01 Dec 2022 09:59:55 GMT
server: BunnyCDN-DE1-1054
cdn-proxyver: 1.03
cdn-requestpullcode: 200
etag: W/"63887b1b-29ad"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cdn-cache: MISS
cdn-uid: ce2848ff-13c5-49e5-873d-af24ad423612
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31536000
cdn-requestid: 54d52269a156b0296e19810120d7d1e7
cdn-requestcountrycode: GE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 gtr.min.js Show response
dsp-media.eskimi.com/assets/js/e/ Frame 3D0E 6 KB
3 KB 186ms
180ms Script
application/javascript 138.199.36.11
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL

https://dsp-media.eskimi.com/assets/js/e/gtr.min.js?_=0.0.0.2

Requested by

Host: d0d8b8e6b737a493004210cba1ad57b8.safeframe.googlesyndication.com
URL: https://d0d8b8e6b737a493004210cba1ad57b8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

138.199.36.11 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),

Reverse DNS

138-199-36-11.bunnyinfra.net

Software

BunnyCDN-DE1-1054 /

Resource Hash

c82c372cd5c4a3b46fddb13499d36d8818044e818b53a6794f340effeea5673a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://d0d8b8e6b737a493004210cba1ad57b8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

expires: Tue, 27 Feb 2024 09:17:18 GMT
date: Mon, 26 Jun 2023 03:55:51 GMT
content-encoding: br
x-content-type-options: nosniff
cdn-edgestorageid: 1082
cdn-cachedat: 02/27/2023 09:17:18
cdn-pullzone: 692289
last-modified: Fri, 24 Feb 2023 12:08:35 GMT
server: BunnyCDN-DE1-1054
cdn-proxyver: 1.03
cdn-requestpullcode: 200
etag: W/"63f8a8c3-19cc"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: ce2848ff-13c5-49e5-873d-af24ad423612
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31536000
cdn-requestid: 55a6c99998166eb07a03d5b5608bf97f
cdn-requestcountrycode: GE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 32E3 1 KB
678 B 137ms
133ms Document
text/html 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: d0d8b8e6b737a493004210cba1ad57b8.safeframe.googlesyndication.com
URL: https://d0d8b8e6b737a493004210cba1ad57b8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://d0d8b8e6b737a493004210cba1ad57b8.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: ka-GE,ka;q=0.9

Response headers

age: 32325
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 25 Jun 2023 18:57:06 GMT
etag: 48472445140208031
expires: Mon, 26 Jun 2023 18:57:06 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ Frame FA44 107 B
165 B 140ms
140ms Script
application/javascript 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.sanook.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306200101/pubads_impl.js?cb=31075546

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Jun 2023 03:55:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame FA44 981 KB
98 KB 201ms
201ms XHR
text/plain 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=349025328121802&correlator=2412693424580820&eid=31075546%2C31075029&output=ldjh&gdfp_req=1&vrg=202306200101&ptt=17&impl=fif&us_privacy=1---&iu_parts=21927187246%2C55034_Sanook_1x1&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=1&adks=178697795&didk=607409652&sfv=1-0-40&sc=1&cookie=ID%3Dcf0ad2e6d8320016%3AT%3D1687751749%3ART%3D1687751749%3AS%3DALNI_MaJaiBOdaDQyIg_jt_1XuMZRzmQfw&gpic=UID%3D00000c346cf2c846%3AT%3D1687751749%3ART%3D1687751749%3AS%3DALNI_MbWOGc5CH7c9vkHXYk_cASCwasBAA&abxe=1&dt=1687751751770&lmt=1687751751&dlt=1687751749667&idt=1534&adxs=-12245933&adys=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=v56dymqc47b7&oid=2&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&nhd=1&url=https%3A%2F%2Fwww.sanook.com%2Fwomen%2F220941%2F&ref=https%3A%2F%2Fwww.sanook.com%2Fwomen%2F220941%2F&top=https%3A%2F%2Fwww.sanook.com%2Fwomen%2F220941%2F&frm=23&vis=1&psz=0x0&msz=0x0&fws=256&ohw=0&ea=0&ga_vid=829687064.1687751747&ga_sid=1687751752&ga_hid=1470715832&ga_fc=true&a3p=EhoKDWNyd2RjbnRybC5uZXQSABiM7N-ujzFIABIZCgpwdWJjaWQub3JnGLLm366PMUgAUgIIahIdCg5lc3AuY3JpdGVvLmNvbRj03N-ujzFIAFICCGQSFAoFb3BlbngY9Nzfro8xSABSAghkEhkKCnVpZGFwaS5jb20Y9Nzfro8xSABSAghkEsIBCghydGJob3VzZRKsAWJmMi9jNzcyTC9uaUdTajFWWHZ5ZVIyQkJEQ1gwMTQxYVpuSlU4N3JpclR2QVBNNHNIQm1BVXY0SDhTbktCdDNDYU4veUpHQmVwdGpVSUMrSW8rUkNIby9sUnFMS3IxVjBZRkw2d09uVjVpYmpwR3ZCaE53T3FpUjl6QlZrVzdVZGVFWC90RC9Ta0RsOGh2dXdCQnFPbTlkQURsZFZray9oai9FckQ2VEFlRT0Yy-_fro8xSAASGwoMaWQ1LXN5bmMuY29tGI7r366PMUgAUgIIag..

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306200101/pubads_impl.js?cb=31075546

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

c72eb77390102cafa6b53a4069fa35db713083a485b14ae1f9288287aafe4cf7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Jun 2023 03:55:51 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 99961
x-xss-protection: 0
google-lineitem-id: 5849485604
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138373690262
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.sanook.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame FA44 15 KB
11 KB 428ms
159ms XHR
application/json 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202306200101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306200101/pubads_impl.js?cb=31075546

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

0e370d2c1637faf523ead54d8be7c7d6027702b43c1fbfdc219b4c46bec233c8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Jun 2023 03:55:52 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11271
x-xss-protection: 0

GET
H2 200 container.html Show response
c4d7db2e0658565e84fde56f994de857.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame FDEC 6 KB
3 KB 179ms
147ms Document
text/html 142.250.186.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://c4d7db2e0658565e84fde56f994de857.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306200101/pubads_impl.js?cb=31075546

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f1.1e100.net

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.sanook.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: ka-GE,ka;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 26 Jun 2023 03:55:51 GMT
expires: Tue, 25 Jun 2024 03:55:51 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 pd Show response
google-bidout-d.openx.net/w/1.0/ Frame 08DA 520 B
629 B 402ms
144ms Document
text/html 34.98.64.218
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Requested by: Host: oa.openxcdn.net
URL: https://oa.openxcdn.net/esp.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 746ed48aaf4b25b5f584fada770e34353b3ea83d5d0216ddbee09f9806e50918

Request headers

Referer: https://www.sanook.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: ka-GE,ka;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: gzip
content-length: 326
content-type: text/html
date: Mon, 26 Jun 2023 03:55:52 GMT
p3p: CP="CUR ADM OUR NOR STA NID"
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
via: 1.1 google

GET
DATA 200
OK truncated
/ Frame 3D0E 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a040e6489cf903c3b35d42777dfd234ea61eac1ac071202fc7dedc9df8325537

Request headers

accept-language: ka-GE,ka;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 bridge3.578.0_en.html Show response
imasdk.googleapis.com/js/core/ Frame 48E1 709 KB
226 KB 132ms
132ms Document
text/html 142.250.184.202
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.578.0_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.202 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f10.1e100.net

Software

sffe /

Resource Hash

4895c44118a86780663c6e877b78922dda0ddb83051b4b1d22ed786415868af1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.sanook.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: ka-GE,ka;q=0.9

Response headers

accept-ranges: bytes
age: 508787
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 231472
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy: cross-origin
date: Tue, 20 Jun 2023 06:36:04 GMT
expires: Wed, 19 Jun 2024 06:36:04 GMT
last-modified: Wed, 07 Jun 2023 16:35:26 GMT
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 client.js Show response
s0.2mdn.net/instream/video/ Frame 56A5 44 KB
16 KB 148ms
148ms Script
text/javascript 142.250.185.198
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/instream/video/client.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.198 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f6.1e100.net

Software

sffe /

Resource Hash

d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Jun 2023 03:55:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16746
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 26 Jun 2023 03:55:51 GMT

GET
H3 200 jdpdYrpkibv-F-ZvbPHZN82lghlqt1OiHBdTY59cac0.js Show response
pagead2.googlesyndication.com/bg/ Frame 7C19 37 KB
14 KB 141ms
140ms Script
text/javascript 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/jdpdYrpkibv-F-ZvbPHZN82lghlqt1OiHBdTY59cac0.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

sffe /

Resource Hash

8dda5d62ba6489bbfe17e66f6cf1d937cda582196ab753a21c1753639f5c69cd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Jun 2023 12:12:57 GMT
content-encoding: br
x-content-type-options: nosniff
age: 142974
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14627
x-xss-protection: 0
last-modified: Mon, 19 Jun 2023 09:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 23 Jun 2024 12:12:57 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame CC71
Redirect Chain

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEE6H8PQVHRz98zUFcTUhGYM&google_cver=1&google_push=ATf1kGNlAH6KwJi8BU6H-QkKyqOMc_OX4EmqOJTzbk7vun23jt6MvjQxyL31ZTre1WQTCJE4ctMfpZbe...
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=OTc2MDU1MzU4MTI3NDQ5ODQx&google_push=ATf1kGNlAH6KwJi8BU6H-QkKyqOMc_OX4EmqOJTzbk7vun23jt6MvjQxyL31ZTre1WQTCJE4ctMfpZbe...

170 B
188 B

149ms
148ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=OTc2MDU1MzU4MTI3NDQ5ODQx&google_push=ATf1kGNlAH6KwJi8BU6H-QkKyqOMc_OX4EmqOJTzbk7vun23jt6MvjQxyL31ZTre1WQTCJE4ctMfpZbet6aQsnmwN70UnKPijJs

Requested by

Host: d0d8b8e6b737a493004210cba1ad57b8.safeframe.googlesyndication.com
URL: https://d0d8b8e6b737a493004210cba1ad57b8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 26 Jun 2023 03:55:52 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 26 Jun 2023 03:55:52 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=OTc2MDU1MzU4MTI3NDQ5ODQx&google_push=ATf1kGNlAH6KwJi8BU6H-QkKyqOMc_OX4EmqOJTzbk7vun23jt6MvjQxyL31ZTre1WQTCJE4ctMfpZbet6aQsnmwN70UnKPijJs
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET dds
rtb.openx.net/sync/ Frame CC71 0
0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame CC71
Redirect Chain

https://sync.srv.stackadapt.com/sync?nid=154&google_gid=CAESEF_L3m67cP0wrQX6yStoeMU&google_cver=1&google_push=ATf1kGNPq4ti18JWVHGn-lEQx809haTZKJf5ljIptM-Q1ueIPrz4H-q6WTKJ0ndYbQidJuLqFiLdpgNIxG8G3v2...
https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=HyGEDPYnWDFb8hkcmLqXflvvztU&google_push=ATf1kGNPq4ti18JWVHGn-lEQx809haTZKJf5ljIptM-Q1ueIPrz4H-q6WTKJ0ndYbQidJuLqFiLdpgNIxG8G3v...

170 B
188 B

149ms
148ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=HyGEDPYnWDFb8hkcmLqXflvvztU&google_push=ATf1kGNPq4ti18JWVHGn-lEQx809haTZKJf5ljIptM-Q1ueIPrz4H-q6WTKJ0ndYbQidJuLqFiLdpgNIxG8G3v2Zr5zer52J4UA

Requested by

Host: d0d8b8e6b737a493004210cba1ad57b8.safeframe.googlesyndication.com
URL: https://d0d8b8e6b737a493004210cba1ad57b8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 26 Jun 2023 03:55:58 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=HyGEDPYnWDFb8hkcmLqXflvvztU&google_push=ATf1kGNPq4ti18JWVHGn-lEQx809haTZKJf5ljIptM-Q1ueIPrz4H-q6WTKJ0ndYbQidJuLqFiLdpgNIxG8G3v2Zr5zer52J4UA
Date: Mon, 26 Jun 2023 03:55:58 GMT
Connection: keep-alive
Content-Length: 241
Content-Type: text/html; charset=utf-8

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame CC71
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEO_Wkgcvf9U77XvtLlSMiRA&google_cver=1&google_push=ATf1kGMAzV4fC4HEK-u6EXuns7oItlNsiG9w3ypnQorPZjeqN81BUgJgpqNUSX343e5rG2Mi9ir...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEpDQlRIMzgtRi1JUzRQ&google_push=ATf1kGMAzV4fC4HEK-u6EXuns7oItlNsiG9w3ypnQorPZjeqN81BUgJgpqNUSX343e5rG2Mi9ircJSdTiAsAAXTN9UWoqA4ugVJa

170 B
188 B

149ms
149ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEpDQlRIMzgtRi1JUzRQ&google_push=ATf1kGMAzV4fC4HEK-u6EXuns7oItlNsiG9w3ypnQorPZjeqN81BUgJgpqNUSX343e5rG2Mi9ircJSdTiAsAAXTN9UWoqA4ugVJa

Requested by

Host: d0d8b8e6b737a493004210cba1ad57b8.safeframe.googlesyndication.com
URL: https://d0d8b8e6b737a493004210cba1ad57b8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 26 Jun 2023 03:55:55 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEpDQlRIMzgtRi1JUzRQ&google_push=ATf1kGMAzV4fC4HEK-u6EXuns7oItlNsiG9w3ypnQorPZjeqN81BUgJgpqNUSX343e5rG2Mi9ircJSdTiAsAAXTN9UWoqA4ugVJa
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 4cdacfaa68e4ab216fffbcc107c5b898
Expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame CC71
Redirect Chain

https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEJ6eJnViK9zxW4LYmXm6mq8&google_cver=1&google_push=ATf1kGOznbIxyorig0Updku3U99QrDMeBb-cvr-BHstjiJObYjVVYnz2rbRcm5eZ2TLv-NjtlXAr6yE8s_NrI-EP...
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_hm=055ac3d2&google_redir=https%3A%2F%2Fs.ad.smaato.net%2Fc%2F%3FadExInit%3Dg&google_push=ATf1kGOznbIxyorig0Updku3U99QrDMeBb-cvr-BHstjiJOb...

170 B
188 B

149ms
148ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_hm=055ac3d2&google_redir=https%3A%2F%2Fs.ad.smaato.net%2Fc%2F%3FadExInit%3Dg&google_push=ATf1kGOznbIxyorig0Updku3U99QrDMeBb-cvr-BHstjiJObYjVVYnz2rbRcm5eZ2TLv-NjtlXAr6yE8s_NrI-EPSnDeabpZMWc

Requested by

Host: d0d8b8e6b737a493004210cba1ad57b8.safeframe.googlesyndication.com
URL: https://d0d8b8e6b737a493004210cba1ad57b8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 26 Jun 2023 03:56:00 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Mon, 26 Jun 2023 03:55:59 GMT
via: 1.1 a0a81637cc76d6981e4e29044a73b7f6.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: FRA6-C1
x-cache: FunctionGeneratedResponse from cloudfront
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_hm=055ac3d2&google_redir=https%3A%2F%2Fs.ad.smaato.net%2Fc%2F%3FadExInit%3Dg&google_push=ATf1kGOznbIxyorig0Updku3U99QrDMeBb-cvr-BHstjiJObYjVVYnz2rbRcm5eZ2TLv-NjtlXAr6yE8s_NrI-EPSnDeabpZMWc
cache-control: no-cache, must-revalidate
content-length: 0
x-amz-cf-id: jXUdAEuzuHXG96xT05Ubax2-8PrKx31IVVvicuC5E_jS67HczgRUsw==

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame CC71
Redirect Chain

https://ssbsync.smartadserver.com/api/sync?callerId=3&google_gid=CAESEDaAN89FtIrTrtD-86TkeH8&google_cver=1&google_push=ATf1kGPBKuw5RLo_SBJg4vXygVKk_2NQP0m7stpRgoFKA4U4pKMidYM_i_BMGMm8ZIbIhG8FxRDdRx...
https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_push=ATf1kGPBKuw5RLo_SBJg4vXygVKk_2NQP0m7stpRgoFKA4U4pKMidYM_i_BMGMm8ZIbIhG8FxRDdRxpTDdnmD1EBsI2sb_qmCdrz&google_hm=NDAwODU0Nz...

170 B
188 B

150ms
149ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_push=ATf1kGPBKuw5RLo_SBJg4vXygVKk_2NQP0m7stpRgoFKA4U4pKMidYM_i_BMGMm8ZIbIhG8FxRDdRxpTDdnmD1EBsI2sb_qmCdrz&google_hm=NDAwODU0NzYxNDEwNDc0Mjc4NA%3D%3D

Requested by

Host: d0d8b8e6b737a493004210cba1ad57b8.safeframe.googlesyndication.com
URL: https://d0d8b8e6b737a493004210cba1ad57b8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 26 Jun 2023 03:55:55 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_push=ATf1kGPBKuw5RLo_SBJg4vXygVKk_2NQP0m7stpRgoFKA4U4pKMidYM_i_BMGMm8ZIbIhG8FxRDdRxpTDdnmD1EBsI2sb_qmCdrz&google_hm=NDAwODU0NzYxNDEwNDc0Mjc4NA%3D%3D
date: Mon, 26 Jun 2023 03:55:54 GMT
content-length: 0

GET
H2 204 /
cc.adingo.jp/adx/push/ Frame CC71 0
44 B 1134ms
370ms Image
text/plain 52.193.179.39
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cc.adingo.jp/adx/push/?google_gid=CAESEAMBCL7yttcMWrfd15B7O0g&google_cver=1&google_push=ATf1kGP9-KtWQPReK6DtcAcUaqZWRbUbUkg3H4cYUQ8jxXtRgtOWvhSsbWW7iSzsPgFzXI6-UCnvXfluZ7Kn53fRVhO3nrXk7n0
Requested by: Host: d0d8b8e6b737a493004210cba1ad57b8.safeframe.googlesyndication.com
URL: https://d0d8b8e6b737a493004210cba1ad57b8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.193.179.39 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-193-179-39.ap-northeast-1.compute.amazonaws.com
Software: awselb/2.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Jun 2023 03:55:52 GMT
server: awselb/2.0

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame CC71 0
12 B 150ms
149ms Image
text/html 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13L-IvMIYmx3W05ujtaUck87MLDH7nGrHIZ2vaigN41G5bUMVJhtiXNxfanr-Zfmxh8y5hQb

Requested by

Host: d0d8b8e6b737a493004210cba1ad57b8.safeframe.googlesyndication.com
URL: https://d0d8b8e6b737a493004210cba1ad57b8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Jun 2023 03:55:52 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

POST
H/1.1 200 617.json Show response
id5-sync.com/g/v2/ 600 B
1 KB 444ms
139ms XHR
application/json 162.19.138.120
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/g/v2/617.json

Requested by

Host: www.sanook.com
URL: https://www.sanook.com/women/220941/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.120 , France, ASN16276 (OVH, FR),

Reverse DNS

ns31533571.ip-162-19-138.eu

Software

Resource Hash

7800676e67c9140d4d6bb2ea1258c79741a9289428a8f7cc4ed4ceb1acba5792

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://www.sanook.com/
accept-language: ka-GE,ka;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 26 Jun 2023 03:55:52 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding: chunked
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://www.sanook.com
p3p: CP="CAO PSA OUR"
access-control-allow-credentials: true

GET
H3

200

sd
eu-u.openx.net/w/1.0/ Frame 446F
Redirect Chain

https://pm.w55c.net/ping_match.gif?ei=OPENX&rurl=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072979%26val%3D_wfivefivec_
https://pm.w55c.net/ping_match.gif?scc=1&ei=OPENX&rurl=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072979%26val%3D_wfivefivec_
https://eu-u.openx.net/w/1.0/sd?id=537072979&val=yTw0vAQn1QdDkz5

43 B
61 B

145ms
144ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eu-u.openx.net/w/1.0/sd?id=537072979&val=yTw0vAQn1QdDkz5
Requested by: Host: jp-u.openx.net
URL: https://jp-u.openx.net/w/1.0/pd?plm=10&ph=41369f8c-6fd8-4c86-b8bb-fad81774416e
Protocol: H3
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://jp-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 26 Jun 2023 03:55:59 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 26 Jun 2023 03:55:59 GMT
Strict-Transport-Security: max-age=2592000; includeSubDomains
Server: PingMatch/v2.0.30-782-g97d928b#rel-ec2-master i-0afa2568184f9f5d2@eu-central-1b@dxedge-app-eu-central-1-prod-asg
Location: https://eu-u.openx.net/w/1.0/sd?id=537072979&val=yTw0vAQn1QdDkz5
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

sd
us-u.openx.net/w/1.0/ Frame 446F
Redirect Chain

https://x.bidswitch.net/sync?ssp=openx
https://ws.rqtrk.eu/pull?pid=6298098f-c92c-4c68-bdfc-f454f26a86ac&redirect=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D193%26user_id%3D%24BROWSER_ID%26gdpr%3D%24GDPR%26gdpr_consent%3D%24GDPR_CO...
https://x.bidswitch.net/sync?dsp_id=193&user_id=&gdpr=0&gdpr_consent=&expires=1&ssp=openx
https://us-u.openx.net/w/1.0/sd?id=537072968&val=c34bfbe5-d3c8-4220-bb90-84a9e8560152&gdpr=0&gdpr_consent=&us_privacy=

43 B
61 B

142ms
140ms

Image
image/gif

34.98.64.218
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072968&val=c34bfbe5-d3c8-4220-bb90-84a9e8560152&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: jp-u.openx.net
URL: https://jp-u.openx.net/w/1.0/pd?plm=10&ph=41369f8c-6fd8-4c86-b8bb-fad81774416e
Protocol: H3
Server: 34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://jp-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 26 Jun 2023 03:55:55 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location: //us-u.openx.net/w/1.0/sd?id=537072968&val=c34bfbe5-d3c8-4220-bb90-84a9e8560152&gdpr=0&gdpr_consent=&us_privacy=
date: Mon, 26 Jun 2023 03:55:55 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H3

200

sd
eu-u.openx.net/w/1.0/ Frame 446F
Redirect Chain

https://ib.adnxs.com/getuid?https://eu-u.openx.net/w/1.0/sd?id=537072399&val=$UID
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072399%26val%3D%24UID
https://eu-u.openx.net/w/1.0/sd?id=537072399&val=7968148166034222670

43 B
61 B

150ms
150ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eu-u.openx.net/w/1.0/sd?id=537072399&val=7968148166034222670
Requested by: Host: jp-u.openx.net
URL: https://jp-u.openx.net/w/1.0/pd?plm=10&ph=41369f8c-6fd8-4c86-b8bb-fad81774416e
Protocol: H3
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://jp-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 26 Jun 2023 03:55:56 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Date: Mon, 26 Jun 2023 03:55:56 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 91.239.206.213; 91.239.206.213; 1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: 5e8fbaf8-9f34-4b47-b092-0dd98b8ad407
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Location: https://eu-u.openx.net/w/1.0/sd?id=537072399&val=7968148166034222670
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3

200

sd
us-u.openx.net/w/1.0/ Frame 446F
Redirect Chain

https://match.prod.bidr.io/cookie-sync/ox
https://match.prod.bidr.io/cookie-sync/ox?_bee_ppp=1
https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFBYUNrN0pNaGtBQUNBLU5SbGkwdw&bee_sync_partners=pm%2Csas%2Cpp%2Cox&bee_sync_current_partner=adx&bee_sync_initiator=ox&b...
https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pm%2Csas%2Cpp%2Cox&bee_sync_current_partner=adx&bee_sync_initiator=ox&bee_sync_hop_count=1
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAAaCk7JMhkAACA-NRli0w&r=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3...
https://match.prod.bidr.io/cookie-sync?bee_sync_partners=sas%2Cpp%2Cox&bee_sync_current_partner=pm&bee_sync_initiator=adx&bee_sync_hop_count=2
https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AAAaCk7JMhkAACA-NRli0w&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dpp%252Cox%26bee_sync_curre...
https://match.prod.bidr.io/cookie-sync?bee_sync_partners=pp%2Cox&bee_sync_current_partner=sas&bee_sync_initiator=adx&bee_sync_hop_count=3&userid=4008547614104742784
https://bh.contextweb.com/bh/rtset?do=add&pid=558502&ev=AAAaCk7JMhkAACA-NRli0w&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fuserid%3D4008547614104742784%26bee_sync_partners%3Dox%26bee_sync...
https://match.prod.bidr.io/cookie-sync?userid=4008547614104742784&bee_sync_partners=ox&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=4&ev=AAAaCk7JMhkAACA-NRli0w&pid=558502&d...
https://us-u.openx.net/w/1.0/sd?id=537125688&val=AAAaCk7JMhkAACA-NRli0w

43 B
61 B

140ms
140ms

Image
image/gif

34.98.64.218
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537125688&val=AAAaCk7JMhkAACA-NRli0w
Requested by: Host: jp-u.openx.net
URL: https://jp-u.openx.net/w/1.0/pd?plm=10&ph=41369f8c-6fd8-4c86-b8bb-fad81774416e
Protocol: H3
Server: 34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://jp-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 26 Jun 2023 03:55:59 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location: https://us-u.openx.net/w/1.0/sd?id=537125688&val=AAAaCk7JMhkAACA-NRli0w
Date: Mon, 26 Jun 2023 03:55:59 GMT
strict-transport-security: max-age=2592000; includeSubDomains
Server: gunicorn
Connection: keep-alive
Content-Length: 0

GET
H2

200

sd
eu-u.openx.net/w/1.0/ Frame 446F
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D
https://eu-u.openx.net/w/1.0/sd?id=536872786&val=ee416499-0c47-4900-9866-75ceeafb321f

43 B
180 B

150ms
142ms

Image
image/gif

34.98.64.218
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eu-u.openx.net/w/1.0/sd?id=536872786&val=ee416499-0c47-4900-9866-75ceeafb321f
Requested by: Host: jp-u.openx.net
URL: https://jp-u.openx.net/w/1.0/pd?plm=10&ph=41369f8c-6fd8-4c86-b8bb-fad81774416e
Protocol: H2
Server: 34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://jp-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 26 Jun 2023 03:55:52 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Date: Mon, 26 Jun 2023 03:55:52 GMT
Server: MT3 1031 59fd23a master zrh zrh-pixel-x25 config_version:"1524"
Content-Type: image/gif
Access-Control-Allow-Origin: *
location: https://eu-u.openx.net/w/1.0/sd?id=536872786&val=ee416499-0c47-4900-9866-75ceeafb321f
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache
Connection: keep-alive
Keep-Alive: timeout=360
Content-Length: 0
Expires: Mon, 26 Jun 2023 03:55:51 GMT

GET p-25CIknq_eSg16.gif
cms.quantserve.com/pixel/ Frame 446F 0
0

GET
H2

200

sd
eu-u.openx.net/w/1.0/ Frame 446F
Redirect Chain

https://c1.adform.net/serving/cookie/match?party=22
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=976055358127449841

43 B
106 B

150ms
145ms

Image
image/gif

34.98.64.218
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eu-u.openx.net/w/1.0/sd?id=537113484&val=976055358127449841
Requested by: Host: jp-u.openx.net
URL: https://jp-u.openx.net/w/1.0/pd?plm=10&ph=41369f8c-6fd8-4c86-b8bb-fad81774416e
Protocol: H2
Server: 34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://jp-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 26 Jun 2023 03:55:52 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 26 Jun 2023 03:55:52 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://eu-u.openx.net/w/1.0/sd?id=537113484&val=976055358127449841
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame 446F
Redirect Chain

https://match.adsrvr.org/track/cmf/openx?oxid=8fcc27f6-3fcb-7e0d-dc57-70e0e64e410f&gdpr=0
https://us-u.openx.net/w/1.0/sd?id=537072971&val=5e7202d9-6874-499f-945e-f77f754f1896&ttd_puid=8fcc27f6-3fcb-7e0d-dc57-70e0e64e410f&gdpr=0&gdpr_consent=

43 B
250 B

147ms
146ms

Image
image/gif

34.98.64.218
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072971&val=5e7202d9-6874-499f-945e-f77f754f1896&ttd_puid=8fcc27f6-3fcb-7e0d-dc57-70e0e64e410f&gdpr=0&gdpr_consent=
Requested by: Host: jp-u.openx.net
URL: https://jp-u.openx.net/w/1.0/pd?plm=10&ph=41369f8c-6fd8-4c86-b8bb-fad81774416e
Protocol: H2
Server: 34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://jp-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 26 Jun 2023 03:55:52 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 26 Jun 2023 03:55:52 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://us-u.openx.net/w/1.0/sd?id=537072971&val=5e7202d9-6874-499f-945e-f77f754f1896&ttd_puid=8fcc27f6-3fcb-7e0d-dc57-70e0e64e410f&gdpr=0&gdpr_consent=
content-type: text/html
cache-control: private,no-cache, must-revalidate
content-length: 335

GET
H3 200 pixel
cm.g.doubleclick.net/ Frame 446F 170 B
188 B 161ms
150ms Image
image/png 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=YTNhM2Y0M2MtZjZiYy0yMGE5LWM5YjctMmE1OTJjYWM4ZjZm

Requested by

Host: jp-u.openx.net
URL: https://jp-u.openx.net/w/1.0/pd?plm=10&ph=41369f8c-6fd8-4c86-b8bb-fad81774416e

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://jp-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 26 Jun 2023 03:55:52 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame 446F
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEBkdEKetsQEY9V3V1hoTc9o&google_cver=1

43 B
106 B

158ms
147ms

Image
image/gif

34.98.64.218
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEBkdEKetsQEY9V3V1hoTc9o&google_cver=1
Requested by: Host: jp-u.openx.net
URL: https://jp-u.openx.net/w/1.0/pd?plm=10&ph=41369f8c-6fd8-4c86-b8bb-fad81774416e
Protocol: H2
Server: 34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://jp-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 26 Jun 2023 03:55:52 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 26 Jun 2023 03:55:52 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEBkdEKetsQEY9V3V1hoTc9o&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 295
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxUYgIHTW0XvfJ5hzxwm1oYDGn1GgOiu6hC9Ql_V3TkTFSKUQ07BW97zFZmX7DK3DFoe6RxhMhJ-llNKInPXdcaSHevuJYgxJamUopnFmlFCT1Ms69BphELhaCIzQYA7oky22V4-8w== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 441ms
156ms XHR
text/html 142.250.184.238
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxUYgIHTW0XvfJ5hzxwm1oYDGn1GgOiu6hC9Ql_V3TkTFSKUQ07BW97zFZmX7DK3DFoe6RxhMhJ-llNKInPXdcaSHevuJYgxJamUopnFmlFCT1Ms69BphELhaCIzQYA7oky22V4-8w==

Requested by

Host: www.sanook.com
URL: https://www.sanook.com/women/220941/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.238 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f14.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-sNZBH9JDfCk7Lb9tU-jUjA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.sanook.com/
accept-language: ka-GE,ka;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 26 Jun 2023 03:55:52 GMT
content-security-policy: script-src 'report-sample' 'nonce-sNZBH9JDfCk7Lb9tU-jUjA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
access-control-allow-origin: https://www.sanook.com
access-control-allow-methods: POST, GET, OPTIONS
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 gtr Show response
dsp-ap.eskimi.com/v2/ Frame 5380 731 B
1 KB 7686ms
210ms XHR
application/json 35.186.201.99
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://dsp-ap.eskimi.com/v2/gtr?&t=1687751751999
Requested by: Host: dsp-media.eskimi.com
URL: https://dsp-media.eskimi.com/assets/js/e/gtr.min.js?_=0.0.0.2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.201.99 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 99.201.186.35.bc.googleusercontent.com
Software: /
Resource Hash: ac2ee389d90f7f9e10788782bdb2177224a9ce346a07cf061440c697d6d219ca

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://d0d8b8e6b737a493004210cba1ad57b8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: https://d0d8b8e6b737a493004210cba1ad57b8.safeframe.googlesyndication.com
date: Mon, 26 Jun 2023 03:55:59 GMT
cache-control: no-cache
access-control-allow-credentials: true
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: application/json

GET
H3 200 trv
dsp-trk.eskimi.com/ Frame 5380 43 B
54 B 144ms
144ms Image
image/gif 34.120.139.69
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsp-trk.eskimi.com/trv?bId=1687751749758.14.ed98ef07-605f-43f4-96b8-f81b5ee6dbc4&trve=0&trv=0&src=utr&_=1687751752000
Requested by: Host: d0d8b8e6b737a493004210cba1ad57b8.safeframe.googlesyndication.com
URL: https://d0d8b8e6b737a493004210cba1ad57b8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.120.139.69 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 69.139.120.34.bc.googleusercontent.com
Software: /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://d0d8b8e6b737a493004210cba1ad57b8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Jun 2023 03:55:51 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: image/gif

GET
H3 200 trv
dsp-trk.eskimi.com/ Frame 5380 43 B
54 B 144ms
143ms Image
image/gif 34.120.139.69
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsp-trk.eskimi.com/trv?bId=1687751749758.14.ed98ef07-605f-43f4-96b8-f81b5ee6dbc4&trve=1&trv=0&src=utr&_=1687751752000
Requested by: Host: d0d8b8e6b737a493004210cba1ad57b8.safeframe.googlesyndication.com
URL: https://d0d8b8e6b737a493004210cba1ad57b8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.120.139.69 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 69.139.120.34.bc.googleusercontent.com
Software: /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://d0d8b8e6b737a493004210cba1ad57b8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Jun 2023 03:55:51 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: image/gif

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 32E3
Redirect Chain

https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEOgDz6QeQSqqhlYuP4bzu1k&google_cver=1&google_push=ATf1kGMH-Nk7uFaL3mmX_F0gsYNksxPTQbFEDUq2WnzkBDN5i1dCzYHs1tgd9KVZX7DJ2G4cdvFxkEXwD3qxaO3IPao1...
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=ATf1kGMH-Nk7uFaL3mmX_F0gsYNksxPTQbFEDUq2WnzkBDN5i1dCzYHs1tgd9KVZX7DJ2G4cdvFxkEXwD3qxaO3IPao1IEPPzgts&google_hm=w0v75dPIQiC7kISp6FYBUg==

170 B
188 B

149ms
147ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=ATf1kGMH-Nk7uFaL3mmX_F0gsYNksxPTQbFEDUq2WnzkBDN5i1dCzYHs1tgd9KVZX7DJ2G4cdvFxkEXwD3qxaO3IPao1IEPPzgts&google_hm=w0v75dPIQiC7kISp6FYBUg==

Requested by

Host: d0d8b8e6b737a493004210cba1ad57b8.safeframe.googlesyndication.com
URL: https://d0d8b8e6b737a493004210cba1ad57b8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 26 Jun 2023 03:55:52 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: //cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=ATf1kGMH-Nk7uFaL3mmX_F0gsYNksxPTQbFEDUq2WnzkBDN5i1dCzYHs1tgd9KVZX7DJ2G4cdvFxkEXwD3qxaO3IPao1IEPPzgts&google_hm=w0v75dPIQiC7kISp6FYBUg==
date: Mon, 26 Jun 2023 03:55:52 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 32E3
Redirect Chain

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEE6H8PQVHRz98zUFcTUhGYM&google_cver=1&google_push=ATf1kGPPlRJbrgJ9aZCQqEUI691u5MyF_9ggIKrJDRz3OJnOO8EMV4miGkcRfF7O8R4VRnyJGjDI_1-Q...
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=OTc2MDU1MzU4MTI3NDQ5ODQx&google_push=ATf1kGPPlRJbrgJ9aZCQqEUI691u5MyF_9ggIKrJDRz3OJnOO8EMV4miGkcRfF7O8R4VRnyJGjDI_1-Q...

