www.sanook.com Open in urlscan Pro
61.91.93.41 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://gg.gg/139z1t
Effective URL:
https://www.sanook.com/horoscope/73929/
Submission: On February 19 via manual (February 19th 2023, 6:30:34 pm UTC) from PL — Scanned from SG

Summary HTTP 699 Redirects Links 59 Behaviour Indicators

Summary

This website contacted 126 IPs in 16 countries across 113 domains to perform 699 HTTP transactions. The main IP is 61.91.93.41, located in Nonthaburi, Thailand and belongs to TRUEINTERNET-AS-AP TRUE INTERNET Co.,Ltd., TH. The main domain is www.sanook.com. The Cisco Umbrella rank of the primary domain is 74747.
TLS certificate: Issued by DigiCert TLS RSA SHA256 2020 CA1 on June 7th 2022. Valid for: a year.

This is the only time www.sanook.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	91.215.42.31 91.215.42.31	57724 (DDOS-GUARD) (DDOS-GUARD)
3	61.91.93.41 61.91.93.41	7470 (TRUEINTER...) (TRUEINTERNET-AS-AP TRUE INTERNET Co.)
117	43.132.81.184 43.132.81.184	139341 (ACE-AS-AP...) (ACE-AS-AP ACE)
7	2406:2600:7:1... 2406:2600:7:100::1	55569 (CRITEO-AS...) (CRITEO-AS-AP Criteo APAC)
5	43.132.80.30 43.132.80.30	139341 (ACE-AS-AP...) (ACE-AS-AP ACE)
2	2404:6800:400... 2404:6800:4003:c0f::61	15169 (GOOGLE) (GOOGLE)
2	203.154.58.214 203.154.58.214	4618 (INET-TH-A...) (INET-TH-AS Internet Thailand Company Limited)
3	61.91.94.165 61.91.94.165	7470 (TRUEINTER...) (TRUEINTERNET-AS-AP TRUE INTERNET Co.)
6	2a03:2880:f00... 2a03:2880:f00c:300:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1 3	13.33.88.81 13.33.88.81	16509 (AMAZON-02) (AMAZON-02)
15	104.65.228.208 104.65.228.208	16625 (AKAMAI-AS) (AKAMAI-AS)
1	203.151.130.24 203.151.130.24	4618 (INET-TH-A...) (INET-TH-AS Internet Thailand Company Limited)
1	2a03:2880:f00... 2a03:2880:f00c:20d:face:b00c:0:2	32934 (FACEBOOK) (FACEBOOK)
23	151.101.1.44 151.101.1.44	54113 (FASTLY) (FASTLY)
1	203.151.130.72 203.151.130.72	4618 (INET-TH-A...) (INET-TH-AS Internet Thailand Company Limited)
2 5	2406:2600:7:1... 2406:2600:7:100::9	55569 (CRITEO-AS...) (CRITEO-AS-AP Criteo APAC)
3	2a03:2880:f10... 2a03:2880:f10c:381:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	2404:6800:400... 2404:6800:4003:c00::66	15169 (GOOGLE) (GOOGLE)
1	74.125.200.155 74.125.200.155	15169 (GOOGLE) (GOOGLE)
1 40	2404:6800:400... 2404:6800:4003:c03::9a	15169 (GOOGLE) (GOOGLE)
3	182.161.73.136 182.161.73.136	55569 (CRITEO-AS...) (CRITEO-AS-AP Criteo APAC)
3	104.70.97.166 104.70.97.166	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2606:4700::68... 2606:4700::6812:d841	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	151.101.65.44 151.101.65.44	54113 (FASTLY) (FASTLY)
1 12	2404:6800:400... 2404:6800:4003:c11::63	15169 (GOOGLE) (GOOGLE)
4	2404:6800:400... 2404:6800:4003:c04::5e	15169 (GOOGLE) (GOOGLE)
3	2404:6800:400... 2404:6800:4003:c11::71	15169 (GOOGLE) (GOOGLE)
48	2404:6800:400... 2404:6800:4003:c06::9a	15169 (GOOGLE) (GOOGLE)
2 48	141.226.229.48 141.226.229.48	200478 (TABOOLA-AS) (TABOOLA-AS)
1	2001:4860:480... 2001:4860:4802:34::181	15169 (GOOGLE) (GOOGLE)
3	119.81.192.134 119.81.192.134	36351 (SOFTLAYER) (SOFTLAYER)
8	2406:2600:7:1... 2406:2600:7:100::12	55569 (CRITEO-AS...) (CRITEO-AS-AP Criteo APAC)
7	103.231.98.193 103.231.98.193	62713 (AS-PUBMATIC) (AS-PUBMATIC)
4	13.250.173.68 13.250.173.68	16509 (AMAZON-02) (AMAZON-02)
13	2404:6800:400... 2404:6800:4003:c03::64	15169 (GOOGLE) (GOOGLE)
2	2600:9000:20c... 2600:9000:20c7:2a00:18:1fcd:351:7bc1	16509 (AMAZON-02) (AMAZON-02)
2	104.18.25.185 104.18.25.185	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2602:803:c006... 2602:803:c006:158::65	26667 (RUBICONPR...) (RUBICONPROJECT)
1 17	34.98.64.218 34.98.64.218	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
3 9	104.254.148.252 104.254.148.252	29990 (ASN-APPNEX) (ASN-APPNEX)
2	77.245.57.78 77.245.57.78	36057 (WEBAIR-IN...) (WEBAIR-INTERNET-MTL)
2	119.81.192.141 119.81.192.141	36351 (SOFTLAYER) (SOFTLAYER)
3	104.83.197.63 104.83.197.63	16625 (AKAMAI-AS) (AKAMAI-AS)
1	34.198.29.55 34.198.29.55	14618 (AMAZON-AES) (AMAZON-AES)
2	2404:6800:400... 2404:6800:4003:c11::9c	15169 (GOOGLE) (GOOGLE)
7	2404:6800:400... 2404:6800:4003:c04::9d	15169 (GOOGLE) (GOOGLE)
8	2404:6800:400... 2404:6800:4003:c11::84	15169 (GOOGLE) (GOOGLE)
4	104.18.10.47 104.18.10.47	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3 3	2001:df2:a300... 2001:df2:a300:bbbb::135	6336 (TURN-US-ASN) (TURN-US-ASN)
12 13	3.33.220.150 3.33.220.150	16509 (AMAZON-02) (AMAZON-02)
2 2	124.146.215.49 124.146.215.49	2514 (INFOSPHER...) (INFOSPHERE NTT PC Communications)
2 2	13.33.88.20 13.33.88.20	16509 (AMAZON-02) (AMAZON-02)
14 34	74.125.24.156 74.125.24.156	15169 (GOOGLE) (GOOGLE)
1	2a04:4e42:600... 2a04:4e42:600::714	54113 (FASTLY) (FASTLY)
3	2404:6800:400... 2404:6800:4003:c04::5f	15169 (GOOGLE) (GOOGLE)
1 8	67.199.150.81 67.199.150.81	3257 (GTT-BACKB...) (GTT-BACKBONE GTT)
2 6	104.18.24.185 104.18.24.185	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4 7	52.46.143.56 52.46.143.56	16509 (AMAZON-02) (AMAZON-02)
2 11	139.5.84.243 139.5.84.243	27381 (CASALE-MEDIA) (CASALE-MEDIA)
1	2406:da18:22e... 2406:da18:22e:4f04:558a:3fb0:baff:a5ce	16509 (AMAZON-02) (AMAZON-02)
4 4	64.74.236.127 64.74.236.127	22075 (AS-OUTBRAIN) (AS-OUTBRAIN)
1 1	23.73.13.201 23.73.13.201	16625 (AKAMAI-AS) (AKAMAI-AS)
5 5	13.215.77.187 13.215.77.187	16509 (AMAZON-02) (AMAZON-02)
2 5	2406:da18:929... 2406:da18:929:5a00:7360:21f2:1e24:ce6	16509 (AMAZON-02) (AMAZON-02)
3 4	185.84.60.21 185.84.60.21	198622 (ADFORM) (ADFORM)
5 5	103.229.206.240 103.229.206.240	30419 (MEDIAMATH...) (MEDIAMATH-INC)
25	103.231.98.194 103.231.98.194	62713 (AS-PUBMATIC) (AS-PUBMATIC)
5 10	151.101.130.49 151.101.130.49	54113 (FASTLY) (FASTLY)
1 1	18.138.18.111 18.138.18.111	16509 (AMAZON-02) (AMAZON-02)
3 4	2620:116:800e... 2620:116:800e:21:36b5:1576:d999:6e52	16509 (AMAZON-02) (AMAZON-02)
3 3	182.161.73.146 182.161.73.146	55569 (CRITEO-AS...) (CRITEO-AS-AP Criteo APAC)
2 2	54.152.101.92 54.152.101.92	14618 (AMAZON-AES) (AMAZON-AES)
3 5	220.150.223.50 220.150.223.50	4686 (BEKKOAME ...) (BEKKOAME BEKKOAME INTERNET INC.)
1 1	139.162.58.205 139.162.58.205	63949 (AKAMAI-AP...) (AKAMAI-AP Akamai Technologies)
2 3	35.190.60.146 35.190.60.146	15169 (GOOGLE) (GOOGLE)
2 2	107.178.254.65 107.178.254.65	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 1	34.98.67.3 34.98.67.3	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2 3	119.9.108.191 119.9.108.191	45187 (RACKSPACE...) (RACKSPACE-AP Rackspace IT Hosting AS IT Hosting Provider Hong Kong)
3 3	34.83.125.63 34.83.125.63	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2 2	52.74.162.2 52.74.162.2	16509 (AMAZON-02) (AMAZON-02)
5	67.199.150.85 67.199.150.85	62713 (AS-PUBMATIC) (AS-PUBMATIC)
12 12	35.213.12.39 35.213.12.39	15169 (GOOGLE) (GOOGLE)
2 2	13.114.251.65 13.114.251.65	16509 (AMAZON-02) (AMAZON-02)
4 4	2a02:fa8:c411... 2a02:fa8:c411:13::1400	399104 (CNVR-APAC) (CNVR-APAC)
1 1	34.102.253.54 34.102.253.54	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
3 3	104.254.150.241 104.254.150.241	29990 (ASN-APPNEX) (ASN-APPNEX)
1 2	18.139.23.58 18.139.23.58	16509 (AMAZON-02) (AMAZON-02)
2 3	35.214.223.115 35.214.223.115	15169 (GOOGLE) (GOOGLE)
25	2404:6800:400... 2404:6800:4003:c01::84	15169 (GOOGLE) (GOOGLE)
1	43.132.80.28 43.132.80.28	139341 (ACE-AS-AP...) (ACE-AS-AP ACE)
3 3	2600:1f18:612... 2600:1f18:612b:4216:59f0:7d1c:f2a3:a394	14618 (AMAZON-AES) (AMAZON-AES)
1	122.248.197.40 122.248.197.40	16509 (AMAZON-02) (AMAZON-02)
1 2	35.160.42.230 35.160.42.230	16509 (AMAZON-02) (AMAZON-02)
1 1	23.108.103.8 23.108.103.8	59253 (LEASEWEB-...) (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd.)
9	2404:6800:400... 2404:6800:4003:c03::9c	15169 (GOOGLE) (GOOGLE)
2 11	184.31.5.52 184.31.5.52	16625 (AKAMAI-AS) (AKAMAI-AS)
2	104.65.228.195 104.65.228.195	16625 (AKAMAI-AS) (AKAMAI-AS)
9 12	69.173.158.64 69.173.158.64	26667 (RUBICONPR...) (RUBICONPROJECT)
2	117.18.232.64 117.18.232.64	15133 (EDGECAST) (EDGECAST)
1 1	13.250.189.113 13.250.189.113	16509 (AMAZON-02) (AMAZON-02)
1	34.96.105.8 34.96.105.8	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 1	18.177.11.95 18.177.11.95	16509 (AMAZON-02) (AMAZON-02)
2	13.115.197.76 13.115.197.76	16509 (AMAZON-02) (AMAZON-02)
2 3	35.227.252.103 35.227.252.103	15169 (GOOGLE) (GOOGLE)
2 3	54.239.38.253 54.239.38.253	16509 (AMAZON-02) (AMAZON-02)
1	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2404:6800:400... 2404:6800:4003:c05::95	15169 (GOOGLE) (GOOGLE)
1	2406:2600:4::13 2406:2600:4::13	55569 (CRITEO-AS...) (CRITEO-AS-AP Criteo APAC)
1	2406:2600:7:1... 2406:2600:7:100::15	55569 (CRITEO-AS...) (CRITEO-AS-AP Criteo APAC)
1	182.161.73.132 182.161.73.132	55569 (CRITEO-AS...) (CRITEO-AS-AP Criteo APAC)
1	2001:4de0:ac1... 2001:4de0:ac18::1:a:1a	20446 (STACKPATH...) (STACKPATH-CDN)
3	13.227.255.65 13.227.255.65	16509 (AMAZON-02) (AMAZON-02)
1	133.186.161.89 133.186.161.89	45974 (NHN-AS-KR...) (NHN-AS-KR NHN)
1 1	54.178.154.165 54.178.154.165	16509 (AMAZON-02) (AMAZON-02)
2 3	2a02:6b8::90 2a02:6b8::90	208722 (GLOBAL_DC) (GLOBAL_DC)
2 2	35.208.249.213 35.208.249.213	19527 (GOOGLE-2) (GOOGLE-2)
9 12	162.19.138.117 162.19.138.117	16276 (OVH) (OVH)
1	18.136.246.100 18.136.246.100	16509 (AMAZON-02) (AMAZON-02)
7	103.231.98.201 103.231.98.201	62713 (AS-PUBMATIC) (AS-PUBMATIC)
2	2406:2600:7:1... 2406:2600:7:100::f	55569 (CRITEO-AS...) (CRITEO-AS-AP Criteo APAC)
1	54.193.114.85 54.193.114.85	16509 (AMAZON-02) (AMAZON-02)
2	23.106.127.52 23.106.127.52	59253 (LEASEWEB-...) (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd.)
1 2	209.191.163.210 209.191.163.210	14744 (INTERNAP-...) (INTERNAP-BLOCK-4)
1	74.214.196.131 74.214.196.131	19189 (PULSEPOINT) (PULSEPOINT)
2 2	18.141.80.142 18.141.80.142	16509 (AMAZON-02) (AMAZON-02)
1 1	220.150.223.52 220.150.223.52	4686 (BEKKOAME ...) (BEKKOAME BEKKOAME INTERNET INC.)
2 2	18.192.149.135 18.192.149.135	16509 (AMAZON-02) (AMAZON-02)
1 2	52.223.2.229 52.223.2.229	16509 (AMAZON-02) (AMAZON-02)
1	52.43.45.49 52.43.45.49	16509 (AMAZON-02) (AMAZON-02)
1	82.145.213.8 82.145.213.8	39832 (NO-OPERA) (NO-OPERA)
18	3.0.71.181 3.0.71.181	16509 (AMAZON-02) (AMAZON-02)
1	104.69.96.220 104.69.96.220	16625 (AKAMAI-AS) (AKAMAI-AS)
1 3	52.220.69.171 52.220.69.171	16509 (AMAZON-02) (AMAZON-02)
2	104.83.196.48 104.83.196.48	16625 (AKAMAI-AS) (AKAMAI-AS)
1 1	54.250.155.12 54.250.155.12	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700:10:... 2606:4700:10::6816:3456	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	107.21.165.221 107.21.165.221	14618 (AMAZON-AES) (AMAZON-AES)
1	141.226.230.50 141.226.230.50	200478 (TABOOLA-AS) (TABOOLA-AS)
1	52.18.67.241 52.18.67.241	16509 (AMAZON-02) (AMAZON-02)
2	162.19.138.120 162.19.138.120	16276 (OVH) (OVH)
1	2602:803:c006... 2602:803:c006:158::67	26667 (RUBICONPR...) (RUBICONPROJECT)
2	103.231.98.191 103.231.98.191	62713 (AS-PUBMATIC) (AS-PUBMATIC)
2	72.247.81.120 72.247.81.120	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	103.231.98.211 103.231.98.211	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1 2	35.186.193.173 35.186.193.173	15169 (GOOGLE) (GOOGLE)
1 1	52.220.229.2 52.220.229.2	16509 (AMAZON-02) (AMAZON-02)
4 4	145.40.73.5 145.40.73.5	54825 (PACKET) (PACKET)
1	3.1.14.27 3.1.14.27	16509 (AMAZON-02) (AMAZON-02)
1	8.18.47.7 8.18.47.7	398989 (DEEPINTENT) (DEEPINTENT)
1	195.5.165.20 195.5.165.20	44968 (IPROM-AS) (IPROM-AS)
2 3	34.111.113.62 34.111.113.62	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2 4	2606:4700::68... 2606:4700::6812:19ad	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	34.107.231.31 34.107.231.31	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	23.106.127.48 23.106.127.48	59253 (LEASEWEB-...) (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd.)
1	151.101.2.137 151.101.2.137	54113 (FASTLY) (FASTLY)
1	162.247.241.14 162.247.241.14	23467 (NEWRELIC-...) (NEWRELIC-AS-1)
1 1	209.58.171.197 209.58.171.197	() ()
3	2606:4700:20:... 2606:4700:20::681a:567	() ()
4 5	209.58.168.56 209.58.168.56	() ()
699	126

1 91.215.42.31 (Russian Federation) 1 redirects

ASN57724 (DDOS-GUARD, RU)

gg.gg	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 61.91.93.41 (Nonthaburi, Thailand)

ASN7470 (TRUEINTERNET-AS-AP TRUE INTERNET Co.,Ltd., TH)
PTR: 61-91-93-41.static.asianet.co.th

www.sanook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
graph.sanook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

117 43.132.81.184 (Singapore)

ASN139341 (ACE-AS-AP ACE, SG)

s.isanook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2406:2600:7:100::1 (Japan)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 43.132.80.30 (Singapore)

ASN139341 (ACE-AS-AP ACE, SG)

p3.isanook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2404:6800:4003:c0f::61 (Singapore)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 203.154.58.214 (Thailand)

ASN4618 (INET-TH-AS Internet Thailand Company Limited, TH)
PTR: 203-154-58-214.northern.inet.co.th

lvs2.truehits.in.th	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 61.91.94.165 (Nonthaburi, Thailand)

ASN7470 (TRUEINTERNET-AS-AP TRUE INTERNET Co.,Ltd., TH)
PTR: 61-91-94-165.static.asianet.co.th

sal.isanook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a03:2880:f00c:300:face:b00c:0:3 (Singapore)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
static.xx.fbcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 13.33.88.81 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-13-33-88-81.sin2.r.cloudfront.net

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 104.65.228.208 (Singapore)

ASN16625 (AKAMAI-AS, US)
PTR: a104-65-228-208.deploy.static.akamaitechnologies.com

ads.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 203.151.130.24 (Samut Prakan, Thailand)

ASN4618 (INET-TH-AS Internet Thailand Company Limited, TH)
PTR: 24.130.151.203.sta.inet.co.th

appx.sanook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f00c:20d:face:b00c:0:2 (Singapore)

ASN32934 (FACEBOOK, US)

graph.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

23 151.101.1.44 (United States)

ASN54113 (FASTLY, US)

cdn.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
trc.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
vidstat.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
imprsgmp.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
vidstatb.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
match.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 203.151.130.72 (Samut Prakan, Thailand)

ASN4618 (INET-TH-AS Internet Thailand Company Limited, TH)
PTR: 72.130.151.203.sta.inet.co.th

sloth-api.sanook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2406:2600:7:100::9 (Japan) 2 redirects

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f10c:381:face:b00c:0:25de (Singapore)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2404:6800:4003:c00::66 (Singapore)

ASN15169 (GOOGLE, US)

www.googleoptimize.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 74.125.200.155 (United States)

ASN15169 (GOOGLE, US)
PTR: sa-in-f155.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

40 2404:6800:4003:c03::9a (Singapore) 1 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.com.sg	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 182.161.73.136 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)

mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.70.97.166 (Singapore)

ASN16625 (AKAMAI-AS, US)
PTR: a104-70-97-166.deploy.static.akamaitechnologies.com

avd.innity.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:d841 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.izooto.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 151.101.65.44 (United States)

ASN54113 (FASTLY, US)

widget.perfectmarket.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
vidstat.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pips.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2404:6800:4003:c11::63 (Singapore) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2404:6800:4003:c04::5e (Singapore)

ASN15169 (GOOGLE, US)

www.google.com.sg	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2404:6800:4003:c11::71 (Singapore)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

48 2404:6800:4003:c06::9a (Singapore)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

48 141.226.229.48 (Singapore) 2 redirects

ASN200478 (TABOOLA-AS, IL)

trc-events.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sg-trc-events.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sg-match.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sg-wf.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync-t1.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sg-vid-events.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:34::181 (United States)

ASN15169 (GOOGLE, US)

analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 119.81.192.134 (Singapore)

ASN36351 (SOFTLAYER, US)
PTR: 86.c0.5177.ip4.static.sl-reverse.com

avd.innity.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2406:2600:7:100::12 (Japan)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)

bidder.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 103.231.98.193 (Japan)

ASN62713 (AS-PUBMATIC, US)

hbopenbid.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 13.250.173.68 (Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-250-173-68.ap-southeast-1.compute.amazonaws.com

c2shb.ssp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2404:6800:4003:c03::64 (Singapore)