170 B
188 B

150ms
149ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=OTc2MDU1MzU4MTI3NDQ5ODQx&google_push=ATf1kGPPlRJbrgJ9aZCQqEUI691u5MyF_9ggIKrJDRz3OJnOO8EMV4miGkcRfF7O8R4VRnyJGjDI_1-QluUkVKBzfjcvSpMEkW91

Requested by

Host: d0d8b8e6b737a493004210cba1ad57b8.safeframe.googlesyndication.com
URL: https://d0d8b8e6b737a493004210cba1ad57b8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 26 Jun 2023 03:55:52 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 26 Jun 2023 03:55:52 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=OTc2MDU1MzU4MTI3NDQ5ODQx&google_push=ATf1kGPPlRJbrgJ9aZCQqEUI691u5MyF_9ggIKrJDRz3OJnOO8EMV4miGkcRfF7O8R4VRnyJGjDI_1-QluUkVKBzfjcvSpMEkW91
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 32E3
Redirect Chain

https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEIjVwys9dnRFRpUNjY0Ynd8&google_cver=1&google_push=ATf1kGPJYdWIivEu2zgYXcGVkp8t0Oxpg7tgaV6P7n1JcBLhIpAHzV6rMMa1eKlykuFVVpSckUpkrof8N7PBrDM7ttCCvvQ8TtU
https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=0&gdpr_consent=&us_privacy=&sync=1&google_push=ATf1kGPJYdWIivEu2zgYXcGVkp8t0Oxpg7tgaV6P7n1JcBLhIpAHzV6rMMa1eKlykuFVVpSckUpkrof8N7PBrDM7ttCCvvQ8TtU...
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MzU1ODExNTI1ODMyNzQxNjEzODYyNQ%3D%3D&google_push=ATf1kGPJYdWIivEu2zgYXcGVkp8t0Oxpg7tgaV6P7n1JcBLhIpAHzV6r...

170 B
188 B

148ms
148ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MzU1ODExNTI1ODMyNzQxNjEzODYyNQ%3D%3D&google_push=ATf1kGPJYdWIivEu2zgYXcGVkp8t0Oxpg7tgaV6P7n1JcBLhIpAHzV6rMMa1eKlykuFVVpSckUpkrof8N7PBrDM7ttCCvvQ8TtU

Requested by

Host: www.sanook.com
URL: https://www.sanook.com/women/220941/

Protocol

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 26 Jun 2023 03:55:55 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MzU1ODExNTI1ODMyNzQxNjEzODYyNQ%3D%3D&google_push=ATf1kGPJYdWIivEu2zgYXcGVkp8t0Oxpg7tgaV6P7n1JcBLhIpAHzV6rMMa1eKlykuFVVpSckUpkrof8N7PBrDM7ttCCvvQ8TtU
date: Mon, 26 Jun 2023 03:55:55 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H2 204 /
cc.adingo.jp/adx/push/ Frame 32E3 0
43 B 1030ms
371ms Image
text/plain 52.193.179.39
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cc.adingo.jp/adx/push/?google_gid=CAESEAMBCL7yttcMWrfd15B7O0g&google_cver=1&google_push=ATf1kGNXx5KxWnKDQpeHxM7c0lkZ0LQbgo21So1gb8wLSJcCX0Dn8E_sXIzHk1wpqwzh9iOb0dvMJ5PHo2QG_KMoNZMLr9yaiuGT
Requested by: Host: d0d8b8e6b737a493004210cba1ad57b8.safeframe.googlesyndication.com
URL: https://d0d8b8e6b737a493004210cba1ad57b8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.193.179.39 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-193-179-39.ap-northeast-1.compute.amazonaws.com
Software: awselb/2.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Jun 2023 03:55:52 GMT
server: awselb/2.0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 32E3
Redirect Chain

https://rtb2-useast.e-volution.ai/sync?exchange=193&google_gid=CAESEHNjqDo9NaqZt8YGFMh2OhI&google_cver=1&google_push=ATf1kGMYwSbhvpNyp16BnIlcI7Unsld7r2pvm9PglAzcVVFdnYze_nWxZov6oQ1WYzAAjm40FvJTWzJs...
https://dsp.adkernel.com/adkuid?r=https%3A%2F%2Frtb2-useast.e-volution.ai%2Fsync%3Fexchange%3D193%26google_gid%3DCAESEHNjqDo9NaqZt8YGFMh2OhI%26google_cver%3D1%26google_push%3DATf1kGMYwSbhvpNyp16BnI...
https://rtb2-useast.e-volution.ai/sync?adkuid=A7818322809194813312&exchange=193&google_gid=CAESEHNjqDo9NaqZt8YGFMh2OhI&google_cver=1&google_push=ATf1kGMYwSbhvpNyp16BnIlcI7Unsld7r2pvm9PglAzcVVFdnYze...
https://cm.g.doubleclick.net/pixel?google_nid=metup_srl_w_bidswitch&google_hm=QTc4MTgzMjI4MDkxOTQ4MTMzMTI&google_push=ATf1kGMYwSbhvpNyp16BnIlcI7Unsld7r2pvm9PglAzcVVFdnYze_nWxZov6oQ1WYzAAjm40FvJTWzJ...

170 B
188 B

159ms
159ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=metup_srl_w_bidswitch&google_hm=QTc4MTgzMjI4MDkxOTQ4MTMzMTI&google_push=ATf1kGMYwSbhvpNyp16BnIlcI7Unsld7r2pvm9PglAzcVVFdnYze_nWxZov6oQ1WYzAAjm40FvJTWzJsEuzS1yV7wnCXJpkMfNfE2w

Requested by

Host: www.sanook.com
URL: https://www.sanook.com/women/220941/

Protocol

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 26 Jun 2023 03:55:55 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=metup_srl_w_bidswitch&google_hm=QTc4MTgzMjI4MDkxOTQ4MTMzMTI&google_push=ATf1kGMYwSbhvpNyp16BnIlcI7Unsld7r2pvm9PglAzcVVFdnYze_nWxZov6oQ1WYzAAjm40FvJTWzJsEuzS1yV7wnCXJpkMfNfE2w
Date: Mon, 26 Jun 2023 03:55:55 GMT
Server: nginx
Connection: keep-alive
Content-Length: 0

GET /
onetag-sys.com/match/ Frame 32E3 0
0

GET
H2

200

report
sync.teads.tv/um/ Frame 32E3
Redirect Chain

https://sync.teads.tv/um?eid=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEGMY8ghtrFuTYK4JHarIw-0&...
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=OTYwNDljMWItNDQwYS00NzNlLWExOTYtNTgzNTA2NjcxYWNk&google_push=ATf1kGOIfrOZxv-Kfizvn0vVqvjdMnh8KKVzVqRvtcZ8_rlp33y6QgqEff11lemESdSQI...
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab

23 B
165 B

155ms
155ms

Image
image/gif

104.75.89.75
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/women/220941/
Protocol: H2
Server: 104.75.89.75 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-75-89-75.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.10 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

expires: Mon, 26 Jun 2023 03:55:55 GMT
pragma: no-cache
date: Mon, 26 Jun 2023 03:55:55 GMT
cache-control: max-age=0, no-cache, no-store
server: akka-http/10.2.10
content-length: 23
content-type: image/gif

Redirect headers

pragma: no-cache
date: Mon, 26 Jun 2023 03:55:55 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 260
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 32E3 0
12 B 147ms
146ms Image
text/html 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JT5zDQYWuFuDBLl_-pRnwm27Fl214yJ8GK_nZSrp7AvIwbxjLxy9jkB4QQuAzEeogDMUl8bdWK

Requested by

Host: d0d8b8e6b737a493004210cba1ad57b8.safeframe.googlesyndication.com
URL: https://d0d8b8e6b737a493004210cba1ad57b8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Jun 2023 03:55:52 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2 200 gtr Show response
dsp-ap.eskimi.com/v2/ Frame 3D0E 731 B
1 KB 7630ms
211ms XHR
application/json 35.186.201.99
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://dsp-ap.eskimi.com/v2/gtr?&t=1687751752057
Requested by: Host: dsp-media.eskimi.com
URL: https://dsp-media.eskimi.com/assets/js/e/gtr.min.js?_=0.0.0.2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.201.99 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 99.201.186.35.bc.googleusercontent.com
Software: /
Resource Hash: e1a424430a8dd1870e12a8fe3e87f034698edbd55d3d78b6080a389ee1e61ba4

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://d0d8b8e6b737a493004210cba1ad57b8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: https://d0d8b8e6b737a493004210cba1ad57b8.safeframe.googlesyndication.com
date: Mon, 26 Jun 2023 03:55:59 GMT
cache-control: no-cache
access-control-allow-credentials: true
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: application/json

GET
H3 200 trv
dsp-trk.eskimi.com/ Frame 3D0E 43 B
54 B 149ms
148ms Image
image/gif 34.120.139.69
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsp-trk.eskimi.com/trv?bId=1687751749480.2.ATkaO8IGD1Fc0cicEOtj6g&trve=0&trv=0&src=utr&_=1687751752057
Requested by: Host: d0d8b8e6b737a493004210cba1ad57b8.safeframe.googlesyndication.com
URL: https://d0d8b8e6b737a493004210cba1ad57b8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.120.139.69 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 69.139.120.34.bc.googleusercontent.com
Software: /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://d0d8b8e6b737a493004210cba1ad57b8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Jun 2023 03:55:52 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: image/gif

GET
H3 200 trv
dsp-trk.eskimi.com/ Frame 3D0E 43 B
54 B 149ms
148ms Image
image/gif 34.120.139.69
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsp-trk.eskimi.com/trv?bId=1687751749480.2.ATkaO8IGD1Fc0cicEOtj6g&trve=1&trv=0&src=utr&_=1687751752058
Requested by: Host: d0d8b8e6b737a493004210cba1ad57b8.safeframe.googlesyndication.com
URL: https://d0d8b8e6b737a493004210cba1ad57b8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.120.139.69 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 69.139.120.34.bc.googleusercontent.com
Software: /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://d0d8b8e6b737a493004210cba1ad57b8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Jun 2023 03:55:52 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: image/gif

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 4E05 0
0 171ms
171ms Fetch
image/gif 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsupkOgwzPGq8vyilo_obFugo3_6RPAQP_X3izGBbnVnrbWECvDjCpPCfj5S1fzdLiNrPRoSGxYGBULcFtoh-bP6Sn9fw4SSZuZbA172kX1rPdaUIwmLF9CUYYiwbS6MEmrKSvkFXlD9S6R57BjGUAJwAoln3oKEJKIVmD0Vd43u1LNAsy-0YQagndAPIr6QluDDqiBJV596SluGrFEZwXvVS6hxXz384FOGxjWJFC1XfxtaPr2D-z0WMjuF7dYVZoIeX2ZkHZBzpa4F8CaNeLb_l7843unFTEAzjNLAJfwDVuBQv-F0eZ3JmeywuNbXW3jCo_HqXj1PQaTyEA&sai=AMfl-YRzC14XSTltTqJkrLiwxQGkWYS8hHr2pgNst2OxXDnJYlmSUSqcx12-XrjyycZB5rm26CcjYN9jdtqESlwedVJOT-jzo97nKH-DEhZ99CmZabVZ3xOLR8nKAFGrsnM&sig=Cg0ArKJSzLD7um69evBlEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: www.sanook.com
URL: https://www.sanook.com/women/220941/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Jun 2023 03:55:52 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/3.3.1/ Frame 4E05 85 KB
30 KB 426ms
140ms Script
text/javascript 142.250.186.74
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306200101/pubads_impl.js?cb=31075546

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.74 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f10.1e100.net

Software

sffe /

Resource Hash

160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 25 Jun 2023 07:58:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 71837
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30399
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 24 Jun 2024 07:58:35 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 4E05 179 KB
56 KB 151ms
150ms Script
text/javascript 172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306200101/pubads_impl.js?cb=31075546

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f2.1e100.net

Software

sffe /

Resource Hash

13b4bb0bb059eee9a7ddf5b8ae3f395e28e7f81918eeac0ec934f3d050c4d0a2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Jun 2023 03:55:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57242
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1687383875062185"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 26 Jun 2023 03:55:52 GMT

GET p-25CIknq_eSg16.gif
cms.quantserve.com/pixel/ Frame 08DA 0
0

GET
H2

200

sd
eu-u.openx.net/w/1.0/ Frame 08DA
Redirect Chain

https://c1.adform.net/serving/cookie/match?party=22
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=976055358127449841

43 B
106 B

144ms
143ms

Image
image/gif

34.98.64.218
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eu-u.openx.net/w/1.0/sd?id=537113484&val=976055358127449841
Requested by: Host: google-bidout-d.openx.net
URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Protocol: H2
Server: 34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://google-bidout-d.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 26 Jun 2023 03:55:52 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 26 Jun 2023 03:55:52 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://eu-u.openx.net/w/1.0/sd?id=537113484&val=976055358127449841
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame 08DA
Redirect Chain

https://match.adsrvr.org/track/cmf/openx?oxid=8fcc27f6-3fcb-7e0d-dc57-70e0e64e410f&gdpr=0
https://us-u.openx.net/w/1.0/sd?id=537072971&val=5e7202d9-6874-499f-945e-f77f754f1896&ttd_puid=8fcc27f6-3fcb-7e0d-dc57-70e0e64e410f&gdpr=0&gdpr_consent=

43 B
250 B

153ms
153ms

Image
image/gif

34.98.64.218
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072971&val=5e7202d9-6874-499f-945e-f77f754f1896&ttd_puid=8fcc27f6-3fcb-7e0d-dc57-70e0e64e410f&gdpr=0&gdpr_consent=
Requested by: Host: google-bidout-d.openx.net
URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Protocol: H2
Server: 34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://google-bidout-d.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 26 Jun 2023 03:55:52 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 26 Jun 2023 03:55:52 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://us-u.openx.net/w/1.0/sd?id=537072971&val=5e7202d9-6874-499f-945e-f77f754f1896&ttd_puid=8fcc27f6-3fcb-7e0d-dc57-70e0e64e410f&gdpr=0&gdpr_consent=
content-type: text/html
cache-control: private,no-cache, must-revalidate
content-length: 335

GET
H3 200 pixel
cm.g.doubleclick.net/ Frame 08DA 170 B
188 B 154ms
153ms Image
image/png 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=YTNhM2Y0M2MtZjZiYy0yMGE5LWM5YjctMmE1OTJjYWM4ZjZm

Requested by

Host: google-bidout-d.openx.net
URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://google-bidout-d.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 26 Jun 2023 03:55:52 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame 08DA
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEBkdEKetsQEY9V3V1hoTc9o&google_cver=1

43 B
106 B

144ms
142ms

Image
image/gif

34.98.64.218
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEBkdEKetsQEY9V3V1hoTc9o&google_cver=1
Requested by: Host: google-bidout-d.openx.net
URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Protocol: H2
Server: 34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://google-bidout-d.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 26 Jun 2023 03:55:52 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 26 Jun 2023 03:55:52 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEBkdEKetsQEY9V3V1hoTc9o&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 295
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame FA44 17 KB
6 KB 159ms
158ms Script
text/javascript 172.217.18.1
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306200101/pubads_impl.js?cb=31075546

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.1 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra02s19-in-f1.1e100.net

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Jun 2023 03:55:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 26 Jun 2023 03:55:52 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame F5FB 13 KB
5 KB 140ms
139ms Document
text/html 172.217.18.1
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.1 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra02s19-in-f1.1e100.net

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.sanook.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: ka-GE,ka;q=0.9

Response headers

accept-ranges: bytes
age: 131889
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 24 Jun 2023 15:17:43 GMT
expires: Sun, 23 Jun 2024 15:17:43 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 9814 783 B
536 B 142ms
141ms Document
text/html 142.250.186.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f4.1e100.net

Software

GSE /

Resource Hash

08c2f10b804d480e20f6dd68368affea57114a6bb96a05debcf456d9c06e3672

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-FQ6oF_7XvCy8UIZc6IHp9A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.sanook.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: ka-GE,ka;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 514
content-security-policy: script-src 'report-sample' 'nonce-FQ6oF_7XvCy8UIZc6IHp9A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Mon, 26 Jun 2023 03:55:52 GMT
expires: Mon, 26 Jun 2023 03:55:52 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 SPug Show response
simage4.pubmatic.com/AdServer/ Frame 30DF 0
260 B 1705ms
144ms Script
text/plain 198.47.127.20
GTT-BACKBONE GTT

General

Check archive.org

Show headers Download Go to

Full URL: https://simage4.pubmatic.com/AdServer/SPug?partnerID=155976&gdpr=0&gdpr_consent=&us_privacy=1---
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=155976
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 198.47.127.20 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Jun 2023 03:55:52 GMT
cache-control: no-store, no-cache, private
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 7C19 0
20 B 177ms
177ms Image
image/gif 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BDDXIRQyZZOyEF_ym9u8P0b2WwA0AAAAAOAHgBAI&bg=!1tWl1YHNAAYQ3eRoMN07ADkAdvg8WtpDSJDa4rIQDKIAmq_Xge9F7UoOEN6nT0ZfRzolg3YWZCuilUh7OpFjPnvLMxu-TZxFfHYCAAABNFIAAAACaAEHCgB5STRWwG1CmsLBMp79et5l2uKwfk3Fdid66HeqZLVsGqCC1nEI8tiJ_kXqUv3TvZ3MJsrEK5j7fUpA5jwRKNaI1Cs7jxC5jiGb_G0Y5VMZvEPkJDYx_PvZOx9FMqBWILn4LGn7FTKPYwv4lm2HA-fTq9comtL1tJbQoZkC5jsOxQtVOd-z-_uxfeWngZ-XbRQlZJPzhHY_pMICHu8J9Fuh6G8rOVqkkvqtV5Cjsnef3vnI5J1dY4Zn8jqcQzNUIrqXzjB3ODfT1tOxemhNLsCaI5R8-M9RNFoH5mjPPvTLk6R10Jtv5C1p9-bj2IeojbniyAGHYtihmRq6OovqntlSNNh4KnWugDXJIz9ea50H4QSoZSE12Ag-dPUTeCTFbkxDkV5fg82YtzUKuJuqih_1tH-molBAD1DKP0Q-S8dOkuawchGVtQFUzA9cUmq2a8N6lVJHNwqRDTYZCrAEvvGV7SUCAI3BIjqeNOUOSr9NcWTtuzkRhkikg4aMu7BoMrx5oCBm-EyGbcarEcbDw12t3ByiAnpu8CLEccMx1cHXRXJ4L6tw0UKT3ay2x2wGu_cmyq9ok0WST0Kkfc3qgOyv9lS1RfODn6R8k2Y9v8dqZot0A41zZ5x0AipScx2tJm72yHr6o8NEIqNlRlMQiQ8aGfG4OU53FJaqe5Dlwd3JuUnjcsBBbaujl-EZHpIAS6ZksCScSd9sqVekNfNLBIuA9wjtI-KbpuqyQj8CCPiAoPxevshKQObTm4AcYlymg9z7515FsuwV3FAsgBRiVYx74j6UnIe2HxoouOwuXuYcHnc09PPiMm3u1zE3cyDBXggUPa6C61gl1eDl7O8Edh2ZPsecOFcCJ7XBfWc3vli5qRklrXBpi9Y1YBTnwDQF0bRSTl2834Z2tbnjIBcP6ZlAGk7lEyPoliBZmf_bMv9lJLJKizfa3HSz4jhrEP0VE7PeXLRv5YPb1CxZ7yMEOzr1woVzR14P1zhvaNXCvLhJhrLqW8LigvZohZfFS2bLaPQCVBnZIkwzl20WQWVhvtzAYuAAM7I26E-P9ou7tc3QNpnKH85fH-gPI5L4qBepI3pFZxmyU3DDnzwfq50lxb0l2xuGBU6BFl0rB_SB7mZuHNQmG6zjm0hd4U_MXkPdgCUlVTQ

Requested by

Host: d0d8b8e6b737a493004210cba1ad57b8.safeframe.googlesyndication.com
URL: https://d0d8b8e6b737a493004210cba1ad57b8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 26 Jun 2023 03:55:52 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 9814 0
0 168ms
167ms Image
text/html 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202306200101&jk=349025328121802&rc=
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/women/220941/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s56-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3 200 jdpdYrpkibv-F-ZvbPHZN82lghlqt1OiHBdTY59cac0.js Show response
pagead2.googlesyndication.com/bg/ Frame F5FB 37 KB
14 KB 133ms
133ms Script
text/javascript 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/jdpdYrpkibv-F-ZvbPHZN82lghlqt1OiHBdTY59cac0.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

sffe /

Resource Hash

8dda5d62ba6489bbfe17e66f6cf1d937cda582196ab753a21c1753639f5c69cd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Jun 2023 12:12:57 GMT
content-encoding: br
x-content-type-options: nosniff
age: 142975
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14627
x-xss-protection: 0
last-modified: Mon, 19 Jun 2023 09:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 23 Jun 2024 12:12:57 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 4E05 0
0 171ms
170ms Fetch
image/gif 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssBlmNITFuGbY2LTl8lXH-FVGvq_XWiiHunpK7w4W-gLreJCnFjo_Ba0cLLpsIDNJqbye8ruf6k39vciaH2kk2t9wT2yAoj4BU3_3zgBQwb8CVTu9rp6WV0YRyz4WQ39tqbbOCQdI2fQvzQOwrmshbeTSeHyIJ17ZR571tXHT56PjcTqs_b4X4oWwmbvRtT26AA1v4RTrwTXFR3qH55juF_zzl-sWRaBF0UCyrOIiBEe1fxXX4sAJKDbSlIQF0ipkumTC3z5Smc1u5WE090W4uThZvI-BnMJoIVmDpDnDQ5omwLBiIDC8nzeCmkb_QDFwauVcnQtqDs6CtUcQXz&sai=AMfl-YT5hPrOaQBIJAFU739COufvrFTn04VjWELf3IRv4mHDQKufiBG77vTOBCQjdbrv-erdJnAAEEHokZQl_PjdpJLWZ95Qx3fOYEw0u06DMXS8FKHyudNuJRgWuz2NTCI&sig=Cg0ArKJSzFRggtyiB6geEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Jun 2023 03:55:52 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Mon, 26 Jun 2023 03:55:52 GMT

GET
H2 200 PugMaster Show response
image6.pubmatic.com/AdServer/ Frame FE74 3 KB
3 KB 148ms
148ms Script
text/html 185.64.190.78
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=49905350&p=155976&s=0&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=1---
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=155976
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: 234cfa760f6ad57ccc57185ac6f5e3d5d88a4a9a4d65730a950a49aa426681e7

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type: text/html; charset=UTF-8
date: Mon, 26 Jun 2023 03:55:52 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H2 200 PugMaster Show response
image6.pubmatic.com/AdServer/ Frame AFF2 3 KB
3 KB 147ms
147ms Script
text/html 185.64.190.78
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=49387012&p=155976&s=0&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=1---
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=155976
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: 234cfa760f6ad57ccc57185ac6f5e3d5d88a4a9a4d65730a950a49aa426681e7

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type: text/html; charset=UTF-8
date: Mon, 26 Jun 2023 03:55:51 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H2 200 PugMaster Show response
image6.pubmatic.com/AdServer/ Frame A8CE 3 KB
3 KB 150ms
148ms Script
text/html 185.64.190.78
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=38511821&p=155976&s=0&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=1---
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=155976
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: 234cfa760f6ad57ccc57185ac6f5e3d5d88a4a9a4d65730a950a49aa426681e7

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type: text/html; charset=UTF-8
date: Mon, 26 Jun 2023 03:55:52 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H3 200 attachad.-layer-ad.-advert.jpg Show response
fundingchoicesmessages.google.com/f/AGSKWxVUsw9d26CTJ7QJLnSpQL0TKTrhZ7Sihsv5L3vVuaEfBxFokA2eo9qqUhbLhIgOlblgoywUQ-WdXW-pUfp7HD-1U495y3bwPee5_Qx07FrRQsGMjj3Wb6lQ2eAsWIWfxEUP5rzjoR10E7bo3tNwqV3HITAqX... 54 B
108 B 151ms
150ms Script
application/javascript 142.250.184.238
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxVUsw9d26CTJ7QJLnSpQL0TKTrhZ7Sihsv5L3vVuaEfBxFokA2eo9qqUhbLhIgOlblgoywUQ-WdXW-pUfp7HD-1U495y3bwPee5_Qx07FrRQsGMjj3Wb6lQ2eAsWIWfxEUP5rzjoR10E7bo3tNwqV3HITAqX9SL_mkd1hvJEHEUb0syf-U2r2EuyV7f/_/adrich./attachad.-layer-ad.-advert.jpg?/ad/special.

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.V9rz8nd7fF4.es5.O/d=1/exm=kernel_loader,loader_js_executable,web_iab_ccpa_signal_executable/ed=1/rs=AJlcJMzk3z5fCle2HxR77n6U55O4T5vsmg/m=ad_blocking_detection_executable

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.238 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f14.1e100.net

Software

ESF /

Resource Hash

c6129518426ffba9c83bbfc160f87789e1176a1c5a47da3871d2e8c915e91d09

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-X7bZbXidUUVViwBvzjweig' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Jun 2023 03:55:52 GMT
content-security-policy: script-src 'report-sample' 'nonce-X7bZbXidUUVViwBvzjweig' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 google_top_exp.js Show response
pagead2.googlesyndication.com/pagead/js/ 47 B
67 B 135ms
135ms Script
text/javascript 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/google_top_exp.js?fcd=true

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.V9rz8nd7fF4.es5.O/d=1/exm=kernel_loader,loader_js_executable,web_iab_ccpa_signal_executable/ed=1/rs=AJlcJMzk3z5fCle2HxR77n6U55O4T5vsmg/m=ad_blocking_detection_executable

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

ccecd185ac16ba0a538840f37701053fbb861f7fbbdd86039c7415fcd924d1f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 25 Jun 2023 08:56:11 GMT
content-encoding: br
x-content-type-options: nosniff
age: 68381
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
server: cafe
etag: 13036835877489095579
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 09 Jul 2023 08:56:11 GMT

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxUYgIHTW0XvfJ5hzxwm1oYDGn1GgOiu6hC9Ql_V3TkTFSKUQ07BW97zFZmX7DK3DFoe6RxhMhJ-llNKInPXdcaSHevuJYgxJamUopnFmlFCT1Ms69BphELhaCIzQYA7oky22V4-8w==

Requested by

Host: www.sanook.com
URL: https://www.sanook.com/women/220941/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.238 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f14.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-k20tpdzpEVBhKCKcZlQ-DQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.sanook.com/
accept-language: ka-GE,ka;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 26 Jun 2023 03:55:52 GMT
content-security-policy: script-src 'report-sample' 'nonce-k20tpdzpEVBhKCKcZlQ-DQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
access-control-allow-origin: https://www.sanook.com
access-control-allow-methods: POST, GET, OPTIONS
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 56A5 42 B
64 B 168ms
168ms Fetch
image/gif 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuM0rVntXwvVPMkg6wNHyYzAyH6gnHaDraUd-wBfXdjP_w1sBhT7ju_r2Iqdu6lxOriVcWEZc4JqMANSAjax1w473ShXjRinpyBapQS3z3CWpZnsLN8&sig=Cg0ArKJSzBuT1PNNfTq8EAE&id=lidar2&mcvt=1018&p=1078,1200,1303,1600&mtos=0,0,1018,1018,1018&tos=0,0,1018,0,0&v=20230621&bin=7&avms=nio&bs=1600,1200&mc=0.54&vu=1&app=0&itpl=19&adk=2732521762&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1687751749802&rpt=1898&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=14

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 26 Jun 2023 03:55:52 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 match Show response
c1.adform.net/serving/cookie/ Frame 9443 35 B
590 B 148ms
148ms Document
image/gif 37.157.5.84
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://c1.adform.net/serving/cookie/match?party=14&cid=B7B76140-5686-45C7-BDB2-CE3A35903DE0&gdpr=0&gdpr_consent=

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=155976

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.5.84 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: ka-GE,ka;q=0.9

Response headers

accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: no-cache, no-store, must-revalidate, no-transform
content-type: image/gif
date: Mon, 26 Jun 2023 03:55:52 GMT
expires: -1
pragma: no-cache
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains

GET
H2

200

b9pj45k4 Show response
sync-tm.everesttech.net/ct/upi/pid/ Frame 9A14
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_con...
https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_...