ASN15169 (GOOGLE, US)

fundingchoicesmessages.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:20c7:2a00:18:1fcd:351:7bc1 (United States)

ASN16509 (AMAZON-02, US)

static.chartbeat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.18.25.185 (None, )

ASN13335 (CLOUDFLARENET, US)

htlb.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2602:803:c006:158::65 (Singapore)

ASN26667 (RUBICONPROJECT, US)

fastlane.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
smarttag.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 34.98.64.218 (Kansas City, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 218.64.98.34.bc.googleusercontent.com

tencentth-d.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
jp-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
taboola-d.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 104.254.148.252 (Los Angeles, United States) 3 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 894.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 77.245.57.78 (United States)

ASN36057 (WEBAIR-INTERNET-MTL, US)

rtb-eu.andbeyond.media	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 119.81.192.141 (Singapore)

ASN36351 (SOFTLAYER, US)
PTR: 8d.c0.5177.ip4.static.sl-reverse.com

as.innity.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.83.197.63 (Singapore)

ASN16625 (AKAMAI-AS, US)
PTR: a104-83-197-63.deploy.static.akamaitechnologies.com

a.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.198.29.55 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-198-29-55.compute-1.amazonaws.com

ping.chartbeat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2404:6800:4003:c11::9c (Singapore)

ASN15169 (GOOGLE, US)

adservice.google.com.sg	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2404:6800:4003:c04::9d (Singapore)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2404:6800:4003:c11::84 (Singapore)

ASN15169 (GOOGLE, US)

980f4f4d67287649793d18d60622bf76.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
088c9d8089bfb08149a26301c057cbad.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
b529ab4d658c81408dbb508f94e32303.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
e5c89f2232552ea4822b61e4e2449130.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
2fe8f18f6d8c0438d666e4c74eb2c13f.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
91bfa6d7aec15f88fefe77f96395c2d3.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 104.18.10.47 (None, )

ASN13335 (CLOUDFLARENET, US)

js-sec.indexww.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.indexww.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2001:df2:a300:bbbb::135 (United States) 3 redirects

ASN6336 (TURN-US-ASN, US)

ad.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 3.33.220.150 (United States) 12 redirects

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 124.146.215.49 (Japan) 2 redirects

ASN2514 (INFOSPHERE NTT PC Communications, Inc., JP)

tg.socdm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.33.88.20 (United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: server-13-33-88-20.sin2.r.cloudfront.net

cr-p3.ladsp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

34 74.125.24.156 (United States) 14 redirects

ASN15169 (GOOGLE, US)
PTR: sf-in-f156.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:600::714 (United States)

ASN54113 (FASTLY, US)

mab.chartbeat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2404:6800:4003:c04::5f (Singapore)

ASN15169 (GOOGLE, US)

imasdk.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 67.199.150.81 (Singapore) 1 redirects

ASN3257 (GTT-BACKBONE GTT, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 104.18.24.185 (None, ) 2 redirects

ASN13335 (CLOUDFLARENET, US)

ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 52.46.143.56 (Ashburn, United States) 4 redirects

ASN16509 (AMAZON-02, US)

s.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 139.5.84.243 (Canada) 2 redirects

ASN27381 (CASALE-MEDIA, CA)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2406:da18:22e:4f04:558a:3fb0:baff:a5ce (Singapore)

ASN16509 (AMAZON-02, US)

d.adroll.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 64.74.236.127 (United States) 4 redirects

ASN22075 (AS-OUTBRAIN, US)
PTR: chi.outbrain.com

b1sync.zemanta.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.73.13.201 (Singapore) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-73-13-201.deploy.static.akamaitechnologies.com

stags.bluekai.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 13.215.77.187 (Singapore) 5 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-13-215-77-187.ap-southeast-1.compute.amazonaws.com

pm.w55c.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2406:da18:929:5a00:7360:21f2:1e24:ce6 (Singapore) 2 redirects

ASN16509 (AMAZON-02, US)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.84.60.21 (Denmark) 3 redirects

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 103.229.206.240 (Singapore) 5 redirects

ASN30419 (MEDIAMATH-INC, US)

sync.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

25 103.231.98.194 (Japan)

ASN62713 (AS-PUBMATIC, US)

simage2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
image2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 151.101.130.49 (United States) 5 redirects

ASN54113 (FASTLY, US)

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
displayf-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
statsf-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
rtd-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.138.18.111 (Singapore) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-138-18-111.ap-southeast-1.compute.amazonaws.com

cm.ambientdsp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2620:116:800e:21:36b5:1576:d999:6e52 (United States) 3 redirects

ASN16509 (AMAZON-02, US)

cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 182.161.73.146 (Singapore) 3 redirects

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)

dis.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.152.101.92 (Ashburn, United States) 2 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-152-101-92.compute-1.amazonaws.com

sync.srv.stackadapt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 220.150.223.50 (Japan) 3 redirects

ASN4686 (BEKKOAME BEKKOAME INTERNET INC., JP)
PTR: 50.223.150.220.in-addr.arpa

sync-dsp.ad-m.asia	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 139.162.58.205 (Singapore) 1 redirects

ASN63949 (AKAMAI-AP Akamai Technologies, Inc., SG)
PTR: li1471-205.members.linode.com

gocm.c.appier.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.190.60.146 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 146.60.190.35.bc.googleusercontent.com

idsync.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 107.178.254.65 (Kansas City, United States) 2 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 65.254.178.107.bc.googleusercontent.com

pippio.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.98.67.3 (Kansas City, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 3.67.98.34.bc.googleusercontent.com

tags.rd.linksynergy.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 119.9.108.191 (Hong Kong) 2 redirects

ASN45187 (RACKSPACE-AP Rackspace IT Hosting AS IT Hosting Provider Hong Kong, HK)

uipglob.semasio.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 34.83.125.63 (The Dalles, United States) 3 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 63.125.83.34.bc.googleusercontent.com

um.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.74.162.2 (Singapore) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-74-162-2.ap-southeast-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 67.199.150.85 (Singapore)

ASN62713 (AS-PUBMATIC, US)

image4.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
simage4.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 35.213.12.39 (Tokyo, Japan) 12 redirects

ASN15169 (GOOGLE, US)
PTR: 39.12.213.35.bc.googleusercontent.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.114.251.65 (Tokyo, Japan) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-13-114-251-65.ap-northeast-1.compute.amazonaws.com

pool.admedo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a02:fa8:c411:13::1400 (Amsterdam, Netherlands) 4 redirects

ASN399104 (CNVR-APAC, US)

pubmatic-match.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
inmobi-match.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.102.253.54 (Kansas City, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 54.253.102.34.bc.googleusercontent.com

ads.playground.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.254.150.241 (Los Angeles, United States) 3 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 906.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.139.23.58 (Singapore) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-139-23-58.ap-southeast-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.214.223.115 (Groningen, Netherlands) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 115.223.214.35.bc.googleusercontent.com

csync.loopme.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

25 2404:6800:4003:c01::84 (Singapore)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 43.132.80.28 (Singapore)

ASN139341 (ACE-AS-AP ACE, SG)

img-as.fsanook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:1f18:612b:4216:59f0:7d1c:f2a3:a394 (Ashburn, United States) 3 redirects

ASN14618 (AMAZON-AES, US)

taboola-supply-partners.tremorhub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 122.248.197.40 (Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-122-248-197-40.ap-southeast-1.compute.amazonaws.com

rtb-lb-event-adcloud-prod-ap-southeast-1-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.160.42.230 (Boardman, United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-35-160-42-230.us-west-2.compute.amazonaws.com

adrta.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ipds.adrta.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.108.103.8 (Singapore) 1 redirects

ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG)

inv-nets.admixer.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2404:6800:4003:c03::9c (Singapore)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 184.31.5.52 (Singapore) 2 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a184-31-5-52.deploy.static.akamaitechnologies.com

secure-assets.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
eus.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ads.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.65.228.195 (Singapore)

ASN16625 (AKAMAI-AS, US)
PTR: a104-65-228-195.deploy.static.akamaitechnologies.com

acdn.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 69.173.158.64 (Singapore) 9 redirects

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 117.18.232.64 (Australia)

ASN15133 (EDGECAST, US)

playtime.tubemogul.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.250.189.113 (Singapore) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-13-250-189-113.ap-southeast-1.compute.amazonaws.com

i.w55c.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.96.105.8 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 8.105.96.34.bc.googleusercontent.com

tr.blismedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.177.11.95 (Tokyo, Japan) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-177-11-95.ap-northeast-1.compute.amazonaws.com

bk.r-ad.ne.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.115.197.76 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-115-197-76.ap-northeast-1.compute.amazonaws.com

dps.jp.cinarra.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.227.252.103 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 103.252.227.35.bc.googleusercontent.com

rtb.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 54.239.38.253 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)

aax-eu.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:21::14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2404:6800:4003:c05::95 (Singapore)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2406:2600:4::13 (Japan)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)

rtb.jp2.as.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2406:2600:7:100::15 (Japan)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)

ads.as.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 182.161.73.132 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)

cat.sg1.as.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4de0:ac18::1:a:1a (Netherlands)

ASN20446 (STACKPATH-CDN, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 13.227.255.65 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-227-255-65.sin52.r.cloudfront.net

c.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 133.186.161.89 (Japan)

ASN45974 (NHN-AS-KR NHN, KR)

app.cauly.co.kr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.178.154.165 (Tokyo, Japan) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-178-154-165.ap-northeast-1.compute.amazonaws.com

cc.adingo.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:6b8::90 (Moscow, Russian Federation) 2 redirects

ASN208722 (GLOBAL_DC, FI)

an.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.208.249.213 (Council Bluffs, United States) 2 redirects

ASN19527 (GOOGLE-2, US)
PTR: 213.249.208.35.bc.googleusercontent.com

trace.mediago.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 162.19.138.117 (France) 9 redirects

ASN16276 (OVH, FR)
PTR: ns31533568.ip-162-19-138.eu

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.136.246.100 (Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-136-246-100.ap-southeast-1.compute.amazonaws.com

id.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 103.231.98.201 (Japan)

ASN62713 (AS-PUBMATIC, US)

t.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2406:2600:7:100::f (Japan)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)

csm.as.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.193.114.85 (San Jose, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-193-114-85.us-west-1.compute.amazonaws.com

jadserve.postrelease.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.106.127.52 (Singapore)

ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG)

ssbsync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
rtb-csync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 209.191.163.210 (United States) 1 redirects

ASN14744 (INTERNAP-BLOCK-4, US)

ce.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 74.214.196.131 (Sunnyvale, United States)

ASN19189 (PULSEPOINT, US)

bh.contextweb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.141.80.142 (Singapore) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-141-80-142.ap-southeast-1.compute.amazonaws.com

ps.eyeota.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 220.150.223.52 (Japan) 1 redirects

ASN4686 (BEKKOAME BEKKOAME INTERNET INC., JP)
PTR: 52.223.150.220.in-addr.arpa

sync-tapi.admatrix.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.192.149.135 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-192-149-135.eu-central-1.compute.amazonaws.com

rtb.mfadsrvr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.223.2.229 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ade9ecc7904667038.awsglobalaccelerator.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.43.45.49 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-43-45-49.us-west-2.compute.amazonaws.com

visitor.omnitagjs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 82.145.213.8 (Norway)

ASN39832 (NO-OPERA, NO)
PTR: n-sysadmin-jumpbox-03.feednews.opera.technology

t.adx.opera.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 3.0.71.181 (Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-0-71-181.ap-southeast-1.compute.amazonaws.com

s.acexedge.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.69.96.220 (Singapore)

ASN16625 (AKAMAI-AS, US)
PTR: a104-69-96-220.deploy.static.akamaitechnologies.com

servedby.flashtalking.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.220.69.171 (Singapore) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-220-69-171.ap-southeast-1.compute.amazonaws.com

sync.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.83.196.48 (Singapore)

ASN16625 (AKAMAI-AS, US)
PTR: a104-83-196-48.deploy.static.akamaitechnologies.com

cdn.flashtalking.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.250.155.12 (Tokyo, Japan) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-250-155-12.ap-northeast-1.compute.amazonaws.com

google.dap.fw-ad.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6816:3456 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 107.21.165.221 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-107-21-165-221.compute-1.amazonaws.com

prod.us-east-1.cxm-bcn.publisher-services.amazon.dev	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.226.230.50 (United States)

ASN200478 (TABOOLA-AS, IL)

cds.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.18.67.241 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-18-67-241.eu-west-1.compute.amazonaws.com

global.cloud.netacuity.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 162.19.138.120 (France)

ASN16276 (OVH, FR)
PTR: ns31533571.ip-162-19-138.eu

lb.eu-1-id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2602:803:c006:158::67 (Singapore)

ASN26667 (RUBICONPROJECT, US)

beacon-sin1.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 103.231.98.191 (Japan)

ASN62713 (AS-PUBMATIC, US)

sshowads.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 72.247.81.120 (Singapore)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a72-247-81-120.deploy.static.akamaitechnologies.com

ced.sascdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 103.231.98.211 (Japan)

ASN62713 (AS-PUBMATIC, US)

st.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.186.193.173 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 173.193.186.35.bc.googleusercontent.com

ipac.ctnsnet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.220.229.2 (Singapore) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-220-229-2.ap-southeast-1.compute.amazonaws.com

cm-supply-web.gammaplatform.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 145.40.73.5 (Queenstown Estate, Singapore) 4 redirects

ASN54825 (PACKET, US)

sync.1rx.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync.targeting.unrulymedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.1.14.27 (Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-1-14-27.ap-southeast-1.compute.amazonaws.com

cm.adgrx.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 8.18.47.7 (United States)

ASN398989 (DEEPINTENT, US)

match.deepintent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 195.5.165.20 (Slovenia)

ASN44968 (IPROM-AS, SI)

core.iprom.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 34.111.113.62 (Kansas City, United States) 2 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 62.113.111.34.bc.googleusercontent.com

pixel.tapad.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700::6812:19ad (United States) 2 redirects

ASN13335 (CLOUDFLARENET, US)

a.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.107.231.31 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 31.231.107.34.bc.googleusercontent.com

p.adlooxtracking.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.106.127.48 (Singapore)

ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG)

prg8.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.2.137 (United States)

ASN54113 (FASTLY, US)

js-agent.newrelic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.247.241.14 (Apex, United States)

ASN23467 (NEWRELIC-AS-1, US)

bam.nr-data.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 209.58.171.197 (None, ) 1 redirects

ASN- ()

ads.aralego.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:20::681a:567 (None, )

ASN- ()

cdn.aralego.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 209.58.168.56 (None, ) 4 redirects

ASN- ()