85 B
229 B

240ms
240ms

Document
image/png

151.101.130.49
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=&_test=ZJkMSQAUqx6qsgBa
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=155976
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.130.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Jetty(9.4.35.v20201120) /
Resource Hash: acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: ka-GE,ka;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
cache-control: no-cache
content-length: 85
content-type: image/png
date: Mon, 26 Jun 2023 03:55:53 GMT
p3p: CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
pragma: no-cache
server: Jetty(9.4.35.v20201120)
via: 1.1 varnish
x-cache: MISS
x-cache-hits: 0
x-served-by: cache-sof1510035-SOF
x-timer: S1687751754.674550,VS0,VE116

Redirect headers

accept-ranges: bytes
access-control-allow-origin: *
cache-control: no-cache
content-length: 0
date: Mon, 26 Jun 2023 03:55:53 GMT
location: https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=&_test=ZJkMSQAUqx6qsgBa
p3p: CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
pragma: no-cache
server: Jetty(9.4.35.v20201120)
via: 1.1 varnish
x-cache: MISS
x-cache-hits: 0
x-served-by: cache-sof1510035-SOF
x-timer: S1687751753.439124,VS0,VE116

GET
H2 200 bridge Show response
cm.adgrx.com/ Frame DF36 0
221 B 7839ms
216ms Document
text/plain 72.251.245.179
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=155976
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 72.251.245.179 Amsterdam, Netherlands, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software: Cowboy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: ka-GE,ka;q=0.9

Response headers

access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, proxy-revalidate
content-length: 0
date: Mon, 26 Jun 2023 03:56:00 GMT
expires: Thu, 23 Sep 2004 17:42:04 GMT
p3p: CP="NOI OTC OTP OUR NOR"
pragma: no-cache
server: Cowboy
x-realserver-nx: ams-delivery-7

GET
H2

200

Pug Show response
image2.pubmatic.com/AdServer/ Frame 7DC1
Redirect Chain

https://cm-supply-web.gammaplatform.com/adx/usersyncsupply?pid=7&t=pixel
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTkmdGw9NDMyMDA=&piggybackCookie=e5fufkphy0lk

42 B
232 B

181ms
179ms

Document
image/gif

185.64.191.210
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTkmdGw9NDMyMDA=&piggybackCookie=e5fufkphy0lk
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=155976
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: ka-GE,ka;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Mon, 26 Jun 2023 03:55:53 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

accept-encoding: utf-8
cache-control: no-cache, no-store
content-length: 0
date: Mon, 26 Jun 2023 03:55:53 GMT
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTkmdGw9NDMyMDA=&piggybackCookie=e5fufkphy0lk
lws: 42
strict-transport-security: max-age=31536000; includeSubDomains
time-ms: 0

GET
H2 200 cm Show response
ipac.ctnsnet.com/int/ Frame F0B5 43 B
370 B 1559ms
139ms Document
image/gif 35.186.193.173
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ipac.ctnsnet.com/int/cm?exc=14&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=[user_id]
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=155976
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.193.173 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 173.193.186.35.bc.googleusercontent.com
Software: Apache-Coyote/1.1 /
Resource Hash: 98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: ka-GE,ka;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-length: 43
content-type: image/gif
date: Mon, 26 Jun 2023 03:55:53 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: CP="NOI DSP COR NID CUR OUR NOR"
pragma: no-cache
server: Apache-Coyote/1.1
via: 1.1 google

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame 1900
Redirect Chain

https://csync.loopme.me/?pubid=11331&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={viewer_token}
https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}

0
75 B

148ms
147ms

Document
text/html

198.47.127.205
GTT-BACKBONE GTT

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=155976
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 198.47.127.205 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: ka-GE,ka;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Mon, 26 Jun 2023 03:55:58 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

content-length: 0
date: Mon, 26 Jun 2023 03:56:00 GMT
location: https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
server: _

GET
H/1.1 200
OK cookiesync Show response
core.iprom.net/ Frame 0266 43 B
282 B 1074ms
137ms Document
image/gif 195.5.165.20
IPROM-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://core.iprom.net/cookiesync?gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=155976
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 195.5.165.20 , Slovenia, ASN44968 (IPROM-AS, SI),
Reverse DNS
Software: /
Resource Hash: 98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: ka-GE,ka;q=0.9

Response headers

Connection: close
Content-Length: 43
Content-Type: image/gif
Date: Mon, 26 Jun 2023 03:55:53 GMT
Vary: Accept-Encoding
X-adserver-worker: leviathan-53910cd4bb2c@version_1.556v2
X-core-time: 0ms
X-server-arch: v2

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame 5DA4
Redirect Chain

https://ad.mrtnsvr.com/sync/pubmatic?gdpr=0&gdpr_consent=
https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0NTgmdGw9MTI5NjAw%26piggybackCookie%3D%23PM_USER_ID%26gdpr...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTgmdGw9MTI5NjAw&piggybackCookie=B7B76140-5686-45C7-BDB2-CE3A35903DE0&gdpr=0&gdpr_consent=

42 B
365 B

149ms
148ms

Document
image/gif

198.47.127.205
GTT-BACKBONE GTT

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTgmdGw9MTI5NjAw&piggybackCookie=B7B76140-5686-45C7-BDB2-CE3A35903DE0&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=155976
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 198.47.127.205 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: ka-GE,ka;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Mon, 26 Jun 2023 03:56:01 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

content-length: 0
content-type: text/html; charset=UTF-8
date: Mon, 26 Jun 2023 03:56:01 GMT
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTgmdGw9MTI5NjAw&piggybackCookie=B7B76140-5686-45C7-BDB2-CE3A35903DE0&gdpr=0&gdpr_consent=
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H2

200

i.match Show response
s.tribalfusion.com/z/ Frame EF56
Redirect Chain

https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATI...
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMA...

43 B
442 B

313ms
297ms

Document
image/gif

104.18.24.173
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=155976
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.24.173 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: ka-GE,ka;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-cache private
cf-cache-status: DYNAMIC
cf-ray: 7dd2846dfaad2dc5-TBS
content-length: 43
content-type: image/gif; charset=utf-8
date: Mon, 26 Jun 2023 03:55:54 GMT
expires: Thu, 01 Jan 1970 00:00:00 GMT
p3p: CP="NOI DEVo TAIa OUR BUS"
pragma: no-cache
server: cloudflare
x-function: 302

Redirect headers

alt-svc: h3=":443"; ma=86400
cache-control: no-cache private
cf-cache-status: DYNAMIC
cf-ray: 7dd2846bf99f2dc5-TBS
content-type: text/html
date: Mon, 26 Jun 2023 03:55:53 GMT
expires: Thu, 01 Jan 1970 00:00:00 GMT
location: https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
p3p: CP="NOI DEVo TAIa OUR BUS"
pragma: no-cache
server: cloudflare
x-function: 206
x-reuse-index: 1380

GET
H2

200

Pug Show response
image2.pubmatic.com/AdServer/ Frame 9484
Redirect Chain

https://green.erne.co/pubmatic/cm?gdpr=0&gdpr_consent=
https://pixel-eu.onaudience.com/?partner=270&smartmap=1&gdpr=0&gdpr_consent=&redirect=image2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%26piggybackCookie%3D%25...
https://sync.crwdcntrl.net/map/c=14544/tp=BIDB/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel-eu.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%24%7Bgdpr%7D%26red...
https://pixel-eu.onaudience.com/?partner=104&icm&cver&mapped=eb6079d1e598c4acd9508a7f7c38cd63&gdpr=0&redirect=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI4OD...
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=NOvcHvPGbYSSSVgjVnaSbVVT&gdpr=0&gdpr_consent=

42 B
283 B

146ms
145ms

Document
image/gif

185.64.191.210
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=NOvcHvPGbYSSSVgjVnaSbVVT&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=155976
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: ka-GE,ka;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Mon, 26 Jun 2023 03:55:56 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

content-length: 0
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=NOvcHvPGbYSSSVgjVnaSbVVT&gdpr=0&gdpr_consent=

GET
H2

200

/ Show response
sync.taboola.com/sg/unrulyrtb-network/1/rtb-h/ Frame 3AAD
Redirect Chain

https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent=
https://sync.1rx.io/usersync2/pubmatic?zcc=1&cb=1687751756189
https://ad.turn.com/r/cs?pid=45&rndcb=3348667192
https://sync.1rx.io/usersync/turn/2992603343639734767?dspret=1&gdpr=&gdpr_consent=&us_privacy=
https://sync.targeting.unrulymedia.com/csync/RX-47b4185a-ff3c-4292-8bff-911bcd673d4e-003?redir=https%3A%2F%2Fsync.taboola.com%2Fsg%2Funrulyrtb-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%5BUSER-ID%5D
https://sync.taboola.com/sg/unrulyrtb-network/1/rtb-h/?taboola_hm=[USER-ID]

0
231 B

146ms
145ms

Document
text/plain

141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.taboola.com/sg/unrulyrtb-network/1/rtb-h/?taboola_hm=[USER-ID]
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=155976
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: ka-GE,ka;q=0.9

Response headers

access-control-allow-credentials: true
date: Mon, 26 Jun 2023 03:55:57 GMT
server: nginx
x-fastly-to-nlb-rtt: 73488

Redirect headers

content-type: text/html
date: Mon, 26 Jun 2023 03:55:57 GMT
etag: RX47b4185aff3c42928bff911bcd673d4e003
location: https://sync.taboola.com/sg/unrulyrtb-network/1/rtb-h/?taboola_hm=[USER-ID]
p3p: CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"

GET
H/1.1 204
No Content pub
matching.truffle.bid/sync/ Frame A831 0
0 4481ms
139ms Document
text/plain 162.55.120.196
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://matching.truffle.bid/sync/pub?sid=161&suid=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NDQmdGw9MjAxNjA=&piggybackCookie=$UID

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=155976

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

162.55.120.196 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.196.120.55.162.clients.your-server.de

Software

nginx/1.23.3 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: ka-GE,ka;q=0.9

Response headers

Connection: keep-alive
Date: Mon, 26 Jun 2023 03:55:57 GMT
Server: nginx/1.23.3
Strict-Transport-Security: max-age=15768000

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame CBD7
Redirect Chain

https://um.simpli.fi/pm_match?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:CD423BBAA38141F985F3DA759A9DEA53&gdpr=0&gdpr_consent=

1 B
54 B

148ms
147ms

Document
text/html

198.47.127.205
GTT-BACKBONE GTT

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:CD423BBAA38141F985F3DA759A9DEA53&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=155976
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 198.47.127.205 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software: nginx /
Resource Hash: 36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: ka-GE,ka;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 1
content-type: text/html; charset=utf-8
date: Mon, 26 Jun 2023 03:55:57 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
cache-control: no-cache
content-length: 142
content-type: text/html
date: Mon, 26 Jun 2023 03:55:58 GMT
expires: Sun, 25 Jun 2023 03:55:58 GMT
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:CD423BBAA38141F985F3DA759A9DEA53&gdpr=0&gdpr_consent=
server: openresty
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff

GET
H2 200 mw
mwzeom.zeotap.com/ Frame FE74 95 B
440 B 462ms
147ms Image
image/png 172.67.13.182
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mwzeom.zeotap.com/mw?zpartnerid=1384&env=mWeb&gdpr=0&gdpr_consent=&cid=B7B76140-5686-45C7-BDB2-CE3A35903DE0

Requested by

Host: www.sanook.com
URL: https://www.sanook.com/women/220941/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.13.182 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Jun 2023 03:55:53 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
strict-transport-security: max-age=2592000; includeSubDomains; preload
vary: Origin
content-type: image/png
access-control-allow-origin: https://ads.pubmatic.com
access-control-allow-credentials: true
cf-ray: 7dd28469ef522dc7-TBS
access-control-allow-headers: *
content-length: 95

GET
H/1.1

200
OK

info2
uipglob.semasio.net/pubmatic/1/ Frame FE74
Redirect Chain

https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=B7B76140-5686-45C7-BDB2-CE3A35903DE0&sInitiator=external&gdpr=0&gdpr_consent=
https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=B7B76140-5686-45C7-BDB2-CE3A35903DE0&sInitiator=external&gdpr=0&gdpr_consent=

42 B
603 B

2105ms
156ms

Image
image/gif

77.243.51.121
NETIC-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=B7B76140-5686-45C7-BDB2-CE3A35903DE0&sInitiator=external&gdpr=0&gdpr_consent=
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/women/220941/
Protocol: HTTP/1.1
Server: 77.243.51.121 , Denmark, ASN42697 (NETIC-AS, DK),
Reverse DNS
Software: /
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 26 Jun 2023 03:56:03 GMT
frontend-id: 9
p3p: policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
content-type: image/gif
uip-response-status: Ok
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
access-control-allow-origin: *
content-length: 42
routing-server-id: -1
expires: Sat, 01 Jan 2011 12:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 26 Jun 2023 03:56:01 GMT
frontend-id: 5
p3p: policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
location: /pubmatic/1/info2?sType=sync&sExtCookieId=B7B76140-5686-45C7-BDB2-CE3A35903DE0&sInitiator=external&gdpr=0&gdpr_consent=
uip-response-status: Ok
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
access-control-allow-origin: *
content-length: 0
routing-server-id: -1
expires: Sat, 01 Jan 2011 12:00:00 GMT

GET
H2

200

mw
mwzeom.zeotap.com/ Frame FE74
Redirect Chain

https://pixel.onaudience.com/?partner=214&mapped=B7B76140-5686-45C7-BDB2-CE3A35903DE0&gdpr=0&gdpr_consent=
https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=a3b60065c433c383/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%...
https://pixel.onaudience.com/?partner=104&icm&cver&mapped=eb6079d1e598c4acd9508a7f7c38cd63&gdpr=0
https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=0
https://pixel.onaudience.com/?partner=147&mapped=5e7202d9-6874-499f-945e-f77f754f1896&icm&gdpr=0&gdpr_consent=&cver
https://spl.zeotap.com/?zdid=1332&zcluid=138885ac5e081557
https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=a8ac3d4d-87d7-4f06-4c69-6ba801c2667f&reqId=3ae5d74a-7cb8-4cc5-6494-36e858e887be&zclui...
https://mwzeom.zeotap.com/mw?google_gid=CAESEHR6g7qzvUwnsHEwH_j1vW4&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=a8ac3d4d-87d7-4f06-4c69-6ba801c2667f&reqId=3ae5d74a-7cb8-4cc5-6494-36e...

95 B
154 B

144ms
144ms

Image
image/png

172.67.13.182
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mwzeom.zeotap.com/mw?google_gid=CAESEHR6g7qzvUwnsHEwH_j1vW4&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=a8ac3d4d-87d7-4f06-4c69-6ba801c2667f&reqId=3ae5d74a-7cb8-4cc5-6494-36e858e887be&zcluid=138885ac5e081557&zdid=1332

Requested by

Host: www.sanook.com
URL: https://www.sanook.com/women/220941/

Protocol

Server

172.67.13.182 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Jun 2023 03:55:56 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
strict-transport-security: max-age=2592000; includeSubDomains; preload
vary: Origin
content-type: image/png
access-control-allow-origin: https://ads.pubmatic.com
access-control-allow-credentials: true
cf-ray: 7dd2847c6e1b2dc7-TBS
access-control-allow-headers: *
content-length: 95

Redirect headers

pragma: no-cache
date: Mon, 26 Jun 2023 03:55:56 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://mwzeom.zeotap.com/mw?google_gid=CAESEHR6g7qzvUwnsHEwH_j1vW4&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=a8ac3d4d-87d7-4f06-4c69-6ba801c2667f&reqId=3ae5d74a-7cb8-4cc5-6494-36e858e887be&zcluid=138885ac5e081557&zdid=1332
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 469
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame FE74
Redirect Chain

https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent=
https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=3&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=a916684b-f1ee-4080-9a73-71a298175d5e-64990c4a-4745&gdpr=0&gdpr_consent=

42 B
98 B

149ms
148ms

Image
image/gif

185.64.191.210
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=a916684b-f1ee-4080-9a73-71a298175d5e-64990c4a-4745&gdpr=0&gdpr_consent=
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/women/220941/
Protocol: H2
Server: 185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type: image/gif; charset=utf-8
date: Mon, 26 Jun 2023 03:55:55 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Mon, 26 Jun 2023 03:55:54 GMT
server: A
p3p: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=a916684b-f1ee-4080-9a73-71a298175d5e-64990c4a-4745&gdpr=0&gdpr_consent=
cache-control: max-age=0,no-cache,no-store
content-length: 0
expires: Tue, 11 Oct 1977 12:34:56 GMT

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame FE74
Redirect Chain

https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:33646a60-a0e0-48bc-acf9-e332e5974af6&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw

42 B
96 B

147ms
147ms

Image
image/gif

198.47.127.205
GTT-BACKBONE GTT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:33646a60-a0e0-48bc-acf9-e332e5974af6&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/women/220941/
Protocol: H2
Server: 198.47.127.205 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type: image/gif; charset=utf-8
date: Mon, 26 Jun 2023 03:55:54 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Location: https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:33646a60-a0e0-48bc-acf9-e332e5974af6&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Date: Mon, 26 Jun 2023 03:55:55 GMT
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=5, max=2999
Content-Length: 0
P3P: policyref="/w3c/p3p.xml", CP="DSP NON LAW OUR CUR DEVo PSAo PSDo IND STA NAV COM INT"

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame FE74
Redirect Chain

https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA%3D%26piggybackCookie%3D%24UID
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=731412336073080856

42 B
96 B

147ms
146ms

Image
image/gif

198.47.127.205
GTT-BACKBONE GTT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=731412336073080856
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/women/220941/
Protocol: H2
Server: 198.47.127.205 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type: image/gif; charset=utf-8
date: Mon, 26 Jun 2023 03:55:56 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date: Mon, 26 Jun 2023 03:55:57 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 91.239.206.213; 91.239.206.213; 1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: ae6452a8-603f-4efa-94e9-3d8760befc79
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=731412336073080856
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame F5FB 0
10 B 138ms
138ms Image
text/plain 172.217.18.1
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?1J4gcw
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/women/220941/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.217.18.1 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra02s19-in-f1.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Jun 2023 03:55:53 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 mw
mwzeom.zeotap.com/ Frame AFF2 95 B
234 B 349ms
150ms Image
image/png 172.67.13.182
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mwzeom.zeotap.com/mw?zpartnerid=1384&env=mWeb&gdpr=0&gdpr_consent=&cid=B7B76140-5686-45C7-BDB2-CE3A35903DE0

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=155976

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.13.182 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Jun 2023 03:55:53 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
strict-transport-security: max-age=2592000; includeSubDomains; preload
vary: Origin
content-type: image/png
access-control-allow-origin: https://ads.pubmatic.com
access-control-allow-credentials: true
cf-ray: 7dd28469ef542dc7-TBS
access-control-allow-headers: *
content-length: 95

GET
H/1.1

200
OK

info2
uipglob.semasio.net/pubmatic/1/ Frame AFF2
Redirect Chain

https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=B7B76140-5686-45C7-BDB2-CE3A35903DE0&sInitiator=external&gdpr=0&gdpr_consent=
https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=B7B76140-5686-45C7-BDB2-CE3A35903DE0&sInitiator=external&gdpr=0&gdpr_consent=

42 B
603 B

464ms
159ms

Image
image/gif

77.243.51.121
NETIC-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=B7B76140-5686-45C7-BDB2-CE3A35903DE0&sInitiator=external&gdpr=0&gdpr_consent=
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/women/220941/
Protocol: HTTP/1.1
Server: 77.243.51.121 , Denmark, ASN42697 (NETIC-AS, DK),
Reverse DNS
Software: /
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 26 Jun 2023 03:56:03 GMT
frontend-id: 9
p3p: policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
content-type: image/gif
uip-response-status: Ok
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
access-control-allow-origin: *
content-length: 42
routing-server-id: -1
expires: Sat, 01 Jan 2011 12:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 26 Jun 2023 03:56:01 GMT
frontend-id: 10
p3p: policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
location: /pubmatic/1/info2?sType=sync&sExtCookieId=B7B76140-5686-45C7-BDB2-CE3A35903DE0&sInitiator=external&gdpr=0&gdpr_consent=
uip-response-status: Ok
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
access-control-allow-origin: *
content-length: 0
routing-server-id: -1
expires: Sat, 01 Jan 2011 12:00:00 GMT

GET
H2

200

52799
stags.bluekai.com/site/ Frame AFF2
Redirect Chain

https://pixel.onaudience.com/?partner=214&mapped=B7B76140-5686-45C7-BDB2-CE3A35903DE0&gdpr=0&gdpr_consent=
https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=0e548bed4a7d0c1f/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%...
https://pixel.onaudience.com/?partner=104&icm&cver&mapped=eb6079d1e598c4acd9508a7f7c38cd63&gdpr=0
https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=0
https://pixel.onaudience.com/?partner=147&mapped=5e7202d9-6874-499f-945e-f77f754f1896&icm&gdpr=0&gdpr_consent=&cver
https://pixel.onaudience.com/?partner=282&icm&cver&gdpr=0&smartmap=1&redirect=stags.bluekai.com%2Fsite%2F52799%3Fid%3D%25m
https://stags.bluekai.com/site/52799?id=74ab22c3875bcc54

62 B
430 B

580ms
283ms

Image
image/gif

2.18.160.221
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://stags.bluekai.com/site/52799?id=74ab22c3875bcc54
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/women/220941/
Protocol: H2
Server: 2.18.160.221 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-160-221.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
date: Mon, 26 Jun 2023 03:55:56 GMT
content-length: 62
content-type: image/gif

Redirect headers

location: https://stags.bluekai.com/site/52799?id=74ab22c3875bcc54
content-length: 0

GET
H2 200 match Show response
c1.adform.net/serving/cookie/ Frame 79A8 35 B
600 B 149ms
149ms Document
image/gif 37.157.5.84
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://c1.adform.net/serving/cookie/match?party=14&cid=B7B76140-5686-45C7-BDB2-CE3A35903DE0&gdpr=0&gdpr_consent=

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=155976

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.5.84 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: ka-GE,ka;q=0.9

Response headers

accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: no-cache, no-store, must-revalidate, no-transform
content-type: image/gif
date: Mon, 26 Jun 2023 03:55:53 GMT
expires: -1
pragma: no-cache
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame AFF2
Redirect Chain

https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent=
https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=3&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=a916684b-f1ee-4080-9a73-71a298175d5e-64990c4a-4745&gdpr=0&gdpr_consent=

42 B
98 B

151ms
150ms

Image
image/gif

185.64.191.210
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=a916684b-f1ee-4080-9a73-71a298175d5e-64990c4a-4745&gdpr=0&gdpr_consent=
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/women/220941/
Protocol: H2
Server: 185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type: image/gif; charset=utf-8
date: Mon, 26 Jun 2023 03:55:55 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Mon, 26 Jun 2023 03:55:54 GMT
server: A
p3p: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=a916684b-f1ee-4080-9a73-71a298175d5e-64990c4a-4745&gdpr=0&gdpr_consent=
cache-control: max-age=0,no-cache,no-store
content-length: 0
expires: Tue, 11 Oct 1977 12:34:56 GMT

GET
H2

200

b9pj45k4 Show response
sync-tm.everesttech.net/ct/upi/pid/ Frame 9244
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_con...
https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_...

85 B
237 B

240ms
239ms

Document
image/png

151.101.130.49
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=&_test=ZJkMSQAUhZt7UgAn
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=155976
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.130.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Jetty(9.4.35.v20201120) /
Resource Hash: acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: ka-GE,ka;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
cache-control: no-cache
content-length: 85
content-type: image/png
date: Mon, 26 Jun 2023 03:55:53 GMT
p3p: CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
pragma: no-cache
server: Jetty(9.4.35.v20201120)
via: 1.1 varnish
x-cache: MISS
x-cache-hits: 0
x-served-by: cache-sof1510035-SOF
x-timer: S1687751754.673019,VS0,VE115

Redirect headers

accept-ranges: bytes
access-control-allow-origin: *
cache-control: no-cache
content-length: 0
date: Mon, 26 Jun 2023 03:55:53 GMT
location: https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=&_test=ZJkMSQAUhZt7UgAn
p3p: CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
pragma: no-cache
server: Jetty(9.4.35.v20201120)
via: 1.1 varnish
x-cache: MISS
x-cache-hits: 0
x-served-by: cache-sof1510035-SOF
x-timer: S1687751753.439333,VS0,VE112

GET
H2 200 bridge Show response
cm.adgrx.com/ Frame C64E 0
220 B 7700ms
216ms Document
text/plain 72.251.245.179
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=155976
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 72.251.245.179 Amsterdam, Netherlands, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software: Cowboy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: ka-GE,ka;q=0.9

Response headers

access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, proxy-revalidate
content-length: 0
date: Mon, 26 Jun 2023 03:56:00 GMT
expires: Thu, 23 Sep 2004 17:42:04 GMT
p3p: CP="NOI OTC OTP OUR NOR"
pragma: no-cache
server: Cowboy
x-realserver-nx: ams-delivery-7

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame AFF2
Redirect Chain

https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:4d0ab125-1d2f-495a-834a-264dbef3e17e&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw

42 B
96 B

146ms
146ms

Image
image/gif

198.47.127.205
GTT-BACKBONE GTT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:4d0ab125-1d2f-495a-834a-264dbef3e17e&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/women/220941/
Protocol: H2
Server: 198.47.127.205 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type: image/gif; charset=utf-8
date: Mon, 26 Jun 2023 03:55:54 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Location: https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:4d0ab125-1d2f-495a-834a-264dbef3e17e&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Date: Mon, 26 Jun 2023 03:55:55 GMT
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=5, max=2998
Content-Length: 0
P3P: policyref="/w3c/p3p.xml", CP="DSP NON LAW OUR CUR DEVo PSAo PSDo IND STA NAV COM INT"

GET
H2

200

Pug Show response
image2.pubmatic.com/AdServer/ Frame FF86
Redirect Chain

https://cm-supply-web.gammaplatform.com/adx/usersyncsupply?pid=7&t=pixel
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTkmdGw9NDMyMDA=&piggybackCookie=kpaeefqc7wtk

42 B
311 B

146ms
145ms

Document
image/gif

185.64.191.210
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTkmdGw9NDMyMDA=&piggybackCookie=kpaeefqc7wtk
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=155976
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: ka-GE,ka;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Mon, 26 Jun 2023 03:55:54 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

accept-encoding: utf-8
cache-control: no-cache, no-store
content-length: 0
date: Mon, 26 Jun 2023 03:55:54 GMT
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTkmdGw9NDMyMDA=&piggybackCookie=kpaeefqc7wtk
lws: 35
strict-transport-security: max-age=31536000; includeSubDomains
time-ms: 0

GET
H2 200 cm Show response
ipac.ctnsnet.com/int/ Frame CDEB 43 B
205 B 1417ms
142ms Document
image/gif 35.186.193.173
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ipac.ctnsnet.com/int/cm?exc=14&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=[user_id]
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=155976
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.193.173 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 173.193.186.35.bc.googleusercontent.com
Software: Apache-Coyote/1.1 /
Resource Hash: 98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: ka-GE,ka;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-length: 43
content-type: image/gif
date: Mon, 26 Jun 2023 03:55:54 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: CP="NOI DSP COR NID CUR OUR NOR"
pragma: no-cache
server: Apache-Coyote/1.1
via: 1.1 google

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame 6A37
Redirect Chain

https://csync.loopme.me/?pubid=11331&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={viewer_token}
https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}

0
75 B

148ms
148ms

Document
text/html

198.47.127.205
GTT-BACKBONE GTT

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=155976
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 198.47.127.205 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: ka-GE,ka;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Mon, 26 Jun 2023 03:55:58 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

content-length: 0
date: Mon, 26 Jun 2023 03:56:00 GMT
location: https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
server: _

GET cookiesync
core.iprom.net/ Frame 6B68 0
0

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame 6A78
Redirect Chain

https://ad.mrtnsvr.com/sync/pubmatic?gdpr=0&gdpr_consent=
https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0NTgmdGw9MTI5NjAw%26piggybackCookie%3D%23PM_USER_ID%26gdpr...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTgmdGw9MTI5NjAw&piggybackCookie=B7B76140-5686-45C7-BDB2-CE3A35903DE0&gdpr=0&gdpr_consent=

42 B
390 B

149ms
149ms

Document
image/gif

198.47.127.205
GTT-BACKBONE GTT

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTgmdGw9MTI5NjAw&piggybackCookie=B7B76140-5686-45C7-BDB2-CE3A35903DE0&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=155976
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 198.47.127.205 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: ka-GE,ka;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Mon, 26 Jun 2023 03:55:59 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

content-length: 0
content-type: text/html; charset=UTF-8
date: Mon, 26 Jun 2023 03:56:00 GMT
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTgmdGw9MTI5NjAw&piggybackCookie=B7B76140-5686-45C7-BDB2-CE3A35903DE0&gdpr=0&gdpr_consent=
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H2

200

i.match Show response
s.tribalfusion.com/z/ Frame A858
Redirect Chain

https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATI...
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMA...

43 B
401 B

331ms
316ms

Document
image/gif

104.18.24.173
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=155976
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.24.173 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: ka-GE,ka;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-cache private
cf-cache-status: DYNAMIC
cf-ray: 7dd2846e0aae2dc5-TBS
content-length: 43
content-type: image/gif; charset=utf-8
date: Mon, 26 Jun 2023 03:55:54 GMT
expires: Thu, 01 Jan 1970 00:00:00 GMT
p3p: CP="NOI DEVo TAIa OUR BUS"
pragma: no-cache
server: cloudflare
x-function: 302

Redirect headers

alt-svc: h3=":443"; ma=86400
cache-control: no-cache private
cf-cache-status: DYNAMIC
cf-ray: 7dd2846bf9a02dc5-TBS
content-type: text/html
date: Mon, 26 Jun 2023 03:55:53 GMT
expires: Thu, 01 Jan 1970 00:00:00 GMT
location: https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
p3p: CP="NOI DEVo TAIa OUR BUS"
pragma: no-cache
server: cloudflare
x-function: 206
x-reuse-index: 1337

GET
H2

200

Pug Show response
image2.pubmatic.com/AdServer/ Frame 6442
Redirect Chain

https://green.erne.co/pubmatic/cm?gdpr=0&gdpr_consent=
https://pixel-eu.onaudience.com/?partner=270&smartmap=1&gdpr=0&gdpr_consent=&redirect=image2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%26piggybackCookie%3D%25...
https://sync.crwdcntrl.net/map/c=14544/tp=BIDB/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel-eu.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%24%7Bgdpr%7D%26red...
https://pixel-eu.onaudience.com/?partner=104&icm&cver&mapped=eb6079d1e598c4acd9508a7f7c38cd63&gdpr=0&redirect=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI4OD...
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=NOvcHvPGbYSSSVgjVnaSbVVT&gdpr=0&gdpr_consent=

42 B
98 B

146ms
146ms

Document
image/gif

185.64.191.210
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=NOvcHvPGbYSSSVgjVnaSbVVT&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=155976
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: ka-GE,ka;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Mon, 26 Jun 2023 03:55:56 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

content-length: 0
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=NOvcHvPGbYSSSVgjVnaSbVVT&gdpr=0&gdpr_consent=

GET
H2

200

/ Show response
sync.taboola.com/sg/unrulyrtb-network/1/rtb-h/ Frame 6100
Redirect Chain

https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent=
https://sync.1rx.io/usersync2/pubmatic?zcc=1&cb=1687751756189
https://ad.turn.com/r/cs?pid=45&rndcb=8944876365
https://sync.1rx.io/usersync/turn/2992603343639734767?dspret=1&gdpr=&gdpr_consent=&us_privacy=
https://sync.targeting.unrulymedia.com/csync/RX-47b4185a-ff3c-4292-8bff-911bcd673d4e-003?redir=https%3A%2F%2Fsync.taboola.com%2Fsg%2Funrulyrtb-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%5BUSER-ID%5D
https://sync.taboola.com/sg/unrulyrtb-network/1/rtb-h/?taboola_hm=[USER-ID]

0
231 B

146ms
146ms

Document
text/plain

141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.taboola.com/sg/unrulyrtb-network/1/rtb-h/?taboola_hm=[USER-ID]
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=155976
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: ka-GE,ka;q=0.9

Response headers

access-control-allow-credentials: true
date: Mon, 26 Jun 2023 03:55:57 GMT
server: nginx
x-fastly-to-nlb-rtt: 73488

Redirect headers

content-type: text/html
date: Mon, 26 Jun 2023 03:55:57 GMT
etag: RX47b4185aff3c42928bff911bcd673d4e003
location: https://sync.taboola.com/sg/unrulyrtb-network/1/rtb-h/?taboola_hm=[USER-ID]
p3p: CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"

GET
H/1.1 204
No Content pub
matching.truffle.bid/sync/ Frame 0AF3 0
0 4465ms
139ms Document
text/plain 162.55.120.196
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://matching.truffle.bid/sync/pub?sid=161&suid=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NDQmdGw9MjAxNjA=&piggybackCookie=$UID

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=155976

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

162.55.120.196 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.196.120.55.162.clients.your-server.de

Software

nginx/1.23.3 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: ka-GE,ka;q=0.9

Response headers

Connection: keep-alive
Date: Mon, 26 Jun 2023 03:55:57 GMT
Server: nginx/1.23.3
Strict-Transport-Security: max-age=15768000

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame AFF2
Redirect Chain

https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA%3D%26piggybackCookie%3D%24UID
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=762049451042691692

42 B
96 B

146ms
146ms

Image
image/gif

198.47.127.205
GTT-BACKBONE GTT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=762049451042691692
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/women/220941/
Protocol: H2
Server: 198.47.127.205 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type: image/gif; charset=utf-8
date: Mon, 26 Jun 2023 03:55:57 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date: Mon, 26 Jun 2023 03:55:57 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 91.239.206.213; 91.239.206.213; 1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: 9363df81-a614-4020-b23f-7f8124fd0263
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=762049451042691692
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame 8E66
Redirect Chain

https://um.simpli.fi/pm_match?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:5E559732D1B34DA098A357D5B454401E&gdpr=0&gdpr_consent=

1 B
54 B

146ms
146ms

Document
text/html

198.47.127.205
GTT-BACKBONE GTT

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:5E559732D1B34DA098A357D5B454401E&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=155976
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 198.47.127.205 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software: nginx /
Resource Hash: 36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: ka-GE,ka;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 1
content-type: text/html; charset=utf-8
date: Mon, 26 Jun 2023 03:55:58 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
cache-control: no-cache
content-length: 142
content-type: text/html
date: Mon, 26 Jun 2023 03:55:58 GMT
expires: Sun, 25 Jun 2023 03:55:58 GMT
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:5E559732D1B34DA098A357D5B454401E&gdpr=0&gdpr_consent=
server: openresty
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 5380 42 B
64 B 168ms
168ms Fetch
image/gif 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjss09sTB-uGUKEaETqG9nc18XUFxT0gMaVIlTEqLCsD4f4KLNc5tpaPJvb9G7Cet6YrPHZeO5b1YQ3Hp2vUsgB6Ltd2m&sig=Cg0ArKJSzH3UXtw4rpFhEAE&id=lidar2&mcvt=1086&p=649,1065,899,1365&mtos=1086,1086,1086,1086,1086&tos=1086,0,0,0,0&v=20230621&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1198679254&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1687751750158&rpt=1788&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=14