sync.aralego.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
125	isanook.com s.isanook.com — Cisco Umbrella Rank: 38629 p3.isanook.com — Cisco Umbrella Rank: 133486 sal.isanook.com — Cisco Umbrella Rank: 122443	4 MB
87	doubleclick.net 15 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 41 securepubads.g.doubleclick.net — Cisco Umbrella Rank: 186 stats.g.doubleclick.net — Cisco Umbrella Rank: 77 cm.g.doubleclick.net — Cisco Umbrella Rank: 205	1 MB
74	taboola.com 2 redirects cdn.taboola.com — Cisco Umbrella Rank: 900 trc.taboola.com — Cisco Umbrella Rank: 644 trc-events.taboola.com — Cisco Umbrella Rank: 1739 vidstat.taboola.com — Cisco Umbrella Rank: 2678 sg-trc-events.taboola.com — Cisco Umbrella Rank: 35134 imprsgmp.taboola.com — Cisco Umbrella Rank: 47406 sg-match.taboola.com — Cisco Umbrella Rank: 45886 sg-wf.taboola.com — Cisco Umbrella Rank: 46426 sync-t1.taboola.com — Cisco Umbrella Rank: 1276 vidstatb.taboola.com — Cisco Umbrella Rank: 4572 sync.taboola.com — Cisco Umbrella Rank: 946 match.taboola.com — Cisco Umbrella Rank: 5245 pips.taboola.com — Cisco Umbrella Rank: 1555 cds.taboola.com — Cisco Umbrella Rank: 1624 sg-vid-events.taboola.com	603 KB
71	pubmatic.com 1 redirects ads.pubmatic.com — Cisco Umbrella Rank: 463 hbopenbid.pubmatic.com — Cisco Umbrella Rank: 441 image6.pubmatic.com — Cisco Umbrella Rank: 731 simage2.pubmatic.com — Cisco Umbrella Rank: 657 image2.pubmatic.com — Cisco Umbrella Rank: 882 image4.pubmatic.com — Cisco Umbrella Rank: 925 t.pubmatic.com — Cisco Umbrella Rank: 3574 simage4.pubmatic.com — Cisco Umbrella Rank: 1166 sshowads.pubmatic.com — Cisco Umbrella Rank: 18463 st.pubmatic.com — Cisco Umbrella Rank: 1039	438 KB
60	googlesyndication.com 980f4f4d67287649793d18d60622bf76.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 137 pagead2.googlesyndication.com — Cisco Umbrella Rank: 101 088c9d8089bfb08149a26301c057cbad.safeframe.googlesyndication.com b529ab4d658c81408dbb508f94e32303.safeframe.googlesyndication.com e5c89f2232552ea4822b61e4e2449130.safeframe.googlesyndication.com 2fe8f18f6d8c0438d666e4c74eb2c13f.safeframe.googlesyndication.com 91bfa6d7aec15f88fefe77f96395c2d3.safeframe.googlesyndication.com	317 KB
33	google.com 1 redirects www.google.com — Cisco Umbrella Rank: 2 analytics.google.com — Cisco Umbrella Rank: 315 fundingchoicesmessages.google.com — Cisco Umbrella Rank: 1912 adservice.google.com — Cisco Umbrella Rank: 72	59 KB
28	rubiconproject.com 11 redirects fastlane.rubiconproject.com — Cisco Umbrella Rank: 447 secure-assets.rubiconproject.com — Cisco Umbrella Rank: 848 eus.rubiconproject.com — Cisco Umbrella Rank: 528 pixel.rubiconproject.com — Cisco Umbrella Rank: 316 token.rubiconproject.com — Cisco Umbrella Rank: 542 ads.rubiconproject.com — Cisco Umbrella Rank: 2381 smarttag.rubiconproject.com — Cisco Umbrella Rank: 14334 beacon-sin1.rubiconproject.com — Cisco Umbrella Rank: 16063	62 KB
22	criteo.com 5 redirects gum.criteo.com — Cisco Umbrella Rank: 391 mug.criteo.com — Cisco Umbrella Rank: 2771 bidder.criteo.com — Cisco Umbrella Rank: 725 dis.criteo.com — Cisco Umbrella Rank: 683 rtb.jp2.as.criteo.com — Cisco Umbrella Rank: 19492 ads.as.criteo.com — Cisco Umbrella Rank: 15000 cat.sg1.as.criteo.com — Cisco Umbrella Rank: 15458	33 KB
20	openx.net 3 redirects tencentth-d.openx.net — Cisco Umbrella Rank: 173553 jp-u.openx.net — Cisco Umbrella Rank: 11310 us-u.openx.net — Cisco Umbrella Rank: 420 rtb.openx.net — Cisco Umbrella Rank: 1408 u.openx.net — Cisco Umbrella Rank: 627 taboola-d.openx.net — Cisco Umbrella Rank: 7606	4 KB
19	casalemedia.com 4 redirects htlb.casalemedia.com — Cisco Umbrella Rank: 474 ssum-sec.casalemedia.com — Cisco Umbrella Rank: 421 dsum-sec.casalemedia.com — Cisco Umbrella Rank: 533	13 KB
18	acexedge.com s.acexedge.com — Cisco Umbrella Rank: 6587	60 KB
14	adnxs.com 6 redirects ib.adnxs.com — Cisco Umbrella Rank: 203 secure.adnxs.com — Cisco Umbrella Rank: 385 acdn.adnxs.com — Cisco Umbrella Rank: 535	46 KB
13	id5-sync.com 9 redirects id5-sync.com — Cisco Umbrella Rank: 396 cdn.id5-sync.com — Cisco Umbrella Rank: 927	34 KB
13	amazon-adsystem.com 6 redirects s.amazon-adsystem.com — Cisco Umbrella Rank: 274 aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 936 c.amazon-adsystem.com — Cisco Umbrella Rank: 285	65 KB
13	adsrvr.org 12 redirects match.adsrvr.org — Cisco Umbrella Rank: 295	7 KB
12	bidswitch.net 12 redirects x.bidswitch.net — Cisco Umbrella Rank: 284	6 KB
12	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 183	551 KB
11	everesttech.net 5 redirects sync-tm.everesttech.net — Cisco Umbrella Rank: 586 displayf-tm.everesttech.net — Cisco Umbrella Rank: 4847 rtb-lb-event-adcloud-prod-ap-southeast-1-tm.everesttech.net — Cisco Umbrella Rank: 74760 statsf-tm.everesttech.net — Cisco Umbrella Rank: 4092 rtd-tm.everesttech.net — Cisco Umbrella Rank: 2627	7 KB
11	yahoo.com 4 redirects c2shb.ssp.yahoo.com — Cisco Umbrella Rank: 1057 pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 422 ups.analytics.yahoo.com — Cisco Umbrella Rank: 273	5 KB
11	google.com.sg www.google.com.sg — Cisco Umbrella Rank: 12969 adservice.google.com.sg — Cisco Umbrella Rank: 25282	2 KB
9	criteo.net static.criteo.net — Cisco Umbrella Rank: 630 csm.as.criteo.net — Cisco Umbrella Rank: 15232	205 KB
6	aralego.com 5 redirects ads.aralego.com sync.aralego.com	2 KB
6	w55c.net 6 redirects pm.w55c.net — Cisco Umbrella Rank: 714 i.w55c.net — Cisco Umbrella Rank: 1953	4 KB
5	ad-m.asia 3 redirects sync-dsp.ad-m.asia — Cisco Umbrella Rank: 2584	2 KB
5	mathtag.com 5 redirects sync.mathtag.com — Cisco Umbrella Rank: 460	3 KB
5	innity.com avd.innity.com — Cisco Umbrella Rank: 32373 as.innity.com — Cisco Umbrella Rank: 30389	5 KB
5	sanook.com www.sanook.com — Cisco Umbrella Rank: 74747 appx.sanook.com — Cisco Umbrella Rank: 188920 sloth-api.sanook.com — Cisco Umbrella Rank: 179550 graph.sanook.com — Cisco Umbrella Rank: 145138	65 KB
4	tribalfusion.com 2 redirects a.tribalfusion.com — Cisco Umbrella Rank: 734 s.tribalfusion.com — Cisco Umbrella Rank: 1800	2 KB
4	smartadserver.com ssbsync.smartadserver.com — Cisco Umbrella Rank: 788 rtb-csync.smartadserver.com — Cisco Umbrella Rank: 578 prg8.smartadserver.com — Cisco Umbrella Rank: 17430	1 KB
4	crwdcntrl.net 1 redirects id.crwdcntrl.net — Cisco Umbrella Rank: 1440 sync.crwdcntrl.net — Cisco Umbrella Rank: 751	2 KB
4	dotomi.com 4 redirects pubmatic-match.dotomi.com — Cisco Umbrella Rank: 2949 inmobi-match.dotomi.com — Cisco Umbrella Rank: 10896	1 KB
4	quantserve.com 3 redirects cms.quantserve.com — Cisco Umbrella Rank: 643 pixel.quantserve.com — Cisco Umbrella Rank: 674	2 KB
4	adform.net 3 redirects c1.adform.net — Cisco Umbrella Rank: 590	2 KB
4	zemanta.com 4 redirects b1sync.zemanta.com — Cisco Umbrella Rank: 520	3 KB
4	indexww.com js-sec.indexww.com — Cisco Umbrella Rank: 605 cdn.indexww.com — Cisco Umbrella Rank: 1384	3 KB
4	facebook.com graph.facebook.com — Cisco Umbrella Rank: 129 www.facebook.com — Cisco Umbrella Rank: 106	15 KB
4	facebook.net connect.facebook.net — Cisco Umbrella Rank: 149	224 KB
3	aralego.net cdn.aralego.net	7 KB
3	tapad.com 2 redirects pixel.tapad.com — Cisco Umbrella Rank: 426	1 KB
3	1rx.io 3 redirects sync.1rx.io — Cisco Umbrella Rank: 518	2 KB
3	flashtalking.com servedby.flashtalking.com — Cisco Umbrella Rank: 805 cdn.flashtalking.com — Cisco Umbrella Rank: 1017	108 KB
3	yandex.ru 2 redirects an.yandex.ru — Cisco Umbrella Rank: 3718	988 B
3	tremorhub.com 3 redirects taboola-supply-partners.tremorhub.com — Cisco Umbrella Rank: 3343	2 KB
3	loopme.me 2 redirects csync.loopme.me — Cisco Umbrella Rank: 847	651 B
3	simpli.fi 3 redirects um.simpli.fi — Cisco Umbrella Rank: 726	2 KB
3	semasio.net 2 redirects uipglob.semasio.net — Cisco Umbrella Rank: 1151	2 KB
3	rlcdn.com 2 redirects idsync.rlcdn.com — Cisco Umbrella Rank: 340 api.rlcdn.com Failed	895 B
3	googleapis.com imasdk.googleapis.com — Cisco Umbrella Rank: 423 ajax.googleapis.com — Cisco Umbrella Rank: 298	375 KB
3	turn.com 3 redirects ad.turn.com — Cisco Umbrella Rank: 758	1 KB
3	teads.tv a.teads.tv — Cisco Umbrella Rank: 1330	1 KB
3	chartbeat.com static.chartbeat.com — Cisco Umbrella Rank: 1441 mab.chartbeat.com — Cisco Umbrella Rank: 2212	25 KB
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 35	20 KB
3	innity.net avd.innity.net — Cisco Umbrella Rank: 44931	13 KB
3	scorecardresearch.com 1 redirects sb.scorecardresearch.com — Cisco Umbrella Rank: 147	3 KB
2	ctnsnet.com 1 redirects ipac.ctnsnet.com — Cisco Umbrella Rank: 5184	672 B
2	sascdn.com ced.sascdn.com — Cisco Umbrella Rank: 9576	66 KB
2	eu-1-id5-sync.com lb.eu-1-id5-sync.com — Cisco Umbrella Rank: 1014	802 B
2	amazon.dev prod.us-east-1.cxm-bcn.publisher-services.amazon.dev — Cisco Umbrella Rank: 671	452 B
2	3lift.com 1 redirects eb2.3lift.com — Cisco Umbrella Rank: 337	739 B
2	mfadsrvr.com 2 redirects rtb.mfadsrvr.com — Cisco Umbrella Rank: 878	1 KB
2	eyeota.net 2 redirects ps.eyeota.net — Cisco Umbrella Rank: 993	1 KB
2	lijit.com 1 redirects ce.lijit.com — Cisco Umbrella Rank: 883	1 KB
2	mediago.io 2 redirects trace.mediago.io — Cisco Umbrella Rank: 1147	888 B
2	cinarra.com dps.jp.cinarra.com — Cisco Umbrella Rank: 20263	440 B
2	tubemogul.com playtime.tubemogul.com — Cisco Umbrella Rank: 5289	11 KB
2	adrta.com 1 redirects adrta.com — Cisco Umbrella Rank: 1622 ipds.adrta.com — Cisco Umbrella Rank: 3304	1 KB
2	demdex.net 1 redirects dpm.demdex.net — Cisco Umbrella Rank: 199	2 KB
2	admedo.com 2 redirects pool.admedo.com — Cisco Umbrella Rank: 4749	1 KB
2	pippio.com 2 redirects pippio.com — Cisco Umbrella Rank: 715	880 B
2	stackadapt.com 2 redirects sync.srv.stackadapt.com — Cisco Umbrella Rank: 645	888 B
2	ladsp.com 2 redirects cr-p3.ladsp.com — Cisco Umbrella Rank: 27019	1 KB
2	socdm.com 2 redirects tg.socdm.com — Cisco Umbrella Rank: 971	2 KB
2	andbeyond.media rtb-eu.andbeyond.media — Cisco Umbrella Rank: 129660	532 B
2	fbcdn.net static.xx.fbcdn.net — Cisco Umbrella Rank: 796	136 KB
2	perfectmarket.com widget.perfectmarket.com — Cisco Umbrella Rank: 3372	33 KB
2	truehits.in.th lvs2.truehits.in.th — Cisco Umbrella Rank: 104022	9 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 50	146 KB
1	nr-data.net bam.nr-data.net — Cisco Umbrella Rank: 222	555 B
1	newrelic.com js-agent.newrelic.com — Cisco Umbrella Rank: 341	9 KB
1	adlooxtracking.com p.adlooxtracking.com — Cisco Umbrella Rank: 22943	4 KB
1	iprom.net core.iprom.net — Cisco Umbrella Rank: 5503	277 B
1	deepintent.com match.deepintent.com — Cisco Umbrella Rank: 816	44 B
1	adgrx.com cm.adgrx.com — Cisco Umbrella Rank: 1288	230 B
1	unrulymedia.com 1 redirects sync.targeting.unrulymedia.com — Cisco Umbrella Rank: 918	527 B
1	gammaplatform.com 1 redirects cm-supply-web.gammaplatform.com — Cisco Umbrella Rank: 2578	639 B
1	netacuity.com global.cloud.netacuity.com — Cisco Umbrella Rank: 23603	710 B
1	fw-ad.jp 1 redirects google.dap.fw-ad.jp — Cisco Umbrella Rank: 75090	561 B
1	opera.com t.adx.opera.com — Cisco Umbrella Rank: 1735	468 B
1	omnitagjs.com visitor.omnitagjs.com — Cisco Umbrella Rank: 759	386 B
1	admatrix.jp 1 redirects sync-tapi.admatrix.jp — Cisco Umbrella Rank: 88041	529 B
1	contextweb.com bh.contextweb.com — Cisco Umbrella Rank: 543	878 B
1	postrelease.com jadserve.postrelease.com — Cisco Umbrella Rank: 1022	540 B
1	adingo.jp 1 redirects cc.adingo.jp — Cisco Umbrella Rank: 5420	454 B
1	cauly.co.kr app.cauly.co.kr — Cisco Umbrella Rank: 57658	161 B
1	jquery.com code.jquery.com — Cisco Umbrella Rank: 699	30 KB
1	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 270	17 KB
1	linkedin.com px.ads.linkedin.com — Cisco Umbrella Rank: 359	515 B
1	r-ad.ne.jp 1 redirects bk.r-ad.ne.jp — Cisco Umbrella Rank: 32815	549 B
1	blismedia.com tr.blismedia.com — Cisco Umbrella Rank: 1952	173 B
1	admixer.net 1 redirects inv-nets.admixer.net — Cisco Umbrella Rank: 2209	583 B
1	fsanook.com img-as.fsanook.com — Cisco Umbrella Rank: 195946	163 KB
1	playground.xyz 1 redirects ads.playground.xyz — Cisco Umbrella Rank: 3755	466 B
1	linksynergy.com 1 redirects tags.rd.linksynergy.com — Cisco Umbrella Rank: 4306	391 B
1	appier.net 1 redirects gocm.c.appier.net — Cisco Umbrella Rank: 1930	395 B
1	ambientdsp.com 1 redirects cm.ambientdsp.com — Cisco Umbrella Rank: 25064	653 B
1	bluekai.com 1 redirects stags.bluekai.com — Cisco Umbrella Rank: 489	755 B
1	adroll.com d.adroll.com — Cisco Umbrella Rank: 1521	181 B
1	chartbeat.net ping.chartbeat.net — Cisco Umbrella Rank: 1204
1	izooto.com cdn.izooto.com — Cisco Umbrella Rank: 17752	1 KB
1	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 163	2 KB
1	googleoptimize.com www.googleoptimize.com — Cisco Umbrella Rank: 905	45 KB
1	gg.gg 1 redirects gg.gg — Cisco Umbrella Rank: 412994	1 KB
0	nex8.net Failed cs.nex8.net Failed
699	113

	Domain	Requested by
117	s.isanook.com	www.sanook.com s.isanook.com securepubads.g.doubleclick.net
48	securepubads.g.doubleclick.net	www.googletagservices.com www.sanook.com securepubads.g.doubleclick.net cdn.aralego.net
34	cm.g.doubleclick.net	14 redirects jp-u.openx.net eus.rubiconproject.com 980f4f4d67287649793d18d60622bf76.safeframe.googlesyndication.com www.sanook.com
28	sg-trc-events.taboola.com	www.sanook.com
27	pagead2.googlesyndication.com	securepubads.g.doubleclick.net 980f4f4d67287649793d18d60622bf76.safeframe.googlesyndication.com www.googletagservices.com www.sanook.com tpc.googlesyndication.com
25	tpc.googlesyndication.com	securepubads.g.doubleclick.net 980f4f4d67287649793d18d60622bf76.safeframe.googlesyndication.com tpc.googlesyndication.com www.sanook.com
19	simage2.pubmatic.com	ads.pubmatic.com www.sanook.com
18	s.acexedge.com	playtime.tubemogul.com s.acexedge.com
15	ads.pubmatic.com	s.isanook.com ads.pubmatic.com www.sanook.com securepubads.g.doubleclick.net smarttag.rubiconproject.com sshowads.pubmatic.com
13	match.adsrvr.org	12 redirects www.sanook.com
13	fundingchoicesmessages.google.com	securepubads.g.doubleclick.net www.sanook.com
12	id5-sync.com	9 redirects www.sanook.com
12	x.bidswitch.net	12 redirects
12	www.googletagservices.com	s.isanook.com securepubads.g.doubleclick.net 980f4f4d67287649793d18d60622bf76.safeframe.googlesyndication.com
12	www.google.com	1 redirects www.sanook.com securepubads.g.doubleclick.net 980f4f4d67287649793d18d60622bf76.safeframe.googlesyndication.com tpc.googlesyndication.com
11	dsum-sec.casalemedia.com	2 redirects ssum-sec.casalemedia.com
9	ib.adnxs.com	3 redirects www.sanook.com acdn.adnxs.com
9	cdn.taboola.com	s.isanook.com cdn.taboola.com www.sanook.com
8	eus.rubiconproject.com	imprsgmp.taboola.com ads.pubmatic.com eus.rubiconproject.com sg-match.taboola.com www.sanook.com
8	image6.pubmatic.com	1 redirects ads.pubmatic.com
8	bidder.criteo.com	www.sanook.com static.criteo.net
8	trc.taboola.com	www.sanook.com imprsgmp.taboola.com sg-match.taboola.com eus.rubiconproject.com
7	t.pubmatic.com	www.sanook.com
7	pixel.rubiconproject.com	4 redirects eus.rubiconproject.com
7	sync-t1.taboola.com	imprsgmp.taboola.com sg-match.taboola.com www.sanook.com
7	s.amazon-adsystem.com	4 redirects ssum-sec.casalemedia.com eus.rubiconproject.com
7	adservice.google.com	securepubads.g.doubleclick.net
7	adservice.google.com.sg	securepubads.g.doubleclick.net
7	hbopenbid.pubmatic.com	www.sanook.com
7	static.criteo.net	www.sanook.com ads.as.criteo.com
6	sync.taboola.com	2 redirects sg-match.taboola.com www.sanook.com
6	image2.pubmatic.com	ads.pubmatic.com www.sanook.com
6	ssum-sec.casalemedia.com	2 redirects js-sec.indexww.com ssum-sec.casalemedia.com
6	jp-u.openx.net	ads.pubmatic.com jp-u.openx.net 980f4f4d67287649793d18d60622bf76.safeframe.googlesyndication.com
5	sync.aralego.com	4 redirects www.sanook.com
5	token.rubiconproject.com	5 redirects
5	sync-dsp.ad-m.asia	3 redirects ads.pubmatic.com jp-u.openx.net
5	sync.mathtag.com	5 redirects
5	pr-bh.ybp.yahoo.com	2 redirects ssum-sec.casalemedia.com www.sanook.com jp-u.openx.net
5	pm.w55c.net	5 redirects
5	us-u.openx.net	jp-u.openx.net
5	gum.criteo.com	2 redirects static.criteo.net cdn.taboola.com
5	p3.isanook.com	www.sanook.com s.isanook.com p3.isanook.com
4	simage4.pubmatic.com	ads.pubmatic.com
4	c1.adform.net	3 redirects ads.pubmatic.com
4	b1sync.zemanta.com	4 redirects
4	vidstat.taboola.com	cdn.taboola.com vidstat.taboola.com
4	c2shb.ssp.yahoo.com	www.sanook.com
4	www.google.com.sg	www.sanook.com
4	connect.facebook.net	www.sanook.com connect.facebook.net s.isanook.com
3	cdn.aralego.net	ads.aralego.com
3	pixel.tapad.com	2 redirects www.sanook.com
3	sync.1rx.io	3 redirects
3	sync.crwdcntrl.net	1 redirects 980f4f4d67287649793d18d60622bf76.safeframe.googlesyndication.com www.sanook.com
3	rtd-tm.everesttech.net	2 redirects 980f4f4d67287649793d18d60622bf76.safeframe.googlesyndication.com
3	an.yandex.ru	2 redirects www.sanook.com
3	c.amazon-adsystem.com	www.sanook.com
3	aax-eu.amazon-adsystem.com	2 redirects eus.rubiconproject.com
3	rtb.openx.net	2 redirects jp-u.openx.net
3	statsf-tm.everesttech.net	980f4f4d67287649793d18d60622bf76.safeframe.googlesyndication.com
3	taboola-supply-partners.tremorhub.com	3 redirects
3	sg-wf.taboola.com	www.sanook.com
3	csync.loopme.me	2 redirects www.sanook.com
3	secure.adnxs.com	3 redirects
3	um.simpli.fi	3 redirects
3	uipglob.semasio.net	2 redirects www.sanook.com
3	idsync.rlcdn.com	2 redirects www.sanook.com
3	dis.criteo.com	3 redirects
3	sync-tm.everesttech.net	3 redirects
3	ad.turn.com	3 redirects
3	980f4f4d67287649793d18d60622bf76.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
3	a.teads.tv	www.sanook.com
3	fastlane.rubiconproject.com	www.sanook.com
3	avd.innity.com	avd.innity.net www.sanook.com
3	www.google-analytics.com	www.googletagmanager.com www.sanook.com www.google-analytics.com
3	avd.innity.net	p3.isanook.com avd.innity.net www.sanook.com
3	mug.criteo.com	www.sanook.com
3	googleads.g.doubleclick.net	1 redirects www.googletagmanager.com pagead2.googlesyndication.com
3	www.facebook.com	www.sanook.com connect.facebook.net
3	sb.scorecardresearch.com	1 redirects p3.isanook.com www.sanook.com
3	sal.isanook.com	www.sanook.com
2	taboola-d.openx.net	www.sanook.com
2	prg8.smartadserver.com	ced.sascdn.com
2	s.tribalfusion.com	ads.pubmatic.com
2	a.tribalfusion.com	2 redirects
2	ipac.ctnsnet.com	1 redirects ads.pubmatic.com
2	st.pubmatic.com	sshowads.pubmatic.com
2	ced.sascdn.com	sshowads.pubmatic.com
2	sshowads.pubmatic.com	ads.pubmatic.com
2	lb.eu-1-id5-sync.com	www.sanook.com
2	prod.us-east-1.cxm-bcn.publisher-services.amazon.dev	www.sanook.com
2	cdn.flashtalking.com	servedby.flashtalking.com blank
2	pixel.quantserve.com	1 redirects 980f4f4d67287649793d18d60622bf76.safeframe.googlesyndication.com
2	eb2.3lift.com	1 redirects www.sanook.com
2	u.openx.net	1 redirects www.sanook.com
2	rtb.mfadsrvr.com	2 redirects
2	ps.eyeota.net	2 redirects
2	inmobi-match.dotomi.com	2 redirects
2	ce.lijit.com	1 redirects www.sanook.com
2	csm.as.criteo.net	ads.as.criteo.com
2	trace.mediago.io	2 redirects
2	dps.jp.cinarra.com	jp-u.openx.net ads.pubmatic.com
2	playtime.tubemogul.com	displayf-tm.everesttech.net playtime.tubemogul.com
2	acdn.adnxs.com	ads.pubmatic.com
2	secure-assets.rubiconproject.com	2 redirects
2	graph.sanook.com	s.isanook.com
2	sg-match.taboola.com	vidstat.taboola.com
2	dpm.demdex.net	1 redirects ssum-sec.casalemedia.com
2	pubmatic-match.dotomi.com	2 redirects
2	pool.admedo.com	2 redirects
2	ups.analytics.yahoo.com	2 redirects
2	pippio.com	2 redirects
2	sync.srv.stackadapt.com	2 redirects
2	cms.quantserve.com	2 redirects
2	cdn.indexww.com	ssum-sec.casalemedia.com
2	imasdk.googleapis.com	securepubads.g.doubleclick.net imasdk.googleapis.com
2	cr-p3.ladsp.com	2 redirects
2	tg.socdm.com	2 redirects
2	js-sec.indexww.com	ads.pubmatic.com
2	as.innity.com	www.sanook.com
2	rtb-eu.andbeyond.media	www.sanook.com
2	tencentth-d.openx.net	www.sanook.com
2	htlb.casalemedia.com	www.sanook.com
2	static.chartbeat.com	www.sanook.com www.googletagmanager.com
2	static.xx.fbcdn.net	www.facebook.com
2	stats.g.doubleclick.net	www.googletagmanager.com www.sanook.com
2	widget.perfectmarket.com	cdn.taboola.com widget.perfectmarket.com
2	lvs2.truehits.in.th	www.sanook.com
2	www.googletagmanager.com	www.sanook.com www.googleoptimize.com
1	91bfa6d7aec15f88fefe77f96395c2d3.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	ads.aralego.com	1 redirects
1	sg-vid-events.taboola.com	vidstat.taboola.com
1	bam.nr-data.net	js-agent.newrelic.com
1	js-agent.newrelic.com	www.sanook.com
1	p.adlooxtracking.com	www.sanook.com
1	core.iprom.net	ads.pubmatic.com
1	match.deepintent.com	ads.pubmatic.com
1	cm.adgrx.com	ads.pubmatic.com
1	sync.targeting.unrulymedia.com	1 redirects
1	cm-supply-web.gammaplatform.com	1 redirects
1	beacon-sin1.rubiconproject.com	www.sanook.com
1	2fe8f18f6d8c0438d666e4c74eb2c13f.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	smarttag.rubiconproject.com	ads.rubiconproject.com
1	global.cloud.netacuity.com	www.sanook.com
1	ads.rubiconproject.com	www.sanook.com
1	cds.taboola.com	www.sanook.com
1	cdn.id5-sync.com	www.sanook.com
1	e5c89f2232552ea4822b61e4e2449130.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	pips.taboola.com	www.sanook.com
1	google.dap.fw-ad.jp	1 redirects
1	b529ab4d658c81408dbb508f94e32303.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	servedby.flashtalking.com	www.sanook.com
1	t.adx.opera.com	www.sanook.com
1	visitor.omnitagjs.com	www.sanook.com
1	match.taboola.com	www.sanook.com
1	sync-tapi.admatrix.jp	1 redirects
1	rtb-csync.smartadserver.com	www.sanook.com
1	bh.contextweb.com	www.sanook.com
1	ssbsync.smartadserver.com	www.sanook.com
1	jadserve.postrelease.com	www.sanook.com
1	id.crwdcntrl.net	www.sanook.com
1	cc.adingo.jp	1 redirects
1	app.cauly.co.kr	980f4f4d67287649793d18d60622bf76.safeframe.googlesyndication.com
1	code.jquery.com	www.sanook.com
1	cat.sg1.as.criteo.com	ads.as.criteo.com
1	ads.as.criteo.com	980f4f4d67287649793d18d60622bf76.safeframe.googlesyndication.com
1	rtb.jp2.as.criteo.com	www.sanook.com
1	s0.2mdn.net	imasdk.googleapis.com
1	px.ads.linkedin.com	eus.rubiconproject.com
1	vidstatb.taboola.com	www.sanook.com
1	bk.r-ad.ne.jp	1 redirects
1	tr.blismedia.com	jp-u.openx.net
1	i.w55c.net	1 redirects
1	ajax.googleapis.com	securepubads.g.doubleclick.net
1	088c9d8089bfb08149a26301c057cbad.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	inv-nets.admixer.net	1 redirects
1	ipds.adrta.com	980f4f4d67287649793d18d60622bf76.safeframe.googlesyndication.com
1	adrta.com	1 redirects
1	rtb-lb-event-adcloud-prod-ap-southeast-1-tm.everesttech.net	980f4f4d67287649793d18d60622bf76.safeframe.googlesyndication.com
1	displayf-tm.everesttech.net	980f4f4d67287649793d18d60622bf76.safeframe.googlesyndication.com
1	img-as.fsanook.com	securepubads.g.doubleclick.net
1	imprsgmp.taboola.com	vidstat.taboola.com
1	ads.playground.xyz	1 redirects
1	image4.pubmatic.com	www.sanook.com
1	tags.rd.linksynergy.com	1 redirects
1	gocm.c.appier.net	1 redirects
1	cm.ambientdsp.com	1 redirects
1	stags.bluekai.com	1 redirects
1	d.adroll.com	ssum-sec.casalemedia.com
1	mab.chartbeat.com	www.sanook.com
1	ping.chartbeat.net	www.sanook.com
1	analytics.google.com	www.googletagmanager.com
1	trc-events.taboola.com	www.sanook.com
1	cdn.izooto.com	s.isanook.com
1	www.googleadservices.com	www.googletagmanager.com
1	www.googleoptimize.com	www.googletagmanager.com
1	sloth-api.sanook.com	www.sanook.com
1	graph.facebook.com	s.isanook.com
1	appx.sanook.com	s.isanook.com
1	www.sanook.com
1	gg.gg	1 redirects
0	api.rlcdn.com Failed	www.sanook.com
0	cs.nex8.net Failed	jp-u.openx.net
699	203

This site contains links to these domains. Also see Links.

Domain
truehits.net
news.sanook.com
www.joox.com
wetv.vip
www.wecomics.in.th
www.facebook.com
sso.member.sanook.com
muan.sanook.com
www.sanook77.co
comics.sanook.com
tv.sanook.com
learning.sanook.com
guru.sanook.com
www.tencent.co.th
twitter.com
instagram.com
www.youtube.com
www.linkedin.com
line.me
webboard.horoscope.sanook.com
season.sanook.com
social-plugins.line.me
horoscope.sanook.com
thefamilybreeze.com
popup.taboola.com
storytohear.com
kingdomofmen.com
www.zaobao.com.sg
trc.taboola.com
985d23.pqhpsmjvtvzt.com
redirectsystems.com
www.mastermysan.com
kneepaintreatment-sg.space
womensmethod.com
trueedition.com
itunes.apple.com
play.google.com

Subject Issuer	Validity	Valid
*.sanook.com DigiCert TLS RSA SHA256 2020 CA1	`2022-06-07` - `2023-07-08`	a year	crt.sh
*.isanook.com DigiCert TLS RSA SHA256 2020 CA1	`2022-10-04` - `2023-10-19`	a year	crt.sh
*.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-01-13` - `2023-04-15`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-02-01` - `2023-04-26`	3 months	crt.sh
lvs2.truehits.in.th Sectigo RSA Domain Validation Secure Server CA	`2023-01-29` - `2024-02-27`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-11-29` - `2023-02-27`	3 months	crt.sh
*.scorecardresearch.com Amazon	`2022-12-30` - `2024-01-28`	a year	crt.sh
*.pubmatic.com DigiCert TLS RSA SHA256 2020 CA1	`2023-01-25` - `2024-01-24`	a year	crt.sh
*.taboola.com DigiCert TLS RSA SHA256 2020 CA1	`2022-12-08` - `2023-12-31`	a year	crt.sh
*.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-01-04` - `2023-03-31`	3 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2023-02-01` - `2023-04-26`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-02-01` - `2023-04-26`	3 months	crt.sh
*.innity.net DigiCert SHA2 Secure Server CA	`2022-03-19` - `2023-03-08`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-06-13` - `2023-06-13`	a year	crt.sh
widget.perfectmarket.com GlobalSign Atlas R3 DV TLS CA 2022 Q3	`2022-09-27` - `2023-10-29`	a year	crt.sh
www.google.com GTS CA 1C3	`2023-02-01` - `2023-04-26`	3 months	crt.sh
*.google.com.sg GTS CA 1C3	`2023-02-01` - `2023-04-26`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-02-01` - `2023-04-26`	3 months	crt.sh
*.innity.com Sectigo RSA Domain Validation Secure Server CA	`2022-11-08` - `2023-12-09`	a year	crt.sh
web.ssp.yahoo.com DigiCert SHA2 High Assurance Server CA	`2022-12-27` - `2023-06-21`	6 months	crt.sh
*.chartbeat.com Thawte RSA CA 2018	`2022-05-06` - `2023-06-03`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2022-03-08` - `2023-04-04`	a year	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2022-07-21` - `2023-08-21`	a year	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2022-02-11` - `2023-03-14`	a year	crt.sh
*.andbeyond.media Starfield Secure Certificate Authority - G2	`2023-02-14` - `2024-03-17`	a year	crt.sh
teads.tv R3	`2023-02-16` - `2023-05-17`	3 months	crt.sh
*.chartbeat.net Thawte RSA CA 2018	`2022-12-19` - `2023-12-30`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-02-01` - `2023-04-26`	3 months	crt.sh
d.adroll.com Amazon RSA 2048 M02	`2022-11-08` - `2023-12-07`	a year	crt.sh
*.ybp.yahoo.com DigiCert SHA2 High Assurance Server CA	`2022-11-08` - `2023-05-03`	6 months	crt.sh
track.adform.net DigiCert TLS RSA SHA256 2020 CA1	`2022-09-20` - `2023-09-20`	a year	crt.sh
sync-dsp.ad-m.asia GlobalSign GCC R3 DV TLS CA 2020	`2022-07-21` - `2023-08-22`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-02-01` - `2023-04-26`	3 months	crt.sh
*.fsanook.com DigiCert TLS RSA SHA256 2020 CA1	`2022-12-06` - `2024-01-06`	a year	crt.sh
*.everesttech.net GlobalSign Atlas R3 DV TLS CA 2022 Q4	`2022-11-07` - `2023-12-09`	a year	crt.sh
*.tmogul.com DigiCert TLS RSA SHA256 2020 CA1	`2022-06-10` - `2023-07-11`	a year	crt.sh
cdn.adnxs.com GeoTrust RSA CA 2018	`2022-10-21` - `2023-10-22`	a year	crt.sh
*.tubemogul.com DigiCert TLS RSA SHA256 2020 CA1	`2022-05-20` - `2023-06-20`	a year	crt.sh
tr.blismedia.com GTS CA 1D4	`2023-02-12` - `2023-05-13`	3 months	crt.sh
*.jp.cinarra.com Sectigo RSA Domain Validation Secure Server CA	`2022-05-14` - `2023-06-13`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-02-01` - `2023-04-26`	3 months	crt.sh
*.jp2.as.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-12-24` - `2023-03-26`	3 months	crt.sh
*.as.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-12-20` - `2023-03-18`	3 months	crt.sh
*.sg1.as.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-12-19` - `2023-03-21`	3 months	crt.sh
*.jquery.com Sectigo RSA Domain Validation Secure Server CA	`2022-08-03` - `2023-07-14`	a year	crt.sh
c.amazon-adsystem.com Amazon	`2022-05-09` - `2023-04-18`	a year	crt.sh
*.cauly.co.kr Sectigo RSA Organization Validation Secure Server CA	`2022-02-24` - `2023-03-06`	a year	crt.sh
*.id5-sync.com R3	`2023-01-25` - `2023-04-25`	3 months	crt.sh
*.crwdcntrl.net Go Daddy Secure Certificate Authority - G2	`2022-05-01` - `2023-06-02`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2022-03-31` - `2023-05-02`	a year	crt.sh
*.as.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-01-19` - `2023-04-16`	3 months	crt.sh
*.postrelease.com Amazon RSA 2048 M01	`2023-02-10` - `2023-12-28`	a year	crt.sh
*.smartadserver.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-01-21` - `2024-01-23`	a year	crt.sh
*.contextweb.com DigiCert TLS RSA SHA256 2020 CA1	`2022-04-07` - `2023-05-08`	a year	crt.sh
*.omnitagjs.com Amazon RSA 2048 M02	`2023-02-09` - `2023-06-15`	4 months	crt.sh
*.adx.opera.com DigiCert TLS RSA SHA256 2020 CA1	`2022-05-18` - `2023-06-18`	a year	crt.sh
acexedge.com R3	`2023-02-02` - `2023-05-03`	3 months	crt.sh
servedby.flashtalking.com DigiCert TLS RSA SHA256 2020 CA1	`2022-11-11` - `2023-11-12`	a year	crt.sh
*.quantserve.com DigiCert TLS RSA SHA256 2020 CA1	`2022-08-09` - `2023-09-09`	a year	crt.sh
cdn.flashtalking.com DigiCert TLS RSA SHA256 2020 CA1	`2022-05-20` - `2023-05-20`	a year	crt.sh
prod.us-east-1.cxm-bcn.publisher-services.amazon.dev Amazon RSA 2048 M02	`2022-12-27` - `2024-01-25`	a year	crt.sh
*.cloud.netacuity.com Amazon RSA 2048 M01	`2023-02-10` - `2023-04-25`	2 months	crt.sh
*.eu-1-id5-sync.com R3	`2023-01-25` - `2023-04-25`	3 months	crt.sh
*.sascdn.com DigiCert TLS RSA SHA256 2020 CA1	`2022-09-08` - `2023-09-11`	a year	crt.sh
*.ctnsnet.com DigiCert TLS RSA SHA256 2020 CA1	`2023-01-04` - `2023-11-06`	10 months	crt.sh
public1.adgear.com Sectigo RSA Domain Validation Secure Server CA	`2022-03-01` - `2023-03-28`	a year	crt.sh
*.deepintent.com Go Daddy Secure Certificate Authority - G2	`2022-05-02` - `2023-06-03`	a year	crt.sh
*.iprom.net R3	`2022-12-05` - `2023-03-05`	3 months	crt.sh
p.adlooxtracking.com GTS CA 1D4	`2023-01-25` - `2023-04-25`	3 months	crt.sh
js-agent.newrelic.com GlobalSign Atlas R3 DV TLS CA 2022 Q2	`2022-07-10` - `2023-08-11`	a year	crt.sh
*.nr-data.net DigiCert TLS RSA SHA256 2020 CA1	`2022-11-18` - `2023-12-19`	a year	crt.sh
*.aralego.com Sectigo RSA Domain Validation Secure Server CA	`2022-10-19` - `2023-11-19`	a year	crt.sh

This page contains 97 frames:

Primary Page: https://www.sanook.com/horoscope/73929/
Frame ID: 798DFD7B5E6DAFBF6F7E5DDAFDB3E7B3
Requests: 309 HTTP requests in this frame

Frame: https://p3.isanook.com/jo/0/mu/evt/_cross_storage/ex/hub.html
Frame ID: 50E01CDC11C81DE3AA2CB67D71D4BA1E
Requests: 2 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.sanook.com
Frame ID: 0ABAA050B7B47BEDAFDF46CD6B503F48
Requests: 2 HTTP requests in this frame

Frame: https://cdn.izooto.com/scripts/sak/iz_setcid.html?v=1
Frame ID: 9CD41667ECDA348F2A851D4F428E2358
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/v2.9/plugins/like.php?action=like&app_id=1675028022749749&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df240edf36ea1cf8%26domain%3Dwww.sanook.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.sanook.com%252Ff1a586d0fa522c4%26relation%3Dparent.parent&color_scheme=light&container_width=270&href=https%3A%2F%2Fwww.facebook.com%2Fsanookhoroscope%2F&layout=standard&locale=en_US&sdk=joey&share=false&show_faces=true&size=small&width=270
Frame ID: 299D244450F87003830DB4AF0A61769B
Requests: 3 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: BAA76F7EA3FEB0EE36FC6E7FD4775466
Requests: 1 HTTP requests in this frame

Frame: https://jp-u.openx.net/w/1.0/pd?plm=6&ph=37e95722-5599-4708-ac2b-c16016d6597d&gdpr=0
Frame ID: 097551DA814D5F369B45AFC917759C74
Requests: 7 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=155976
Frame ID: 77E79F9B5C6F4CA8F61B99030D409AB8
Requests: 17 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=155976
Frame ID: 2665B2A0301AF5978009AE2F79F574A1
Requests: 3 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=155976
Frame ID: 609397E9FDD5316738AE5F02BB5E7229
Requests: 3 HTTP requests in this frame

Frame: https://980f4f4d67287649793d18d60622bf76.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 142611455A372FB134B6B50FD00B4538
Requests: 1 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: B7EA08B09CCC7C3079DBECDFA9C1532F
Requests: 1 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: DB3EA9559A7E98CB942EAF2945DADB64
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssjnNB-aDIw_Z84s1NqM3GuRdZ1WK7YwSze6RYbP7SlTwIEpFsY8T5hU8Yx09mDVsV-NnsPraxMmpi-O1iJ1RmBKPam7GbJ8408DfZCa2-tKGuky7pMrqplrlfucQ_Q8fdZETExaIcNUMwi_Bn2qmTJt4IT-AiYmorFVKUXktjuSv1VrxxtSjnRLtw0WeGp2MvVFZvQdwHcaLzHZIAL6sA6d12hdA0_T0aSjSfOruhvkZ5zXZbTzGIgCimQihfMbSv_glyrh-nvKwu9dQ8_c7N57KNEt1PXFhwKLUpyDLvkhNsH4ol63h8oZFSgEUqoVq_mgZdwrH4BCQAMl3C8rLcuMJj3y1gU3RVnFEXTnDfIsi6JY_0nNo1lHz8wLA&sai=AMfl-YTg3xOuLiVftZqDx-mf25u7gFzopt9jgYfT_ix-tOw9fiY87NuxEFQCR65YbbbCJaoMOLuReF6OJzb_nf7Ii3UQ5TPcD7ySxYK9xGfytyhYSw0yrcq0EQzDQS_dsX4&sig=Cg0ArKJSzNg5i8fQ0zorEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: D660D76A1A164E93620EF2009A39DD0A
Requests: 15 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstJWgbeBXyKcZykhtw2Nbywg9iQNVn-1YTedFDm3JksZyU8hG1XkkV6aSAcBT76bI4nc39q2Xh0VM8JTtH4VjMShum97NzQTqBBJrKzReIBV9H1Z87uu0pJGHjymn7uqpnY-ceGYzUQHMH-zJoy3cU-V8jEGHPgRRwrc4u8fw_RZXTK2FpS9RT9rFz06v-gms59SwOVkMLybvSsQlfwEM2G-fCvNkBh5C1R02DZej7-N0_m821dBHc6Dmjuf0XHEgjqRSQC_bu-PksqJ4ysokteOgNl7GhUoX6tZgZyB2Xi3fAcF3giT8Qo6WXm7ir3mPmzRVhfGzZRQWBRKFz-xo416uiYt4tfHkDiO_m-X61lFzHZ2EA&sai=AMfl-YQVlEStWPPwj6b22-dc78871YeX-zsqIpe6Di6kUdf4gzuhLUf2z1-aVqNWZyUIp5RFl4NaIsndbkUTrBJnIy9vQwRhIz1q1xoRR1yyDiXr5pUHw8sGkGdV0z1McQ&sig=Cg0ArKJSzMOuOWUHtdJIEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: B6EF7B7D65B38546CF9A371D45D457CF
Requests: 12 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fwww.sanook.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Frame ID: A07388ECC1A92B7DC83359832CDA5FC0
Requests: 10 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fwww.sanook.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Frame ID: 4993A15890FCAA4768869BB524D96125
Requests: 10 HTTP requests in this frame

Frame: https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=85D19C09-7095-475E-95C8-9F29F99AFE82&gdpr=0&gdpr_consent=
Frame ID: CAA9FC26C93D1AE1AEF9CA45D9727191
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:028d63f2-6abd-4300-8a87-36805cc62154&gdpr=0&gdpr_consent=
Frame ID: A0125EF968AF1F97F54FF2FE055FE250
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Y-JqvQAGoQzDdQBh&gdpr=1&gdpr_consent=&_test=Y-JqvQAGoQzDdQBh
Frame ID: 67335D7130EEC25550588F197CA179AC
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQ0OSZ0bD00MzIwMA==&piggybackCookie=z0mrtbvuj81
Frame ID: 55A2F3E2EE1E7F3B6EF169D61B0CE78D
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=5043346485621275506&gdpr=0&gdpr_consent=
Frame ID: 9F182880DBBE46A0F3232D756C5F73BE
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=LsVbly6XX8E1wFmRL5IQkyHAX5I1kwSWepVi1zeF
Frame ID: 47E1FE776EC022D1BA965C055116A851
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Frame ID: 1ADC45D7664D4DC9645EA72B594F9C94
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=GRlqTZV3QLxvc_FbQVJP0mf-mdI&gdpr=0&gdpr_consent=
Frame ID: FEFE859B9EAB3BD07E2FB91FD5C6C296
Requests: 1 HTTP requests in this frame

Frame: https://sync-dsp.ad-m.asia/dsp/api/sync/send?s=pubmatic&rd=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyNTMmdGw9MTI5NjAw%26piggybackCookie%3D
Frame ID: 51A9A78C4EB00779F901758C0DF8424C
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=KmfVv85WA2yHneP0vWryYw
Frame ID: E27E54E0CD4C2C4AF45FAB39B644EA58
Requests: 1 HTTP requests in this frame

Frame: https://980f4f4d67287649793d18d60622bf76.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 40E8C7F88A28092BD21E0F84C32B873A
Requests: 12 HTTP requests in this frame

Frame: https://imprsgmp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V7yg4CFgMtJZNQBpbcQwQtJZNQBpbcQwUAAAAGBuIHJGEbjDbL0W4t2mxca9HEN3MrnJvNWmaxLCaTjW-2WKyMQBK2wWizHO3Wos3GtRZNfDO3wrnZrGUWy2Iy2fhmi8XKCh_GcpkMaoGEZfb7DgrK6ekxuwyiouttsTucZs8bTtB0Onyue73u97trHna_32vX-N1-od_y93z8hpdft1lOlns5AAAAADz8____QwAAAABEAAAAAEgAAAAAUARU_FsIXAAAAABg_P___2sAAHMkzNPucxj-lpc_AAAAAEAAAAAASAAIOtZKACywqk7-_________2MG6DNvZP7___9vGHoAHnwAHoQAAAAehlbJ10QW8P6CiAo6ihgBAAAAnPlnSh9N6oTKour__7_fCuAKACDAUA3-PSpLd1DiLQwAAEBgbIEeFr_f7LBr_G6X_f________-b_Z_9o_2MXiukCT3Pzqj9AgIArP0CAgCwqRsAwFsAXNARtGIwWN1ArlazAwAAALj7____1wMRw2qxmyx3q9HGNDNsnMvZzLew2BbLzWplGDmW28OsxEkRcPtQ7AsRltnvOygop6fH7DKIiq63xe5wmj0H8UHDsJwMovlN2GK0mkw2y-FsuZgMhqPhaLS_gVgMBjgRg-VyMllMdqvRarQZ7kazwQIFYjBBihYNJqvRaLKYDFejyWq2XOx2G6Ro1Wo22gyGq9lkttuthoPhcjTCCVuMVpPJZjmcLReTwXA0HI2GCFOmjc0zM6zcEpNvtxZNViu3xGYYrmUOw2hmWe2WM8vKLXp9TA-XxWbYbLwoGDCyF8nTIp3IXKOFb-VxDFem4XLhmKwWM4vDuDAthruNYbKYWcQSzckincgu-4phtdhNlrvVaGOaGTbO5WzmW1hsi-VmtTKMHMt9y7SxeWaGlVti8u3Woslq5ZbYDMO1zGEYzSyr3XJmWblFr4_p4bLYDJuNvzHbzYabxWgy2Ddmu9lwsxhNBvsOneG7-pyNnsvB3HGpL99z5nZzGBQug8X7PVik0WlnZ_S5DBeLamzaOSZWod_v9_v9fr_f7_duzAaPwWD4Wc7Hvtiv_RZOnu_GezAqYongIp1oHna_32sRS5Smi3SiF_otf8_Hb3j5dZvlZDkRSwSni3QiehlPF_UfH2KwmUtWo7litZlLFoNVAgAAAAAAAABYwpR5EwAAAIDTQGbL2W61zoMYzUajwWq5AA9wAbo_vGaYs682tbsOxL7bG3lxCMWNHxvMw-73e60MACGYzbz5M0Gs1WpZAwAACGADAAAEcOvmLQCLif____-PAwAAkJGjBwAAEN8HMvLCjVov_OAfaNVg!&cmcv=&pix=undefined&cb=1676831421391&uv=3255&tms=1676831421391&abt=ufm&ft=0&unm=WIDGET_ITEM&aure=false&agl=1&cirid=a6043947-43c5-4b7f-a933-fb2122c7611e&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Frame ID: F152B0D9ECC0C98C3ADC965B1D81687D
Requests: 3 HTTP requests in this frame