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://d0d8b8e6b737a493004210cba1ad57b8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 26 Jun 2023 03:55:53 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 697E 0
0 170ms
170ms Fetch
image/gif 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsthlPakZEcNTROk8h0eZ50pei2iJaHQRrAbsTiD5aC-K-T4-R5hS65Ek7QDzB4vOLobB9nn3VMRlnHNt3YPCpi3frJkfeuXBNhTOevehY-WuZLxTthklThHPOaRYpmGu70dJYHGBkhSuIavOwFeve3TP7JfDrA0EsQoOtxLRqoyWHg7vva8h3U_vXJUoZtPsfn9RlnWtc2e0bU4Qhjlo53WJeOLMKvIF2pVoZkh1ylIQ98jHg_JxrNxvaQ2S-0Q1u08YNpP_-ZHURssI1mESrNrZVAo4dFtX6alJk1afpsKA8t2fNIyuext1e6XtG2ilaKc6NcDINbFedSZVR8C8bI7hjTrbi9BqdzS6qTbXQaW2i0-V62k&sai=AMfl-YRsdEZwj8rbJiE-1DWDbi7uy5j2hro1DUogVnXY66fMB3zdc-KdmbA7MeuYqM9XfICeutOruiPRrLG1YHRh7j3aBjBCoPNqoZ6vk7jDlobX6pY7iVaM0lfvCmS-gGiW4vJx0zbGqLh_oXNRvATBqT0&sig=Cg0ArKJSzKvweoIMAtZKEAE&uach_m=[UACH]&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Jun 2023 03:55:53 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Mon, 26 Jun 2023 03:55:53 GMT

GET
H2 200 mw
mwzeom.zeotap.com/ Frame A8CE 95 B
234 B 313ms
167ms Image
image/png 172.67.13.182
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mwzeom.zeotap.com/mw?zpartnerid=1384&env=mWeb&gdpr=0&gdpr_consent=&cid=B7B76140-5686-45C7-BDB2-CE3A35903DE0

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=155976

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.13.182 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Jun 2023 03:55:53 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
strict-transport-security: max-age=2592000; includeSubDomains; preload
vary: Origin
content-type: image/png
access-control-allow-origin: https://ads.pubmatic.com
access-control-allow-credentials: true
cf-ray: 7dd28469ef532dc7-TBS
access-control-allow-headers: *
content-length: 95

GET
H/1.1

200
OK

info2
uipglob.semasio.net/pubmatic/1/ Frame A8CE
Redirect Chain

https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=B7B76140-5686-45C7-BDB2-CE3A35903DE0&sInitiator=external&gdpr=0&gdpr_consent=
https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=B7B76140-5686-45C7-BDB2-CE3A35903DE0&sInitiator=external&gdpr=0&gdpr_consent=

42 B
603 B

319ms
156ms

Image
image/gif

77.243.51.121
NETIC-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=B7B76140-5686-45C7-BDB2-CE3A35903DE0&sInitiator=external&gdpr=0&gdpr_consent=
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/women/220941/
Protocol: HTTP/1.1
Server: 77.243.51.121 , Denmark, ASN42697 (NETIC-AS, DK),
Reverse DNS
Software: /
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 26 Jun 2023 03:56:03 GMT
frontend-id: 5
p3p: policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
content-type: image/gif
uip-response-status: Ok
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
access-control-allow-origin: *
content-length: 42
routing-server-id: -1
expires: Sat, 01 Jan 2011 12:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 26 Jun 2023 03:56:03 GMT
frontend-id: 10
p3p: policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
location: /pubmatic/1/info2?sType=sync&sExtCookieId=B7B76140-5686-45C7-BDB2-CE3A35903DE0&sInitiator=external&gdpr=0&gdpr_consent=
uip-response-status: Ok
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
access-control-allow-origin: *
content-length: 0
routing-server-id: -1
expires: Sat, 01 Jan 2011 12:00:00 GMT

GET
H/1.1

200
OK

/
pixel.onaudience.com/ Frame A8CE
Redirect Chain

https://pixel.onaudience.com/?partner=214&mapped=B7B76140-5686-45C7-BDB2-CE3A35903DE0&gdpr=0&gdpr_consent=
https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=138885ac5e081557/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%...
https://pixel.onaudience.com/?partner=104&icm&cver&mapped=eb6079d1e598c4acd9508a7f7c38cd63&gdpr=0
https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=0
https://pixel.onaudience.com/?partner=147&mapped=5e7202d9-6874-499f-945e-f77f754f1896&icm&gdpr=0&gdpr_consent=&cver

35 B
248 B

249ms
142ms

Image
image/gif

141.94.171.214
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.onaudience.com/?partner=147&mapped=5e7202d9-6874-499f-945e-f77f754f1896&icm&gdpr=0&gdpr_consent=&cver
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/women/220941/
Protocol: HTTP/1.1
Server: 141.94.171.214 , France, ASN16276 (OVH, FR),
Reverse DNS: pikafka-eu-8.cloudy.ovh
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-length: 35
content-type: image/gif

Redirect headers

pragma: no-cache
date: Mon, 26 Jun 2023 03:55:55 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://pixel.onaudience.com/?partner=147&mapped=5e7202d9-6874-499f-945e-f77f754f1896&icm&gdpr=0&gdpr_consent=&cver
content-type: text/html
cache-control: private,no-cache, must-revalidate
content-length: 261

GET
H2 200 match Show response
c1.adform.net/serving/cookie/ Frame C2E5 35 B
591 B 148ms
148ms Document
image/gif 37.157.5.84
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://c1.adform.net/serving/cookie/match?party=14&cid=B7B76140-5686-45C7-BDB2-CE3A35903DE0&gdpr=0&gdpr_consent=

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=155976

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.5.84 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: ka-GE,ka;q=0.9

Response headers

accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: no-cache, no-store, must-revalidate, no-transform
content-type: image/gif
date: Mon, 26 Jun 2023 03:55:53 GMT
expires: -1
pragma: no-cache
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame A8CE
Redirect Chain

https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent=
https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=3&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=a916684b-f1ee-4080-9a73-71a298175d5e-64990c4a-4745&gdpr=0&gdpr_consent=

42 B
344 B

148ms
147ms

Image
image/gif

185.64.191.210
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=a916684b-f1ee-4080-9a73-71a298175d5e-64990c4a-4745&gdpr=0&gdpr_consent=
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/women/220941/
Protocol: H2
Server: 185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type: image/gif; charset=utf-8
date: Mon, 26 Jun 2023 03:55:55 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Mon, 26 Jun 2023 03:55:54 GMT
server: A
p3p: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=a916684b-f1ee-4080-9a73-71a298175d5e-64990c4a-4745&gdpr=0&gdpr_consent=
cache-control: max-age=0,no-cache,no-store
content-length: 0
expires: Tue, 11 Oct 1977 12:34:56 GMT

GET
H2

200

b9pj45k4 Show response
sync-tm.everesttech.net/ct/upi/pid/ Frame 7AF4
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_con...
https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_...

85 B
229 B

238ms
238ms

Document
image/png

151.101.130.49
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=&_test=ZJkMSQAUrCqqsQBa
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=155976
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.130.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Jetty(9.4.35.v20201120) /
Resource Hash: acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: ka-GE,ka;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
cache-control: no-cache
content-length: 85
content-type: image/png
date: Mon, 26 Jun 2023 03:55:53 GMT
p3p: CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
pragma: no-cache
server: Jetty(9.4.35.v20201120)
via: 1.1 varnish
x-cache: MISS
x-cache-hits: 0
x-served-by: cache-sof1510035-SOF
x-timer: S1687751754.678354,VS0,VE115

Redirect headers

accept-ranges: bytes
access-control-allow-origin: *
cache-control: no-cache
content-length: 0
date: Mon, 26 Jun 2023 03:55:53 GMT
location: https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=&_test=ZJkMSQAUrCqqsQBa
p3p: CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
pragma: no-cache
server: Jetty(9.4.35.v20201120)
via: 1.1 varnish
x-cache: MISS
x-cache-hits: 0
x-served-by: cache-sof1510035-SOF
x-timer: S1687751753.439324,VS0,VE120

GET
H2 200 bridge Show response
cm.adgrx.com/ Frame D62E 0
220 B 7650ms
217ms Document
text/plain 72.251.245.179
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=155976
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 72.251.245.179 Amsterdam, Netherlands, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software: Cowboy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: ka-GE,ka;q=0.9

Response headers

access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, proxy-revalidate
content-length: 0
date: Mon, 26 Jun 2023 03:56:00 GMT
expires: Thu, 23 Sep 2004 17:42:04 GMT
p3p: CP="NOI OTC OTP OUR NOR"
pragma: no-cache
server: Cowboy
x-realserver-nx: ams-delivery-7

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame A8CE
Redirect Chain

https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:a4def9fa-76ee-464c-9d3b-a544bf32ab96&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw

42 B
96 B

146ms
146ms

Image
image/gif

198.47.127.205
GTT-BACKBONE GTT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:a4def9fa-76ee-464c-9d3b-a544bf32ab96&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/women/220941/
Protocol: H2
Server: 198.47.127.205 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type: image/gif; charset=utf-8
date: Mon, 26 Jun 2023 03:55:55 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Location: https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:a4def9fa-76ee-464c-9d3b-a544bf32ab96&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Date: Mon, 26 Jun 2023 03:55:55 GMT
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=5, max=2997
Content-Length: 0
P3P: policyref="/w3c/p3p.xml", CP="DSP NON LAW OUR CUR DEVo PSAo PSDo IND STA NAV COM INT"

GET
H2

200

Pug Show response
image2.pubmatic.com/AdServer/ Frame 2047
Redirect Chain

https://cm-supply-web.gammaplatform.com/adx/usersyncsupply?pid=7&t=pixel
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTkmdGw9NDMyMDA=&piggybackCookie=a6tml745w70l

42 B
231 B

152ms
152ms

Document
image/gif

185.64.191.210
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTkmdGw9NDMyMDA=&piggybackCookie=a6tml745w70l
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=155976
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: ka-GE,ka;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Mon, 26 Jun 2023 03:55:53 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

accept-encoding: utf-8
cache-control: no-cache, no-store
content-length: 0
date: Mon, 26 Jun 2023 03:55:54 GMT
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTkmdGw9NDMyMDA=&piggybackCookie=a6tml745w70l
lws: 20
strict-transport-security: max-age=31536000; includeSubDomains
time-ms: 0

GET
H2 200 cm Show response
ipac.ctnsnet.com/int/ Frame 36A8 43 B
205 B 1368ms
141ms Document
image/gif 35.186.193.173
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ipac.ctnsnet.com/int/cm?exc=14&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=[user_id]
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=155976
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.193.173 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 173.193.186.35.bc.googleusercontent.com
Software: Apache-Coyote/1.1 /
Resource Hash: 98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: ka-GE,ka;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-length: 43
content-type: image/gif
date: Mon, 26 Jun 2023 03:55:53 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: CP="NOI DSP COR NID CUR OUR NOR"
pragma: no-cache
server: Apache-Coyote/1.1
via: 1.1 google

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame 5E1B
Redirect Chain

https://csync.loopme.me/?pubid=11331&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={viewer_token}
https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}

0
75 B

147ms
147ms

Document
text/html

198.47.127.205
GTT-BACKBONE GTT

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=155976
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 198.47.127.205 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: ka-GE,ka;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Mon, 26 Jun 2023 03:55:59 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

content-length: 0
date: Mon, 26 Jun 2023 03:56:00 GMT
location: https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
server: _

GET cookiesync
core.iprom.net/ Frame 9846 0
0

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame 293F
Redirect Chain

https://ad.mrtnsvr.com/sync/pubmatic?gdpr=0&gdpr_consent=
https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0NTgmdGw9MTI5NjAw%26piggybackCookie%3D%23PM_USER_ID%26gdpr...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTgmdGw9MTI5NjAw&piggybackCookie=B7B76140-5686-45C7-BDB2-CE3A35903DE0&gdpr=0&gdpr_consent=

42 B
489 B

149ms
148ms

Document
image/gif

198.47.127.205
GTT-BACKBONE GTT

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTgmdGw9MTI5NjAw&piggybackCookie=B7B76140-5686-45C7-BDB2-CE3A35903DE0&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=155976
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 198.47.127.205 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: ka-GE,ka;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Mon, 26 Jun 2023 03:56:00 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

content-length: 0
content-type: text/html; charset=UTF-8
date: Mon, 26 Jun 2023 03:56:00 GMT
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTgmdGw9MTI5NjAw&piggybackCookie=B7B76140-5686-45C7-BDB2-CE3A35903DE0&gdpr=0&gdpr_consent=
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H2

200

i.match Show response
s.tribalfusion.com/z/ Frame 15AC
Redirect Chain

https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATI...
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMA...

43 B
395 B

322ms
306ms

Document
image/gif

104.18.24.173
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=155976
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.24.173 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: ka-GE,ka;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-cache private
cf-cache-status: DYNAMIC
cf-ray: 7dd2846dfaac2dc5-TBS
content-length: 43
content-type: image/gif; charset=utf-8
date: Mon, 26 Jun 2023 03:55:54 GMT
expires: Thu, 01 Jan 1970 00:00:00 GMT
p3p: CP="NOI DEVo TAIa OUR BUS"
pragma: no-cache
server: cloudflare
x-function: 302

Redirect headers

alt-svc: h3=":443"; ma=86400
cache-control: no-cache private
cf-cache-status: DYNAMIC
cf-ray: 7dd2846bf9a12dc5-TBS
content-type: text/html
date: Mon, 26 Jun 2023 03:55:53 GMT
expires: Thu, 01 Jan 1970 00:00:00 GMT
location: https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
p3p: CP="NOI DEVo TAIa OUR BUS"
pragma: no-cache
server: cloudflare
x-function: 206
x-reuse-index: 73

GET
H2

200

Pug Show response
image2.pubmatic.com/AdServer/ Frame 0B94
Redirect Chain

https://green.erne.co/pubmatic/cm?gdpr=0&gdpr_consent=
https://pixel-eu.onaudience.com/?partner=270&smartmap=1&gdpr=0&gdpr_consent=&redirect=image2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%26piggybackCookie%3D%25...
https://sync.crwdcntrl.net/map/c=14544/tp=BIDB/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel-eu.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%24%7Bgdpr%7D%26red...
https://pixel-eu.onaudience.com/?partner=104&icm&cver&mapped=eb6079d1e598c4acd9508a7f7c38cd63&gdpr=0&redirect=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI4OD...
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=NOvcHvPGbYSSSVgjVnaSbVVT&gdpr=0&gdpr_consent=

42 B
203 B

154ms
144ms

Document
image/gif

185.64.191.210
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=NOvcHvPGbYSSSVgjVnaSbVVT&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=155976
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: ka-GE,ka;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Mon, 26 Jun 2023 03:55:55 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

content-length: 0
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=NOvcHvPGbYSSSVgjVnaSbVVT&gdpr=0&gdpr_consent=

GET
H2

200

/ Show response
sync.taboola.com/sg/unrulyrtb-network/1/rtb-h/ Frame 04B8
Redirect Chain

https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent=
https://sync.1rx.io/usersync2/pubmatic?zcc=1&cb=1687751756189
https://ad.turn.com/r/cs?pid=45&rndcb=3315769291
https://sync.1rx.io/usersync/turn/2992603343639734767?dspret=1&gdpr=&gdpr_consent=&us_privacy=
https://sync.targeting.unrulymedia.com/csync/RX-47b4185a-ff3c-4292-8bff-911bcd673d4e-003?redir=https%3A%2F%2Fsync.taboola.com%2Fsg%2Funrulyrtb-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%5BUSER-ID%5D
https://sync.taboola.com/sg/unrulyrtb-network/1/rtb-h/?taboola_hm=[USER-ID]

0
231 B

146ms
145ms

Document
text/plain

141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.taboola.com/sg/unrulyrtb-network/1/rtb-h/?taboola_hm=[USER-ID]
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=155976
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: ka-GE,ka;q=0.9

Response headers

access-control-allow-credentials: true
date: Mon, 26 Jun 2023 03:55:57 GMT
server: nginx
x-fastly-to-nlb-rtt: 73488

Redirect headers

content-type: text/html
date: Mon, 26 Jun 2023 03:55:57 GMT
etag: RX47b4185aff3c42928bff911bcd673d4e003
location: https://sync.taboola.com/sg/unrulyrtb-network/1/rtb-h/?taboola_hm=[USER-ID]
p3p: CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"

GET
H/1.1 204
No Content pub
matching.truffle.bid/sync/ Frame 1982 0
0 4568ms
139ms Document
text/plain 162.55.120.196
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://matching.truffle.bid/sync/pub?sid=161&suid=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NDQmdGw9MjAxNjA=&piggybackCookie=$UID

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=155976

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

162.55.120.196 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.196.120.55.162.clients.your-server.de

Software

nginx/1.23.3 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: ka-GE,ka;q=0.9

Response headers

Connection: keep-alive
Date: Mon, 26 Jun 2023 03:55:57 GMT
Server: nginx/1.23.3
Strict-Transport-Security: max-age=15768000

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame A8CE
Redirect Chain

https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA%3D%26piggybackCookie%3D%24UID
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=8118729449218215871

42 B
96 B

148ms
147ms

Image
image/gif

198.47.127.205
GTT-BACKBONE GTT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=8118729449218215871
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/women/220941/
Protocol: H2
Server: 198.47.127.205 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type: image/gif; charset=utf-8
date: Mon, 26 Jun 2023 03:55:57 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date: Mon, 26 Jun 2023 03:55:57 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 91.239.206.213; 91.239.206.213; 1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: 2eb54850-cf7a-42fe-88d8-8d3d55f0b29c
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=8118729449218215871
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame D598
Redirect Chain

https://um.simpli.fi/pm_match?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:3C7ADA27E19747F19F42274F7BBBD430&gdpr=0&gdpr_consent=

1 B
54 B

147ms
147ms

Document
text/html

198.47.127.205
GTT-BACKBONE GTT

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:3C7ADA27E19747F19F42274F7BBBD430&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=155976
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 198.47.127.205 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software: nginx /
Resource Hash: 36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: ka-GE,ka;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 1
content-type: text/html; charset=utf-8
date: Mon, 26 Jun 2023 03:55:57 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
cache-control: no-cache
content-length: 142
content-type: text/html
date: Mon, 26 Jun 2023 03:55:58 GMT
expires: Sun, 25 Jun 2023 03:55:58 GMT
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:3C7ADA27E19747F19F42274F7BBBD430&gdpr=0&gdpr_consent=
server: openresty
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 3D0E 42 B
64 B 171ms
171ms Fetch
image/gif 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvXoFsPfI0SXo92Xjr1yTiZxDPl2vkCFAF9GagwBPoZmI1npgUdJYT-O202wbX7Vf3qFwkI2LtAyFMfezzMHes7dbee&sig=Cg0ArKJSzHLwRGDEBPXOEAE&id=lidar2&mcvt=1131&p=0,436,90,1164&mtos=1131,1131,1131,1131,1131&tos=1131,0,0,0,0&v=20230621&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=2779983359&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1687751749894&rpt=2114&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=14

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://d0d8b8e6b737a493004210cba1ad57b8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 26 Jun 2023 03:55:53 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 trv
dsp-trk.eskimi.com/ Frame 5380 43 B
54 B 150ms
149ms Image
image/gif 34.120.139.69
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsp-trk.eskimi.com/trv?bId=1687751749758.14.ed98ef07-605f-43f4-96b8-f81b5ee6dbc4&trve=1&trv=1&src=utr&_=1687751753156
Requested by: Host: d0d8b8e6b737a493004210cba1ad57b8.safeframe.googlesyndication.com
URL: https://d0d8b8e6b737a493004210cba1ad57b8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.120.139.69 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 69.139.120.34.bc.googleusercontent.com
Software: /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://d0d8b8e6b737a493004210cba1ad57b8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Jun 2023 03:55:52 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: image/gif

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxUYgIHTW0XvfJ5hzxwm1oYDGn1GgOiu6hC9Ql_V3TkTFSKUQ07BW97zFZmX7DK3DFoe6RxhMhJ-llNKInPXdcaSHevuJYgxJamUopnFmlFCT1Ms69BphELhaCIzQYA7oky22V4-8w==

Requested by

Host: www.sanook.com
URL: https://www.sanook.com/women/220941/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.238 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f14.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-PZR9mwGmY6LhOeohMSJ2pg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.sanook.com/
accept-language: ka-GE,ka;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 26 Jun 2023 03:55:53 GMT
content-security-policy: script-src 'report-sample' 'nonce-PZR9mwGmY6LhOeohMSJ2pg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://www.sanook.com
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxUYgIHTW0XvfJ5hzxwm1oYDGn1GgOiu6hC9Ql_V3TkTFSKUQ07BW97zFZmX7DK3DFoe6RxhMhJ-llNKInPXdcaSHevuJYgxJamUopnFmlFCT1Ms69BphELhaCIzQYA7oky22V4-8w==

Requested by

Host: www.sanook.com
URL: https://www.sanook.com/women/220941/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.238 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f14.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-H7EZtoZNpI06ru5hgwjfpw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.sanook.com/
accept-language: ka-GE,ka;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 26 Jun 2023 03:55:53 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-H7EZtoZNpI06ru5hgwjfpw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
access-control-allow-origin: https://www.sanook.com
access-control-allow-methods: POST, GET, OPTIONS
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxUYgIHTW0XvfJ5hzxwm1oYDGn1GgOiu6hC9Ql_V3TkTFSKUQ07BW97zFZmX7DK3DFoe6RxhMhJ-llNKInPXdcaSHevuJYgxJamUopnFmlFCT1Ms69BphELhaCIzQYA7oky22V4-8w==

Requested by

Host: www.sanook.com
URL: https://www.sanook.com/women/220941/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.238 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f14.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-0Q9vbZJ9WYbS7vllMBmxNg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.sanook.com/
accept-language: ka-GE,ka;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 26 Jun 2023 03:55:53 GMT
content-security-policy: script-src 'report-sample' 'nonce-0Q9vbZJ9WYbS7vllMBmxNg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://www.sanook.com
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 AGSKWxVC0rEV355vPTAV2NN3Vt3Hm17zgoMtJoxFtojjVrOo_R4jbko5YNPmSWFrePRlDRFt4V2sOQSoSqq4YiRn5V2bY8tzcsr0qLSBf_NXjha_v4bP8Lja2ywZ7i-KEOaI6jwoAA-jvQ== Show response
fundingchoicesmessages.google.com/f/ 3 KB
2 KB 162ms
161ms Script
application/javascript 142.250.184.238
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxVC0rEV355vPTAV2NN3Vt3Hm17zgoMtJoxFtojjVrOo_R4jbko5YNPmSWFrePRlDRFt4V2sOQSoSqq4YiRn5V2bY8tzcsr0qLSBf_NXjha_v4bP8Lja2ywZ7i-KEOaI6jwoAA-jvQ==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNjg3NzUxNzUzLDE3NDAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsMTAsNl0sbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsMV0sImh0dHBzOi8vd3d3LnNhbm9vay5jb20vd29tZW4vMjIwOTQxLyIsbnVsbCxbWzgsIlY5cno4bmQ3ZkY0Il0sWzksImVuLVVTIl0sWzE2LCJbMSwxLDFdIl0sWzE5LCIyIl1dXQ

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.238 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f14.1e100.net

Software

ESF /

Resource Hash

48c123f247a9c82b1011bef6f71b9bed6f6be7d41b44a0d60aac5a416583bbba

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-tuXExedWe01btz7YGhzGpQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Jun 2023 03:55:53 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-tuXExedWe01btz7YGhzGpQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame A12E 0
0 175ms
170ms Fetch
image/gif 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjss4KRE1Koxn1guZDGQWF3Z8Q5zYp1Uv3kmh-ivXARCPWCiVFKN2nTvCz3j01tOgEpg1SZksXcIbHCNUsxqPeUXMy7mw2MUNwWkKX5Jo3eLZ2V25PextVQPRt5wRgEPSOewNKo_G4XMS3jtQE7eCFvr60gLyFOiwJPDPtiS0ZMV8B__oA-SOXNCa8vOsrgp9pK2BxJ9Kv_ZDhHja3ewcfjlow4aC07lauTXDMk3cf3__uyli-Z8zLZCLsyRJaE2MHhiIAvVDvom7hguh2wfk7_tgCNTGRG_BWRHY9H-Rz0myEWp0U--3syagfd5JbRUrpdtRXEoPTAGPp5gcGla0hcBf6WwM39tD-WCGwNJiudmg&sai=AMfl-YTa7IDlZH4mqm935gHCeomtUOn9bfkCHUiiPcD526hzYyXMoQ2OudqkI3NxxBOiAvhiFvbUkdWRD_E4qe9Hrxo9huYxOnzBaeA_7xjED_w3ekHlHIsxtOvRonAlvhb-ChBb3jhDkTTkApkYQImKBQ&sig=Cg0ArKJSzDICJf8h1qqVEAE&uach_m=[UACH]&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Jun 2023 03:55:53 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Mon, 26 Jun 2023 03:55:53 GMT

GET
H2 204 / Show response
cds.taboola.com/ 0
83 B 3180ms
220ms XHR
text/plain 141.226.224.32
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cds.taboola.com/?uid=330b5701-58b6-480a-9089-cdb23d1bc4ff-tuctb9291c3&mbl=ZmFsc2U=
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/women/220941/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.224.32 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
date: Mon, 26 Jun 2023 03:55:56 GMT
cache-control: no-store
server: nginx

GET
H3 200 trv
dsp-trk.eskimi.com/ Frame 3D0E 43 B
54 B 147ms
146ms Image
image/gif 34.120.139.69
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsp-trk.eskimi.com/trv?bId=1687751749480.2.ATkaO8IGD1Fc0cicEOtj6g&trve=1&trv=1&src=utr&_=1687751753227
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/women/220941/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.120.139.69 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 69.139.120.34.bc.googleusercontent.com
Software: /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://d0d8b8e6b737a493004210cba1ad57b8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Jun 2023 03:55:53 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: image/gif

GET
DATA 200
OK truncated
/ Frame E81E 4 KB
4 KB Font
application/font-woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: aef991b2e0b693a95d41986576dd3901ea7ac03b379501b1caba966058753308

Request headers

Referer
Origin: https://www.sanook.com
accept-language: ka-GE,ka;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: application/font-woff;charset=utf-8

GET activeview
pagead2.googlesyndication.com/pcs/ Frame FA44 0
0

GET activeview
pagead2.googlesyndication.com/pcs/ Frame 4E05 0
0

GET
H2 200 jquery-3.2.1.min.js Show response
code.jquery.com/ 85 KB
30 KB 401ms
129ms Script
application/javascript 69.16.175.42
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-3.2.1.min.js
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/women/220941/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 69.16.175.42 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: tlb.hwcdn.net
Software: nginx /
Resource Hash: 87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Jun 2023 03:55:55 GMT
content-encoding: gzip
last-modified: Fri, 12 Aug 2022 13:47:02 GMT
server: nginx
etag: W/"62f659d6-15283"
vary: Accept-Encoding
x-hw: 1687751755.dop211.ve1.t,1687751755.cds237.ve1.hn,1687751755.cds220.ve1.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 30125

GET
H2 200 check Show response
rtbdemand.apiip.net/api/ 1 KB
1 KB 1520ms
1123ms Fetch
application/json 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://rtbdemand.apiip.net/api/check?accessKey=7ef45bac-167a-4aa8-8c99-bc8a28f80bc5
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/women/220941/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: c7285cb74996a422f1c9dc95991129881a1ebc7775c5b8d6f046759aab631ae2

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Jun 2023 03:55:54 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: Express
etag: W/"555-YC7GnC2TEy1kxSlKWhbKw3mVMV4"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ffM%2F6dKgO8wd59VP2I9nOfQBJEMSKo2j7pHWfgCTJoo1lyW5C9KnqmEsmCvsdVZ4leuyVgvStDgJgAyjcAeRe%2BFqxGDxpj1wNeIAD4bmPrUeFKsmD4Azw3JXdFFUs5OIjfhH3A9h"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cf-ray: 7dd2846d08ad2dc7-TBS
alt-svc: h3=":443"; ma=86400

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ 236 KB
58 KB 930ms
161ms Script
application/javascript 108.138.1.25
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/women/220941/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.1.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-1-25.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 6cdf5b8d8528713b5a7b3fae738d27e6107afa0cc3a8e691a9d612303f6dfd7a

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Jun 2023 03:30:33 GMT
content-encoding: gzip
via: 1.1 fd4a8fa7c304171992e7f22fc8894904.cloudfront.net (CloudFront), 1.1 ab68583a58d574d6a9e5fca1fb1e6316.cloudfront.net (CloudFront)
last-modified: Thu, 15 Jun 2023 18:14:55 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P1, FRA56-P6
age: 1523
etag: W/"7c6a36eb4b73f6b7cf4a63a33418a2c9"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: public, max-age=3600
x-amz-cf-id: 8Lrnjfnm41M3Xnv-9uy-E65GLboPISIMBn-kyqlzhJFSClIlOjVNPQ==

OPTIONS
H/1.1 204
No Content graphql
apiu.sanook.com/ Frame 0
0 1956ms
322ms Preflight 203.151.128.172
INET-TH-AS Intern...

General

Check archive.org

Show headers Download Go to

Full URL

https://apiu.sanook.com/graphql

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

203.151.128.172 Mueang Samut Prakan, Thailand, ASN4618 (INET-TH-AS Internet Thailand Company Limited, TH),

Reverse DNS

172.128.151.203.sta.inet.co.th

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains;

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.sanook.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range,XPURGE,Authorization
Access-Control-Allow-Methods: GET, POST, OPTIONS, HEAD
Access-Control-Allow-Origin: https://www.sanook.com
Access-Control-Max-Age: 300
Connection: keep-alive
Date: Mon, 26 Jun 2023 03:55:55 GMT
Server: nginx
Strict-Transport-Security: max-age=15724800; includeSubDomains;
U-API-Cache-Status: BYPASS
Vary: Origin

GET
H2 200 icon_relate.svg
s.isanook.com/sr/0/images/video/video-js/ Frame E81E 2 KB
740 B 131ms
131ms Image
image/svg+xml 43.152.29.12
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.isanook.com/sr/0/images/video/video-js/icon_relate.svg
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/video/embed/clip/1537512/?playerType=video-js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 43.152.29.12 , Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: Lego Server /
Resource Hash: b3f3f379d724f87e5282f75c162017587c0f0bdd6fe267518119c7bd4a72059d

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 07:31:37 GMT
content-encoding: gzip
x-cache-lookup: Cache Hit, Hit From Inner Cluster
last-modified: Wed, 21 Jun 2023 07:17:44 GMT
server: Lego Server
age: 0
etag: W/"6492a418-61b"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=2592000
x-nws-log-uuid: 6437296398850196688
accept-ranges: bytes
content-length: 526
expires: Fri, 21 Jul 2023 07:31:37 GMT

POST
H/1.1 200
OK graphql Show response
apiu.sanook.com/ Frame E81E 106 B
809 B 1000ms
349ms XHR
application/json 203.151.128.172
INET-TH-AS Intern...

General

Check archive.org

Show headers Download Go to

Full URL

https://apiu.sanook.com/graphql

Requested by

Host: www.sanook.com
URL: https://www.sanook.com/video/embed/clip/1537512/?playerType=video-js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

203.151.128.172 Mueang Samut Prakan, Thailand, ASN4618 (INET-TH-AS Internet Thailand Company Limited, TH),

Reverse DNS

172.128.151.203.sta.inet.co.th

Software

nginx / Express

Resource Hash

751df254c2bb8213b8f7520efebb27ee572adc4f503b26b700f6183d7f78d7d2

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains;

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.sanook.com/
accept-language: ka-GE,ka;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

Date: Mon, 26 Jun 2023 03:55:56 GMT
Strict-Transport-Security: max-age=15724800; includeSubDomains;
Content-Encoding: br
Server: nginx
U-API-Cache-Status: BYPASS
X-Powered-By: Express
ETag: W/"6a-BgUOFe4nGYSPuIdrAY8wSVetT2Y"
Transfer-Encoding: chunked
Vary: Accept-Encoding, Origin
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://www.sanook.com
Access-Control-Allow-Methods: GET, POST, OPTIONS, HEAD
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range,XPURGE,Authorization

GET
H/1.1 200
OK f86576aa47e4b8888d2f973a4929df7a Show response
apiu.sanook.com/video-player/liveplay/ Frame E81E 455 B
1 KB 2257ms
315ms XHR
application/vnd.apple.mpegurl 203.151.128.172
INET-TH-AS Intern...