Frame: https://sg-match.taboola.com/sync?dast=V7yg4CFgMtJZNQBpbcQwQtJZNQBpbcQwUAAAAGBuIHJGEbjDbL0W4t2mxca9HEN3MrnJvNWmaxLCaTjW-2WKyMQBK2wWizHO3Wos3GtRZNfDO3wrnZrGUWy2Iy2fhmi8XKCh_GcpkMaoGEZfb7DgrK6ekxuwyiouttsTucZs8bTtB0Onyue73u97trHna_32vX-N1-od_y93z8hpdft1lOlns5AAAAADz8____QwAAAABEAAAAAEgAAAAAUARU_FsIXAAAAABg_P___2sAAHMkzNPucxj-lpc_AAAAAEAAAAAASAAIOtZKACywqk7-_________2MG6DNvZP7___9vGHoAHnwAHoQAAAAehlbJ10QW8P6CiAo6ihgBAAAAnPlnSh9N6oTKour__7_fCuAKACDAUA3-PSpLd1DiLQwAAEBgbIEeFr_f7LBr_G6X_f________-b_Z_9o_2MXiukCT3Pzqj9AgIArP0CAgCwqRsAwFsAXNARtGIwWN1ArlazAwAAALj7____1wMRw2qxmyx3q9HGNDNsnMvZzLew2BbLzWplGDmW28OsxEkRcPtQ7AsRltnvOygop6fH7DKIiq63xe5wmj0H8UHDsJwMovlN2GK0mkw2y-FsuZgMhqPhaLS_gVgMBjgRg-VyMllMdqvRarQZ7kazwQIFYjBBihYNJqvRaLKYDFejyWq2XOx2G6Ro1Wo22gyGq9lkttuthoPhcjTCCVuMVpPJZjmcLReTwXA0HI2GCFOmjc0zM6zcEpNvtxZNViu3xGYYrmUOw2hmWe2WM8vKLXp9TA-XxWbYbLwoGDCyF8nTIp3IXKOFb-VxDFem4XLhmKwWM4vDuDAthruNYbKYWcQSzckincgu-4phtdhNlrvVaGOaGTbO5WzmW1hsi-VmtTKMHMt9y7SxeWaGlVti8u3Woslq5ZbYDMO1zGEYzSyr3XJmWblFr4_p4bLYDJuNvzHbzYabxWgy2Ddmu9lwsxhNBvsOneG7-pyNnsvB3HGpL99z5nZzGBQug8X7PVik0WlnZ_S5DBeLamzaOSZWod_v9_v9fr_f7_duzAaPwWD4Wc7Hvtiv_RZOnu_GezAqYongIp1oHna_32sRS5Smi3SiF_otf8_Hb3j5dZvlZDkRSwSni3QiehlPF_UfH2KwmUtWo7litZlLFoNVAgAAAAAAAABYwpR5EwAAAIDTQGbL2W61zoMYzUajwWq5AA9wAbo_vGaYs682tbsOxL7bG3lxCMWNHxvMw-73e60MACGYzbz5M0Gs1WpZAwAACGADAAAEcOvmLQCLif____-PAwAAkJGjBwAAEN8HMvLCjVov_OAfaNVg!&excid=22&docw=0&cijs=1&nlb=false
Frame ID: 7FEEE838C40F5556A60D48BDE5523C6F
Requests: 4 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuQv2lrP1mUKIn2wPbdmYQIebbscKOl0_RxXzkjbuZvUh93wL_uZQqSdkqJ3GtqLa6dFqJvBaDMOLEr288lkyoAL-aYZFfNYGyuFNN_FmNnP9hMkmFd6G4tH-UWOics1F_Ia3-YlyqFeA6l5Mt0ZskEKSOEcl5YIU2O7KQACcbWYHKpZzxeoiYIzbDQ4JIrrh4kIavghDQ54P5jplGFQaroyEhsUn0WxHOv3tSntT78oPpltuJUI4H7minAw6RorhGt8QDFXCuxG5UCebrq8-ODi65TiHy0EifEnWzsOq8pDyjudI97_Z6J0-OYkG1oMSgDjkVqPgRuvC4TGWdKSwPd0sbHtVfSIdqZCVMDYVkckwzDSA&sai=AMfl-YRuYVoLQnFrgSjh5bvgt1vkP9otOXYXk8myiKn62S7Y9971GFibCoyiDro4631HDdplaMRqh-PusFLULwIngZ1AwVBVrRtD0F_bVpxVD6LaDoI8Ic7tTI4CUL2_r3k&sig=Cg0ArKJSzEq0rIhes0RMEAE&uach_m=[UACH]&adurl=
Frame ID: FEF78575A765566976F967076A3D9570
Requests: 9 HTTP requests in this frame

Frame: https://088c9d8089bfb08149a26301c057cbad.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: 368610C3FC7E1833B65EDF202400FCA9
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?gdpr=0&p=15414&us_privacy=1---&endpoint=
Frame ID: F003D2F6CB0D54DE3648D91E44498902
Requests: 11 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 0B3FE3DB54AF83B7B22BDAD74BD29879
Requests: 3 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 324E9479C18B498727B82E60EBAC5145
Requests: 2 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 57308454D30E7B754C6C6A0551F97C5A
Requests: 3 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstoM0kBOc0H0pRLiWnbbQ4pTZ0wIaVDpoHMW3p07UYfTBJe6cdWGJJYs3yGN6ydheMgGLQuRIrPjzUoY7Rp9INrKzcKZNPJSzuWJ5soyKSqmZfXzfrPr6eN5a7IioQUJRGu4X2VHYb-quU8fdYecQ9tU9kuSKJFMdYuTcS0B85dwHYobwTNhYC0z81KU9W9IjxGJ57jSxjkVPk0x40exSgfGob37oCWY5ZsorVNfc7mjeQswYXr5OLt2arci0GJSkrjMN0qZgO1jDbENzGGOHZmqi8lvUJwl9AvFbXijdRBuKjairi_jCUTqn_otWyFxApC_CIl490&sai=AMfl-YRXYHAHe1oPvlu3PMP3e7XQKjdq45IfqJ4kS8tI0gR5-38O7YBsSg8zqGhpfs2zmBeJSnuOKKayX9C6vl71OL2dmkF7gSDFXd6GP5-IgeAhfEd0hv6ieyaZw57yJmI&sig=Cg0ArKJSzCroV4h1GkRwEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: 0D88DB699C1E93C018918554EEA0893F
Requests: 5 HTTP requests in this frame

Frame: https://jp-u.openx.net/w/1.0/pd?plm=10&ph=41369f8c-6fd8-4c86-b8bb-fad81774416e
Frame ID: 62CCBB858782F6079A7AF8893AEC0DE8
Requests: 11 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuVhGBPa_YB_ccqJbDEjBwh1M2WwX7HkIAnu8Ylc5Dz_nGYtxolEjN0WXfWeY-b9Adm0VXz1Pchiet-VjWNIyGsI9Wh8_IwijU_nSvVhHroz6AUPAmwhxMRxJr0D26k2Iz8FPqAkfCYPRLOprhk5UVhtyjwI6N1SK3HxBQwpR5V62VuBFTJtl303QJr6hBesmRpfyXEISu1wSNuCd4jqZRFuFsbzg8hasgZlkBJFqH0gXzZQuC4LcAJecHOXugiBxcvaDS-0HwmgiApR2f3WCA2ITDxZ6IIoDMcp55jUN5o6m0SHsUJUlMpA7ac_7sz1Lpk2BlbYNkuCMe0_VtsINqcWfFS8Mu3Bk16OyjPhvCOFOOs6B7-&sai=AMfl-YQzw6UZMDUxBw6ZmSMhgDsrCGhc9cQsJXZ7W_ztmqUzQLJkFcWXE5h3HycrSt8LnSwKqZ1kr4t_J-iEBcYj6SENreCmi42H2eJbJ4CMtsbeiq3fT5LG6v8BrdM9WMw&sig=Cg0ArKJSzFeI4A6kHfsYEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: 5782911CA2DC0D0E4B90B3386C41B1EE
Requests: 13 HTTP requests in this frame

Frame: https://playtime.tubemogul.com/ud/prod/ad_plugins/release/displayproxy-20201012.js?auction_id=aa10bc0c-d5ef-4a5c-9e32-63ccd44b4d15.1
Frame ID: DF77F2BAEB819242921F36CB9B1DE125
Requests: 28 HTTP requests in this frame

Frame: https://sg-match.taboola.com/sync?dast=V7yg4CFgMtJZNQBpbcQwQtJZNQBpbcQwUAAAAGBuIHJGEbjDbL0W4t2mxca9HEN3MrnJvNWmaxLCaTjW-2WKyMQBK2wWizHO3Wos3GtRZNfDO3wrnZrGUWy2Iy2fhmi8XKCh_GcpkMaoGEZfb7DgrK6ekxuwyiouttsTucZs8bTtB0Onyue73u97trHna_32vX-N1-od_y93z8hpdft1lOlns5AAAAADz8____QwAAAABEAAAAAEgAAAAAUARU_FsIXAAAAABg_P___2sAAHMkzNPucxj-lpc_AAAAAEAAAAAASAAIOtZKACywqk7-_________2MG6DNvZP7___9vGHoAHnwAHoQAAAAehlbJ10QW8P6CiAo6ihgBAAAAnPlnSh9N6oTKour__7_fCuAKACDAUA3-PSpLd1DiLQwAAEBgbIEeFr_f7LBr_G6X_f________-b_Z_9o_2MXiukCT3Pzqj9AgIArP0CAgCwqRsAwFsAXNARtGIwWN1ArlazAwAAALj7____1wMRw2qxmyx3q9HGNDNsnMvZzLew2BbLzWplGDmW28OsxEkRcPtQ7AsRltnvOygop6fH7DKIiq63xe5wmj0H8UHDsJwMovlN2GK0mkw2y-FsuZgMhqPhaLS_gVgMBjgRg-VyMllMdqvRarQZ7kazwQIFYjBBihYNJqvRaLKYDFejyWq2XOx2G6Ro1Wo22gyGq9lkttuthoPhcjTCCVuMVpPJZjmcLReTwXA0HI2GCFOmjc0zM6zcEpNvtxZNViu3xGYYrmUOw2hmWe2WM8vKLXp9TA-XxWbYbLwoGDCyF8nTIp3IXKOFb-VxDFem4XLhmKwWM4vDuDAthruNYbKYWcQSzckincgu-4phtdhNlrvVaGOaGTbO5WzmW1hsi-VmtTKMHMt9y7SxeWaGlVti8u3Woslq5ZbYDMO1zGEYzSyr3XJmWblFr4_p4bLYDJuNvzHbzYabxWgy2Ddmu9lwsxhNBvsOneG7-pyNnsvB3HGpL99z5nZzGBQug8X7PVik0WlnZ_S5DBeLamzaOSZWod_v9_v9fr_f7_duzAaPwWD4Wc7Hvtiv_RZOnu_GezAqYongIp1oHna_32sRS5Smi3SiF_otf8_Hb3j5dZvlZDkRSwSni3QiehlPF_UfH2KwmUtWo7litZlLFoNVAgAAAAAAAABYwpR5EwAAAIDTQGbL2W61zoMYzUajwWq5AA9wAbo_vGaYs682tbsOxL7bG3lxCMWNHxvMw-73e60MACGYzbz5M0Gs1WpZAwAACGADAAAEcOvmLQCLif____-PAwAAkJGjBwAAEN8HMvLCjVov_OAfaNVg!&excid=22&docw=0&cijs=1&nlb=false
Frame ID: 72872A78821405A5A23942E929E575E4
Requests: 3 HTTP requests in this frame

Frame: https://980f4f4d67287649793d18d60622bf76.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 73CAD7DC1A993EA7BDF5BDFD70E5A034
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 99038C9ABAF4D6B9622471936378E52D
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 34C3AB329C0484CBB004F6FE35FC53BE
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuoJKoCb0wDZqe_93Aqzt2Lm16f1VDhyNW_GsaeY1XW82Z6hF4KjTdlgMJzR7tDODE9gC5S7cgSuR_uC3C-i6uF66_Q516NpLbQqrTAq4Mnm4VdKKQhFNEC8A9p5hKSUlhGVJxAZ3Ob0E4Kapk0CfUUTlT4W9pqRfe97AxdVmm0mTZPKtdeVlKQFdcFDAgGcBWe5SOAVGXs4iSiODJsSWb0I_zOW5bVv-kP1TdDoRJrBIgNPvhPubN5VwerBrBXEgEbxtYQfcyFoaahfsCg2wdY3zaoD9ZYN0R5m7PiKVoroWN263da1rW8E0ynN3QgTNs1IbHYrjWgi7BDc5-xTuhdAsAYuMhw790P-_1o600&sai=AMfl-YTPtfNwHOTc6dtFfDvXdi9M_lMIIoAp0fHmBk79rJq6MJkwHuTYgbHUSyaWpXqXcmoVn7UHaYAiNwAhnHK9g3J8u9cXwyhfkrqEsnFtnx-HPm1WZ7g_LzGBMC-Xcr0&sig=Cg0ArKJSzMDgubv-31DJEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: 019F565D6B372D43293F8BC4B8D04808
Requests: 14 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?gdpr=0&p=15414&us_privacy=1---&endpoint=
Frame ID: DCF9A980C0097442DE1348AC45F16DAF
Requests: 2 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.556.1_en.html
Frame ID: 208356713FB36BF6339ACC1B3D6DDD44
Requests: 1 HTTP requests in this frame

Frame: https://ads.as.criteo.com/delivery/r/afr.php?z=Y_JqvQAJhq0JnUGXAAJ98SBQFgJrsNxLmIvNjg&u=%7CVsO%2Ft9BgOqjUwQKhzQtqTR49YbkJ7rt84p0OVHezfsg%3D%7C&c1=wLMhjbQtwRerfuYQvtYvucUfx71c_57oVqw7Cvg7ORav6XsKrfZypYKuspo5MklQJGJaQ5D3HuutBNk8kyd6S3Mda_41sNkH0TkLrN0YzQ86-SZNzXUXEMg3aREKNw_z_XgGm8q5vSpAJ2NqYIydHv8KGkiX_gy3l8FyoR5fKTib0VVn4JIhf3MwTkHK_GIQjoXlnRo8nMwjGJM2lIQHUSoHQJBLMx4v2936XWo5cm_1TDswhZLVNzXvL6I0Ur5d5T2wvx9-U7n9OM4qG701J4EOn7AvApRZ3oY4l6MNZTl4z8-n851CaedUH3n1Cgt9SF-QC2YlR2hD_6IBo7hiTbWnjwhjBBm-NBwSaxpFqmLe8ubZrcRjo6zorH8ncV58Q2agTHZhmifN5clVye9pQ9ioFEDjo2Aq8O67MmfF-MSWv4Btt8_R5fb-ZTd4oEHvz-kBiom9oFlEqDK8WrYCY2tPabEgAVpkhbh1bKMvd0oJNs1uMCUwhMCFPUxwpZfxGtgWr2qg56nWgC0sxRSm5U38VxPrqnuw1inak1LTlo42J6xkEppMYMP1Q2vItC_Wc-ah3HEO8wz1vpsjbApktePgUJu6ExxSf3CbzFH5Kf9s1qM1I1G-wN-tDZkmXLP9nRT0Ahnqspo&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCnlefvWryY62NJpeD9fwP8fuJ2Aa91O6wXPCvxL59wI23ARABIABgvwWCARdjYS1wdWItNjE2NzIzODcxMjcyOTAzMsgBCeACAKgDAaoEjgJP0EesDVjZo95eoSs03ZumXOxMZNPRLl-nCVXz7_B23C-IuO136qY58OXTv85xYJ0I6T30TnlCOHDHMXWkYpjfINwb3Ciw_tqBQfwwcxYueO_tsy7IQxhQJaINDinEBc50som5M0TRmW1YudBCZrKP5AsL82M_USP983ubm6TwXf0TU0JqbgBiA2-VRDt0x-S-j6PRnu36oD8nZwZ-Nu5hA6hhYSbBqtl4ed4tIv9o-4hiryGXjr88XjUsbWdr6cO3FInOgpoUsQKtvHLOon24ZRccxAFsqHE0z3AaT2gu7txEwR5YkLS_Nh9FrpxsZreP85oXVc3ODrXfucpw8tnx1gbEXyYujJIr9HsVaKPgBAGABqrO7rWinp-JNKAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1ppPFNVKp8nDu71YfJBRSH_VwnbA%26client%3Dca-pub-6167238712729032%26adurl%3D
Frame ID: 7833C3171D4FE13BB5A8318044FA2C3C
Requests: 10 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 4F9BE7872487DB7FA6BA3F1689016969
Requests: 9 HTTP requests in this frame

Frame: https://jadserve.postrelease.com/suid/101956?ntv_r=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fnativortb-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3DNTV_USER_ID
Frame ID: 462E04AA8E974B4A2628DD55E45F755F
Requests: 22 HTTP requests in this frame

Frame: https://servedby.flashtalking.com/imp/8/177020;7173220;201;js;AdobeAdCloud;UOBPTCTCEITAllcards01Feb2023300x250jpg/?ftx=&fty=&ftadz=&ftscw=&AdobeAMO=ef_id%3D%3A20230219133021%3Ad%26s_kwcid%3DAC!UxLyjyYnV5nvCPPmqrnW!ffrGpMNo1Yg58HHCJ0wl&ft_custom=&ftOBA=1&ft_agentEnv=0&ft_referrer=about%3Ablank&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}&ft_partnerimpid=aa10bc0c-d5ef-4a5c-9e32-63ccd44b4d15.1&cachebuster=179385.6088078454
Frame ID: 7256F79A0288BB9E0A3B569B0B8D7939
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: C174B1015358000F42BC98F8B477BC20
Requests: 9 HTTP requests in this frame

Frame: https://b529ab4d658c81408dbb508f94e32303.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: E6A1AE06A02DB72E63F3A410E216C027
Requests: 1 HTTP requests in this frame

Frame: https://e5c89f2232552ea4822b61e4e2449130.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: FB37DF91B6F85256ACE7A4A08E3D51F0
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstk7ZfnrAu09peFMX-pSZbFrvF9fWYBQsn7zbn-J2I2lwh5wEzAFjpaK_jM1hR0CDVXlq42VKFQvXt5geKik9YnaayXq_hfRZ6sZVeGcH7pIx4p-c3Uw6rLW_KTo2YOmTkpGotMaceUVw6fFgSBRrf9Bi56eeDjKUyGceDJcyOsOJZXMFrwO1XU4jhcqKtBqWpArEOqT01EhbEg5UWCDKSM_u3g32bj4YZvBuzm9TUB7tzEwwuZOEgYOXCWiu2pRwHRKij4HOLE1gBDYpao3RwE3XPcsIsGBKBywnrnheigHbnLhxRfo6kX5YY1aIiI0WJuOsne4Uw7VygCES-A_VAqTb5qbgfUMXhmYe6-wthzxLSBzIIP4Jjl68HAyN-h&sai=AMfl-YQ8zaykWbjZBMmlZRKI_b0xbE5nHi-qDU1C6mPYlWlSpqJIkCiOKL2xp83cW9DHiRviP4zM1JOOsRpI-KooDYEXQcOd1Paotkh8DfCVs5tMj_OdZb4ZlQvLPIcnFLw&sig=Cg0ArKJSzHySqKAUDeMNEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: AE8B9B150BBC68896C24D877534274C0
Requests: 4 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Frame ID: EDFEEAF2962F0357B9E2DFFA32DD6A2B
Requests: 9 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstjTiPwg2OQ9uWArEO5c5yWHvxRR36djpi5hurrj37a-VvP1qfEjMYz01p97YpbLnnMWn92iBmPoRybOIOaHuu3wH2iJPVtIDYg3YjxqrchT1fB6uATm5hc2kPsCG6a7qwB2Lu3f6N1587ccU0Ada0DsxWblJvndcT0VT_QnphBUvJYKc--i4Arc9hJjRT-GM9xEvtEB6bWOgJShmAWYbbgrA7tvjx9nhn9h8yVp996lkBnGIgXjccXISmWXd4k8v8blEiUWB0J1cHv3xHi2kgHLoSHmBRSO9ZNKjQSkH4z8-Y-GoLPZlSru6M2eERHnWjNHnIDZazy1ZV78HrLZ1LPIeos_4Sx2gr3rWpAWXE3ZYugbJGfQuBrfRMADb2K&sai=AMfl-YSW9xn050PfB5afX-_oIu4A0Vb427ajA0xz22NFBYeHn4pCSV937VKweTQIICLlNXvGTkPeUSlO941uTVqcM6-wp-dhRteXceghPXaF5kSlRsf7UpF5-jQAgP4csto&sig=Cg0ArKJSzIX3eW5bO1z9EAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: F4C971E9CC614D471FE99B61C0B56586
Requests: 4 HTTP requests in this frame