General

Check archive.org

Show headers Download Go to

Full URL

https://apiu.sanook.com/video-player/liveplay/f86576aa47e4b8888d2f973a4929df7a

Requested by

Host: www.sanook.com
URL: https://www.sanook.com/video/embed/clip/1537512/?playerType=video-js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

203.151.128.172 Mueang Samut Prakan, Thailand, ASN4618 (INET-TH-AS Internet Thailand Company Limited, TH),

Reverse DNS

172.128.151.203.sta.inet.co.th

Software

nginx / Express

Resource Hash

bb8d3afd4013640fe73a5cf109b48bc820826c9a2db91c8f11bd478b36f763e2

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains;

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 26 Jun 2023 03:55:55 GMT
Strict-Transport-Security: max-age=15724800; includeSubDomains;
Server: nginx
U-API-Cache-Status: HIT
X-Powered-By: Express
X-Cache-Status: HIT
Vary: Origin, Accept-Encoding
Access-Control-Allow-Methods: GET, POST, OPTIONS, HEAD
Content-Type: application/vnd.apple.mpegurl
Access-Control-Allow-Origin: https://www.sanook.com
Access-Control-Allow-Credentials: true
Content-Disposition: attachment; filename=1537512.m3u8
Connection: keep-alive
Access-Control-Allow-Headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range,XPURGE,Authorization
Content-Length: 455

GET
H3 200 bridge3.578.0_en.html Show response
imasdk.googleapis.com/js/core/ Frame C1F7 709 KB
226 KB 136ms
135ms Document
text/html 142.250.184.202
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.578.0_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.202 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f10.1e100.net

Software

sffe /

Resource Hash

4895c44118a86780663c6e877b78922dda0ddb83051b4b1d22ed786415868af1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.sanook.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: ka-GE,ka;q=0.9

Response headers

accept-ranges: bytes
age: 508789
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 231472
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy: cross-origin
date: Tue, 20 Jun 2023 06:36:04 GMT
expires: Wed, 19 Jun 2024 06:36:04 GMT
last-modified: Wed, 07 Jun 2023 16:35:26 GMT
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 client.js Show response
s0.2mdn.net/instream/video/ Frame E81E 44 KB
16 KB 152ms
151ms Script
text/javascript 142.250.185.198
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/instream/video/client.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.198 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f6.1e100.net

Software

sffe /

Resource Hash

d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Jun 2023 03:55:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16746
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 26 Jun 2023 03:55:53 GMT

GET
H/1.1 200
OK screenshot Show response
apiu.sanook.com/video-player/ Frame E81E 750 B
884 B 2526ms
333ms XHR
text/html 203.151.128.172
INET-TH-AS Intern...

General

Check archive.org

Show headers Download Go to

Full URL

https://apiu.sanook.com/video-player/screenshot?screenshot-url=https://s.isanook.com/vi/0/ud/2/23/ss/223/4471737.jpg&duration=30

Requested by

Host: www.sanook.com
URL: https://www.sanook.com/video/embed/clip/1537512/?playerType=video-js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

203.151.128.172 Mueang Samut Prakan, Thailand, ASN4618 (INET-TH-AS Internet Thailand Company Limited, TH),

Reverse DNS

172.128.151.203.sta.inet.co.th

Software

nginx / Express

Resource Hash

ae20fea9afd7f058e4fd81b670b671f239049ca20626e7da66fd56c745811aab

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains;

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 26 Jun 2023 03:55:55 GMT
Strict-Transport-Security: max-age=15724800; includeSubDomains;
Content-Encoding: br
U-API-Cache-Status: HIT
X-Powered-By: Express
X-Cache-Status: EXPIRED
Transfer-Encoding: chunked
Connection: keep-alive
Server: nginx
ETag: W/"2ee-e7WM0QyVpUgaILXCz2lZ5OIQ10c"
Vary: Accept-Encoding, Origin
Access-Control-Allow-Methods: GET, POST, OPTIONS, HEAD
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: https://www.sanook.com
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range,XPURGE,Authorization

POST
H3 204 AGSKWxWOWZUO8iJJJnPCmpOopSqo2PWs6UD8Mlb-hOsIxzGpWfWzbeaowsguyH9NcFjaje9Dy4y891tms4d4jqHqa4dK5OqERmZlIzIvxm7Usl_GVyV09ifr4NFR3Hc4fZbwHD1GuHOC-g== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 157ms
156ms XHR
text/html 142.250.184.238
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxWOWZUO8iJJJnPCmpOopSqo2PWs6UD8Mlb-hOsIxzGpWfWzbeaowsguyH9NcFjaje9Dy4y891tms4d4jqHqa4dK5OqERmZlIzIvxm7Usl_GVyV09ifr4NFR3Hc4fZbwHD1GuHOC-g==

Requested by

Host: www.sanook.com
URL: https://www.sanook.com/women/220941/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.238 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f14.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-ZIloBS-pnZ1zAn6o76R8dw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.sanook.com/
accept-language: ka-GE,ka;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 26 Jun 2023 03:55:53 GMT
content-security-policy: script-src 'report-sample' 'nonce-ZIloBS-pnZ1zAn6o76R8dw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://www.sanook.com
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 a.js Show response
p.adlooxtracking.com/gpt/ 8 KB
4 KB 1463ms
139ms Script
text/javascript 34.107.231.31
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://p.adlooxtracking.com/gpt/a.js

Requested by

Host: www.sanook.com
URL: https://www.sanook.com/women/220941/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.107.231.31 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

31.231.107.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

7ca7a1e30027e42d510cd253b29f1b9f505c04b9af48c9ed20804d9d8006faff

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Jun 2023 03:05:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 google
server: nginx
age: 3031
etag: W/"81c857a6c52da1ca7444f198bd33b2ea"
last-modified: Tue, 22 Nov 2022 17:41:01 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public,max-age=3600
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3703

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 697E 42 B
64 B 168ms
167ms Fetch
image/gif 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvy12UQYys_a65m6p93VlXY8DPlL1whXrs8JjEvbm92dEiNi-loCfhiMZeOkwzQZnVLeR8-XOKNp7QNodmN_WtJwXFhdD4FM7IWtQpKZ8tG5wfNP2u7&sig=Cg0ArKJSzKVjhsJLTeLnEAE&id=lidar2&mcvt=2146&p=1023,235,1113,963&mtos=2146,2146,2146,2146,2146&tos=2146,0,0,0,0&v=20230621&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=3&adk=1547059643&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1687751750068&rpt=3006&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=14

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 26 Jun 2023 03:55:55 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 SPug Show response
simage4.pubmatic.com/AdServer/ Frame FE74 0
130 B 145ms
144ms Script
text/plain 198.47.127.20
GTT-BACKBONE GTT

General

Check archive.org

Show headers Download Go to

Full URL: https://simage4.pubmatic.com/AdServer/SPug?partnerID=155976&gdpr=0&gdpr_consent=&us_privacy=1---
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=155976
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 198.47.127.20 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Jun 2023 03:55:54 GMT
cache-control: no-store, no-cache, private
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H2 200 SPug Show response
simage4.pubmatic.com/AdServer/ Frame AFF2 0
130 B 145ms
144ms Script
text/plain 198.47.127.20
GTT-BACKBONE GTT

General

Check archive.org

Show headers Download Go to

Full URL: https://simage4.pubmatic.com/AdServer/SPug?partnerID=155976&gdpr=0&gdpr_consent=&us_privacy=1---
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=155976
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 198.47.127.20 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Jun 2023 03:55:55 GMT
cache-control: no-store, no-cache, private
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H2 200 SPug Show response
simage4.pubmatic.com/AdServer/ Frame A8CE 0
130 B 145ms
145ms Script
text/plain 198.47.127.20
GTT-BACKBONE GTT

General

Check archive.org

Show headers Download Go to

Full URL: https://simage4.pubmatic.com/AdServer/SPug?partnerID=155976&gdpr=0&gdpr_consent=&us_privacy=1---
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=155976
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 198.47.127.20 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Jun 2023 03:55:53 GMT
cache-control: no-store, no-cache, private
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H2 200 sync Show response
am-match.taboola.com/ Frame E798 540 B
626 B 147ms
145ms Document
text/html 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://am-match.taboola.com/sync?dast=V8QL8CLAYUpbN0tncZThAoSmfpbO8ynCgAAABgYED8AAksPK6JYWFaSwaDwVo0si3cwtHEs5YNF6uVaWGyGGemISCBhcc1MSxMa8lgMFiLRraFWziaeNay4WK1Mi1MFuPMNAUfxnKZDGqBhGX2-w4KyunpMbsMoqLrbbE7nGbPG5Cg6XT4XPd63e931zzsfr_XrvG7_bq_22X3SyaD5WixlwMAAACAB_____8QAAAAACIAAAAASAAAAACgEFDh34LABQAAAAAM_____xoAnjgc0MVpdnqe_gAAAAAAAgAAAIAEAEHHWgkAC6yqE___________MQboM29k_P___98w6AHw4APgQQgAAIDHEMwwPu0Hf5RlIgXSRRgBAAAA2Hp3rj4ySSeoWFT5___vtwJwBQAgALH-Ot03i-6gxFsYAAAAgTEL9LD4_WaHXeN3u8z_________v5n_M_9ohEyEH9MIzUSxq_kFBABY8wsIAMBG3QAAvAmAE3QIWjEYrM5ArlazAwAAAHDn____Xw-IWQzLyczlmxhHu83MtDG5jKuRbWJbGTaOxcRm8p5Ut-Ur9rj58j4hwjL7fQcF5fT0mF0GUdH1ttgdTrPnID5oGJaTQTQ_E7YYrSaTzXI4Wy4mg-FoOBrtjwAuB2giBsvlZLKY7Faj1Wgz3I1mgwUSiMEEUbRoMFmNRpPFZLgaTVaz5WK32yCKVq1mo81guJpNZrvdajgYLkcjNGGL0Woy2SyHs-ViMhiOhqPREMHMZjBx7QaLtWo4sa1Fw8HCrRwMl2uNyWLZjBwTj2lmc4teH9PFOVkuNp4tEgzw2IvkaZFORCOTaeJcDpbLkcM2GdkWi81gMPEYd4PdbmVZzSZiieZkkU5kl33NYlhOZi7fxDjabWamjcllXI1sE9vKsHEsJjaTv7MZTFy7wWKtGk5sa9FwsHArB8PlWmOyWDYjx8RjmtncotfHdHFOlouNZ9-YDXe71WI32u0bs-Fut1rsRrt9h87wXX3ORs_lYO4IhUZnNhu0OQ0Kl8HinapX32hndhD9pkWnTKZWFnRGv9_v9_v9fr_f7zdoPQezQeF7Hv7C6WN5Loez0YPYoFDEEsFFOtE87H6_1yKWKE0X6USv-7tddr9kMliOFhOxRHC6SCeil_F0Uf-RQy7mks1yLhnM5pLFZpUAAAAAAAAAACzBJNNNAAAAAJwMZLac7VbrdBCj2Wg0WC0XwANcgC5gEAAAAAAAgGKNPWYwD7vf77UyAAjBbGabfUYQa7Va1gAAAASwAQAABHDTjTcBqlDc_____zgAAAAycugBAACI7wMCwoxaL_TA5VcQi8FutX8AKsRarVa3G2u1Wg!&excid=22&docw=0&cijs=1&nlb=false
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/32_9_0/infra/cmTagWIDGET_ITEM.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: 700cad2b847833193c198f661c44256f81641817c11f5dcea799a561942d7081

Request headers

Referer: https://www.sanook.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: ka-GE,ka;q=0.9

Response headers

content-type: text/html;charset=ISO-8859-1
date: Mon, 26 Jun 2023 03:55:55 GMT
machineid: 3401
server: nginx

GET
H2 200 st
am-vid-events.taboola.com/ 0
44 B 145ms
144ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-vid-events.taboola.com/st?cijs=convusmp&ttype=120&cisd=convusmp&cipid=66361655&crid=-1&dast=V8QL8CLAYUpbN0tncZThAoSmfpbO8ynCgAAABgYED8AAksPK6JYWFaSwaDwVo0si3cwtHEs5YNF6uVaWGyGGemISCBhcc1MSxMa8lgMFiLRraFWziaeNay4WK1Mi1MFuPMNAUfxnKZDGqBhGX2-w4KyunpMbsMoqLrbbE7nGbPG5Cg6XT4XPd63e931zzsfr_XrvG7_bq_22X3SyaD5WixlwMAAACAB_____8QAAAAACIAAAAASAAAAACgEFDh34LABQAAAAAM_____xoAnjgc0MVpdnqe_gAAAAAAAgAAAIAEAEHHWgkAC6yqE___________MQboM29k_P___98w6AHw4APgQQgAAIDHEMwwPu0Hf5RlIgXSRRgBAAAA2Hp3rj4ySSeoWFT5___vtwJwBQAgALH-Ot03i-6gxFsYAAAAgTEL9LD4_WaHXeN3u8z_________v5n_M_9ohEyEH9MIzUSxq_kFBABY8wsIAMBG3QAAvAmAE3QIWjEYrM5ArlazAwAAAHDn____Xw-IWQzLyczlmxhHu83MtDG5jKuRbWJbGTaOxcRm8p5Ut-Ur9rj58j4hwjL7fQcF5fT0mF0GUdH1ttgdTrPnID5oGJaTQTQ_E7YYrSaTzXI4Wy4mg-FoOBrtjwAuB2giBsvlZLKY7Faj1Wgz3I1mgwUSiMEEUbRoMFmNRpPFZLgaTVaz5WK32yCKVq1mo81guJpNZrvdajgYLkcjNGGL0Woy2SyHs-ViMhiOhqPREMHMZjBx7QaLtWo4sa1Fw8HCrRwMl2uNyWLZjBwTj2lmc4teH9PFOVkuNp4tEgzw2IvkaZFORCOTaeJcDpbLkcM2GdkWi81gMPEYd4PdbmVZzSZiieZkkU5kl33NYlhOZi7fxDjabWamjcllXI1sE9vKsHEsJjaTv7MZTFy7wWKtGk5sa9FwsHArB8PlWmOyWDYjx8RjmtncotfHdHFOlouNZ9-YDXe71WI32u0bs-Fut1rsRrt9h87wXX3ORs_lYO4IhUZnNhu0OQ0Kl8HinapX32hndhD9pkWnTKZWFnRGv9_v9_v9fr_f7zdoPQezQeF7Hv7C6WN5Loez0YPYoFDEEsFFOtE87H6_1yKWKE0X6USv-7tddr9kMliOFhOxRHC6SCeil_F0Uf-RQy7mks1yLhnM5pLFZpUAAAAAAAAAACzBJNNNAAAAAJwMZLac7VbrdBCj2Wg0WC0XwANcgC5gEAAAAAAAgGKNPWYwD7vf77UyAAjBbGabfUYQa7Va1gAAAASwAQAABHDTjTcBqlDc_____zgAAAAycugBAACI7wMCwoxaL_TA5VcQi8FutX8AKsRarVa3G2u1Wg!&cmcv=&pix=&cb=1687751755670&uv=3290&tms=1687751755670&su=&abt=nonrv_vA!t120!tbt_player!ufm_vA&ft=0&unm=WIDGET_ITEM&mntl=1&
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/women/220941/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Jun 2023 03:55:55 GMT
content-length: 0
server: nginx

GET
H2 206 blackScreen5.mp4
vidstatb.taboola.com/vid/ 89 KB
89 KB 127ms
117ms Media
video/mp4 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vidstatb.taboola.com/vid/blackScreen5.mp4
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/women/220941/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 0407dafc112212a135d1aa4dd9b40ba0208c6bb6b1959f5535af093254189d66

Request headers

Referer: https://www.sanook.com/
Accept-Encoding: identity;q=1, *;q=0
accept-language: ka-GE,ka;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range: bytes=0-

Response headers

x-amz-meta-mtime: 1497790207
date: Mon, 26 Jun 2023 03:55:56 GMT
via: 1.1 3d4555926457517be3e728d2175d92a2.cloudfront.net (CloudFront), 1.1 varnish
x-amz-cf-pop: VIE50-C2
age: 2766388
x-cache: Hit from cloudfront, HIT
Content-Range: bytes 0-90783/90784
x-amz-meta-mode: 33188
Content-Length: 90784
x-served-by: cache-sof1510039-SOF
last-modified: Sun, 02 Jul 2017 20:40:57 GMT
server: AmazonS3
x-timer: S1687751756.045449,VS0,VE0
etag: "b2b087fe4ae638c533731c347fcd4df8"
x-amz-meta-uid: 0
access-control-allow-methods: GET, OPTIONS, HEAD
x-amz-meta-gid: 0
content-type: video/mp4
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
access-control-allow-headers: *
x-amz-cf-id: 6RrWc2x4zaGe7BI0hmFGsUr1huLkLXjkJxFg2dogjaq2AdwguPqLpg==
x-cache-hits: 521792

GET
H2 200 OvaMediaPlayer.js Show response
vidstat.taboola.com/vpaid/vPlayer/player/v134538.391/ 447 KB
84 KB 117ms
117ms Script
application/javascript 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v134538.391/OvaMediaPlayer.js
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/32_9_0/infra/cmTagWIDGET_ITEM.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3-br /
Resource Hash: b4b26624c4f906216099957570ea73fa13eb06f5b6f451256eecf803bb86f1b8

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-meta-mtime: 1686750724
date: Mon, 26 Jun 2023 03:55:56 GMT
via: 1.1 varnish
content-encoding: br
x-amz-request-id: 74NA1DSBCW4633XR
age: 1000968
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-meta-ctime: 1686750738
x-amz-meta-mode: 33188
content-length: 85221
x-amz-id-2: w9qrMrIwwjGToQAvYr96UVLUHFXdPP8iSOgysMSY54AEiZps7WW606ywZ3xJ5bchDjL618Kx4z0=
x-served-by: cache-sof1510039-SOF
last-modified: Wed, 14 Jun 2023 13:52:19 GMT
server: AmazonS3-br
x-timer: S1687751756.192474,VS0,VE0
etag: "a03e742eff635b82ad894d429e07d8ec"
x-amz-meta-uid: 0
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
x-amz-meta-gid: 0
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
access-control-allow-headers: *
x-cache-hits: 19964

GET
H2

200

rtb-h
sync.taboola.com/sg/freewheelrtb-network/1/ Frame E798
Redirect Chain

https://ads.stickyadstv.com/user-matching?id=3570&gdpr=gdpr=0&&gdpr_consent=
https://sync.taboola.com/sg/freewheelrtb-network/1/rtb-h?taboola_hm=40702615c8b07bf058df622541201fb4&gdpr_consent=&gdpr=gdpr%3D0

0
231 B

144ms
143ms

Image
text/plain

141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.taboola.com/sg/freewheelrtb-network/1/rtb-h?taboola_hm=40702615c8b07bf058df622541201fb4&gdpr_consent=&gdpr=gdpr%3D0
Requested by: Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V8QL8CLAYUpbN0tncZThAoSmfpbO8ynCgAAABgYED8AAksPK6JYWFaSwaDwVo0si3cwtHEs5YNF6uVaWGyGGemISCBhcc1MSxMa8lgMFiLRraFWziaeNay4WK1Mi1MFuPMNAUfxnKZDGqBhGX2-w4KyunpMbsMoqLrbbE7nGbPG5Cg6XT4XPd63e931zzsfr_XrvG7_bq_22X3SyaD5WixlwMAAACAB_____8QAAAAACIAAAAASAAAAACgEFDh34LABQAAAAAM_____xoAnjgc0MVpdnqe_gAAAAAAAgAAAIAEAEHHWgkAC6yqE___________MQboM29k_P___98w6AHw4APgQQgAAIDHEMwwPu0Hf5RlIgXSRRgBAAAA2Hp3rj4ySSeoWFT5___vtwJwBQAgALH-Ot03i-6gxFsYAAAAgTEL9LD4_WaHXeN3u8z_________v5n_M_9ohEyEH9MIzUSxq_kFBABY8wsIAMBG3QAAvAmAE3QIWjEYrM5ArlazAwAAAHDn____Xw-IWQzLyczlmxhHu83MtDG5jKuRbWJbGTaOxcRm8p5Ut-Ur9rj58j4hwjL7fQcF5fT0mF0GUdH1ttgdTrPnID5oGJaTQTQ_E7YYrSaTzXI4Wy4mg-FoOBrtjwAuB2giBsvlZLKY7Faj1Wgz3I1mgwUSiMEEUbRoMFmNRpPFZLgaTVaz5WK32yCKVq1mo81guJpNZrvdajgYLkcjNGGL0Woy2SyHs-ViMhiOhqPREMHMZjBx7QaLtWo4sa1Fw8HCrRwMl2uNyWLZjBwTj2lmc4teH9PFOVkuNp4tEgzw2IvkaZFORCOTaeJcDpbLkcM2GdkWi81gMPEYd4PdbmVZzSZiieZkkU5kl33NYlhOZi7fxDjabWamjcllXI1sE9vKsHEsJjaTv7MZTFy7wWKtGk5sa9FwsHArB8PlWmOyWDYjx8RjmtncotfHdHFOlouNZ9-YDXe71WI32u0bs-Fut1rsRrt9h87wXX3ORs_lYO4IhUZnNhu0OQ0Kl8HinapX32hndhD9pkWnTKZWFnRGv9_v9_v9fr_f7zdoPQezQeF7Hv7C6WN5Loez0YPYoFDEEsFFOtE87H6_1yKWKE0X6USv-7tddr9kMliOFhOxRHC6SCeil_F0Uf-RQy7mks1yLhnM5pLFZpUAAAAAAAAAACzBJNNNAAAAAJwMZLac7VbrdBCj2Wg0WC0XwANcgC5gEAAAAAAAgGKNPWYwD7vf77UyAAjBbGabfUYQa7Va1gAAAASwAQAABHDTjTcBqlDc_____zgAAAAycugBAACI7wMCwoxaL_TA5VcQi8FutX8AKsRarVa3G2u1Wg!&excid=22&docw=0&cijs=1&nlb=false
Protocol: H2
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://am-match.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Jun 2023 03:55:57 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 73478

Redirect headers

Pragma: no-cache
Date: Mon, 26 Jun 2023 03:55:57 GMT
Server: nginx
Access-Control-Allow-Origin: *
Location: https://sync.taboola.com/sg/freewheelrtb-network/1/rtb-h?taboola_hm=40702615c8b07bf058df622541201fb4&gdpr_consent=&gdpr=gdpr%3D0
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
x-sticky-vk: 1687751757252016-341
Expires: Mon, 26 Jun 2023 03:55:57 GMT

GET
H2

200

/
sync.taboola.com/sg/unrulyrtb-network/1/rtb-h/ Frame E798
Redirect Chain

https://sync.1rx.io/usersync2/rmpssp?sub=taboola
https://sync.1rx.io/usersync2/rmpssp?sub=taboola&zcc=1&cb=1687751756190
https://ad.turn.com/r/cs?pid=45&rndcb=1455450389
https://sync.1rx.io/usersync/turn/2992603343639734767?dspret=1&gdpr=&gdpr_consent=&us_privacy=
https://sync.targeting.unrulymedia.com/csync/RX-47b4185a-ff3c-4292-8bff-911bcd673d4e-003?redir=https%3A%2F%2Fsync.taboola.com%2Fsg%2Funrulyrtb-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%5BUSER-ID%5D
https://sync.taboola.com/sg/unrulyrtb-network/1/rtb-h/?taboola_hm=[USER-ID]

0
231 B

145ms
145ms

Image
text/plain

141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.taboola.com/sg/unrulyrtb-network/1/rtb-h/?taboola_hm=[USER-ID]
Requested by: Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V8QL8CLAYUpbN0tncZThAoSmfpbO8ynCgAAABgYED8AAksPK6JYWFaSwaDwVo0si3cwtHEs5YNF6uVaWGyGGemISCBhcc1MSxMa8lgMFiLRraFWziaeNay4WK1Mi1MFuPMNAUfxnKZDGqBhGX2-w4KyunpMbsMoqLrbbE7nGbPG5Cg6XT4XPd63e931zzsfr_XrvG7_bq_22X3SyaD5WixlwMAAACAB_____8QAAAAACIAAAAASAAAAACgEFDh34LABQAAAAAM_____xoAnjgc0MVpdnqe_gAAAAAAAgAAAIAEAEHHWgkAC6yqE___________MQboM29k_P___98w6AHw4APgQQgAAIDHEMwwPu0Hf5RlIgXSRRgBAAAA2Hp3rj4ySSeoWFT5___vtwJwBQAgALH-Ot03i-6gxFsYAAAAgTEL9LD4_WaHXeN3u8z_________v5n_M_9ohEyEH9MIzUSxq_kFBABY8wsIAMBG3QAAvAmAE3QIWjEYrM5ArlazAwAAAHDn____Xw-IWQzLyczlmxhHu83MtDG5jKuRbWJbGTaOxcRm8p5Ut-Ur9rj58j4hwjL7fQcF5fT0mF0GUdH1ttgdTrPnID5oGJaTQTQ_E7YYrSaTzXI4Wy4mg-FoOBrtjwAuB2giBsvlZLKY7Faj1Wgz3I1mgwUSiMEEUbRoMFmNRpPFZLgaTVaz5WK32yCKVq1mo81guJpNZrvdajgYLkcjNGGL0Woy2SyHs-ViMhiOhqPREMHMZjBx7QaLtWo4sa1Fw8HCrRwMl2uNyWLZjBwTj2lmc4teH9PFOVkuNp4tEgzw2IvkaZFORCOTaeJcDpbLkcM2GdkWi81gMPEYd4PdbmVZzSZiieZkkU5kl33NYlhOZi7fxDjabWamjcllXI1sE9vKsHEsJjaTv7MZTFy7wWKtGk5sa9FwsHArB8PlWmOyWDYjx8RjmtncotfHdHFOlouNZ9-YDXe71WI32u0bs-Fut1rsRrt9h87wXX3ORs_lYO4IhUZnNhu0OQ0Kl8HinapX32hndhD9pkWnTKZWFnRGv9_v9_v9fr_f7zdoPQezQeF7Hv7C6WN5Loez0YPYoFDEEsFFOtE87H6_1yKWKE0X6USv-7tddr9kMliOFhOxRHC6SCeil_F0Uf-RQy7mks1yLhnM5pLFZpUAAAAAAAAAACzBJNNNAAAAAJwMZLac7VbrdBCj2Wg0WC0XwANcgC5gEAAAAAAAgGKNPWYwD7vf77UyAAjBbGabfUYQa7Va1gAAAASwAQAABHDTjTcBqlDc_____zgAAAAycugBAACI7wMCwoxaL_TA5VcQi8FutX8AKsRarVa3G2u1Wg!&excid=22&docw=0&cijs=1&nlb=false
Protocol: H2
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://am-match.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Jun 2023 03:55:57 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 73488

Redirect headers

location: https://sync.taboola.com/sg/unrulyrtb-network/1/rtb-h/?taboola_hm=[USER-ID]
date: Mon, 26 Jun 2023 03:55:57 GMT
p3p: CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag: RX47b4185aff3c42928bff911bcd673d4e003
content-type: text/html

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame A69E 16 KB
6 KB 134ms
134ms Document
text/html 23.32.184.192
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&p=156307&userIdMacro=PM_UID&us_privacy=1---&predirect=https%3A%2F%2Fsync.taboola.com%2Fsg%2Frtb-pubmatic-network%2F1%2Frtb-h%2F%3Fgdpr%3D0%26taboola_hm%3DPM_UID%26orig%3Dvideo%26us_privacy%3D1---
Requested by: Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V8QL8CLAYUpbN0tncZThAoSmfpbO8ynCgAAABgYED8AAksPK6JYWFaSwaDwVo0si3cwtHEs5YNF6uVaWGyGGemISCBhcc1MSxMa8lgMFiLRraFWziaeNay4WK1Mi1MFuPMNAUfxnKZDGqBhGX2-w4KyunpMbsMoqLrbbE7nGbPG5Cg6XT4XPd63e931zzsfr_XrvG7_bq_22X3SyaD5WixlwMAAACAB_____8QAAAAACIAAAAASAAAAACgEFDh34LABQAAAAAM_____xoAnjgc0MVpdnqe_gAAAAAAAgAAAIAEAEHHWgkAC6yqE___________MQboM29k_P___98w6AHw4APgQQgAAIDHEMwwPu0Hf5RlIgXSRRgBAAAA2Hp3rj4ySSeoWFT5___vtwJwBQAgALH-Ot03i-6gxFsYAAAAgTEL9LD4_WaHXeN3u8z_________v5n_M_9ohEyEH9MIzUSxq_kFBABY8wsIAMBG3QAAvAmAE3QIWjEYrM5ArlazAwAAAHDn____Xw-IWQzLyczlmxhHu83MtDG5jKuRbWJbGTaOxcRm8p5Ut-Ur9rj58j4hwjL7fQcF5fT0mF0GUdH1ttgdTrPnID5oGJaTQTQ_E7YYrSaTzXI4Wy4mg-FoOBrtjwAuB2giBsvlZLKY7Faj1Wgz3I1mgwUSiMEEUbRoMFmNRpPFZLgaTVaz5WK32yCKVq1mo81guJpNZrvdajgYLkcjNGGL0Woy2SyHs-ViMhiOhqPREMHMZjBx7QaLtWo4sa1Fw8HCrRwMl2uNyWLZjBwTj2lmc4teH9PFOVkuNp4tEgzw2IvkaZFORCOTaeJcDpbLkcM2GdkWi81gMPEYd4PdbmVZzSZiieZkkU5kl33NYlhOZi7fxDjabWamjcllXI1sE9vKsHEsJjaTv7MZTFy7wWKtGk5sa9FwsHArB8PlWmOyWDYjx8RjmtncotfHdHFOlouNZ9-YDXe71WI32u0bs-Fut1rsRrt9h87wXX3ORs_lYO4IhUZnNhu0OQ0Kl8HinapX32hndhD9pkWnTKZWFnRGv9_v9_v9fr_f7zdoPQezQeF7Hv7C6WN5Loez0YPYoFDEEsFFOtE87H6_1yKWKE0X6USv-7tddr9kMliOFhOxRHC6SCeil_F0Uf-RQy7mks1yLhnM5pLFZpUAAAAAAAAAACzBJNNNAAAAAJwMZLac7VbrdBCj2Wg0WC0XwANcgC5gEAAAAAAAgGKNPWYwD7vf77UyAAjBbGabfUYQa7Va1gAAAASwAQAABHDTjTcBqlDc_____zgAAAAycugBAACI7wMCwoxaL_TA5VcQi8FutX8AKsRarVa3G2u1Wg!&excid=22&docw=0&cijs=1&nlb=false
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.32.184.192 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-32-184-192.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48

Request headers

Referer: https://am-match.taboola.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: ka-GE,ka;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=43383
content-encoding: gzip
content-length: 5554
content-type: text/html
date: Mon, 26 Jun 2023 03:55:55 GMT
expires: Mon, 26 Jun 2023 15:58:58 GMT
last-modified: Fri, 16 Dec 2022 06:36:49 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: Apache
vary: Accept-Encoding

GET
H2 200 PugMaster Show response
image6.pubmatic.com/AdServer/ Frame A69E 47 B
227 B 148ms
147ms Script
text/html 185.64.190.78
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=75859286&p=156307&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=1---
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&p=156307&userIdMacro=PM_UID&us_privacy=1---&predirect=https%3A%2F%2Fsync.taboola.com%2Fsg%2Frtb-pubmatic-network%2F1%2Frtb-h%2F%3Fgdpr%3D0%26taboola_hm%3DPM_UID%26orig%3Dvideo%26us_privacy%3D1---
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: 09343d3b3473e1c994b2d603c99feb8a0f63fbd3ff20be7432ff18b973dbe651

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date: Mon, 26 Jun 2023 03:55:55 GMT
content-length: 47
content-type: text/html; charset=UTF-8

GET
H2 200 / Show response
sync.taboola.com/sg/rtb-pubmatic-network/1/rtb-h/ Frame D210 0
231 B 145ms
144ms Document
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.taboola.com/sg/rtb-pubmatic-network/1/rtb-h/?gdpr=0&taboola_hm=B7B76140-5686-45C7-BDB2-CE3A35903DE0&orig=video&us_privacy=1---
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&p=156307&userIdMacro=PM_UID&us_privacy=1---&predirect=https%3A%2F%2Fsync.taboola.com%2Fsg%2Frtb-pubmatic-network%2F1%2Frtb-h%2F%3Fgdpr%3D0%26taboola_hm%3DPM_UID%26orig%3Dvideo%26us_privacy%3D1---
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: ka-GE,ka;q=0.9

Response headers

access-control-allow-credentials: true
date: Mon, 26 Jun 2023 03:55:56 GMT
server: nginx
x-fastly-to-nlb-rtt: 73493