Frame: https://ads.rubiconproject.com/ad/24634.js
Frame ID: 46B039749B16E2B0D0FB878A00373313
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: AEEDA9DEF5367C62743EFA851CCC8746
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 6F8939A333463B7E4397BA9043D9ACA4
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: E6E52FCE1F0A3916E95610D3AE6CB4EB
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 46BCBED9BF11DDAE5346E9E1EFF69969
Requests: 2 HTTP requests in this frame

Frame: blob://https://980f4f4d67287649793d18d60622bf76.safeframe.googlesyndication.com/d8cb04c5-382a-43b9-8e8d-c415bc431b37
Frame ID: A6047A225FA1AF020D7761B029D89B97
Requests: 1 HTTP requests in this frame

Frame: https://2fe8f18f6d8c0438d666e4c74eb2c13f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=3
Frame ID: B9B191AE9F84062A3DB4D640BA4020AD
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 49BF94769A8F1821F0700C80CBEE7170
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: FD8F096FEC71405108E634D743C087F5
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230215/r20190131/zrt_lookup.html
Frame ID: FD802A57611BFDC93498CF1C4C81A7AB
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssOLjs0h8M51mXNSj5hyeqzz8lhwarbZScvs3SulckT1ll4oDODPqS_SrYAFFrTslgJEaTzhCOJ5BhQ63oAJUSeI0ywFQL1WNRqxTaAhZS5TtTPZ-QMzaUCWvu0x0p3irNbT1yMtMRoSU8hUwcSdnkrX3hXLhUvWl_fnd324af6x3IPM25KX9bzwNar2jw0WGPJ1aheSYYQDru1qnb5xRTzMyto7YqNvsIBFxg65CD83FAG49ZcGb9E5sdC64ryxzkZ3dGDPrS0QwLPUv266OrwdcvRpFofE3wb7Kvd1tfK2eY49mTlX1IKRIHwVHZ1_bm9BODBOD5vG8Wi0IbGwjywuwG3o8PlQSNUzC89sUnrVmzWdHwoQ_2G0fT57NHSl49WnBXdnHP4zge-pYhVpD-C&sai=AMfl-YTrBx4i_pWzDY69r1FnZcF3mlQjC3BM616SV43n5Srh2IvGUSvXU7E7JTqNNjTbUvfBHUvzDSMccymwEKbW8B5W11IF5v-DPtxEkIl0QFt9PRgXWxUm0sT2XJXJwOE&sig=Cg0ArKJSzKanJCTzKGcsEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: 6FD4FA90FC73E22EF8255A781CD25B0D
Requests: 10 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: 95508EE8780097F6836EA25892617CB0
Requests: 5 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: 16EEA4D24663BB86E2B37E92B51BD255
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: 07CCFFDF3AE8118126DC02D75CABFEA8
Requests: 2 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: E39FF3FE5837004A409A9795D8FC257B
Requests: 1 HTTP requests in this frame

Frame: https://st.pubmatic.com/AdServer/AdDisplayTrackerServlet?operId=1&pubId=161944&siteId=1035980&adId=4883487&imprId=8B52384C-A9F8-42AA-BF00-162A44162FF0&cksum=3758F99FCD9D4C36&adType=3&adServerId=165&kefact=0.200000&kaxefact=0.200000&kadNetFrequecy=0&kadwidth=728&kadheight=90&kadsizeid=0&kltstamp=1676831424&indirectAdId=2812952&adServerOptimizerId=1&ranreq=0.5080850017706195&kpbmtpfact=0.000000&dcId=4&tldId=0&passback=3&svr=ADS55007U&adsver=_2509817075&adsabzcid=0&cls=ADS&i0=0x2100000000000000&ekefact=wGryYxRHAQDJRhywhlSV7UYxINB3zNvqSzAP0CJJZmuiuq4f&ekaxefact=wGryYy5HAQAbaGDpRPahiqASOZLKCsjEg8G6z9wG3OYr-eIQ&ekpbmtpfact=wGryY0VHAQCTndhQjT2txaBDPOpj2KAegohlXTefNgYJykrI&enpp=wGryY1tHAQA2Rhxpyf9nNLbC50RMXqzBNCltEd-eXW3Zv-Z9&pfi=1&domId=17501659103364714379&dc=sg3&crID=0&campaignId=0&isRTB=0&ver=7&dateHr=2023021918&oid=8B52384C-A9F8-42AA-BF00-162A44162FF0&cntryId=199&domain=sanook.com&sec=1&pAuSt=2&wops=0&sURL=sanook.com&BrID=5
Frame ID: 06F3C1B29F24539180B98E0BEEEECE37
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: B82390C72F32F8E836D578F8264478F9
Requests: 1 HTTP requests in this frame

Frame: https://st.pubmatic.com/AdServer/AdDisplayTrackerServlet?operId=1&pubId=161944&siteId=1035978&adId=4883621&imprId=1554816C-2BA5-475A-A24B-2CFD2C2A7BB5&cksum=14016EAF20FCE419&adType=3&adServerId=1219&kefact=0.050000&kaxefact=0.050000&kadNetFrequecy=0&kadwidth=300&kadheight=250&kadsizeid=0&kltstamp=1676831424&indirectAdId=2812963&adServerOptimizerId=1&ranreq=0.15783607696239232&kpbmtpfact=0.000000&dcId=4&tldId=0&passback=3&svr=ADS55006U&adsver=_2509817075&adsabzcid=0&cls=ADS&i0=0x2100000000000000&ekefact=wGryY0hOAQAPpdfbhcCQUaWsGxONdS_GolrPTDQ_aflcPcoo&ekaxefact=wGryY2NOAQAmmZPgEe7mfgf3-QVZr3wSbrFg4q2VCLONQt1k&ekpbmtpfact=wGryY3pOAQDdVKFFDoT8cmGechT6m4g2yTNEeI1URWVJ8DVx&enpp=wGryY5BOAQCEuthmG7htZr9COndLBzbgK0EAbLy6KiFdYRrU&pfi=1&domId=17501659103364714379&dc=sg3&crID=0&campaignId=0&isRTB=0&ver=7&dateHr=2023021918&oid=1554816C-2BA5-475A-A24B-2CFD2C2A7BB5&cntryId=199&domain=sanook.com&sec=1&pAuSt=2&wops=0&sURL=sanook.com&BrID=5
Frame ID: 3F42C049BF412C9D3B6B4D3771EDFFD9
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: 4811979774968293107BF641DA016194
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?&gdpr=0&us_privacy=1---&geo=au&co=sg
Frame ID: 5ADDE61D9E329F4481624754E4F72986
Requests: 2 HTTP requests in this frame

Frame: https://dps.jp.cinarra.com/pxd?PLATFORM_ID=D&USER_ID=85D19C09-7095-475E-95C8-9F29F99AFE82
Frame ID: 00CB804F7CE7034DC9C0529C8887CEB0
Requests: 1 HTTP requests in this frame

Frame: https://ipac.ctnsnet.com/int/cm?exc=14&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=[user_id]
Frame ID: 36F539C5B9A721884DE55FBB48F49938
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=43281262af9e4dacbcc0d6cd1dfc3741
Frame ID: A60BA28E8DFC52EDBA8ACB741959D40F
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:BkkwXAyr1PtOs55&gdpr=0&gdpr_consent=
Frame ID: F68B9B19DF985BA82AB50AFC460E62E6
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTkmdGw9NDMyMDA=&piggybackCookie=1dc34205bjy0
Frame ID: 40731D0E0CBFD50F4A906DC45BF158F3
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-0da3ebde-8a55-4432-a15e-90d171b0f3cf-004
Frame ID: DD3106B8DE7FD8355B8FBAE346E6403D
Requests: 1 HTTP requests in this frame

Frame: https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Frame ID: 9DCED531DEA609E8476058BD1A89DC18
Requests: 1 HTTP requests in this frame

Frame: https://match.deepintent.com/usersync/141?gdpr=0&gdpr_consent=
Frame ID: 5D144BCCAD958AF6ADDB93499791F4EA
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
Frame ID: 3C266E3FBBB7936482716745DDB3F8F0
Requests: 1 HTTP requests in this frame

Frame: https://core.iprom.net/cookiesync?gdpr=0&gdpr_consent=
Frame ID: D632BBB916F01D91488B244B356F1C52
Requests: 1 HTTP requests in this frame

Frame: https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Frame ID: A40473512EB6D22D9676A27ACA568E48
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:A04CF4C630214E7CB0E94D2E6C11D176&gdpr=0&gdpr_consent=
Frame ID: D12779B3B1C1A4C57E8F2A72231DA4BF
Requests: 1 HTTP requests in this frame

Frame: https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Frame ID: F1BDDA343384FE7871AAFF450DE6FD6C
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:A04CF4C630214E7CB0E94D2E6C11D176&gdpr=0&gdpr_consent=
Frame ID: CB82C5E9CBC23A8551E425B96ED0CCAD
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 5295E6ECA551A77AED9F60DB17CA3CC7
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 6A066E7AED2DB1CDE5E05D178C9DF592
Requests: 2 HTTP requests in this frame

Frame: https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Frame ID: E800EDECEC836E275B622F40BF0FA822
Requests: 9 HTTP requests in this frame

Frame: https://91bfa6d7aec15f88fefe77f96395c2d3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: F8B73C9D8079FF21D1995D5A8BF31391
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 93DFF724AD35882537243244A6143178
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 378F0C2D57AEA3944AD1FBEDFF9ADA43
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

ดอกไม้ประจำ 12 ราศี ความหมายของดอกไม้มงคลในประเทศไทย

Page URL History Show full URLs

http://gg.gg/139z1t HTTP 301
https://www.sanook.com/horoscope/73929/ Page URL

Detected technologies

CodeIgniter (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

React (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

<[^>]+data-react

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Chartbeat (Analytics) Expand

Overall confidence: 100%
Detected patterns

chartbeat\.js

DoubleClick Ad Exchange (AdX) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

tpc\.googlesyndication\.com/safeframe

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

DoubleClick for Publishers (DFP) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googletagservices\.com/tag/js/gpt(?:_mobile)?\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Optimize (A/B Testing) Expand

Overall confidence: 100%
Detected patterns

googleoptimize\.com/optimize\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Izooto (Marketing automation) Expand

Overall confidence: 100%
Detected patterns

cdn\.izooto\.\w+

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

Prebid (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.com/[^"]*(?:prebid|/pb\.js)

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

Yandex.Direct (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://an\.yandex\.ru/

comScore (Analytics) Expand

Overall confidence: 100%
Detected patterns

<iframe[^>]* (?:id="comscore"|scr=[^>]+comscore)|\.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon
\.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

699
Requests

86 %
HTTPS

26 %
IPv6

113
Domains

203
Subdomains

126
IPs

16
Countries

9037 kB
Transfer

24313 kB
Size

198
Cookies

59 Outgoing links

These are links going to different origins than the main page.

URL: https://truehits.net/stat.php?login=sanook

Search URL Search Domain Scan URL

URL: https://news.sanook.com/lotto
Title: ตรวจหวย

Search URL Search Domain Scan URL

URL: https://www.joox.com/th
Title: ฟังเพลง

Search URL Search Domain Scan URL

URL: https://wetv.vip/th?language=th
Title: ดูหนัง

Search URL Search Domain Scan URL

URL: https://www.wecomics.in.th/
Title: อ่านการ์ตูน

Search URL Search Domain Scan URL

URL: https://www.facebook.com/PUBGMOBILE.TH.OFFICIAL
Title: เล่นเกมส์

Search URL Search Domain Scan URL

URL: https://sso.member.sanook.com/member/login.php?psnid=000001-000016-000016-000001&autologin=1&option=&surl=https://www.sanook.com/horoscope/73929/&registerUrl=http%3A%2F%2Fsso.member.sanook.com%2Fregister%2Fmini.php
Title: เข้าสู่ระบบ

Search URL Search Domain Scan URL

URL: https://sso.member.sanook.com/member/signup.php?psnid=000001-000016-000016-000001&surl=https://www.sanook.com/horoscope/73929/&autologin=1&eventID=&option=&mail=
Title: สมัครสมาชิก

Search URL Search Domain Scan URL

URL: https://muan.sanook.com/
Title: ข่าวลาว

Search URL Search Domain Scan URL

URL: https://www.sanook77.co/
Title: ข่าว 77 จังหวัด

Search URL Search Domain Scan URL

URL: https://news.sanook.com/lotto/
Title: หวยไทย

Search URL Search Domain Scan URL

URL: https://news.sanook.com/lotto/lotto-stats/
Title: สถิติหวยไทย

Search URL Search Domain Scan URL

URL: https://comics.sanook.com/
Title: อ่านการ์ตูน

Search URL Search Domain Scan URL

URL: https://tv.sanook.com/
Title: ดูทีวี

Search URL Search Domain Scan URL

URL: https://learning.sanook.com/
Title: เรียนออนไลน์

Search URL Search Domain Scan URL

URL: https://guru.sanook.com/
Title: กูรู-รอบรู้

Search URL Search Domain Scan URL

URL: https://www.tencent.co.th/th/jobs/
Title: ร่วมงานกับเรา

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sanookeveryday

Search URL Search Domain Scan URL

URL: https://twitter.com/sanook

Search URL Search Domain Scan URL

URL: https://instagram.com/sanook.com

Search URL Search Domain Scan URL

URL: https://www.youtube.com/user/SanookTV

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/1013623?trk=tyah&trkInfo=clickedVertical%3Acompany%2CclickedEntityId%3A1013623%2Cidx%3A2-1-2%2CtarId%3A1465882069006%2Ctas%3ASanook

Search URL Search Domain Scan URL

URL: https://line.me/ti/p/@sanook.com

Search URL Search Domain Scan URL

URL: https://webboard.horoscope.sanook.com/forum/?board=268
Title: เว็บบอร์ด

Search URL Search Domain Scan URL

URL: https://season.sanook.com/valentine/

Search URL Search Domain Scan URL

URL: https://www.facebook.com/share.php?u=https%3A%2F%2Fwww.sanook.com%2Fhoroscope%2F73929%2F

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/tweet?text=%E0%B8%94%E0%B8%AD%E0%B8%81%E0%B9%84%E0%B8%A1%E0%B9%89%E0%B8%9B%E0%B8%A3%E0%B8%B0%E0%B8%88%E0%B8%B3%2012%20%E0%B8%A3%E0%B8%B2%E0%B8%A8%E0%B8%B5%20%E0%B8%84%E0%B8%A7%E0%B8%B2%E0%B8%A1%E0%B8%AB%E0%B8%A1%E0%B8%B2%E0%B8%A2%E0%B8%82%E0%B8%AD%E0%B8%87%E0%B8%94%E0%B8%AD%E0%B8%81%E0%B9%84%E0%B8%A1%E0%B9%89%E0%B8%A1%E0%B8%87%E0%B8%84%E0%B8%A5%E0%B9%83%E0%B8%99%E0%B8%9B%E0%B8%A3%E0%B8%B0%E0%B9%80%E0%B8%97%E0%B8%A8%E0%B9%84%E0%B8%97%E0%B8%A2&url=https%3A%2F%2Fwww.sanook.com%2Fhoroscope%2F73929%2F&via=sanook

Search URL Search Domain Scan URL

URL: https://social-plugins.line.me/lineit/share?url=https%3A%2F%2Fwww.sanook.com%2Fhoroscope%2F73929%2F

Search URL Search Domain Scan URL

URL: http://horoscope.sanook.com/60457/
Title: 20 ไม้มงคลเสริมดวงปลูกไว้ชีวิตราบรื่น

Search URL Search Domain Scan URL

URL: http://guru.sanook.com/26893/
Title: ดอกไม้ประจำชาติอาเซียน 10 ประเทศ

Search URL Search Domain Scan URL

URL: https://thefamilybreeze.com/categories/cn/incredibly-rich-families/?utm_source=taboola&utm_term=sanook_1011713&utm_content=2969753675&utm_medium=1011713&utm_campaign=RichFamilies-SGM-DTM-TFB-TB#tblciGiA-1r-sLzb_8YAd3JlyAb4MDr5eOMum_TBGjTj0GdlquSDalEkoi7L7pNPa29gP
Title: The Family Breeze

Search URL Search Domain Scan URL

URL: https://popup.taboola.com/th/?template=colorbox&utm_source=sanook&utm_medium=referral&utm_content=thumbs-feed-01:Below%20Article%20Thumbnails%20|%20Card%201:
Title: Sponsored

Search URL Search Domain Scan URL

URL: https://storytohear.com/cn/deadliest-foods-on-the-table/?utm_source=taboola&utm_term=sanook_1011713&utm_content=2969754167&utm_medium=1011713&utm_campaign=DeadlyFoods-SGM-DTM-STH-TB#tblciGiA-1r-sLzb_8YAd3JlyAb4MDr5eOMum_TBGjTj0GdlquSDs8kwo5pzFvsXtj8y_AQ
Title: Story To Hear

Search URL Search Domain Scan URL

URL: https://kingdomofmen.com/categories/cn/happiest-countries-in-the-world/?utm_source=taboola&utm_term=sanook_1011713&utm_content=2981539912&utm_medium=1011713&utm_campaign=HappyCountries-SGM-DTM-KOM-TB#tblciGiA-1r-sLzb_8YAd3JlyAb4MDr5eOMum_TBGjTj0GdlquSDNlEkowdeak8bor-1-
Title: Kingdom Of Men

Search URL Search Domain Scan URL

URL: https://www.zaobao.com.sg/news/singapore/story20230214-1363163?utm_source=Taboola&utm_medium=CPC&utm_campaign=zb-budget23&utm_term=sanook&tblci=GiA-1r-sLzb_8YAd3JlyAb4MDr5eOMum_TBGjTj0GdlquSC_kEIo9YKLquXN6Nsq#tblciGiA-1r-sLzb_8YAd3JlyAb4MDr5eOMum_TBGjTj0GdlquSC_kEIo9YKLquXN6Nsq
Title: 联合早报

Search URL Search Domain Scan URL

URL: https://popup.taboola.com/th/?template=colorbox&utm_source=sanook&utm_medium=referral&utm_content=thumbs-feed-01:Below%20Article%20Thumbnails%20|%20Card%202:
Title: Sponsored

Search URL Search Domain Scan URL

URL: https://trc.taboola.com/sanook/log/3/click?pi=%2Fhoroscope%2F73929&ri=2a61b91278f0dae9be2cb56e5d4ca7c3&sd=v2_b051729754c4f0c996f7ab61935e0d19_e4cf3f0e-bd77-425e-bf08-fa04f2579f2e-tuctaebf03c_1676831420_1676831420_CNawjgYQgeA9GKzew9fmMCABKAEwwAE4t4gNQOKaEEjXiNcDUP___________wFYAGAAaOey1_X_v7aIgwFwAQ&ui=e4cf3f0e-bd77-425e-bf08-fa04f2579f2e-tuctaebf03c&it=text&ii=~~V1~~-2354564269356714709~~Hu2JAyHrIyjb4W6HRZOpZPN-H6ErZFxWEQ94kAzMyhz6nH0OabNJtzzP-ddPU2nvK8Bm7FKD2NW1M1BCiW1-kuMDMqg65-jJbi04eURsbtqeHe1S9jo_X4timp5pCZhQQas41f4COFvufOf52grWNe487k0pvO_9ezrwRupEiSMB7CKWDYR-vkpxcdUUzOgEqMBBvkdfag99mRDkZdH7GWyqPyYAJiLv4Bwf13D6xInF3mJimnqivsqV4QrUkQU5ft4yh0FygMKRotbI67HWannWy7aFReO2UiYjzhQHHh-nE7rjPm5NYKUr5EmG2rQWfe3jmgHZXC04GgECm-uojQ&pt=text&li=rbox-t2v&sig=0c85ec88166525f8cc009114e27880aecfc4050f23fb&redir=https%3A%2F%2Fwww.zaobao.com.sg%2Fnews%2Fsingapore%2Fstory20230214-1363163%3Futm_source%3DTaboola%26utm_medium%3DCPC%26utm_campaign%3Dzb-budget23%26utm_term%3Dsanook%26tblci%3DGiA-1r-sLzb_8YAd3JlyAb4MDr5eOMum_TBGjTj0GdlquSC_kEIo9YKLquXN6Nsq%23tblciGiA-1r-sLzb_8YAd3JlyAb4MDr5eOMum_TBGjTj0GdlquSC_kEIo9YKLquXN6Nsq&vi=1676831420204&p=sph-zaobao-sc&r=65&lti=display-desktop1_var&ppb=CD4&cpb=ElUyMDIzMDIxMy0xOV9iNy1QUi01MzQ0Ny1ERVYtMTE5MjM3LWRpc3BsYXktdG8tbmF0aXZlLWZlZWQtZGVza3RvcC1yb2xsb3V0LWUzZTg2NmU4Yjc1GLsHIJz__________wEqGXNnLnRhYm9vbGFzeW5kaWNhdGlvbi5jb20yCHRyYzMwMTI3OICy-r8GQLeIDUjimhBQ14jXA1j___________8BYwjXFhDUHxgjZGMItj0QnlEYJGRjCNIDEOAGGAhkYwjcFRD7JRgJZGMIoz0QiVEYCmRjCKQnEIo1GC9kYwjQNxCKShgwZGMIzv__________ARDO__________8BGDJkYwjt__________8BEO3__________wEYE2RjCJYUEJ0cGBhkYwj2OhCWThg5ZGMI6yQQrTIYHWRjCPQUEJ4dGB9keAGAAQKIAeyZnegBkAEcmAG_3sPX5jA&cta=true
Title: 阅读更多