POST
H2 200 VideoBidRequestHandlerServlet Show response
wf.taboola.com/ 2 KB
1 KB 216ms
215ms XHR
application/json 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://wf.taboola.com/VideoBidRequestHandlerServlet?oid=15&width=357&height=200&pubid=169497&tagid=953497&crid=-1&noaop=3&sortOrderType=0&cb=1687751756331&mimes=5,10,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=2&pv=134538391&pt=-1864809162&tz=0&viewable=true&ddast=V8QL8CLAYUpbN0tncZThAoSmfpbO8ynCgAAABgYED8AAksPK6JYWFaSwaDwVo0si3cwtHEs5YNF6uVaWGyGGemISCBhcc1MSxMa8lgMFiLRraFWziaeNay4WK1Mi1MFuPMNAUfxnKZDGqBhGX2-w4KyunpMbsMoqLrbbE7nGbPG5Cg6XT4XPd63e931zzsfr_XrvG7_bq_22X3SyaD5WixlwMAAACAB_____8QAAAAACIAAAAASAAAAACgEFDh34LABQAAAAAM_____xoAnjgc0MVpdnqe_gAAAAAAAgAAAIAEAEHHWgkAC6yqE___________MQboM29k_P___98w6AHw4APgQQgAAIDHEMwwPu0Hf5RlIgXSRRgBAAAA2Hp3rj4ySSeoWFT5___vtwJwBQAgALH-Ot03i-6gxFsYAAAAgTEL9LD4_WaHXeN3u8z_________v5n_M_9ohEyEH9MIzUSxq_kFBABY8wsIAMBG3QAAvAmAE3QIWjEYrM5ArlazAwAAAHDn____Xw-IWQzLyczlmxhHu83MtDG5jKuRbWJbGTaOxcRm8p5Ut-Ur9rj58j4hwjL7fQcF5fT0mF0GUdH1ttgdTrPnID5oGJaTQTQ_E7YYrSaTzXI4Wy4mg-FoOBrtjwAuB2giBsvlZLKY7Faj1Wgz3I1mgwUSiMEEUbRoMFmNRpPFZLgaTVaz5WK32yCKVq1mo81guJpNZrvdajgYLkcjNGGL0Woy2SyHs-ViMhiOhqPREMHMZjBx7QaLtWo4sa1Fw8HCrRwMl2uNyWLZjBwTj2lmc4teH9PFOVkuNp4tEgzw2IvkaZFORCOTaeJcDpbLkcM2GdkWi81gMPEYd4PdbmVZzSZiieZkkU5kl33NYlhOZi7fxDjabWamjcllXI1sE9vKsHEsJjaTv7MZTFy7wWKtGk5sa9FwsHArB8PlWmOyWDYjx8RjmtncotfHdHFOlouNZ9-YDXe71WI32u0bs-Fut1rsRrt9h87wXX3ORs_lYO4IhUZnNhu0OQ0Kl8HinapX32hndhD9pkWnTKZWFnRGv9_v9_v9fr_f7zdoPQezQeF7Hv7C6WN5Loez0YPYoFDEEsFFOtE87H6_1yKWKE0X6USv-7tddr9kMliOFhOxRHC6SCeil_F0Uf-RQy7mks1yLhnM5pLFZpUAAAAAAAAAACzBJNNNAAAAAJwMZLac7VbrdBCj2Wg0WC0XwANcgC5gEAAAAAAAgGKNPWYwD7vf77UyAAjBbGabfUYQa7Va1gAAAASwAQAABHDTjTcBqlDc_____zgAAAAycugBAACI7wMCwoxaL_TA5VcQi8FutX8AKsRarVa3G2u1Wg!&proto=2,3,5,6&encoded=1&pstn=vforce2&callback=&wfv=1&amp=0&qsz=6&ft=0&pb=0&pagg=1&sd=undefined&ctsldr=0&dtagid=1464405&dpubid=269675&abtst=nonrv_vA!t120!tbt_player!ufm_vA&mPre=0.033&cirf=https%3A%2F%2Fwww.sanook.com&en=1&panid=873c5bad2b7f16ebd06e2c2630f2a9fb927a2c1d0d892fb577e429f8df418836
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/women/220941/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: cc668b0c8278f81636dbf6a6373653d1f94424533bbebab5c8d652752cd07c1e

Request headers

Referer: https://www.sanook.com/
accept-language: ka-GE,ka;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type: text/plain

Response headers

x-cache-hits: 0
date: Mon, 26 Jun 2023 03:55:56 GMT
content-encoding: gzip
via: 1.1 varnish
machineid: 1428
x-cache: MISS
x-served-by: cache-sof1510039-SOF
pragma: no-cache
server: nginx
x-timer: S1687751756.383174,VS0,VE97
vary: Accept-Encoding
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.sanook.com
cache-control: no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
access-control-allow-credentials: true
accept-ranges: bytes
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2 200 config Show response
c.amazon-adsystem.com/cdn/prod/ 469 B
826 B 134ms
134ms XHR
application/json 108.138.1.25
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fwww.sanook.com&pubid=cd6cddc5-4dca-4d77-9a65-8b894400e772
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/women/220941/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.1.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-1-25.fra56.r.cloudfront.net
Software: Server /
Resource Hash: c84f5c94fec8629693e4bbb5d8c6810bdeee0f88ae60703782c583d3dbcf6469

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 25 Jun 2023 23:24:50 GMT
via: 1.1 ab68583a58d574d6a9e5fca1fb1e6316.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA56-P6
age: 16265
x-cache: Hit from cloudfront
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://www.sanook.com
cache-control: max-age=21550, s-maxage=21600
access-control-allow-credentials: true
content-length: 469
x-amz-cf-id: WnUU20Iig_oCCuO2eVU-2dJk0Ifar6LwmZjZXR-YgvRVk-Fc3qqSsw==

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ 6 KB
3 KB 1154ms
134ms XHR
application/javascript 108.138.1.25
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/women/220941/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.1.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-1-25.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: rBtfgJUMGYsy5fZuQwMAU7hSD.fVdF76
content-encoding: gzip
via: 1.1 bf5c0a6262f04cc4b9a69ef8d737ea96.cloudfront.net (CloudFront)
date: Sun, 25 Jun 2023 09:19:44 GMT
x-amz-cf-pop: FRA56-P6
age: 67001
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Sat, 24 Jun 2023 09:19:11 GMT
server: AmazonS3
etag: W/"a4d296427fc806b21335359e398c025c"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
vary: Accept-Encoding,Origin
x-amz-cf-id: RiR8IFpfTdlaVKf_xJ2IBDzUOGJe2fEKmwkb7w2eugOC-ZSKF5XCJQ==

GET
H2 200 id5-api.js Show response
cdn.id5-sync.com/api/1.0/ 101 KB
25 KB 80ms
80ms Script
text/javascript 104.22.53.86
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.id5-sync.com/api/1.0/id5-api.js

Requested by

Host: www.sanook.com
URL: https://www.sanook.com/women/220941/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.22.53.86 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bd08be9cbf5f35486ce3011abc8286e9e2f59ac1de1ff9840377332383263f19

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Jun 2023 03:55:56 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 22 Jun 2023 08:35:03 GMT
server: cloudflare
x-amz-request-id: XR7EF7H6YR40AMPC
age: 3503
etag: W/"bb626f116ff54963039a9ea05c53620b"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: text/javascript;charset=utf-8
cache-control: public, max-age=3600
cf-ray: 7dd2847f0f492dcf-TBS
x-amz-id-2: QthhWlzIbsBcSm/J02d9Yl+DWHAOQGPi+HbzMFdVNcjbzzR2uhBFXmUd8XnAOCo9OpdSs9YAFVmcPJ0/IVeXXg==

POST
H3 204 collect
analytics.google.com/g/ Frame E81E 0
17 B 144ms
143ms Ping
text/plain 216.239.34.181
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-M0RYDTKBFK&gtm=45je36l0&_p=806708042&cid=829687064.1687751747&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AEA&_s=2&dl=https%3A%2F%2Fwww.sanook.com%2Fvideo%2Fembed%2Fclip%2F1537512%2F%3FplayerType%3Dvideo-js&sid=1687751747&sct=1&seg=1&dr=https%3A%2F%2Fwww.sanook.com%2Fwomen%2F220941%2F&dt=%E0%B8%A3%E0%B8%B2%E0%B8%A8%E0%B8%B5%E0%B8%97%E0%B8%B5%E0%B9%88%E0%B8%A1%E0%B8%B5%E0%B9%80%E0%B8%81%E0%B8%93%E0%B8%91%E0%B9%8C%20%E0%B9%80%E0%B8%94%E0%B8%B4%E0%B8%99%E0%B8%97%E0%B8%B2%E0%B8%87%E0%B9%81%E0%B8%A5%E0%B9%89%E0%B8%A7%E0%B8%94%E0%B8%B5%20%E0%B9%84%E0%B8%94%E0%B9%89%E0%B8%87%E0%B8%B2%E0%B8%99%E0%B9%83%E0%B8%AB%E0%B8%A1%E0%B9%88%E0%B9%86%20%3AEmbed%20Video&en=scroll&ep.content_editor=newsgroup&ep.content_source=newsgroup&ep.content_category=interest&ep.user_session_id=1687751750488.k6g4af9s&ep.content_tag_primary=%E0%B8%84%E0%B8%A5%E0%B8%B4%E0%B8%9B%E0%B8%99%E0%B9%88%E0%B8%B2%E0%B8%AA%E0%B8%99%E0%B9%83%E0%B8%88&ep.content_tag_secondary=%E0%B8%94%E0%B8%B9%E0%B8%94%E0%B8%A7%E0%B8%87&ep.content_unique_id=1537512&ep.content_editorial_type=user%20generated%20content%20(ugc)&ep.content_number_of_characters=40&ep.content_channel=video&ep.content_page_format=embedplayer&ep.content_tags=%E0%B8%84%E0%B8%A5%E0%B8%B4%E0%B8%9B%E0%B8%99%E0%B9%88%E0%B8%B2%E0%B8%AA%E0%B8%99%E0%B9%83%E0%B8%88%2C%E0%B8%94%E0%B8%B9%E0%B8%94%E0%B8%A7%E0%B8%87%2CHoroscope%20Clip&ep.content_type=video&ep.adblock_tracker=false&ep.article_read=1&epn.user_non_personalized_ads=2&epn.percent_scrolled=90
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-M0RYDTKBFK&l=dataLayer&cx=c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 216.239.34.181 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 26 Jun 2023 03:55:56 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.sanook.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200 v1 Show response
lb.eu-1-id5-sync.com/lb/ 33 B
401 B 1416ms
133ms XHR
application/json 162.19.138.83
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://lb.eu-1-id5-sync.com/lb/v1

Requested by

Host: www.sanook.com
URL: https://www.sanook.com/women/220941/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.83 , France, ASN16276 (OVH, FR),

Reverse DNS

ns31532338.ip-162-19-138.eu

Software

Resource Hash

360c36943753e40918a6b878a7c06950ff1aefa4686b196d7815567428f03381

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://www.sanook.com/
accept-language: ka-GE,ka;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.sanook.com
date: Mon, 26 Jun 2023 03:55:58 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding: chunked
content-type: application/json;charset=UTF-8

POST
H2 204 perf Show response
il-trc-events.taboola.com/sanook/log/3/ 0
378 B 217ms
216ms XHR
text/plain 185.106.33.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://il-trc-events.taboola.com/sanook/log/3/perf?route=AM%3AIL%3AV&lti=vis-state-roll-disabled_ctrl
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/women/220941/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.sanook.com/
accept-language: ka-GE,ka;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://www.sanook.com
pragma: no-cache
date: Mon, 26 Jun 2023 03:55:57 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

POST
H/1.1 200 984.json Show response
id5-sync.com/g/v2/ 595 B
1 KB 275ms
140ms XHR
application/json 162.19.138.120
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/g/v2/984.json

Requested by

Host: www.sanook.com
URL: https://www.sanook.com/women/220941/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.120 , France, ASN16276 (OVH, FR),

Reverse DNS

ns31533571.ip-162-19-138.eu

Software

Resource Hash

0a02405feb706fcd8240ac4952b9a762168fec6278c3dbeaa828fad80deeed7d

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://www.sanook.com/
accept-language: ka-GE,ka;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 26 Jun 2023 03:55:58 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding: chunked
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://www.sanook.com
p3p: CP="CAO PSA OUR"
access-control-allow-credentials: true

GET
H3 200 sd
eu-u.openx.net/w/1.0/ Frame 5380 43 B
61 B 145ms
144ms Image
image/gif 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eu-u.openx.net/w/1.0/sd?id=539901412&val=d6827d6a-9bee-46dc-8c9e-acc4513cf588&gdpr=0&gdpr_consent=
Requested by: Host: d0d8b8e6b737a493004210cba1ad57b8.safeframe.googlesyndication.com
URL: https://d0d8b8e6b737a493004210cba1ad57b8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://d0d8b8e6b737a493004210cba1ad57b8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 26 Jun 2023 03:55:59 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 match
a4p.adpartner.pro/ssp/ Frame 5380 43 B
458 B 694ms
146ms Image
image/gif 51.83.220.94
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a4p.adpartner.pro/ssp/match?dsp_id=27&user_id=d6827d6a-9bee-46dc-8c9e-acc4513cf588
Requested by: Host: d0d8b8e6b737a493004210cba1ad57b8.safeframe.googlesyndication.com
URL: https://d0d8b8e6b737a493004210cba1ad57b8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 51.83.220.94 , France, ASN16276 (OVH, FR),
Reverse DNS: app-ngx-pl-03.adpartner.pro
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://d0d8b8e6b737a493004210cba1ad57b8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 26 Jun 2023 03:56:00 GMT
last-modified: Mon, 26 Jun 2023 03:56:00 GMT
server: nginx
content-type: image/gif
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0, no-store no-transform
content-length: 43
expires: Wed, 11 Nov 1998 11:11:11 GMT

GET
H3 200 pixel
cm.g.doubleclick.net/ Frame 5380 170 B
188 B 162ms
148ms Image
image/png 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=eskimi&google_hm=d6827d6a-9bee-46dc-8c9e-acc4513cf588

Requested by

Host: d0d8b8e6b737a493004210cba1ad57b8.safeframe.googlesyndication.com
URL: https://d0d8b8e6b737a493004210cba1ad57b8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://d0d8b8e6b737a493004210cba1ad57b8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 26 Jun 2023 03:55:59 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK tap.php
pixel.rubiconproject.com/ Frame 5380 42 B
722 B 581ms
145ms Image
image/gif 69.173.144.165
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=103804&nid=3846&put=d6827d6a-9bee-46dc-8c9e-acc4513cf588&expires=30
Requested by: Host: d0d8b8e6b737a493004210cba1ad57b8.safeframe.googlesyndication.com
URL: https://d0d8b8e6b737a493004210cba1ad57b8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://d0d8b8e6b737a493004210cba1ad57b8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 42
X-RPHost: 4cdacfaa68e4ab216fffbcc107c5b898
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2 204 /
csync.loopme.me/ Frame 5380 0
128 B 439ms
143ms Image
text/plain 35.214.142.213
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://csync.loopme.me/?partner_id=2157&gdpr=0&gdpr_consent=&uid=d6827d6a-9bee-46dc-8c9e-acc4513cf588
Requested by: Host: d0d8b8e6b737a493004210cba1ad57b8.safeframe.googlesyndication.com
URL: https://d0d8b8e6b737a493004210cba1ad57b8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.214.142.213 Groningen, Netherlands, ASN15169 (GOOGLE, US),
Reverse DNS: 213.142.214.35.bc.googleusercontent.com
Software: _ /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://d0d8b8e6b737a493004210cba1ad57b8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Jun 2023 03:56:00 GMT
server: _

GET
H2 200 sync
x.bidswitch.net/ Frame 5380 43 B
146 B 150ms
136ms Image
image/gif 18.197.205.97
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?dsp_id=364&user_id=d6827d6a-9bee-46dc-8c9e-acc4513cf588&expires=30&gdpr=0&gdpr_consent=
Requested by: Host: d0d8b8e6b737a493004210cba1ad57b8.safeframe.googlesyndication.com
URL: https://d0d8b8e6b737a493004210cba1ad57b8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.197.205.97 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-197-205-97.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://d0d8b8e6b737a493004210cba1ad57b8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Jun 2023 03:55:59 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
content-type: image/gif

GET
H2 200 /
s-cs.rmp.rakuten.com/ Frame 5380 43 B
274 B 921ms
141ms Image
image/gif 34.95.81.88
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-cs.rmp.rakuten.com/?d=23&uid=d6827d6a-9bee-46dc-8c9e-acc4513cf588
Requested by: Host: d0d8b8e6b737a493004210cba1ad57b8.safeframe.googlesyndication.com
URL: https://d0d8b8e6b737a493004210cba1ad57b8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.95.81.88 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 88.81.95.34.bc.googleusercontent.com
Software: /
Resource Hash: dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://d0d8b8e6b737a493004210cba1ad57b8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Jun 2023 03:56:00 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
content-type: image/gif

GET
H3 200 sd
eu-u.openx.net/w/1.0/ Frame 3D0E 43 B
61 B 157ms
145ms Image
image/gif 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eu-u.openx.net/w/1.0/sd?id=539901412&val=a6fdd2e5-e97e-4f70-a6e0-e99c659c01ed&gdpr=0&gdpr_consent=
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/women/220941/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://d0d8b8e6b737a493004210cba1ad57b8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 26 Jun 2023 03:55:59 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 match
a4p.adpartner.pro/ssp/ Frame 3D0E 43 B
457 B 692ms
147ms Image
image/gif 51.83.220.94
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a4p.adpartner.pro/ssp/match?dsp_id=27&user_id=a6fdd2e5-e97e-4f70-a6e0-e99c659c01ed
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/women/220941/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 51.83.220.94 , France, ASN16276 (OVH, FR),
Reverse DNS: app-ngx-pl-03.adpartner.pro
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://d0d8b8e6b737a493004210cba1ad57b8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 26 Jun 2023 03:56:00 GMT
last-modified: Mon, 26 Jun 2023 03:56:00 GMT
server: nginx
content-type: image/gif
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0, no-store no-transform
content-length: 43
expires: Wed, 11 Nov 1998 11:11:11 GMT

GET
H3 200 pixel
cm.g.doubleclick.net/ Frame 3D0E 170 B
188 B 161ms
149ms Image
image/png 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=eskimi&google_hm=a6fdd2e5-e97e-4f70-a6e0-e99c659c01ed

Requested by

Host: www.sanook.com
URL: https://www.sanook.com/women/220941/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://d0d8b8e6b737a493004210cba1ad57b8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 26 Jun 2023 03:55:59 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK tap.php
pixel.rubiconproject.com/ Frame 3D0E 42 B
722 B 582ms
144ms Image
image/gif 69.173.144.165
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=103804&nid=3846&put=a6fdd2e5-e97e-4f70-a6e0-e99c659c01ed&expires=30
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/women/220941/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://d0d8b8e6b737a493004210cba1ad57b8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 42
X-RPHost: 4cdacfaa68e4ab216fffbcc107c5b898
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2 204 /
csync.loopme.me/ Frame 3D0E 0
127 B 436ms
144ms Image
text/plain 35.214.142.213
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://csync.loopme.me/?partner_id=2157&gdpr=0&gdpr_consent=&uid=a6fdd2e5-e97e-4f70-a6e0-e99c659c01ed
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/women/220941/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.214.142.213 Groningen, Netherlands, ASN15169 (GOOGLE, US),
Reverse DNS: 213.142.214.35.bc.googleusercontent.com
Software: _ /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://d0d8b8e6b737a493004210cba1ad57b8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Jun 2023 03:56:00 GMT
server: _

GET
H2 200 sync
x.bidswitch.net/ Frame 3D0E 43 B
146 B 148ms
136ms Image
image/gif 18.197.205.97
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?dsp_id=364&user_id=a6fdd2e5-e97e-4f70-a6e0-e99c659c01ed&expires=30&gdpr=0&gdpr_consent=
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/women/220941/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.197.205.97 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-197-205-97.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://d0d8b8e6b737a493004210cba1ad57b8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Jun 2023 03:55:59 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
content-type: image/gif

GET
H2 200 /
s-cs.rmp.rakuten.com/ Frame 3D0E 43 B
209 B 920ms
143ms Image
image/gif 34.95.81.88
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-cs.rmp.rakuten.com/?d=23&uid=a6fdd2e5-e97e-4f70-a6e0-e99c659c01ed
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/women/220941/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.95.81.88 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 88.81.95.34.bc.googleusercontent.com
Software: /
Resource Hash: dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://d0d8b8e6b737a493004210cba1ad57b8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Jun 2023 03:56:00 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
content-type: image/gif

GET
H2 200 nr-1071.min.js Show response
js-agent.newrelic.com/ Frame E81E 23 KB
9 KB 413ms
132ms Script
application/javascript 151.101.194.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js-agent.newrelic.com/nr-1071.min.js

Requested by

Host: www.sanook.com
URL: https://www.sanook.com/video/embed/clip/1537512/?playerType=video-js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.194.137 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

56097e8b7ceb27db42a5e102af6d11dfdcaee13d8716477a8e242b4957d7a280

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
via: 1.1 varnish
date: Mon, 26 Jun 2023 03:56:00 GMT
strict-transport-security: max-age=300
x-amz-request-id: REHDDNEGQVKDK3GF
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 9086
x-amz-id-2: PMa5QbiAbbCx1TauGiZDZqVnyP5J/VoWkRbRL8Ak3j2D/CBp4+STKjGnEayVJZIUBQdOI9g84vM=
x-served-by: cache-mxp6954-MXP
last-modified: Wed, 28 Feb 2018 23:33:31 GMT
server: AmazonS3
x-timer: S1687751760.147021,VS0,VE0
etag: "a1a545c95f313a230157b47dca555c25"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 3

GET
H/1.1 200
OK 8f062114d3 Show response
bam.nr-data.net/1/ Frame E81E 57 B
555 B 700ms
262ms Script
text/javascript 162.247.241.14
NEWRELIC-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://bam.nr-data.net/1/8f062114d3?a=50891400&sa=1&v=1071.385e752&t=Unnamed%20Transaction&rst=11779&ref=https://www.sanook.com/video/embed/clip/1537512/&be=586&fe=11343&dc=1520&af=err,xhr,stn,ins&perf=%7B%22timing%22:%7B%22of%22:1687751748459,%22n%22:0,%22f%22:0,%22dn%22:0,%22dne%22:0,%22c%22:0,%22ce%22:0,%22rq%22:2,%22rp%22:337,%22rpe%22:338,%22dl%22:399,%22di%22:684,%22ds%22:1519,%22de%22:1519,%22dc%22:11342,%22l%22:11342,%22le%22:11344%7D,%22navigation%22:%7B%7D%7D&jsonp=NREUM.setToken
Requested by: Host: js-agent.newrelic.com
URL: https://js-agent.newrelic.com/nr-1071.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.247.241.14 , United States, ASN23467 (NEWRELIC-AS-1, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5e864c2e3f674c60970513411eaeeeafd2d615d842e65ec01d09ccfcb4a7b38d

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 26 Jun 2023 03:56:00 GMT
Content-Encoding: gzip
CF-Cache-Status: DYNAMIC
Server: cloudflare
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/javascript;charset=iso-8859-1
cross-origin-resource-policy: cross-origin
Connection: keep-alive
CF-Ray: 7dd284987da82dcb-TBS
Expires: Thu, 01 Jan 1970 00:00:00 GMT

POST
H2 200 VideoBidRequestHandlerServlet Show response
am-wf.taboola.com/ 3 KB
1 KB 396ms
390ms XHR
application/json 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://am-wf.taboola.com/VideoBidRequestHandlerServlet?oid=15&width=357&height=200&pubid=169497&tagid=953497&crid=-1&noaop=3&sortOrderType=0&cb=1687751761334&mimes=5,10,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=3&pv=134538391&pt=-1864809162&tz=0&viewable=true&ddast=V8QL8CLAYUpbN0tncZThAoSmfpbO8ynCgAAABgYED8AAksPK6JYWFaSwaDwVo0si3cwtHEs5YNF6uVaWGyGGemISCBhcc1MSxMa8lgMFiLRraFWziaeNay4WK1Mi1MFuPMNAUfxnKZDGqBhGX2-w4KyunpMbsMoqLrbbE7nGbPG5Cg6XT4XPd63e931zzsfr_XrvG7_bq_22X3SyaD5WixlwMAAACAB_____8QAAAAACIAAAAASAAAAACgEFDh34LABQAAAAAM_____xoAnjgc0MVpdnqe_gAAAAAAAgAAAIAEAEHHWgkAC6yqE___________MQboM29k_P___98w6AHw4APgQQgAAIDHEMwwPu0Hf5RlIgXSRRgBAAAA2Hp3rj4ySSeoWFT5___vtwJwBQAgALH-Ot03i-6gxFsYAAAAgTEL9LD4_WaHXeN3u8z_________v5n_M_9ohEyEH9MIzUSxq_kFBABY8wsIAMBG3QAAvAmAE3QIWjEYrM5ArlazAwAAAHDn____Xw-IWQzLyczlmxhHu83MtDG5jKuRbWJbGTaOxcRm8p5Ut-Ur9rj58j4hwjL7fQcF5fT0mF0GUdH1ttgdTrPnID5oGJaTQTQ_E7YYrSaTzXI4Wy4mg-FoOBrtjwAuB2giBsvlZLKY7Faj1Wgz3I1mgwUSiMEEUbRoMFmNRpPFZLgaTVaz5WK32yCKVq1mo81guJpNZrvdajgYLkcjNGGL0Woy2SyHs-ViMhiOhqPREMHMZjBx7QaLtWo4sa1Fw8HCrRwMl2uNyWLZjBwTj2lmc4teH9PFOVkuNp4tEgzw2IvkaZFORCOTaeJcDpbLkcM2GdkWi81gMPEYd4PdbmVZzSZiieZkkU5kl33NYlhOZi7fxDjabWamjcllXI1sE9vKsHEsJjaTv7MZTFy7wWKtGk5sa9FwsHArB8PlWmOyWDYjx8RjmtncotfHdHFOlouNZ9-YDXe71WI32u0bs-Fut1rsRrt9h87wXX3ORs_lYO4IhUZnNhu0OQ0Kl8HinapX32hndhD9pkWnTKZWFnRGv9_v9_v9fr_f7zdoPQezQeF7Hv7C6WN5Loez0YPYoFDEEsFFOtE87H6_1yKWKE0X6USv-7tddr9kMliOFhOxRHC6SCeil_F0Uf-RQy7mks1yLhnM5pLFZpUAAAAAAAAAACzBJNNNAAAAAJwMZLac7VbrdBCj2Wg0WC0XwANcgC5gEAAAAAAAgGKNPWYwD7vf77UyAAjBbGabfUYQa7Va1gAAAASwAQAABHDTjTcBqlDc_____zgAAAAycugBAACI7wMCwoxaL_TA5VcQi8FutX8AKsRarVa3G2u1Wg!&proto=2,3,5,6&encoded=1&pstn=vforce2&callback=&wfv=1&amp=0&qsz=6&ft=0&pb=0&pagg=1&sd=undefined&ctsldr=0&dtagid=1464405&dpubid=269675&abtst=nonrv_vA!t120!tbt_player!ufm_vA&mPre=0.033&cirf=https%3A%2F%2Fwww.sanook.com&en=1&panid=873c5bad2b7f16ebd06e2c2630f2a9fb927a2c1d0d892fb577e429f8df418836
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/women/220941/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: de9c89e4a4210f4beb39842a94ea4ee924d07d3aba3b64ab41281f21c2d7b691

Request headers

Referer: https://www.sanook.com/
accept-language: ka-GE,ka;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type: text/plain

Response headers

pragma: no-cache
date: Mon, 26 Jun 2023 03:56:01 GMT
content-encoding: gzip
server: nginx
machineid: 1419
vary: Accept-Encoding
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.sanook.com
cache-control: no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
access-control-allow-credentials: true
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2 204 debug
il-trc-events.taboola.com/sanook/log/2/ 0
89 B 188ms
186ms Image
text/plain 185.106.33.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://il-trc-events.taboola.com/sanook/log/2/debug?tim=03%3A56%3A02.848&type=info&msg=FPO%20completed%20running&llvl=2&id=4440&cv=20230620-21-RELEASE&lt=vis-state-roll-disabled_ctrl&pct=1
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/women/220941/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Jun 2023 03:56:02 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 120724

GET
H2 204 social
il-trc-events.taboola.com/sanook/log/3/ 0
362 B 189ms
188ms Image
text/plain 185.106.33.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://il-trc-events.taboola.com/sanook/log/3/social?route=AM:IL:V&lti=vis-state-roll-disabled_ctrl&ri=4dd4b99099da62d611300bc87077e256&sd=v2_fb092fe7b8473f4cde85d6b6e0c11bfd_330b5701-58b6-480a-9089-cdb23d1bc4ff-tuctb9291c3_1687751747_1687751747_CNawjgYQgeA9GPPQ366PMSABKAEwTzj74glAho4QSLLZ2ANQ____________AVgAYABosa_ptcr9986tAXAB&ui=330b5701-58b6-480a-9089-cdb23d1bc4ff-tuctb9291c3&pi=/women/220941&wi=-3636414332327407013&pt=text&vi=1687751747699&st=social-available&d=%7B%22data%22%3A%5B%7B%22i%22%3A%22w%22%2C%22tp%22%3A%22like%22%2C%22nm%22%3A%22facebook%22%2C%22c%22%3A1%2C%22m%22%3A%22stp%22%7D%2C%7B%22i%22%3A%22ctx%22%2C%22ism%22%3Afalse%2C%22srx%22%3A1600%2C%22sry%22%3A1200%2C%22pd%22%3Anull%2C%22tpl%22%3A%22%22%2C%22url%22%3A%22https%3A%2F%2Fwww.sanook.com%2Fwomen%2F220941%22%2C%22rref%22%3A%22%22%2C%22sref%22%3A%22%22%2C%22hdl%22%3A%22%E2%80%9C%E0%B8%89%E0%B8%B2%E0%B8%81%E0%B8%81%E0%B8%B1%E0%B9%89%E0%B8%99%E0%B9%82%E0%B8%84%E0%B8%A7%E0%B8%B4%E0%B8%94-19%E2%80%9D%20%E0%B8%AD%E0%B8%A2%E0%B8%B2%E0%B8%81%E0%B9%84%E0%B8%94%E0%B9%89%20%E0%B8%97%E0%B8%B3%E0%B9%80%E0%B8%AD%E0%B8%87%20%E0%B8%AB%E0%B8%A3%E0%B8%B7%E0%B8%AD%E0%B8%97%E0%B8%B5%E0%B9%88%E0%B9%84%E0%B8%AB%E0%B8%99%E0%B8%A1%E0%B8%B5%E0%B8%82%E0%B8%B2%E0%B8%A2%E0%B8%9A%E0%B9%89%E0%B8%B2%E0%B8%87%22%2C%22sec%22%3A%22Baby%27s%20Food%2CBeauty%2CBeauty%2CBeverage%2CBobbi%20Brown%2CBusiness%20Owners%2CChanel%2CClinique%2CCoffee%2CCooking%2CDessert%2CDining%2CEstee%20Lauder%2CFamily%2CFashion%2CFashion%20Trends%2CFitness%2CFood%2CHair%2CHealth%2CJewelry%2CLancome%2CLaneige%2CLoreal%2CMake%20up%2CNew%20Mom%2COOTD%2CParenting%2CPregnant%2CRecipe%2CRecipe%2CRestaurant%2CSKII%2CShiseido%2CSingle%20Mom%2CSkin%20Care%2CSurgery%2CWomen%22%2C%22aut%22%3A%5B%22S!%20Women%20(Rewrite)%22%5D%2C%22img%22%3A%22https%3A%2F%2Fs.isanook.com%2Fwo%2F0%2Fud%2F44%2F220941%2F220941-thumbnail.jpg%22%2C%22v%22%3A15%2C%22pw%22%3Afalse%7D%5D%7D&tim=03%3A56%3A02.859&id=5325&llvl=2&cv=20230620-21-RELEASE&
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/women/220941/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Mon, 26 Jun 2023 03:56:02 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: d5p.de17a.com
URL: https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID

Domain: cms.quantserve.com
URL: https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=

Domain: api.rlcdn.com
URL: https://api.rlcdn.com/api/identity/envelope?pid=1258

Domain: tg.socdm.com
URL: https://tg.socdm.com/aux/idsync?proto=taboola

Domain: ih.adscale.de
URL: https://ih.adscale.de/su?gdpr=0&gdpr_consent=&tpid=22688&cburl=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fstroerrtbeur-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D__STROEER_USER_ID__

Domain: trace.mediago.io
URL: https://trace.mediago.io/ju/cs/taboola

Domain: rtb.openx.net
URL: https://rtb.openx.net/sync/dds?google_gid=CAESEE5KU74Mc1L6qXJdSXnrETA&google_cver=1&google_push=ATf1kGO55eT7NnxWtSLYPiduyDx93AoEvyyWTh98cPtMmOz7ndDGRoNVnGPFfsUZ0N7-hMRdmYKqTsFWesrfpZOjX1uRbKPsWNfr

Domain: onetag-sys.com
URL: https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESENptbnWVgmsDSRCLdVjq6oo&google_cver=1&google_push=ATf1kGN7x5D9b0EAIe_3-DBxOlpVNiCb_VuEC7Y8smPsz6xh3ev4ZRAw0nz0ADh8j1jYmsjWvQU1YQ1wO1u_fsFxg0ONT7qDzxoo

Domain: rtb.openx.net
URL: https://rtb.openx.net/sync/dds?google_gid=CAESEE5KU74Mc1L6qXJdSXnrETA&google_cver=1&google_push=ATf1kGNACiQoNfJ6H-jMGyZwQvWV5f2T29CoWK_90HpZyYqhNnrqzKLLz9rr_abX9-WMTpZBF8pM1uLp0tp-iGOZOXBQXoAvOLiY

Domain: cms.quantserve.com
URL: https://cms.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=0

Domain: onetag-sys.com
URL: https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESENptbnWVgmsDSRCLdVjq6oo&google_cver=1&google_push=ATf1kGMJxGeQXNKsEyYrZqKaUfjrgoge68dpE6y5oXCljdzB6auHAzl4dFC1yT5zD_gpO0XndfEt8w7AU79eLy_CKEw9ueFybnk9ZQ

Domain: cms.quantserve.com
URL: https://cms.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=0

Domain: core.iprom.net
URL: https://core.iprom.net/cookiesync?gdpr=0&gdpr_consent=

Domain: core.iprom.net
URL: https://core.iprom.net/cookiesync?gdpr=0&gdpr_consent=