Search URL Search Domain Scan URL

URL: https://985d23.pqhpsmjvtvzt.com/?subid3=201284_Taboola_Tonic_AptDubaiTaniaMandarin_All_UAE&subid1=sanook&subid2=taboola&subid4=3569109312&adtitle=%E8%BF%AA%E6%8B%9C%E7%9A%84%E5%85%AC%E5%AF%93%E4%BB%B7%E6%A0%BC%E5%8F%AF%E8%83%BD%E4%BC%9A%E8%AE%A9%E4%BD%A0%E5%A4%A7%E5%90%83%E4%B8%80%E6%83%8A&network=taboola&site=sanook&click_id=GiA-1r-sLzb_8YAd3JlyAb4MDr5eOMum_TBGjTj0GdlquSC56lgoof-J2fyV-L3QAQ&dpco=1&tblci=GiA-1r-sLzb_8YAd3JlyAb4MDr5eOMum_TBGjTj0GdlquSC56lgoof-J2fyV-L3QAQ#tblciGiA-1r-sLzb_8YAd3JlyAb4MDr5eOMum_TBGjTj0GdlquSC56lgoof-J2fyV-L3QAQ
Title: 迪拜别墅|赞助商链接

Search URL Search Domain Scan URL

URL: https://redirectsystems.com/?mk=ISdHwQX0TD&ci=22449648&ad_id=3591764809&ad_title=Singapore%3A%E8%BF%AA%E6%8B%9C%E5%88%AB%E5%A2%85%E7%9A%84%E4%BB%B7%E6%A0%BC%E5%8F%AF%E8%83%BD%E6%AF%94%E4%BD%A0%E6%83%B3%E8%B1%A1%E7%9A%84%E8%A6%81%E4%BE%BF%E5%AE%9C&cust_id=1011713&cust=sanook&de=Desktop&timestamp=2023-02-19+18%3A30%3A20&source=2&ct=Dubai+Villas&mp=Open&ln=EN&pxtb[id]=1488259&pxtb[ec]=click_event&pxtb[cid]=GiA-1r-sLzb_8YAd3JlyAb4MDr5eOMum_TBGjTj0GdlquSCD61oohvb0h_HqwtTbAQ#tblciGiA-1r-sLzb_8YAd3JlyAb4MDr5eOMum_TBGjTj0GdlquSCD61oohvb0h_HqwtTbAQ
Title: 迪拜豪华别墅

Search URL Search Domain Scan URL

URL: https://www.mastermysan.com/checkouts/8000-25pages-old-usd/?utm_source=taboola&utm_campaign=taboola06&utm_medium=taboola06&utm_content=taboola06&tblci=GiA-1r-sLzb_8YAd3JlyAb4MDr5eOMum_TBGjTj0GdlquSDRhFoom6mbp9SA4cH3AQ#tblciGiA-1r-sLzb_8YAd3JlyAb4MDr5eOMum_TBGjTj0GdlquSDRhFoom6mbp9SA4cH3AQ
Title: 玄燊命理

Search URL Search Domain Scan URL

URL: https://popup.taboola.com/th/?template=colorbox&utm_source=sanook&utm_medium=referral&utm_content=thumbs-feed-01:Below%20Article%20Thumbnails%20|%20Card%203:
Title: Sponsored

Search URL Search Domain Scan URL

URL: https://trc.taboola.com/sanook/log/3/click?pi=%2Fhoroscope%2F73929&ri=c4c1479334f8539dc1b897f684441e27&sd=v2_b051729754c4f0c996f7ab61935e0d19_e4cf3f0e-bd77-425e-bf08-fa04f2579f2e-tuctaebf03c_1676831420_1676831420_CNawjgYQgeA9GKzew9fmMCABKAEwwAE4t4gNQOKaEEjXiNcDUP___________wFYAGAAaOey1_X_v7aIgwFwAQ&ui=e4cf3f0e-bd77-425e-bf08-fa04f2579f2e-tuctaebf03c&it=text&ii=~~V1~~-2951206546250672718~~8sZN5_Bj7WhTrp-VKcqXu1zc3Lk2odWGFo8fg2iQUwr6nH0OabNJtzzP-ddPU2nvK8Bm7FKD2NW1M1BCiW1-kuMDMqg65-jJbi04eURsbtqeHe1S9jo_X4timp5pCZhQQas41f4COFvufOf52grWNe487k0pvO_9ezrwRupEiSMB7CKWDYR-vkpxcdUUzOgEqMBBvkdfag99mRDkZdH7GWyqPyYAJiLv4Bwf13D6xInY4s2yFhRUguAhcKgmJq8izr39SWvGJFTpVw4cXPrUTvznhRHHGzObV3Dh1szYaUgGFWH8N8EpbgyiFl26QjIvXc39rwuDoOs-06hoO8VfBvohrRRL2n_Mr0aylFgMUlw&pt=text&li=rbox-t2v&sig=a59513408b2c19ff735d7d371e7e6ec22559a9bb73b4&redir=https%3A%2F%2Fwww.mastermysan.com%2Fcheckouts%2F8000-25pages-old-usd%2F%3Futm_source%3Dtaboola%26utm_campaign%3Dtaboola06%26utm_medium%3Dtaboola06%26utm_content%3Dtaboola06%26tblci%3DGiA-1r-sLzb_8YAd3JlyAb4MDr5eOMum_TBGjTj0GdlquSDRhFoom6mbp9SA4cH3AQ%23tblciGiA-1r-sLzb_8YAd3JlyAb4MDr5eOMum_TBGjTj0GdlquSDRhFoom6mbp9SA4cH3AQ&vi=1676831420204&p=mingsan-sc&r=51&lti=display-desktop1_var&ppb=CK4B&cpb=ElUyMDIzMDIxMy0xOV9iNy1QUi01MzQ0Ny1ERVYtMTE5MjM3LWRpc3BsYXktdG8tbmF0aXZlLWZlZWQtZGVza3RvcC1yb2xsb3V0LWUzZTg2NmU4Yjc1GLsHIJz__________wEqGXNnLnRhYm9vbGFzeW5kaWNhdGlvbi5jb20yCHRyYzMwMTI3OICy-r8GQLeIDUjimhBQ14jXA1j___________8BYwjXFhDUHxgjZGMItj0QnlEYJGRjCNIDEOAGGAhkYwjcFRD7JRgJZGMIoz0QiVEYCmRjCKQnEIo1GC9kYwjQNxCKShgwZGMIzv__________ARDO__________8BGDJkYwjt__________8BEO3__________wEYE2RjCJYUEJ0cGBhkYwj2OhCWThg5ZGMI6yQQrTIYHWRjCPQUEJ4dGB9keAGAAQKIAeyZnegBkAEcmAG_3sPX5jA&cta=true
Title: 阅读更多

Search URL Search Domain Scan URL

URL: https://kneepaintreatment-sg.space/?network=taboola&site=1011713_sanook&adtitle=%E8%BF%99%E4%BA%9B%E8%A1%8C%E4%B9%8B%E6%9C%89%E6%95%88%E7%9A%84%E5%AE%B6%E5%BA%AD%E7%96%97%E6%B3%95%E5%8F%AF%E8%83%BD%E4%BC%9A%E5%B8%AE%E5%8A%A9%E6%82%A8%E5%AF%B9%E6%8A%97%E8%86%9D%E5%85%B3%E8%8A%82%E7%96%BC%E7%97%9B%EF%BC%88%E5%9C%A8%E6%AD%A4%E5%A4%84%E6%90%9C%E7%B4%A2%EF%BC%89&sub1=23563145&sub2=sanook&sub3=2023-02-19+18%3A30%3A20&pxtb[id]=1160933&pxtb[ec]=click_event&pxtb[cid]=GiA-1r-sLzb_8YAd3JlyAb4MDr5eOMum_TBGjTj0GdlquSCv-1sonLSlj4iqqbCzAQ&kw1=Robotic%20Knee%20Replacement%20Surgery%20In%20Singapore&kw2=Knee%20Pain%20Doctor%20In%20Singapore&kw3=Knee%20Pain%20Treatment%20Without%20Surgery%20In%20Singapore&kw4=Knee%20Pain%20Treatment%20In%20Singapore#tblciGiA-1r-sLzb_8YAd3JlyAb4MDr5eOMum_TBGjTj0GdlquSCv-1sonLSlj4iqqbCzAQ
Title: 膝关节疼痛的家庭疗法

Search URL Search Domain Scan URL

URL: https://www.zaobao.com.sg/realtime/singapore/story20230214-1363080?utm_source=Taboola&utm_medium=CPC&utm_campaign=zb-budget23&utm_term=sanook&tblci=GiA-1r-sLzb_8YAd3JlyAb4MDr5eOMum_TBGjTj0GdlquSC_kEIogPuG0I_ripfkAQ#tblciGiA-1r-sLzb_8YAd3JlyAb4MDr5eOMum_TBGjTj0GdlquSC_kEIogPuG0I_ripfkAQ
Title: 联合早报

Search URL Search Domain Scan URL

URL: https://trc.taboola.com/sanook/log/3/click?pi=%2Fhoroscope%2F73929&ri=c4c1479334f8539dc1b897f684441e27&sd=v2_b051729754c4f0c996f7ab61935e0d19_e4cf3f0e-bd77-425e-bf08-fa04f2579f2e-tuctaebf03c_1676831420_1676831420_CNawjgYQgeA9GKzew9fmMCABKAEwwAE4t4gNQOKaEEjXiNcDUP___________wFYAGAAaOey1_X_v7aIgwFwAQ&ui=e4cf3f0e-bd77-425e-bf08-fa04f2579f2e-tuctaebf03c&it=text&ii=~~V1~~-5057559706364447565~~ci07zv3clwGAW6eU9tlfdvN-H6ErZFxWEQ94kAzMyhz6nH0OabNJtzzP-ddPU2nvK8Bm7FKD2NW1M1BCiW1-kuMDMqg65-jJbi04eURsbtqeHe1S9jo_X4timp5pCZhQQas41f4COFvufOf52grWNe487k0pvO_9ezrwRupEiSMB7CKWDYR-vkpxcdUUzOgEqMBBvkdfag99mRDkZdH7GWyqPyYAJiLv4Bwf13D6xInZx1_xFXqPLMRX-nk51L0Wft4yh0FygMKRotbI67HWannWy7aFReO2UiYjzhQHHh-nE7rjPm5NYKUr5EmG2rQWfe3jmgHZXC04GgECm-uojQ&pt=text&li=rbox-t2v&sig=2a9499e04ebc9e23f60f60872fd2406bf525c6417b8a&redir=https%3A%2F%2Fwww.zaobao.com.sg%2Frealtime%2Fsingapore%2Fstory20230214-1363080%3Futm_source%3DTaboola%26utm_medium%3DCPC%26utm_campaign%3Dzb-budget23%26utm_term%3Dsanook%26tblci%3DGiA-1r-sLzb_8YAd3JlyAb4MDr5eOMum_TBGjTj0GdlquSC_kEIogPuG0I_ripfkAQ%23tblciGiA-1r-sLzb_8YAd3JlyAb4MDr5eOMum_TBGjTj0GdlquSC_kEIogPuG0I_ripfkAQ&vi=1676831420204&p=sph-zaobao-sc&r=2&lti=display-desktop1_var&ppb=CK4B&cpb=ElUyMDIzMDIxMy0xOV9iNy1QUi01MzQ0Ny1ERVYtMTE5MjM3LWRpc3BsYXktdG8tbmF0aXZlLWZlZWQtZGVza3RvcC1yb2xsb3V0LWUzZTg2NmU4Yjc1GLsHIJz__________wEqGXNnLnRhYm9vbGFzeW5kaWNhdGlvbi5jb20yCHRyYzMwMTI3OICy-r8GQLeIDUjimhBQ14jXA1j___________8BYwjXFhDUHxgjZGMItj0QnlEYJGRjCNIDEOAGGAhkYwjcFRD7JRgJZGMIoz0QiVEYCmRjCKQnEIo1GC9kYwjQNxCKShgwZGMIzv__________ARDO__________8BGDJkYwjt__________8BEO3__________wEYE2RjCJYUEJ0cGBhkYwj2OhCWThg5ZGMI6yQQrTIYHWRjCPQUEJ4dGB9keAGAAQKIAeyZnegBkAEcmAG_3sPX5jA&cta=true
Title: 阅读更多

Search URL Search Domain Scan URL

URL: https://www.zaobao.com.sg/news/singapore/story20230215-1363357?utm_source=Taboola&utm_medium=CPC&utm_campaign=zb-budget23&utm_term=sanook&tblci=GiA-1r-sLzb_8YAd3JlyAb4MDr5eOMum_TBGjTj0GdlquSC_kEIooJ3p4bfE5aqCAQ#tblciGiA-1r-sLzb_8YAd3JlyAb4MDr5eOMum_TBGjTj0GdlquSC_kEIooJ3p4bfE5aqCAQ
Title: 联合早报

Search URL Search Domain Scan URL

URL: https://popup.taboola.com/th/?template=colorbox&utm_source=sanook&utm_medium=referral&utm_content=thumbs-feed-01-a:Below%20Article%20Thumbnails%20|%20Card%204:
Title: Sponsored

Search URL Search Domain Scan URL

URL: https://trc.taboola.com/sanook/log/3/click?pi=%2Fhoroscope%2F73929&ri=031496aade6451b4531a4db221a83d5b&sd=v2_b051729754c4f0c996f7ab61935e0d19_e4cf3f0e-bd77-425e-bf08-fa04f2579f2e-tuctaebf03c_1676831420_1676831420_CNawjgYQgeA9GKzew9fmMCABKAEwwAE4t4gNQOKaEEjXiNcDUP___________wFYAGAAaOey1_X_v7aIgwFwAQ&ui=e4cf3f0e-bd77-425e-bf08-fa04f2579f2e-tuctaebf03c&it=text&ii=~~V1~~-6363287865760093705~~GJIhihDj0XZWa0S_EnkC0_N-H6ErZFxWEQ94kAzMyhz6nH0OabNJtzzP-ddPU2nvK8Bm7FKD2NW1M1BCiW1-kuMDMqg65-jJbi04eURsbtqeHe1S9jo_X4timp5pCZhQQas41f4COFvufOf52grWNe487k0pvO_9ezrwRupEiSMB7CKWDYR-vkpxcdUUzOgEqMBBvkdfag99mRDkZdH7GWyqPyYAJiLv4Bwf13D6xIk70HH_CM98D2pRvk1yn-2yft4yh0FygMKRotbI67HWannWy7aFReO2UiYjzhQHHh-nE7rjPm5NYKUr5EmG2rQWfe3jmgHZXC04GgECm-uojQ&pt=text&li=rbox-t2v&sig=1ad8bc4b94b18c5ec083b9fd4827785999c19d7982d9&redir=https%3A%2F%2Fwww.zaobao.com.sg%2Fnews%2Fsingapore%2Fstory20230215-1363357%3Futm_source%3DTaboola%26utm_medium%3DCPC%26utm_campaign%3Dzb-budget23%26utm_term%3Dsanook%26tblci%3DGiA-1r-sLzb_8YAd3JlyAb4MDr5eOMum_TBGjTj0GdlquSC_kEIooJ3p4bfE5aqCAQ%23tblciGiA-1r-sLzb_8YAd3JlyAb4MDr5eOMum_TBGjTj0GdlquSC_kEIooJ3p4bfE5aqCAQ&vi=1676831420204&p=sph-zaobao-sc&r=80&lti=display-desktop1_var&ppb=CL0E&cpb=ElUyMDIzMDIxMy0xOV9iNy1QUi01MzQ0Ny1ERVYtMTE5MjM3LWRpc3BsYXktdG8tbmF0aXZlLWZlZWQtZGVza3RvcC1yb2xsb3V0LWUzZTg2NmU4Yjc1GLsHIJz__________wEqGXNnLnRhYm9vbGFzeW5kaWNhdGlvbi5jb20yCHRyYzMwMTI3OICy-r8GQLeIDUjimhBQ14jXA1j___________8BYwjXFhDUHxgjZGMItj0QnlEYJGRjCNIDEOAGGAhkYwjcFRD7JRgJZGMIoz0QiVEYCmRjCKQnEIo1GC9kYwjQNxCKShgwZGMIzv__________ARDO__________8BGDJkYwjt__________8BEO3__________wEYE2RjCJYUEJ0cGBhkYwj2OhCWThg5ZGMI6yQQrTIYHWRjCPQUEJ4dGB9keAGAAQKIAeyZnegBkAEcmAG_3sPX5jA&cta=true
Title: 阅读更多

Search URL Search Domain Scan URL

URL: https://www.zaobao.com.sg/news/singapore/story20230215-1363185?utm_source=Taboola&utm_medium=CPC&utm_campaign=zb-budget23&utm_term=sanook&tblci=GiA-1r-sLzb_8YAd3JlyAb4MDr5eOMum_TBGjTj0GdlquSC_kEIowqX0-JbSzfIf#tblciGiA-1r-sLzb_8YAd3JlyAb4MDr5eOMum_TBGjTj0GdlquSC_kEIowqX0-JbSzfIf
Title: 联合早报

Search URL Search Domain Scan URL

URL: https://trc.taboola.com/sanook/log/3/click?pi=%2Fhoroscope%2F73929&ri=031496aade6451b4531a4db221a83d5b&sd=v2_b051729754c4f0c996f7ab61935e0d19_e4cf3f0e-bd77-425e-bf08-fa04f2579f2e-tuctaebf03c_1676831420_1676831420_CNawjgYQgeA9GKzew9fmMCABKAEwwAE4t4gNQOKaEEjXiNcDUP___________wFYAGAAaOey1_X_v7aIgwFwAQ&ui=e4cf3f0e-bd77-425e-bf08-fa04f2579f2e-tuctaebf03c&it=text&ii=~~V1~~1954199952168315117~~hsuGCm8Fj4cCkFbxIKHAm_N-H6ErZFxWEQ94kAzMyhz6nH0OabNJtzzP-ddPU2nvK8Bm7FKD2NW1M1BCiW1-kuMDMqg65-jJbi04eURsbtqeHe1S9jo_X4timp5pCZhQQas41f4COFvufOf52grWNe487k0pvO_9ezrwRupEiSMB7CKWDYR-vkpxcdUUzOgEqMBBvkdfag99mRDkZdH7GWyqPyYAJiLv4Bwf13D6xIk5rGUq-l3IODlg31mxsMTeft4yh0FygMKRotbI67HWannWy7aFReO2UiYjzhQHHh-nE7rjPm5NYKUr5EmG2rQWfe3jmgHZXC04GgECm-uojQ&pt=text&li=rbox-t2v&sig=cd25b5a05544f242c849a2ef001efa708e5b7a68cf57&redir=https%3A%2F%2Fwww.zaobao.com.sg%2Fnews%2Fsingapore%2Fstory20230215-1363185%3Futm_source%3DTaboola%26utm_medium%3DCPC%26utm_campaign%3Dzb-budget23%26utm_term%3Dsanook%26tblci%3DGiA-1r-sLzb_8YAd3JlyAb4MDr5eOMum_TBGjTj0GdlquSC_kEIowqX0-JbSzfIf%23tblciGiA-1r-sLzb_8YAd3JlyAb4MDr5eOMum_TBGjTj0GdlquSC_kEIowqX0-JbSzfIf&vi=1676831420204&p=sph-zaobao-sc&r=20&lti=display-desktop1_var&ppb=CL0E&cpb=ElUyMDIzMDIxMy0xOV9iNy1QUi01MzQ0Ny1ERVYtMTE5MjM3LWRpc3BsYXktdG8tbmF0aXZlLWZlZWQtZGVza3RvcC1yb2xsb3V0LWUzZTg2NmU4Yjc1GLsHIJz__________wEqGXNnLnRhYm9vbGFzeW5kaWNhdGlvbi5jb20yCHRyYzMwMTI3OICy-r8GQLeIDUjimhBQ14jXA1j___________8BYwjXFhDUHxgjZGMItj0QnlEYJGRjCNIDEOAGGAhkYwjcFRD7JRgJZGMIoz0QiVEYCmRjCKQnEIo1GC9kYwjQNxCKShgwZGMIzv__________ARDO__________8BGDJkYwjt__________8BEO3__________wEYE2RjCJYUEJ0cGBhkYwj2OhCWThg5ZGMI6yQQrTIYHWRjCPQUEJ4dGB9keAGAAQKIAeyZnegBkAEcmAG_3sPX5jA&cta=true
Title: 阅读更多