Domain: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstMzYFPAD1SnFNFBgcALnReyhsHJnVL7GUtLoLE9afapQTaoFcOsIJV8F1Sizbrn6AWBq7j121PFgKALomLM7S_y6u-yPza8u4quEGsM8TzH4p6fspP&sig=Cg0ArKJSzLt6HfKGVOMHEAE&id=lidartos&mcvt=0&p=0,0,0,0&mtos=0,0,0,0,0&tos=0,0,0,0,0&v=20230621&bin=7&avms=nio&bs=1600,1200&mc=0&vu=1&app=0&itpl=19&adk=1396602897&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=3&r=b&rst=1687751749667&rpt=1704&isd=0&lsd=0&ec=1&met=ce&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=14

Domain: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvA8YmC3trkgo47NSOCpfg33SOU44X468lXLHjVDkfM7dEUNUHHfChuV435efv3fYqIWUFKg-llbtX3L7pXW_j_9D7XseijvFuMq1XjduWIfysu7Krq&sig=Cg0ArKJSzOOPxWBiHyd9EAE&id=lidartos&mcvt=0&p=0,0,0,0&mtos=0,0,0,0,0&tos=0,0,0,0,0&v=20230621&bin=7&avms=nio&bs=1600,1200&mc=0&vu=1&app=0&itpl=19&adk=178697795&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=3&r=b&rst=1687751752132&rpt=588&isd=0&lsd=0&ec=1&met=ce&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=14

Verdicts & Comments Add Verdict or Comment

802 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

181 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.sanook.com/women/220941	1969-12-31 23:59:59	Name: verify Value: test
.taboola.com/sanook/	1969-12-31 23:59:59	Name: taboola_session_id Value: v2_fb092fe7b8473f4cde85d6b6e0c11bfd_330b5701-58b6-480a-9089-cdb23d1bc4ff-tuctb9291c3_1687751747_1687751747_CNawjgYQgeA9GPPQ366PMSABKAEwTzj74glAho4QSLLZ2ANQ____________AVgAYABosa_ptcr9986tAXAB
.sanook.com/	1970-01-20 14:58:47	Name: _gcl_au Value: 1.1.1312455546.1687751746
.sanook.com/	1970-01-20 14:58:47	Name: _fbp Value: fb.1.1687751745900.417076920
.sanook.com/	1969-12-31 23:59:59	Name: _cbclose Value: 1
.sanook.com/	1969-12-31 23:59:59	Name: _cbclose45879 Value: 1
.sanook.com/	1970-01-20 21:34:47	Name: _uid45879 Value: 2AFC8DE8.1
.sanook.com/	1970-01-20 12:49:12	Name: _ctout45879 Value: 1
.doubleclick.net/	1970-01-20 22:25:11	Name: IDE Value: AHWqTUldEptwAK9AOyImNbMeLUbUkJzpYZruol2LFzWsMtgOgRVbVlz2gIMqKcn9
.sanook.com/	1970-01-20 21:34:47	Name: sa_optout Value: 2
.sanook.com/	1970-01-20 21:34:47	Name: dc_optout Value: 2
.sanook.com/	1970-01-20 21:34:47	Name: ads_optout Value: 2
.sanook.com/	1970-01-20 12:50:38	Name: _gid Value: GA1.2.1856301452.1687751747
.sanook.com/	1970-01-20 12:49:11	Name: _gat_UA-8147095-6 Value: 1
www.sanook.com/	1970-01-20 13:32:23	Name: _pbjs_userid_consent_data Value: 3524755945110770
.scorecardresearch.com/	1970-01-20 22:25:11	Name: UID Value: 1C03d0ca23053d7bb399d3d1687751747
.izooto.com/	1970-01-20 22:25:11	Name: IZCID Value: 60a87b21-3c88-4381-a023-c7c56a9fdcc0
.criteo.com/	1970-01-20 22:10:47	Name: uid Value: 23147ba8-9dce-4280-9b33-0326e7f1884a
.www.sanook.com/	1970-01-20 12:50:38	Name: freq.5f73e63e47e7040e00000000 Value: 1
.sanook.com/	1970-01-20 22:10:47	Name: cto_bundle Value: eCWlIF9PTW1uZmZLJTJCbTB4eFg5Y1NNQnRxdHRjMW5tSUo1ZVI0Mk9LeEpHUzhLdEZaU09RWWUlMkY0SFlVSyUyQnVrb2hyODFVbHAxVjdpeGRzNzV0bjQwcE9Mb2tWdEk4VWJnYmhKclN6c3ZUYSUyQmpXT0dKWjhDRU9YMld6NUhrZUhzY1VSZWs1TEF2UlpFTHQ4a2RwalRxaFRGVXlkUSUzRCUzRA
.sanook.com/	1970-01-20 22:25:11	Name: _sa Value: SA1.2.1893576059.1687751748
.innity.com/	1970-01-20 22:25:11	Name: iUUID Value: 67ac1c270c2e1f591648c9eeff45189b
.sanook.com/	1970-01-20 22:25:11	Name: iUUID Value: 67ac1c270c2e1f591648c9eeff45189b
.sanook.com/	1970-01-20 12:49:13	Name: innity.dmp.225.sess.id Value: 261462602.225.1687751748749
.sanook.com/	1970-01-20 12:50:38	Name: innity.dmp.cks.innity Value: 1
.taboola.com/	1970-01-20 21:34:47	Name: t_gid Value: 330b5701-58b6-480a-9089-cdb23d1bc4ff-tuctb9291c3
www.sanook.com/	1970-01-20 21:34:47	Name: trc_cookie_storage Value: taboola%2520global%253Auser-id%3D330b5701-58b6-480a-9089-cdb23d1bc4ff-tuctb9291c3
.teads.tv/	1970-01-20 21:33:21	Name: tt_viewer Value: 96049c1b-440a-473e-a196-583506671acd
avd.innity.com/	1970-01-20 12:50:38	Name: geo Value: AS%3BGeorgia%3BGE%3B%3B%3B
.sanook.com/	1970-01-20 22:10:47	Name: __gads Value: ID=cf0ad2e6d8320016:T=1687751749:RT=1687751749:S=ALNI_MaJaiBOdaDQyIg_jt_1XuMZRzmQfw
.sanook.com/	1970-01-20 22:10:47	Name: __gpi Value: UID=00000c346cf2c846:T=1687751749:RT=1687751749:S=ALNI_MbWOGc5CH7c9vkHXYk_cASCwasBAA
.pubmatic.com/	1970-01-20 21:34:47	Name: KADUSERCOOKIE Value: B7B76140-5686-45C7-BDB2-CE3A35903DE0
.openx.net/	1970-01-20 21:34:47	Name: i Value: 5c6018af-964c-41fa-8681-b808826972f2\|1687751750
.bidswitch.net/	1970-01-20 21:34:47	Name: tuuid Value: c34bfbe5-d3c8-4220-bb90-84a9e8560152
.bidswitch.net/	1970-01-20 21:34:47	Name: c Value: 1687751750
.adsrvr.org/	1970-01-20 21:36:14	Name: TDID Value: 5e7202d9-6874-499f-945e-f77f754f1896
.crwdcntrl.net/	1970-01-20 19:17:56	Name: _cc_dc Value: 1
.crwdcntrl.net/	1970-01-20 19:17:56	Name: _cc_id Value: eb6079d1e598c4acd9508a7f7c38cd63
.adform.net/	1970-01-20 13:32:23	Name: C Value: 1
www.sanook.com/	1970-01-20 12:49:15	Name: _lr_retry_request Value: true
www.sanook.com/	1970-01-20 13:32:23	Name: _lr_env_src_ats Value: false
.sanook.com/	1970-01-20 19:17:59	Name: _cc_id Value: eb6079d1e598c4acd9508a7f7c38cd63
.mathtag.com/	1970-01-20 22:15:06	Name: uuid Value: ee416499-0c47-4900-9866-75ceeafb321f
.bidswitch.net/	1970-01-20 21:34:47	Name: tuuid_lu Value: 1687751751
.crwdcntrl.net/	1970-01-20 19:17:59	Name: _cc_aud Value: "ABR4XmNgYGBImcnjDqSgAAAQ7AFR"
.adform.net/	1970-01-20 14:15:35	Name: uid Value: 976055358127449841
.casalemedia.com/	1970-01-20 21:34:47	Name: CMID Value: ZJkMRw7ibFhG2uyiH-3BUQAA
.casalemedia.com/	1970-01-20 14:58:47	Name: CMPS Value: 5142
.casalemedia.com/	1970-01-20 14:58:47	Name: CMPRO Value: 5142
.yahoo.com/	1970-01-20 21:35:09	Name: A3 Value: d=AQABBEcMmWQCEK8S0Qy1eJxNh-DpQ5cWJMcFEgEBAQFdmmSiZEfWPzIB_eMAAA&S=AQAAAru54U0X02Ru8fF089h0-jw
.analytics.yahoo.com/	1970-01-20 21:34:47	Name: IDSYNC Value: 18z8~2cff
.sanook.com/	1970-01-20 22:25:11	Name: _ga Value: GA1.1.829687064.1687751747
.sanook.com/	1970-01-20 12:50:38	Name: panoramaId_expiry Value: 1687838151199
.sanook.com/	1970-01-20 12:50:38	Name: panoramaId Value: 873c5bad2b7f16ebd06e2c2630f2a9fb927a2c1d0d892fb577e429f8df418836
www.sanook.com/	1970-01-20 14:15:35	Name: pubmatic-unifiedid Value: %7B%22TDID%22%3A%225e7202d9-6874-499f-945e-f77f754f1896%22%2C%22TDID_LOOKUP%22%3A%22TRUE%22%2C%22TDID_CREATED_AT%22%3A%222023-05-26T03%3A55%3A51%22%7D
.lijit.com/	1970-01-20 21:34:47	Name: ljt_reader Value: G4NrsQZHRl36T6v3QlqSEEim
.sanook.com/	1970-01-20 22:25:11	Name: _ga_M0RYDTKBFK Value: GS1.1.1687751747.1.1.1687751751.56.0.0
.sanook.com/	1970-01-20 12:49:13	Name: innity.dmp.225.sess Value: 2.1687751748749.1687751748749.1687751751625
.lijit.com/	1970-01-20 21:34:47	Name: _ljtrtb_42 Value: 330b5701-58b6-480a-9089-cdb23d1bc4ff-tuctb9291c3
.openx.net/	1970-01-20 13:10:47	Name: pd Value: v2\|1687751752\|gen0vNiygu
.bidswitch.net/	1970-01-20 12:49:12	Name: google_push Value: ATf1kGMH-Nk7uFaL3mmX_F0gsYNksxPTQbFEDUq2WnzkBDN5i1dCzYHs1tgd9KVZX7DJ2G4cdvFxkEXwD3qxaO3IPao1IEPPzgts
.mfadsrvr.com/	1970-01-20 22:25:11	Name: c Value: 1687751752
.mfadsrvr.com/	1970-01-20 22:25:11	Name: tuuid_lu Value: 1687751752
.pubmatic.com/	1970-01-20 13:32:23	Name: KRTBCOOKIE_80 Value: 16514-CAESEGWRv0GZWp5Q9lfvJtOlbtY&KRTB&22987-CAESEGWRv0GZWp5Q9lfvJtOlbtY&KRTB&23025-CAESEGWRv0GZWp5Q9lfvJtOlbtY&KRTB&23386-CAESEGWRv0GZWp5Q9lfvJtOlbtY
.bidr.io/	1970-01-20 22:17:45	Name: bitoIsSecure Value: ok
.openx.net/	1970-01-20 13:10:47	Name: univ_id Value: 537072971\|5e7202d9-6874-499f-945e-f77f754f1896\|1687751752538486
.mfadsrvr.com/	1970-01-20 22:25:11	Name: tuuid Value: 804f59f7-bc60-484a-9eed-7698cacb7469
.mfadsrvr.com/	1970-01-20 22:25:11	Name: ssh Value: !taboola,1687751752
.bumlam.com/	1970-01-20 22:25:11	Name: suuid3 Value: IiQ1ODY1YzMzMi0xM2Q1LTExZWUtODZlMC0wMDI1OTBjMDY0N2M*
.audrte.com/	1970-01-20 13:10:47	Name: arcki2 Value: 348wjCTU7ORQuev1--pH3p1og!20220908!1687751752704!ip#91.239.206.213
.audrte.com/	1970-01-20 13:10:47	Name: arcki2_pubmatic Value: B7B76140-5686-45C7-BDB2-CE3A35903DE0!20220908!1687751752708
.pubmatic.com/	1970-01-20 13:32:23	Name: KRTBCOOKIE_27 Value: 16735-uid:ee416499-0c47-4900-9866-75ceeafb321f&KRTB&16736-uid:ee416499-0c47-4900-9866-75ceeafb321f&KRTB&23019-uid:ee416499-0c47-4900-9866-75ceeafb321f&KRTB&23114-uid:ee416499-0c47-4900-9866-75ceeafb321f
.pubmatic.com/	1970-01-20 13:32:23	Name: KRTBCOOKIE_377 Value: 6810-5e7202d9-6874-499f-945e-f77f754f1896&KRTB&22918-5e7202d9-6874-499f-945e-f77f754f1896&KRTB&22926-5e7202d9-6874-499f-945e-f77f754f1896&KRTB&23031-5e7202d9-6874-499f-945e-f77f754f1896
.pubmatic.com/	1970-01-20 13:32:23	Name: KRTBCOOKIE_391 Value: 22924-976055358127449841&KRTB&23263-976055358127449841&KRTB&23481-976055358127449841
.pubmatic.com/	1970-01-20 14:58:47	Name: DPSync3 Value: 1688947200%3A235_227_226_219_197_201_245_241
.pubmatic.com/	1970-01-20 14:58:47	Name: SyncRTB3 Value: 1688947200%3A56_55_81_249_176_161_46_71_54_243_166_7_3_234_238_88_233_21_13_22_8_165_254_99_204_251_214_220%7C1688342400%3A15_223_2%7C1690329600%3A203%7C1688601600%3A63%7C1692921600%3A69%7C1689033600%3A35
.bidr.io/	1970-01-20 22:17:45	Name: bito Value: AAAaCk7JMhkAACA-NRli0w
.audrte.com/	1970-01-20 13:10:47	Name: arcki2_ddp2 Value: 348wjCTU7ORQuev1--pH3p1og!20220908!1687751753140
.dotomi.com/	1970-01-20 12:49:11	Name: DotomiTest Value: 7cac6b470cb5240e
.pubmatic.com/	1970-01-20 13:32:23	Name: KRTBCOOKIE_466 Value: 16530-c34bfbe5-d3c8-4220-bb90-84a9e8560152
.pubmatic.com/	1970-01-20 14:58:47	Name: KRTBCOOKIE_699 Value: 22727-AAAaCk7JMhkAACA-NRli0w
.zeotap.com/	1970-01-20 21:34:47	Name: zc Value: a8ac3d4d-87d7-4f06-4c69-6ba801c2667f
.sanook.com/	1970-01-20 21:34:47	Name: FCNEC Value: %5B%5B%22AKsRol_i_uKVn6dsrd-1kZ4Nu2_A1f-hnL1QHsPjqdmzbuzc7iCdfa3hjXw_pk6oJIR11h6l4jgxDLmNGSZ9roEHUUhp9mrfkj5Lv-qCRolFftt5T9rH3St4F_RtXEZExsFJHXDhZmZmFLHbeeVw6CpH7lcZEkjDqw%3D%3D%22%5D%2Cnull%2C%5B%5D%5D
.3lift.com/	1970-01-20 14:58:47	Name: tluid Value: 3558115258327416138625
.go.sonobi.com/	1970-01-20 13:32:23	Name: __uis Value: 57439a8a-80a9-45d0-800e-78cd74cabc7e
.go.sonobi.com/	1969-12-31 23:59:59	Name: HAPLB8S Value: s8591\|ZJkMT
.rqtrk.eu/	1970-01-20 12:59:16	Name: browser_id Value: 1:443506a5-75c4-42cd-9bb5-5c940b860e25
.everesttech.net/	1970-01-20 21:34:47	Name: everest_g_v2 Value: g_surferid~ZJkMSQAUrCqqsQBa
.gammaplatform.com/	1970-01-20 12:50:38	Name: _aGeoIp Value: GB\|Walton_le_Dale
.tribalfusion.com/	1970-01-20 14:58:47	Name: ANON_ID Value: axnsIHsKBRhFmDqU7pumlgAGJt5PCqkbZa91rMHmUqEwab55HnQ56xa9ERGo7ZbZbFZavv9b1Zb3WYNZcgrnPGaCMiCl69
.onaudience.com/	1970-01-20 12:50:38	Name: done_redirects104 Value: 1
.adkernel.com/	1970-01-20 13:32:23	Name: ADKUID Value: A7818322809194813312
.crwdcntrl.net/	1969-12-31 23:59:59	Name: _cc_cc Value: ctst
.ctnsnet.com/	1970-01-20 21:34:47	Name: cid_a371041e41ee494082a2fcfd4159d57e Value: 1
.ctnsnet.com/	1970-01-20 21:34:47	Name: cid_dac93c5af3b4476186a65ef57432e39b Value: 1
.ctnsnet.com/	1970-01-20 21:34:47	Name: cid_197f7148295c4edd871cf930bf7940ab Value: 1
.rfihub.com/	1970-01-20 22:10:47	Name: eud Value: H4sIAAAAAAAA_9vEyGtoZmFubmpobmpiYmgAAGey-rQQAAAA
.rfihub.com/	1969-12-31 23:59:59	Name: ruds Value: H4sIAAAAAAAA_-MSNjU0MTCwMLE0MrUwsjA3MTQyMRPiM9QNcQz2LUrOsCgvdfMFANUIvpslAAAA
.rfihub.com/	1970-01-20 22:10:47	Name: rud Value: H4sIAAAAAAAA_-MSNjU0MTCwMLE0MrUwsjA3MTQyMRPiM9QNcQz2LUrOsCgvdfMFANUIvpslAAAA
.onaudience.com/	1970-01-20 21:34:47	Name: cookie Value: 138885ac5e081557
.gammaplatform.com/	1970-01-20 22:25:11	Name: _aUID Value: a6tml745w70l
.sitescout.com/	1970-01-20 21:34:47	Name: ssi Value: a916684b-f1ee-4080-9a73-71a298175d5e#1687751754533
.pubmatic.com/	1970-01-20 13:32:23	Name: KRTBCOOKIE_18 Value: 22947-5140084925828741246
.amazon-adsystem.com/	1970-01-20 17:21:21	Name: ad-id Value: A1OCdCn3y07ugPfG3Rp1G4c
.amazon-adsystem.com/	1970-01-20 22:25:11	Name: ad-privacy Value: 0
.pubmatic.com/	1970-01-20 13:32:23	Name: KRTBCOOKIE_1310 Value: 23431-a6tml745w70l&KRTB&23446-a6tml745w70l&KRTB&23465-a6tml745w70l
ads.playground.xyz/	1970-01-20 12:58:03	Name: connect.sid Value: s%3APPfoxXIB8qb6UFDeyPNb3l1vsWfkXv3_.wolNffmCwGkvkv9usl2lQf4%2BT59Mltx1iqrACpckE1g
.yandex.ru/	1970-01-20 22:25:11	Name: yuidss Value: 7693006451687751754
.yandex.ru/	1970-01-20 22:25:11	Name: yandexuid Value: 7693006451687751754
.rubiconproject.com/	1970-01-20 21:34:47	Name: khaos Value: LJCBTGRE-O-6ART
.adx.opera.com/	1970-01-20 21:34:47	Name: UID Value: OPU0871f15e85b843abbda74881417f8cbc
.pubmatic.com/	1970-01-20 14:58:47	Name: KRTBCOOKIE_32 Value: 11175-AAAM-uDbUM85CwNhGQY6AAAAAAA&KRTB&22713-AAAM-uDbUM85CwNhGQY6AAAAAAA&KRTB&22715-AAAM-uDbUM85CwNhGQY6AAAAAAA
.sitescout.com/	1970-01-20 13:32:23	Name: _ssuma Value: eyI0NSI6MTY4Nzc1MTc1NTMxMn0
.pubmatic.com/	1970-01-20 13:32:23	Name: SPugT Value: 1687751753
.e-volution.ai/	1970-01-20 13:09:21	Name: ADK_EX_193 Value: 1
.pubmatic.com/	1970-01-20 14:58:47	Name: KRTBCOOKIE_188 Value: 3189-a916684b-f1ee-4080-9a73-71a298175d5e-64990c4a-4745&KRTB&23418-a916684b-f1ee-4080-9a73-71a298175d5e-64990c4a-4745
.onaudience.com/	1970-01-20 12:50:38	Name: done_redirects147 Value: 1
.e-volution.ai/	1970-01-20 13:32:23	Name: ADKUID Value: A7818322809194813312
.semasio.net/	1970-01-20 21:34:47	Name: SEUNCY Value: 56ACE7A46C11F6E3
.adsby.bidtheatre.com/	1970-01-20 12:59:16	Name: __kuid Value: a4def9fa-76ee-464c-9d3b-a544bf32ab96.456965755
.onaudience.com/	1970-01-20 12:50:38	Name: done_redirects200 Value: 1
.audrte.com/	1970-01-20 13:10:47	Name: arcki2_adform Value: 976055358127449841!20220908!1687751755755
.onaudience.com/	1970-01-20 12:50:38	Name: done_redirects282 Value: 1
.onaudience.com/	1970-01-20 12:50:38	Name: done_redirects219 Value: 1
.pubmatic.com/	1970-01-20 14:58:47	Name: KRTBCOOKIE_57 Value: 22776-8739825237432947340&KRTB&23339-8739825237432947340
.adsrvr.org/	1970-01-20 21:36:14	Name: TDCPM Value: CAEYASABKAIyCwic9-eY_4D7OxAFOAFaB3hrc3c5bGFgAg..
.turn.com/	1970-01-20 17:08:23	Name: uid Value: 2992603343639734767
.zeotap.com/	1970-01-20 12:50:38	Name: zsc Value: P%16%BE%807%1F%BAw%60_%97Q%ED%29%CEt%D1%40%25X%CCML%B6%C3H%92%2A%3F%8C%B0%CD%9B%D8%F1Ez%F3n%EFag%D0%3B%04%EC%C3%E7%DA%F7%17%DE9J%3A%16%D3p+%21%1E%90ge%05%C9%9C5%03%15-%7DjS%83%DA%C7%B1%09%B3%1Ez8
.pubmatic.com/	1970-01-20 13:32:23	Name: KRTBCOOKIE_22 Value: 14911-2992603343639734767&KRTB&23150-2992603343639734767
.pubmatic.com/	1970-01-20 14:58:47	Name: chkChromeAb67Sec Value: 3
.pubmatic.com/	1970-01-20 12:50:38	Name: pi Value: 156307:3
.ads.pubmatic.com/	1970-01-20 12:50:38	Name: pubsyncexp Value: 1687773356153
.adnxs.com/	1970-01-20 14:58:47	Name: anj Value: dTM7k!M41.D>6NRF']wIg2C$Io/(xc!]tbPl1M>e)ZlrFUfJ+tGXxoy[GbnvT'k8?Y2Cj>:=UhwQ2hRvc?00W>V<7Z3If)y3KL9D3I?+5S??D/
.pubmatic.com/	1970-01-20 13:32:23	Name: KRTBCOOKIE_409 Value: 22966-NOvcHvPGbYSSSVgjVnaSbVVT
.bluekai.com/	1970-01-20 17:12:42	Name: bku Value: wXT99Wy1ZVxhTgXg
.bluekai.com/	1970-01-20 17:12:42	Name: bkpa Value: KJy9cyeQd02pSUHknpD0BpA8wtkAwEz6RV/01Z1pmezNRZBMBExe9J9QY1G=
.smartadserver.com/	1970-01-20 22:19:26	Name: TestIfCookieP Value: ok
.1rx.io/	1970-01-20 21:34:47	Name: _rxuuid Value: %7B%22rx_uuid%22%3A%22RX-47b4185a-ff3c-4292-8bff-911bcd673d4e-003%22%2C%22nxtrdr%22%3Afalse%7D
.smartadserver.com/	1970-01-20 22:19:26	Name: pid Value: 6969356763543104485
.smartadserver.com/	1970-01-20 21:36:14	Name: csync Value: 127:AAAaCk7JMhkAACA-NRli0w
.targeting.unrulymedia.com/	1970-01-20 21:34:47	Name: _rxuuid Value: %7B%22rx_uuid%22%3A%22RX-47b4185a-ff3c-4292-8bff-911bcd673d4e-003%22%7D
.adnxs.com/	1970-01-20 14:58:47	Name: uuid2 Value: 731412336073080856
.id5-sync.com/	1970-01-20 12:49:12	Name: cf Value:
.id5-sync.com/	1970-01-20 12:49:12	Name: cip Value:
.id5-sync.com/	1970-01-20 12:49:12	Name: cnac Value:
.id5-sync.com/	1970-01-20 12:49:12	Name: car Value:
.id5-sync.com/	1970-01-20 12:49:12	Name: gdpr Value:
.demdex.net/	1970-01-20 17:08:23	Name: demdex Value: 76286581780712167101442776588903371845
.adfarm1.adition.com/	1970-01-20 14:58:47	Name: UserID1 Value: 7248838604383385740
.dpm.demdex.net/	1970-01-20 17:08:23	Name: dpm Value: 76286581780712167101442776588903371845
.weborama.fr/	1970-01-20 22:15:06	Name: AFFICHE_W Value: qJdzEsjWhfyo95
.simpli.fi/	1970-01-20 21:36:14	Name: suid Value: A546D3DEA34C4FD6A5CF52B366EC131C
.pubmatic.com/	1970-01-20 13:32:23	Name: KRTBCOOKIE_1101 Value: 23040-7248838604383385740&KRTB&23369-7248838604383385740
sync.srv.stackadapt.com/	1970-01-20 21:34:47	Name: sa-user-id Value: s%3A0-1f21840c-f627-5831-5bf2-191c98ba977e.0%2BQCRMLLB%2Bk5wZ%2F%2Bsy4TeOHzh7%2BfYjKsVypcqyLObv0
sync.srv.stackadapt.com/	1970-01-20 21:34:47	Name: sa-user-id-v2 Value: s%3AHyGEDPYnWDFb8hkcmLqXflvvztU.f4PnGNcpxWOPdywyIDyG9f8evsjeGxKBiTUAwUYKIKo
.srv.stackadapt.com/	1970-01-20 21:34:47	Name: sa-user-id-v2 Value: s%3AHyGEDPYnWDFb8hkcmLqXflvvztU.f4PnGNcpxWOPdywyIDyG9f8evsjeGxKBiTUAwUYKIKo
.id5-sync.com/	1970-01-20 14:58:47	Name: id5 Value: 091ec4d8-0973-7081-a628-0dac5c856a62#1687751752497#3
.pubmatic.com/	1970-01-20 14:58:47	Name: KRTBCOOKIE_860 Value: 16335-HyGEDPYnWDFb8hkcmLqXflvvztU&KRTB&23334-HyGEDPYnWDFb8hkcmLqXflvvztU&KRTB&23417-HyGEDPYnWDFb8hkcmLqXflvvztU&KRTB&23426-HyGEDPYnWDFb8hkcmLqXflvvztU
.contextweb.com/	1970-01-20 21:34:47	Name: pb_rtb_ev Value: 3-1lda\|7dN.0.AAAaCk7JMhkAACA-NRli0w
.contextweb.com/	1970-01-20 21:27:35	Name: V Value: F5r1xky5iPPR
bh.contextweb.com/	1969-12-31 23:59:59	Name: INGRESSCOOKIE Value: 74d695a2077a566a
.id5-sync.com/	1970-01-20 14:58:47	Name: 3pi Value: 464#1687751752646#-1696650173#330b5701-58b6-480a-9089-cdb23d1bc4ff-tuctb9291c3\|3#1687751752948#-985387177#ee416499-0c47-4900-9866-75ceeafb321f\|19#1687751755446#243409887#eb6079d1e598c4acd9508a7f7c38cd63\|485#1687751758487#1320713277\|165#1687751759354#2073154001\|264#1687751753437#-1010885890#5e7202d9-6874-499f-945e-f77f754f1896\|104#1687751758770#-1832600847#c34bfbe5-d3c8-4220-bb90-84a9e8560152\|285#1687751757479#1312278101#LJCBTGRE-O-6ART
.id5-sync.com/	1970-01-20 12:49:12	Name: callback Value:
.metadsp.co.uk/	1970-01-20 21:34:47	Name: ruuid Value: 899a20bf-5e43-4182-9f5b-3c7dccf63804
.metadsp.co.uk/	1970-01-20 21:34:47	Name: c Value: 1687751759
.metadsp.co.uk/	1970-01-20 21:34:47	Name: ruuid_lu Value: 1687751759
.eskimi.com/	1970-01-20 13:32:23	Name: __eConsent Value: 1
.eskimi.com/	1970-01-20 13:09:21	Name: __eP Value: 1
.eskimi.com/	1970-01-20 13:32:23	Name: __eDId Value: a6fdd2e5-e97e-4f70-a6e0-e99c659c01ed
.w55c.net/	1970-01-20 22:19:26	Name: wfivefivec Value: yTw0vAQn1QdDkz5
.w55c.net/	1970-01-20 13:32:23	Name: matchopenx Value: 5
.smaato.net/	1970-01-20 13:19:26	Name: SCM Value: 055ac3d2
.smaato.net/	1970-01-20 13:04:18	Name: SCMg Value: 055ac3d2
.csync.loopme.me/	1970-01-20 15:01:40	Name: viewer_token Value: 42e1df53-4880-445b-b321-ce24bae48aa3
.rubiconproject.com/	1970-01-20 21:34:47	Name: audit Value: 1\|NCB+x9u7UfJyuRpw2gNwpNh9+OkwXNxQOGdETZn5oMuGGao+ISL+O2eOMfAwHG8jivuKWMb6fb9CqQ3+tQhlLHMDvubSxZCGZ60cWpGl5GR/GuxdKCOxK0p6V9Sqzm2lpmvllXEtYN4=
a4p.adpartner.pro/	1970-01-20 14:15:35	Name: apuid Value: d3d65c64-3986-4f9a-a634-7328e5f798e1
a4p.adpartner.pro/	1970-01-20 21:34:47	Name: buyeruid_27 Value: a6fdd2e5-e97e-4f70-a6e0-e99c659c01ed
.rmp.rakuten.com/	1970-01-20 13:32:23	Name: Rp Value: c23fc6a9fd811c1d64351a51c48164990c505ff005427e20
.nr-data.net/	1969-12-31 23:59:59	Name: JSESSIONID Value: 908a82e266a04025
.pubmatic.com/	1970-01-20 14:58:47	Name: KRTBCOOKIE_1305 Value: 23413-B7B76140-5686-45C7-BDB2-CE3A35903DE0&KRTB&23479-B7B76140-5686-45C7-BDB2-CE3A35903DE0&KRTB&23408-B7B76140-5686-45C7-BDB2-CE3A35903DE0
.pubmatic.com/	1970-01-20 13:32:23	Name: PugT Value: 1687751759

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'ambient-light-sensor'.
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'bluetooth'.
javascript	error	URL: https://www.sanook.com/women/220941/ Message: Access to XMLHttpRequest at 'https://api.rlcdn.com/api/identity/envelope?pid=1258' from origin 'https://www.sanook.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://api.rlcdn.com/api/identity/envelope?pid=1258 Message: Failed to load resource: net::ERR_FAILED

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains;

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.audrte.com
a.teads.tv
a.tribalfusion.com
a4p.adpartner.pro
aax-eu.amazon-adsystem.com
ad.mrtnsvr.com
ad.turn.com
ads.playground.xyz
ads.pubmatic.com
ads.stickyadstv.com
adservice.google.com
ajax.googleapis.com
am-match.taboola.com
am-vid-events.taboola.com
am-wf.taboola.com
an.yandex.ru
analytics.google.com
api.rlcdn.com
apiu.sanook.com
avd.innity.com
avd.innity.net
bam.nr-data.net
bcp.crwdcntrl.net
bh.contextweb.com
bidder.criteo.com
c.amazon-adsystem.com
c1.adform.net
c4d7db2e0658565e84fde56f994de857.safeframe.googlesyndication.com
cc.adingo.jp
cdn.id5-sync.com
cdn.izooto.com
cdn.jsdelivr.net
cdn.prod.uidapi.com
cdn.streamroot.io
cdn.taboola.com
cds.taboola.com
ce.lijit.com
cm-supply-web.gammaplatform.com
cm.adgrx.com
cm.g.doubleclick.net
cms.quantserve.com
code.jquery.com
connect.facebook.net
core.iprom.net
cr.frontend.weborama.fr
csync.loopme.me
d0d8b8e6b737a493004210cba1ad57b8.safeframe.googlesyndication.com
d5p.de17a.com
dc.sanook.com
dis.criteo.com
dmp.adform.net
dpm.demdex.net
dsp-ap.eskimi.com
dsp-media.eskimi.com
dsp-trk.eskimi.com
dsp.adfarm1.adition.com
dsp.adkernel.com
dsum-sec.casalemedia.com
eb2.3lift.com
esp.rtbhouse.com
eu-u.openx.net
fundingchoicesmessages.google.com
google-bidout-d.openx.net
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
graph.sanook.com
green.erne.co
gum.criteo.com
hbopenbid.pubmatic.com
ib.adnxs.com
id.crwdcntrl.net
id5-sync.com
ih.adscale.de
il-trc-events.taboola.com
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
imasdk.googleapis.com
img-as.fsanook.com
imprammp.taboola.com
invstatic101.creativecdn.com
ipac.ctnsnet.com
jp-u.openx.net
js-agent.newrelic.com
lb.eu-1-id5-sync.com
lvs2.truehits.in.th
match.adsby.bidtheatre.com
match.adsrvr.org
match.prod.bidr.io
match.taboola.com
matching.truffle.bid
mwzeom.zeotap.com
oa.openxcdn.net
oajs.openx.net
onetag-sys.com
p.adlooxtracking.com
p.rfihub.com
p3.isanook.com
pagead2.googlesyndication.com
pips.taboola.com
pixel-eu.onaudience.com
pixel-sync.sitescout.com
pixel.onaudience.com
pixel.rubiconproject.com
pm-widget.taboola.com
pm.w55c.net
pr-bh.ybp.yahoo.com
pubmatic-match.dotomi.com
rtb-csync.smartadserver.com
rtb.mfadsrvr.com
rtb.openx.net
rtb2-useast.e-volution.ai
rtbdemand.apiip.net
s-cs.rmp.rakuten.com
s.ad.smaato.net
s.isanook.com
s.tribalfusion.com
s0.2mdn.net
sal.isanook.com
sb.scorecardresearch.com
secure.adnxs.com
securepubads.g.doubleclick.net
simage2.pubmatic.com
simage4.pubmatic.com
sloth-api.sanook.com
spl.zeotap.com
ssbsync.smartadserver.com
ssum-sec.casalemedia.com
stags.bluekai.com
static.criteo.net
static.xx.fbcdn.net
stats.g.doubleclick.net
sync-t1.taboola.com
sync-tm.everesttech.net
sync.1rx.io
sync.bumlam.com
sync.crwdcntrl.net
sync.go.sonobi.com
sync.mathtag.com
sync.srv.stackadapt.com
sync.taboola.com
sync.targeting.unrulymedia.com
sync.teads.tv
t.adx.opera.com
t.pubmatic.com
tags.crwdcntrl.net
tg.socdm.com
token.rubiconproject.com
tpc.googlesyndication.com
trace.mediago.io
trc-events.taboola.com
trc.taboola.com
u.ipw.metadsp.co.uk
u.openx.net
uipglob.semasio.net
um.simpli.fi
ups.analytics.yahoo.com
us-u.openx.net
vidstat.taboola.com
vidstatb.taboola.com
wf.taboola.com
win.eskimi.com
ws.rqtrk.eu
www.facebook.com
www.google-analytics.com
www.google.com
www.google.ge
www.googleadservices.com
www.googleoptimize.com
www.googletagmanager.com
www.googletagservices.com
www.sanook.com
x.bidswitch.net
api.rlcdn.com
cms.quantserve.com
core.iprom.net
d5p.de17a.com
ih.adscale.de
onetag-sys.com
pagead2.googlesyndication.com
rtb.openx.net
tg.socdm.com
trace.mediago.io
104.18.217.65
104.18.24.173
104.22.53.86
104.75.89.75
108.138.1.25
108.138.36.27
119.81.216.16
13.32.99.90
130.211.27.62
138.199.36.11
141.226.224.32
141.226.228.48
141.94.171.213
141.94.171.214
141.94.242.206
141.95.32.69
142.250.181.226
142.250.181.227
142.250.184.202
142.250.184.238
142.250.185.198
142.250.186.104
142.250.186.129
142.250.186.130
142.250.186.132
142.250.186.34
142.250.186.66
142.250.186.74
15.197.193.217
151.101.129.229
151.101.129.44
151.101.130.49
151.101.194.137
157.240.0.35
157.240.0.6
162.19.138.120
162.19.138.83
162.247.241.14
162.55.120.196
172.217.16.194
172.217.16.206
172.217.18.1
172.67.13.182
174.137.133.49
178.250.1.11
178.250.1.3
178.250.1.9
178.250.7.10
18.197.205.97
18.66.190.226
185.106.33.48
185.29.132.245
185.64.189.112
185.64.190.78
185.64.190.82
185.64.191.210
185.80.39.216
185.86.138.152
185.86.139.94
188.114.97.3
193.0.160.130
195.5.165.20
198.47.127.20
198.47.127.205
2.18.160.221
2.22.155.137
203.151.128.172
203.151.130.72
203.151.133.6
203.154.58.214
207.120.34.9
208.93.169.131
213.180.193.90
216.239.34.181
216.239.38.178
216.52.2.86
216.58.212.130
23.32.184.192
23.55.161.187
3.123.57.37
3.251.46.15
3.75.62.37
31.172.81.158
34.102.146.192
34.102.163.6
34.102.253.54
34.107.231.31
34.111.129.221
34.120.135.53
34.120.139.69
34.95.81.88
34.96.70.87
34.98.64.218
35.156.85.133
35.186.193.173
35.186.201.99
35.190.39.111
35.204.74.118
35.210.239.72
35.214.142.213
35.244.159.8
37.157.5.84
37.252.171.21
37.252.171.53
43.152.29.11
43.152.29.12
43.152.29.14
46.228.164.11
46.228.174.117
51.83.220.94
52.193.179.39
52.220.229.2
54.155.201.15
54.173.30.48
54.217.171.212
54.229.146.125
54.84.97.211
61.91.93.45
64.158.223.137
64.227.64.62
64.233.167.154
67.220.228.200
69.16.175.42
69.166.1.12
69.173.144.165
72.251.245.179
76.223.111.18
77.243.51.121
82.145.213.8
85.114.159.93
95.101.149.35
98.98.134.242
99.81.116.28
99.86.4.21
0014ffccade01ae1ab385b85433decef0f11f26cbe25721faa0d13bb5c0badda
0128f335c3135cb6bd02909187da5fd3d91463b5cdc075b093a8a1b02ecd9799
01dda40652ac6a6c59e1e8def4908344d05ef937638c5c15e723bb5fde73d480
01e13c69146713fb8eaa0f7d914a8374abab753a3e7070468c11ce227320d26f
0243816ae4ef10bd54c4dba1a5519766107b237cf4603fa15d76d16bcb95dae5
033cbccbd3f7efaf55b2cbd9418ba13d4a469247ba5db6d87cfdc8596057218c
0407dafc112212a135d1aa4dd9b40ba0208c6bb6b1959f5535af093254189d66
04739cdd0a9f88f3ceac9851166b8376d4d10cc38cff7f92edc30d5e298d11b1
04dd17131968a07c34224fb2e34a25d3bdd06fed40c6025f20ecdfc9e6eff2a0
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
076d24cbdcf9e0597833fef55d3dca79e6b5fd281e45d85957bea5925473bc6c
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
08a8463bf15cca775e8cc01995f1d42758cbda90dee2b7019fee15daa62822c9
08c2f10b804d480e20f6dd68368affea57114a6bb96a05debcf456d9c06e3672
09343d3b3473e1c994b2d603c99feb8a0f63fbd3ff20be7432ff18b973dbe651
0a02405feb706fcd8240ac4952b9a762168fec6278c3dbeaa828fad80deeed7d
0a0c71cb2232ffdde95f07b0f6e9a794907328f3f27688ebc789dc1d727f534d
0a55a803103fd73c135ad66d1a8b9aa2a7a7bb0054618b70a9c0d46c87a59371
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80
0b2e019fbe37d9642ad85f3194ef708e5510f4e580544587d3036d2c6a22809e
0b55ec4e5aa91ac70224085c402a372fcdd954dd4df3229b7de7efbfa86cff3c
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0b93fcce3e4ed4086f6f2e19b753dfd7f9e48213ddba0ab5b8c9dfb2dc862ae0
0cc22e22c095d1f43354a15286ed3290122650402c216bba29192c0301a4dccd
0d111d61901004eafd87c672f12f6cd54b3c376513aa672bf58100506dfe76f5
0dd8fc60dd2b16b2caa3910eb6e7f9f539f749e895ae41c101fa2c3d6d7106d7
0e370d2c1637faf523ead54d8be7c7d6027702b43c1fbfdc219b4c46bec233c8
0e7180a71dde7d28bbb50ea73c1f2687ac78e876e393870c9b9a3b57f7b95986
0efc2b3150feea54abc6285d834aaea36661ffd5acb56047656748c731d12330
0f24144d2a5d74b60d92c39538d244d619bab0e0b3cf28780f0455c4c6f09a3e
10b7f660bbe70fc660e99f219bfd972dafc4837c50260a04c0ec63f7a7c2cead
10d0f3790a633e0dd1625e0fd9867bc2d8f8d28fa0195f3927eda5cef45641ae
118953d8a83c1ff120e5a1f85e67a43d2c2b138935a6c7533a24830d282b46e0
12033e73be050321fdc3d2756f9970c1423c57bd877e8c316cb023b67ecd34df
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
12b5eaccd8a9d81a6a12512566d2b72aa7c100b4a261a08ee6aae4679a9e36b4
12c77ac611a4332b163f12367043df571ad45e56537880d12235f9aa3376e777
133c876619684ced5951e6115df5ad49cd2ec351511f2c5368f3991205e78ef7
13b4bb0bb059eee9a7ddf5b8ae3f395e28e7f81918eeac0ec934f3d050c4d0a2
14642d9bda67d96a5291f33bb8c703967c8f2ac0214efe41b0c453aaa369cc6e
149cc475b3e47b0387d2f935c6e5702f1dd02d9e11044065dd6aa2bec35d6e50
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
18ffd992b267b58bcd693f5dfce5291e28e4ce09e5838be00eb26c6b4ff618a2
19420defb20241086bf847a0c6c7cf44bd985cf7a939669755fd679f5eded955
1aee66e2e24e851039801c0dace90f3efb7a1a17b033f7d5bbc12ca7c1d19432
1b8ae9585b6cf1b2e44f3326f61905d2dcff7f35a7a31b7334f800ad6367b8d6
1c4ab2f8971959b6a8e4375092eacd41007a97c2078e14af4dd43fdfea43bb6a
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
1d2af190c50b253938d0bd45e907ae7981359dc7224bbc020c518d449cadad09
1fa2366a889f680dcbc1e269b5c5046842af9078df3106d7be8a29c1b397740a
1fbcc7f3b789fe32c35941497b721bb531abec0f03d77ccdee56119af3f27bdc
211ce11050c57b74d7f793232305a8ee5cea7f061366efaa6df4bff5cb7a2495
21d4a80744b439cb8dd504b6d5f1dd6fd9fe1ddcca9e46ab98d156f51e893c1b
2295fbd4eed6fa5b0d775a17048a0f73e85c3a347bb384be7b427418cd453d23
22a191737d58e91e6ea2b8bfbdcded9a8c184ea7b438cebb84f65e107bdab663
234cfa760f6ad57ccc57185ac6f5e3d5d88a4a9a4d65730a950a49aa426681e7
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
2b2c3c1bb0b2b4146cb2598cf0dd895e0a498d1dd9c3410182442cb12d40df36
2b682cb846d14bb05298861383969201f50f3334cd261828d904b198b21a81c3
2c3282f6361e85f669bc3d248b8693c53dd22f8f06488c99beb57258e6e00f87
2d8d735badb9fea9b426906d13d99ea68436a5d0637ec8866b186fa90cdc390a
2dbd4806a2dc04f8a94c943500f6c83e624b0d282fa2541b6e88198e196a5d29
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
2f6593a45a7df5c2ee5ab66ee03a4b13cf1d7cec484bee49e5eb54946eecf063
3009935cba76944c4d42291b3db5c07f521b3b4e80ffac3295ce76fb57d52d91
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
31e228db7d5dd8261d986df0391178bc231b7a0a501476f121015c68acaec1e1
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
33dc14e1be2ccee701bf1afe545c0602f2723e4bf29a824332bbf55486d38b0d
350561b966752ef570c416aa9bd649dcc3c7b903fd5ba20c9375c7a713ef0d25
35a828dd56a2083f21de2853969329e7afdc4fb20c30f1ca102872855d5c29c8
35ab6b849009dca5d51bfcf9c85b80b2de2e00b1ae79158cd2338964540c27f8
35ca42e2853ea433b5c3a2e4d2f159a54d0b3133d0b54d37f40b85e6d4c51aa9
360c36943753e40918a6b878a7c06950ff1aefa4686b196d7815567428f03381
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068
3742d5b28f7d0667a9e788a9a6867410194c116b62d93bcd6d256dad386189ad
392c32f20b9f867852a946a6ed1c5e21476df9619083548b6585d80a3b5f9bd4
395c06dc560b79032e4bde085a826c58db346eb4c623689927435700c4dca6b7
39a9767a33fe8b9d31f24bb9f29f98152c9f738a1bf59539cfd87285d30be231
39aa18b7963920d95095fbcffa925d39e22e07ed5ff5aaa2ea37e781b7184cb5
39b076e4bb4fab9b8a142499cf6155f8c128464974691a04de7e764f71b72618
3a5685c0215d2136463685835e8fd57440f63cd287632ff31b5679f4faf8aa8e
3b3ecb9e5dbe85c40c435f18a9cc83aca35c252b02f31b12718e8089444d3041
3b89401fea631023de67ae75bf8f246b1af109a9a4247c3862016949eacc462b
3c306814caff0bcd34236c2f17695012ea796e2e7d0d1506ec323773f70596b8
3c4ff6636ff9ebc83840d06ac0544dc0bf708b851050b9b953d47c5bc2016b63
3c78f30eae1c546abce28fb3253e8e32612aa206d67c02049b35506691a77ec7
3e7d49f24d56db02c7baca8ae3a17555c2e527571450e8c24c77b453407e267a
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3ed6172c57461534660b5435664ff1a82c954872daf7c3e79edd7ac8d6e78436
3eda6d9d9ce8d34aeae4ef396eee0d3a79569b5527136de05938e3ff2f470093
412e44de7c09f2b8d76b1ad4ca25cc6915bcca5d737aaa7c5a6b44e5965d1d6d
42b9a15f9b6a86e0bca2678c6a6679ed2e73777ca55d893012e685275249f702
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
44a0f6210e62103c05248a08250ac37eabc1754f9026ec92fce09ff32c2b465a
44a8550a5891e70e072fe307ff01f77c94c89a120117c7aaa82e5e9ac2860436
44ca2146f5e4ac14cbb7e71aefc11dc07792aa5302627fee0209b3ecdab18b25
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
4819718ef6d1231aaca1417bc751013aa7c5a0e0deffb4e5e509a3792aa6295c
4895c44118a86780663c6e877b78922dda0ddb83051b4b1d22ed786415868af1
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
48c123f247a9c82b1011bef6f71b9bed6f6be7d41b44a0d60aac5a416583bbba
4924e12a30059184d9bd1c36294dcdf957f5f2da452209448b35a93aa785cca5
49df687aafbcd68fee44ebf3a5d015dbc1249dc10a6af49e4b014dbf81c69aca
4a24ab6fcbc8130b01a4936c05b73ec540f50eb9115f74168d0b1046c234ab7b
4a80b29c03942c5e6681b13019cc4d4fe2ea05e12038fda0e030b680ddbfdc1a
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4b73ba1653aaddc0c19e9729053ed92d6273c68705d70d145bf83080feee8deb
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0
50242617945a6f6a36fe2fd68afa582d0b765e127a17bfe46487e5cc3970bb18
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
5254ef619ea505e932d4cd0a9a1e4bb2b9520dfde31099e8427b491b3b9dad87
535499bf25b6a149637ce611286da6239dee803fda1191102371595c8d23d63e
5368565b98e1bf1a330da79b5effeb6cefa0d3a87e0b2c4b1386056f4d5d3499
53de2f993f55be083141b010738e076a027291e038ca454d686929063b172cbb
53fb01dd0164dfe68e4a14a16f5b3e4a034238c7429889d16dfb65cdd8fab8b2
544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
55bbfc861e7a701243f51f7e35b254b20ec854f162f6f9d37e68a75f90dfcbc8
55e004cc0e3faf943829034280d5c88e393ea5236487f5ed66d68f9d6b1f6f10
56097e8b7ceb27db42a5e102af6d11dfdcaee13d8716477a8e242b4957d7a280
56c670e541dd67c646550b405db58383a296966c35fb1607b6dced9307ce68ad
5834100b74df5b33141bade07e3c6cc1de333768ad6dfe8f11504c01523d7e94
5998fa965b879fadd348d35630c497b56a001b50cb12435b5e750a647092046a
5b0a1c9fa55b83f6c2baabc1ff99f48a43294126d03299226c166fb461520305
5c360f4a08727f0dbb9b0452830cb058ff02f8bd09d8e775bfc267655374e186
5e864c2e3f674c60970513411eaeeeafd2d615d842e65ec01d09ccfcb4a7b38d
6110bd3d72d24a65ab45401d0318208e362f323aca3c84d57a36523d34a60f0b
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
635b226d9197965cdb66d6b5828b2193b58767e267ede52857e1850e403b03b3
63a535305d3b0ca376dd8225cc817b1e6709f346016a99a5aa85c48ca2f77482
63f76efdf34dcee17d568b373f3b6616322a133cf8299dec72a3f9e74789e363
64faf061ed09cea996b42e0975d7b0425b77b4b50967b211bd5cf375508df564
6573600e0b8e8846b336b6bdd25cf29487f066ed5960befe0a17e9a1d74e6081
65a2c51a124c9c70ba2658a101e28c00535c64651897577b2ed90693e9aeabd4
65d92e36ac9a058f660398ed713dda9b407854b01e659fe29508f8548f9eb479
661b4395fdf6481afb7d43aab2fb0eb3eee2a2c8efe620a6a8ccccf01bcd90c5
674239b4abc1695b3d4548fb964cb6a15d21930f20ccb11f8f556a80c54633f2
6796916c129546cfb332437c7ecbba347ec10e8e0c086101107c9cc2297c321d
67e5f95bc71c04605497d7ad18d807ce7464dc4ac413a89bf72f9214c1d03ba9
68551662722fe4ed510f4d33fd3aee3dea77c47dff7584e8c50d1dc9241f22df
695669eab4d353184ff9d06af8b2e1d0c0aea5af143d16b84206b05f1fa7ec3d
695e3e04c7d78887cbe74d3449f5c0a5e2ef92d173e6cbf8f692d3e028f4554d
69651768c0ed318d4a7feb3157ba5687433728fff0cb61f4ebd737142bcd8132
696ebff2f6fb069f9f94ffe87bf3afc534a4dc68dee592c312549170a6e0e9d2
6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b47a4a3528c95cf5d039727a5e530e0833151c38254c79c2313be62b3635249
6cdf5b8d8528713b5a7b3fae738d27e6107afa0cc3a8e691a9d612303f6dfd7a
6e148dcdadfa629b3a395feb7b0c6bedf3ca86d21502d89e964f2efb9e2b59c3
6f2e467708bf33042629c5ea99418aeb1c3026a41851f320d6dd309c26b667ed
6f51d2ba38480066c4deff4b8d84389d977c9e39d852160a3d8c21f5bf70ef58
6f5b4aa00d2f8d6aed9935b471806bf7acef464d0c1d390260e5fe27f800c67e
700cad2b847833193c198f661c44256f81641817c11f5dcea799a561942d7081
72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48
72b957c8e33b77cbf556151dc0c974c59408561b4bf97828c5b400bb60663138
746ed48aaf4b25b5f584fada770e34353b3ea83d5d0216ddbee09f9806e50918
7492395fef5caac2500eb07ba8dbc30c0fa593fe2db43e89db33dc0d3af70e41
751df254c2bb8213b8f7520efebb27ee572adc4f503b26b700f6183d7f78d7d2
75211e639a6f958dbd73ff9d849f26e9dec1f621659360882f76dbb4a50bc503
753df382ba427c4f754970c078708ea6a0f82d711ec5607967cc64a8936b1feb
776a28e191f05a078df0df129f85d0365d274ac128afd1342265570deac8aaf8
7800676e67c9140d4d6bb2ea1258c79741a9289428a8f7cc4ed4ceb1acba5792
787f2f507549db884e2ce59d8f8590f06a4254957067a7c489f717bd4bf0d65b
7954a0d6f2c6dd81496228d5665194d0c0aa4c33e1516c79ba8db0b37b116f5b
79a0cf058d11a697f716f09dd18abfec136ee0186f685d5eba18a749414f2b27
79e294a7071dc71eebe41f088919fd137441a80f5ba5bd2765b978726ec5ee9d
7b2a992aec259dba4fcb597f99606b4888892893aeacca8d9cab0ca32fe3fde0
7ca7a1e30027e42d510cd253b29f1b9f505c04b9af48c9ed20804d9d8006faff
7cae54bacd8659b96a6bcd4d2aada5e36ba135a67b375705909b8a4ffeb3a199
7f141ae986e6e70d209c50ad1b22c139cee151a28408ef3d25bb850b8b2eb4f3
7f5feab8115fb17c8945b5b22a6382315c264a9878b2de8d1916013720e496ef
7f68ee2786c79a1fa01d4a0f41300e20597ae64bb3604fa6441b594ab9ad3353
81f66fb840c902b62f902bc4e27a6e3dee001d2f8babf5e767f78f16136ff0b7
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
839c424b188a9bdafd46e5b643a2c5afb4b7df5e51f0321ffafd5f23b118e259
868acca2855c9426e8ee404b075c5748bffdf548464fa4229b46eb7ddbe6130c
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de
8756f19020bac3a40d2a403c5f5bcf3ac5034bc0da074d6a383bbe6c32561de5
87bf38e637a4b0c69d9a299cdadf28ee022b1fa73041d49ef9fc0d0a2e3bec6c
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8acb5c888f88d9948d9729db88e737b9dd92ae3653dd11557aa286a55eeaeb09
8c4b69c824c4178c36992112852830ad02e2a81511f8073d9e1cecc839ffecb8
8d67e93b773c993230e55a3881853d5e8d399b32fb591d845c41553c0fe8c71b
8d9ca9a070463bcbe29e90af7f3b2aff78adce09eb1481d5b261af72ef998f28
8dda5d62ba6489bbfe17e66f6cf1d937cda582196ab753a21c1753639f5c69cd
8e4d51d6651548519f3558d43cef1f72038b61c3677e3b9a91d5e2a0f7d46846
8f8559a1d533e1b9f28b7904b9328abf7defe554bb3cf4328d84e21ddf5764f2
90dc8ea5f4689b21cfb8a0a192e3e017aa6d81ba6eaa93d00b17db3efcbd4121
923ac60ae2b51d9cb2025f34d30e8188c5bdfb61e04f7d5c88908b56800c7ed0
92b90e6df7c880e709cfd70ad4e659609d5a1b898674fb8dd371083f790ba404
93191b26f0c23a09a2fabf5e0d71815caab853f55f7ffd3d9b053d7703fadfec
95988cf2d891f35c99c3424c102fddddcbb01d89fff3536b5bccb24362f3689c
964b656289b3bc187440e3556d72226c8f364bdc257acb0b3a99956ad013b60a
97811d555f03c571b9da18bd06f5695b50546b862c9cb42e32f78a87efcfe363
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
991b8b544ad11ad8176e3fc1287058425715839ab4c534e61bdc4cd882ea2fee
993eff878baaac385889e2599c9b0f03e76b966ab37816f7c71bc3a236190fb1
99547a965f07daf7a5531abff25b655f8ca954dcd1fc1794a87e62b4f59069a7
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9c05c7371cdf3c451b8a2cdf90e6ac6b8678682606c1edaca2705f926cc9ddd6
9c3414876f3603f781a46bc8642c58b25d5ebd027f56367f0a1487de285c6e63
9ccdbec9e927128d190882fdc2b16952ae59a95bfe6f179416ecd98d4aeef7ea
9cd0cf9358f6d9ef9aecc29466faba4f8f2f5b9a79f03be60e6b220558fd4340
9e06da0bcecb5c3543ff295850c81e14dc9e0b6e28cccf39dae72e88c2ae1a2d
9f48a628f00097f08cc08db80935c0d88a744f32ed5db43c88d27ba81a3e99d8
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a040e6489cf903c3b35d42777dfd234ea61eac1ac071202fc7dedc9df8325537
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a09ab6de3c891e65cadae6800284453d2202c5d3a131ec3d9f61ebd60bc3a00f
a0bbcc76286aa419b503fd81c79af5446beed1056f5f45cfb45dd16dfcb32ba3
a1187a2df40326dac6994a12cc15f688ad94218b7d971c1722e645ed8bc5bb21
a18821c1ae205190b65c272d41afadfa095148f5459721dd62f833e473f35aa0
a36082e197b71679f6d96df8cb3ee52c9122215b5cc08c0da6b224a905b2806d
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a4ef303cc964ef4a0b1eb5ebc4e20459186cdd1f3f900e0f3d268a9c228ebad9
a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e
a6571199455f009b27bb8719e76ab06240bb4c9246f6b8915e3119ced168c132
a695b8b12c7d88355d0b1b33d6c643a7913bcfbeae91553bd7560019188b1032
ab935e06ab36047954ec11bfc6677db2c06bf64a0b6ab0b0566004e2ef5bcc6e
ac0d14d8b4a66299b3a84068fc5447d86121c033e665a51bbd3fb23938e00d3f
ac2ee389d90f7f9e10788782bdb2177224a9ce346a07cf061440c697d6d219ca
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a
ae20fea9afd7f058e4fd81b670b671f239049ca20626e7da66fd56c745811aab
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
aef991b2e0b693a95d41986576dd3901ea7ac03b379501b1caba966058753308
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b3f3f379d724f87e5282f75c162017587c0f0bdd6fe267518119c7bd4a72059d
b4b26624c4f906216099957570ea73fa13eb06f5b6f451256eecf803bb86f1b8
b60ab41fb92e80bb9abd19bead792c4276a9a738adeaa23fafabcc875cf5f5f0
b79ae3695c2658408d8e846750080aed460c56994fe8cbfcfa0bd1b77e249604
ba6196c4a159b1b4c99756302bdf508b864a53e962b4c819fd5a8b2daa5f1149
baa62ae304986bf9bcacbc0a2948975c05850f217240ee26c8f1ff968a69bd42
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bb8d3afd4013640fe73a5cf109b48bc820826c9a2db91c8f11bd478b36f763e2
bbc4a3f217f0cf6b6d06050d4bc2cdb99bc00b79ddc78a9f46da37f2e437744b
bd08be9cbf5f35486ce3011abc8286e9e2f59ac1de1ff9840377332383263f19
be670c3d3cc9021e3e244a863bd36f5c685a09f46cffefdb930b9fefee0fec0e
c05b6abc4dd93848694fde2d42919715251e9be993e929072131a4a7330ee914
c0c2ec1f2d626ab278d81abe34d30681f0007e8c79a890165f27e3e1550e99b7
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c327099ec717a76d26d1ecdf7a6361aa1f613c05549127bfc45416166dc514bb
c46acc09443d7466e26efd2eb3993d5198bbee208e3f8f85aafc8ee6266888e8
c5abf2464a853ab4c67c11f6e8d2d0967af237baa734ded483479e05e2fdcbcd
c6129518426ffba9c83bbfc160f87789e1176a1c5a47da3871d2e8c915e91d09
c709e2d463c6d880d28797529cff150f9f30659c9afe93c351273f239da3a00f
c7285cb74996a422f1c9dc95991129881a1ebc7775c5b8d6f046759aab631ae2
c72eb77390102cafa6b53a4069fa35db713083a485b14ae1f9288287aafe4cf7
c7cb5af115c5c13717c8851d2f073bc2265ae6e9203a9436cf079b5f52724e7d
c7e91ec737c4456ae82d47d50d3099d60105d58ddfe04c0001b9b13887d41d21
c82c372cd5c4a3b46fddb13499d36d8818044e818b53a6794f340effeea5673a
c84f5c94fec8629693e4bbb5d8c6810bdeee0f88ae60703782c583d3dbcf6469
c874f708f5b975cd971bc4b89f3a432a46121a549273f79c0e1363ef54001157
caf5d51717c7d26c09bd92bea1d285ac2ec534f33ca708e28fdebb51fa895c4a
cbbea5ddef89ab10c3ba4c56b378f820b7426c4da981721ad97f6d7638e0c2b1
cc668b0c8278f81636dbf6a6373653d1f94424533bbebab5c8d652752cd07c1e
ccecd185ac16ba0a538840f37701053fbb861f7fbbdd86039c7415fcd924d1f2
cdc7862ae6f3ae80124d8c672dc6d7a4d892ba42f7d651dbf0bd74d1d9e353ad
cdff804a874ca5ecf67d2f6c6605826044354c0f24e2e9f20f95c32fe17aa69c
ce42adf01899c970e7e1791dc9c4665f8307e40bc6dc1dc7fd20041b8f5f44a6
ce51cfdb7249f9a7e8c969c6dfe27aa51545fca9a692dca2ab9b36907f402ce5
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cf4ec2276c9bf4e55ecaedece95d49b042ac2fcfc54f0ffbfbe5b731031dc0fb
d021a42429c9121303b4aa9316b84d89377992c1ba5c680eadb5b3e38989fe61
d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
d1b3f666dc137b2e28d18ce5dc569c442fd005f030b8ee12134d236d8a51b61f
d1baf1e3c12564049e49e6a2f91ab528957fa12cb80c3dc0b113329a44d4216c
d27a8af1af6f6d6e1e029e12eccb095a262be96563c9a42f96622593ee5a1a17
d38961bd0b1ca21df559b911d10e02450f663398373f3e6ac76eb31809b5b75e
d410ea56a78849fb0fdb4683b9356c0fa89a3ecb392a609e6ce46f2409438298
d57aeaf80265f0b85de1bf9798c3eb60e8b8a71869a16cea4873e21667c9f657
d6076f3649035fb86508f0ba58c8a689661edac6fb7ece7ce2cc3395c7b3d492
d65f4b2e8eee94ddc7f762d098de19558d879a3b597c8913b4d075532e3ed4b4
d68c3ead837103c502de483abfdb0167fa83abe2a3ba452df2d5f216289f6c9f
d72ee5d0b0a79dee19ae7b15abfdb7c30e17a5f1a1f9d1b4cdfcef70b0b46021
d82f464020e016f40ed44d94fcf41e27fbebb2f30378c91228305f239d794a8f
d97959b503be6478020f470986662db8b786ea2491ec991e652b1f37611fbb39
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
dde7da8fbaf28eb013abd531ee731dd926cf260ae671432733fee5ad7fb24c01
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
de9c89e4a4210f4beb39842a94ea4ee924d07d3aba3b64ab41281f21c2d7b691
e16941500a7e562826092aa4e31a907a0c6e9354e4c843391cd3fdec33602bb1
e1a424430a8dd1870e12a8fe3e87f034698edbd55d3d78b6080a389ee1e61ba4
e3254293f9829d2f07914f43cca12765b51a8dd31dbcd6a9efe69f8d8cfbd364
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e621342aa9356bb83683d9b9aa28d5ef8b909c1e9336225d066391fedab88b26
e66a14fa0956a877bdd7df2de2e999f15cbbd2533f10ea058bb6adca64ed030c
eb97ae42500ac290cc6b1e1c63b0784a790777a63883f57ee7f418b09f448657
ed066772097670e2a506f803ad669d07000d59d64f596416ef5349c09516d170
ed3307c62c0d78bf73af142b4c660e3257374d97385b2f50b28b1003a5c00513
ed53ed7e8cca61c3ec4d4cf06ff4d87a8d6ad73479289a9dae93b16c5add4208
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef940b8a82212c719d5e6773f6300182c562347e486fc6c355476af17fa0087a
f022d004b222efee610e30fd68b5be41fe393cfe9212ad27612762bf08e6938e
f1e3d93c70524fde72b4aa58a5581719ed2953f8fc64ec5a103bea40fc11fee5
f1ffe6c12f94e09630024ae034b328c9f2942b046fdc49d291ae294cbb083de7
f3c4516d212a69c90360b4031245c04dcb86fa592e060fe8a27c57870de50e47
f3d9ef2604c7f5133d7096b134f0c873884577caf93cf6bc16833050afea301d
f3e4c0b6a5e7ceccf3ffa1114a3192a528d1b4033658c0493b9b8beccb581335
f5c2cea9fb4541a86979fdf18bb69f11555678d14a9d0b9be1758b65d180553b
f5d027b6bfb5b21a1c2b1dd0a73dbeb1298bd6130bf4f9c9001ba79e2555fb28
f6b2106e1aeb9eb001b22d996135eacf9b6e9d630e0dc80eeb456bcbe0eebe60
fb329000228cc5a24c264c57139de8bf854fc86fc18bf1c04ab61a2b5cb4b921
fe3f7794bc945b1a644b921564ace0be833c472cd156fc98ecae3ab3e3732620
fed4a76c58f91d89cb593d6ccd9e79e8669b6d02365bd3fbecaec79412d2210b

www.sanook.com Open in urlscan Pro 203.151.128.172 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

694 Requests

86 %HTTPS

0 %IPv6

107 Domains

173 Subdomains

107 IPs

18 Countries

8641 kBTransfer

27064 kBSize

181 Cookies

33 Outgoing links

Page URL History

Redirected requests

694 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 7 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.sanook.com Open in urlscan Pro
203.151.128.172 Public Scan

Screenshot
Live screenshot

Full Image

694
Requests

86 %
HTTPS

0 %
IPv6

107
Domains

173
Subdomains

107
IPs

18
Countries

8641 kB
Transfer

27064 kB
Size

181
Cookies

694 HTTP transactions
7 data transactions