Search URL Search Domain Scan URL

URL: https://www.zaobao.com.sg/news/singapore/story20230215-1363171?utm_source=Taboola&utm_medium=CPC&utm_campaign=zb-budget23&utm_term=sanook&tblci=GiA-1r-sLzb_8YAd3JlyAb4MDr5eOMum_TBGjTj0GdlquSC_kEIoiL21x_vY5J24AQ#tblciGiA-1r-sLzb_8YAd3JlyAb4MDr5eOMum_TBGjTj0GdlquSC_kEIoiL21x_vY5J24AQ
Title: 联合早报

Search URL Search Domain Scan URL

URL: https://popup.taboola.com/th/?template=colorbox&utm_source=sanook&utm_medium=referral&utm_content=thumbs-feed-01:Below%20Article%20Thumbnails%20|%20Card%205:
Title: Sponsored

Search URL Search Domain Scan URL

URL: https://trc.taboola.com/sanook/log/3/click?pi=%2Fhoroscope%2F73929&ri=4466659eb85ca4d011b429ea5c347d62&sd=v2_b051729754c4f0c996f7ab61935e0d19_e4cf3f0e-bd77-425e-bf08-fa04f2579f2e-tuctaebf03c_1676831420_1676831420_CNawjgYQgeA9GKzew9fmMCABKAEwwAE4t4gNQOKaEEjXiNcDUP___________wFYAGAAaOey1_X_v7aIgwFwAQ&ui=e4cf3f0e-bd77-425e-bf08-fa04f2579f2e-tuctaebf03c&it=text&ii=~~V1~~1949725083509388086~~Del8qmYeTtIM9Mt6OCbpGPN-H6ErZFxWEQ94kAzMyhz6nH0OabNJtzzP-ddPU2nvK8Bm7FKD2NW1M1BCiW1-kuMDMqg65-jJbi04eURsbtqeHe1S9jo_X4timp5pCZhQQas41f4COFvufOf52grWNe487k0pvO_9ezrwRupEiSMB7CKWDYR-vkpxcdUUzOgEqMBBvkdfag99mRDkZdH7GWyqPyYAJiLv4Bwf13D6xIm-dJqeNFn17NbTQ9IJO66bft4yh0FygMKRotbI67HWannWy7aFReO2UiYjzhQHHh-nE7rjPm5NYKUr5EmG2rQWfe3jmgHZXC04GgECm-uojQ&pt=text&li=rbox-t2v&sig=e3f64e1059c9c66f7539e00456cf91438a1b11dad783&redir=https%3A%2F%2Fwww.zaobao.com.sg%2Fnews%2Fsingapore%2Fstory20230215-1363171%3Futm_source%3DTaboola%26utm_medium%3DCPC%26utm_campaign%3Dzb-budget23%26utm_term%3Dsanook%26tblci%3DGiA-1r-sLzb_8YAd3JlyAb4MDr5eOMum_TBGjTj0GdlquSC_kEIoiL21x_vY5J24AQ%23tblciGiA-1r-sLzb_8YAd3JlyAb4MDr5eOMum_TBGjTj0GdlquSC_kEIoiL21x_vY5J24AQ&vi=1676831420204&p=sph-zaobao-sc&r=19&lti=display-desktop1_var&ppb=COAD&cpb=ElUyMDIzMDIxMy0xOV9iNy1QUi01MzQ0Ny1ERVYtMTE5MjM3LWRpc3BsYXktdG8tbmF0aXZlLWZlZWQtZGVza3RvcC1yb2xsb3V0LWUzZTg2NmU4Yjc1GLsHIJz__________wEqGXNnLnRhYm9vbGFzeW5kaWNhdGlvbi5jb20yCHRyYzMwMTI3OICy-r8GQLeIDUjimhBQ14jXA1j___________8BYwjXFhDUHxgjZGMItj0QnlEYJGRjCNIDEOAGGAhkYwjcFRD7JRgJZGMIoz0QiVEYCmRjCKQnEIo1GC9kYwjQNxCKShgwZGMIzv__________ARDO__________8BGDJkYwjt__________8BEO3__________wEYE2RjCJYUEJ0cGBhkYwj2OhCWThg5ZGMI6yQQrTIYHWRjCPQUEJ4dGB9keAGAAQKIAeyZnegBkAEcmAG_3sPX5jA&cta=true
Title: 阅读更多

Search URL Search Domain Scan URL

URL: https://womensmethod.com/categories/beauty/14-tips-young-looking-skin/?utm_source=taboola&utm_term=sanook_1011713&utm_content=2836912185&utm_medium=1011713&utm_campaign=OlderWomen-ALL-DTM-WM-TB#tblciGiA-1r-sLzb_8YAd3JlyAb4MDr5eOMum_TBGjTj0GdlquSDclEkovrH5qoPhz5eVAQ
Title: Women's Method

Search URL Search Domain Scan URL

URL: https://trueedition.com/trending/45-celebrity-couples-that-will-restore-your-faith-in-true-love-and-soulmates-10-guyfieri-mhtbus?utm_source=taboola&utm_medium=sanook&utm_campaign=23354582&utm_term=Take+A+look+At+Who+Guy+Fieri+Is+Married+To&utm_content=http%3A%2F%2Fcdn.taboola.com%2Flibtrc%2Fstatic%2Fthumbnails%2Fd64e1313105e34e10cbd1ddfd4df0668.png&ts=2023-02-19+18%3A30%3A20&tbv=nncIuKO9Jq3oe1OsB9KWtUeHlNpLforJvmvJ9latgJA=&pcl=1&br=1&utm_source=taboola&utm_medium=sanook&utm_campaign=23354582&utm_term=Take+A+look+At+Who+Guy+Fieri+Is+Married+To&utm_content=http%3A%2F%2Fcdn.taboola.com%2Flibtrc%2Fstatic%2Fthumbnails%2Fd64e1313105e34e10cbd1ddfd4df0668.png&ts=2023-02-19+18%3A30%3A20&tbv=nncIuKO9Jq3oe1OsB9KWtUeHlNpLforJvmvJ9latgJA=&pcl=1&br=1
Title: True Edition

Search URL Search Domain Scan URL

URL: https://horoscope.sanook.com/play/name/
Title: วิเคราะห์ชื่อ

Search URL Search Domain Scan URL

URL: https://itunes.apple.com/th/app/sanook!/id430564118?mt=8

Search URL Search Domain Scan URL

URL: https://play.google.com/store/apps/details?id=m.sanook.com

Search URL Search Domain Scan URL

URL: https://www.tencent.co.th/
Title: เกี่ยวกับเรา

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://gg.gg/139z1t HTTP 301
https://www.sanook.com/horoscope/73929/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 130

https://gum.criteo.com/sid/json?origin=publishertag&domain=sanook.com&sn=ChromeSyncframe&so=0&topUrl=www.sanook.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=XRm4Inw1VXlvNUxiR3IrYlFXaGxGMkE0aWUwN3E4RmlkYXZDZ0NtZm1BOUtpd0U2NjRXRlRTbDN3QkJiN2lvRitPeFBBSVN2UUFmeCtJbFhKWTBCWExZZ3lmMUJ0ejhaZzhGdHdYT2poam9GUVREcC93Z1phY2JzM0h3ZlJBNTJLVXAvZFR6Zkd4Q3VQMk5xTGs2ZGJnRzNta0dwWUY0dmdRNDRWTktHTGl4Y25Fb1RHQk1GSTE5ZWliMkZ2UVNNMDNzQUUrTjdveG5iTEl6MXhRZjZWOGVxaWhrU21aUTB6d3ErQXhDOFNBTENvOVBNODNhMW9KWTZIWENlN0dWTkJ4NmNPRGg3ZWZLUG9iTG5MQ0MyNzVMWElkdz09fA&cppv=2

Request Chain 131

https://sb.scorecardresearch.com/b?c1=2&c2=14617386&cs_it=b3&cv=3.8.0.210223&ns__t=1676831419905&ns_c=UTF-8&c7=https%3A%2F%2Fwww.sanook.com%2Fhoroscope%2F73929%2F&c8=%E0%B8%94%E0%B8%AD%E0%B8%81%E0%B9%84%E0%B8%A1%E0%B9%89%E0%B8%9B%E0%B8%A3%E0%B8%B0%E0%B8%88%E0%B8%B3%2012%20%E0%B8%A3%E0%B8%B2%E0%B8%A8%E0%B8%B5%20%E0%B8%84%E0%B8%A7%E0%B8%B2%E0%B8%A1%E0%B8%AB%E0%B8%A1%E0%B8%B2%E0%B8%A2%E0%B8%82%E0%B8%AD%E0%B8%87%E0%B8%94%E0%B8%AD%E0%B8%81%E0%B9%84%E0%B8%A1%E0%B9%89%E0%B8%A1%E0%B8%87%E0%B8%84%E0%B8%A5%E0%B9%83%E0%B8%99%E0%B8%9B%E0%B8%A3%E0%B8%B0%E0%B9%80%E0%B8%97%E0%B8%A8%E0%B9%84%E0%B8%97%E0%B8%A2&c9= HTTP 302
https://sb.scorecardresearch.com/b2?c1=2&c2=14617386&cs_it=b3&cv=3.8.0.210223&ns__t=1676831419905&ns_c=UTF-8&c7=https%3A%2F%2Fwww.sanook.com%2Fhoroscope%2F73929%2F&c8=%E0%B8%94%E0%B8%AD%E0%B8%81%E0%B9%84%E0%B8%A1%E0%B9%89%E0%B8%9B%E0%B8%A3%E0%B8%B0%E0%B8%88%E0%B8%B3%2012%20%E0%B8%A3%E0%B8%B2%E0%B8%A8%E0%B8%B5%20%E0%B8%84%E0%B8%A7%E0%B8%B2%E0%B8%A1%E0%B8%AB%E0%B8%A1%E0%B8%B2%E0%B8%A2%E0%B8%82%E0%B8%AD%E0%B8%87%E0%B8%94%E0%B8%AD%E0%B8%81%E0%B9%84%E0%B8%A1%E0%B9%89%E0%B8%A1%E0%B8%87%E0%B8%84%E0%B8%A5%E0%B9%83%E0%B8%99%E0%B8%9B%E0%B8%A3%E0%B8%B0%E0%B9%80%E0%B8%97%E0%B8%A8%E0%B9%84%E0%B8%97%E0%B8%A2&c9=

Request Chain 142

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1007499765/?random=194288330&cv=11&fst=1676831419848&bg=ffffff&guid=ON&async=1&gtm=45He32f0&u_w=1600&u_h=1200&label=JxFSCKqXqfMBEPXztOAD&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fwww.sanook.com%2Fhoroscope%2F73929%2F&tiba=%E0%B8%94%E0%B8%AD%E0%B8%81%E0%B9%84%E0%B8%A1%E0%B9%89%E0%B8%9B%E0%B8%A3%E0%B8%B0%E0%B8%88%E0%B8%B3%2012%20%E0%B8%A3%E0%B8%B2%E0%B8%A8%E0%B8%B5%20%E0%B8%84%E0%B8%A7%E0%B8%B2%E0%B8%A1%E0%B8%AB%E0%B8%A1%E0%B8%B2%E0%B8%A2%E0%B8%82%E0%B8%AD%E0%B8%87%E0%B8%94&value=0&auid=2123472593.1676831420&uamb=0&uaw=0&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=u2ryY_WNNpiO9fwPhbao2AU&sscte=1&crd=&eitems=ChEIgK7HnwYQmJaD7dX39JPaARIdAOUsi1wBXtB4Dbu4ypQh5kVxfou8lQbBkxkvEVk&pscrd=Ek5DaEFJZ0s3SG53WVE3c0dieFkzZGxid2JFaVlBVGJwVnNlaVBZT3piZkR4MTJBN1BKbzFyWnNKQXJldkdnWTlSb2VEd3JjclVuY3MwYlEaWkNoRUlnSzdIbndZUTJwZnYwOS1NaFlTU0FSSXVBSWQwWmVxb2JoQmRGNS1DaE1jZl9UV1J2OWY1ay15TnJjazRyeU5RSFVfYm5CcElFMGZEajMtYnhBMGszUQ HTTP 302
https://www.google.com/pagead/1p-conversion/1007499765/?random=194288330&cv=11&fst=1676831419848&bg=ffffff&guid=ON&async=1&gtm=45He32f0&u_w=1600&u_h=1200&label=JxFSCKqXqfMBEPXztOAD&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fwww.sanook.com%2Fhoroscope%2F73929%2F&tiba=%E0%B8%94%E0%B8%AD%E0%B8%81%E0%B9%84%E0%B8%A1%E0%B9%89%E0%B8%9B%E0%B8%A3%E0%B8%B0%E0%B8%88%E0%B8%B3%2012%20%E0%B8%A3%E0%B8%B2%E0%B8%A8%E0%B8%B5%20%E0%B8%84%E0%B8%A7%E0%B8%B2%E0%B8%A1%E0%B8%AB%E0%B8%A1%E0%B8%B2%E0%B8%A2%E0%B8%82%E0%B8%AD%E0%B8%87%E0%B8%94&value=0&auid=2123472593.1676831420&uamb=0&uaw=0&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek5DaEFJZ0s3SG53WVE3c0dieFkzZGxid2JFaVlBVGJwVnNlaVBZT3piZkR4MTJBN1BKbzFyWnNKQXJldkdnWTlSb2VEd3JjclVuY3MwYlEaWkNoRUlnSzdIbndZUTJwZnYwOS1NaFlTU0FSSXVBSWQwWmVxb2JoQmRGNS1DaE1jZl9UV1J2OWY1ay15TnJjazRyeU5RSFVfYm5CcElFMGZEajMtYnhBMGszUQ&is_vtc=1&ocp_id=u2ryY_WNNpiO9fwPhbao2AU&cid=CAQSKQDUE5ymzUqJpaFEg96Kuyf2DO4K_LVE-_jv0hatH1A7GheD9L3IGIWH&eitems=ChEIgK7HnwYQmJaD7dX39JPaARIdAOUsi1xNo75BqX6V0gQ34wE-vPjlEVrvn5QX04E&random=365403267 HTTP 302
https://www.google.com.sg/pagead/1p-conversion/1007499765/?random=194288330&cv=11&fst=1676831419848&bg=ffffff&guid=ON&async=1&gtm=45He32f0&u_w=1600&u_h=1200&label=JxFSCKqXqfMBEPXztOAD&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fwww.sanook.com%2Fhoroscope%2F73929%2F&tiba=%E0%B8%94%E0%B8%AD%E0%B8%81%E0%B9%84%E0%B8%A1%E0%B9%89%E0%B8%9B%E0%B8%A3%E0%B8%B0%E0%B8%88%E0%B8%B3%2012%20%E0%B8%A3%E0%B8%B2%E0%B8%A8%E0%B8%B5%20%E0%B8%84%E0%B8%A7%E0%B8%B2%E0%B8%A1%E0%B8%AB%E0%B8%A1%E0%B8%B2%E0%B8%A2%E0%B8%82%E0%B8%AD%E0%B8%87%E0%B8%94&value=0&auid=2123472593.1676831420&uamb=0&uaw=0&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek5DaEFJZ0s3SG53WVE3c0dieFkzZGxid2JFaVlBVGJwVnNlaVBZT3piZkR4MTJBN1BKbzFyWnNKQXJldkdnWTlSb2VEd3JjclVuY3MwYlEaWkNoRUlnSzdIbndZUTJwZnYwOS1NaFlTU0FSSXVBSWQwWmVxb2JoQmRGNS1DaE1jZl9UV1J2OWY1ay15TnJjazRyeU5RSFVfYm5CcElFMGZEajMtYnhBMGszUQ&is_vtc=1&ocp_id=u2ryY_WNNpiO9fwPhbao2AU&cid=CAQSKQDUE5ymzUqJpaFEg96Kuyf2DO4K_LVE-_jv0hatH1A7GheD9L3IGIWH&eitems=ChEIgK7HnwYQmJaD7dX39JPaARIdAOUsi1xNo75BqX6V0gQ34wE-vPjlEVrvn5QX04E&random=365403267&ipr=y&prhg=0

Request Chain 241

https://ad.turn.com/r/cs?pid=9&gdpr=0 HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537073061&val=7626325209235729978&gdpr=0&gdpr_consent=&us_privacy=

Request Chain 242

https://match.adsrvr.org/track/cmf/openx?oxid=b9b5f792-b958-3b4c-6ddd-bc52e1511283&gdpr=0 HTTP 302
https://match.adsrvr.org/track/cmb/openx?oxid=b9b5f792-b958-3b4c-6ddd-bc52e1511283&gdpr=0 HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072971&val=f91d4e2a-9548-4c26-a952-3061050615ad&ttd_puid=b9b5f792-b958-3b4c-6ddd-bc52e1511283&gdpr=0&gdpr_consent=

Request Chain 243

https://tg.socdm.com/rtb/sync_before?proto=openx HTTP 302
https://jp-u.openx.net/w/1.0/sd?id=537072335&val=Y-JqvcCo8YoAAHHtC1oAAAAA

Request Chain 244

https://cr-p3.ladsp.com/cookiesender/3 HTTP 302
https://cr-p3.ladsp.com/cookiesender/3?cr=true HTTP 302
https://jp-u.openx.net/w/1.0/sd?id=537072451&val=AQpfCLf1HpZbks8AD1ntPLMoTs8AAAGGavDzHg

Request Chain 246

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEFfwtvHx1IykP0E0zbPXrvE&google_cver=1

Request Chain 276

https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fwww.sanook.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F HTTP 302
https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fwww.sanook.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1

Request Chain 278

https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fwww.sanook.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F HTTP 302
https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fwww.sanook.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1

Request Chain 282

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=Y_JqvfoFZumd2NB_TEhajgAAFMEAAAAB&gdpr_consent=&us_privacy=&gdpr= HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEJ2XapWvlrIpGRMbZFHl7IY&google_cver=1

Request Chain 283

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y_JqvfoFZumd2NB_TEhajgAAFMEAAAAB HTTP 302
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y_JqvfoFZumd2NB_TEhajgAAFMEAAAAB&dcc=t

Request Chain 284

https://match.adsrvr.org/track/cmf/casale HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=f91d4e2a-9548-4c26-a952-3061050615ad&expiration=1679423421&gdpr=0&gdpr_consent=

Request Chain 285

https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=Y-JqvVmfHdKvpbEbBRMNQAAA HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEFRn2HLsC4qajxnROmKt824&google_cver=1

Request Chain 287

https://b1sync.zemanta.com/usersync/index/?us_privacy=&gdpr=&gdpr_consent= HTTP 302
https://stags.bluekai.com/site/23178?id=H6VOlLhaYJCzbjUSGpHA&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS6ZDTOVWS243FMMXGGYLTMFWGK3LFMRUWCLTDN5WS6Y3SOVWT6Y3NL5SHG4C7NFSD2MJXEZSXQY3IMFXGOZJ5NFXGIZLYEZSXQ5DFOJXGC3C7OVZWK4S7NFSD2SBWKZHWYTDIMFMUUQ32MJVFKU2HOBEEC HTTP 302
https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS6ZDTOVWS243FMMXGGYLTMFWGK3LFMRUWCLTDN5WS6Y3SOVWT6Y3NL5SHG4C7NFSD2MJXEZSXQY3IMFXGOZJ5NFXGIZLYEZSXQ5DFOJXGC3C7OVZWK4S7NFSD2SBWKZHWYTDIMFMUUQ32MJVFKU2HOBEEC HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=17&external_user_id=H6VOlLhaYJCzbjUSGpHA

Request Chain 288

https://pm.w55c.net/ping_match.gif?ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_ HTTP 302
https://pm.w55c.net/ping_match.gif?scc=1&ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_ HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=BkkwXAyr1PtOs55

Request Chain 292

https://c1.adform.net/serving/cookie/match?party=14&cid=85D19C09-7095-475E-95C8-9F29F99AFE82&gdpr=0&gdpr_consent= HTTP 302
https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=85D19C09-7095-475E-95C8-9F29F99AFE82&gdpr=0&gdpr_consent=

Request Chain 293

https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:028d63f2-6abd-4300-8a87-36805cc62154&gdpr=0&gdpr_consent=

Request Chain 294

https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent= HTTP 302
https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=&_test=Y-JqvQAGoQzDdQBh HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Y-JqvQAGoQzDdQBh&gdpr=1&gdpr_consent=&_test=Y-JqvQAGoQzDdQBh

Request Chain 295

https://cm.ambientdsp.com/cm/send?vc=pmj HTTP 301
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQ0OSZ0bD00MzIwMA==&piggybackCookie=z0mrtbvuj81

Request Chain 296

https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA%3D%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=5043346485621275506&gdpr=0&gdpr_consent=

Request Chain 297

https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=LsVbly6XX8E1wFmRL5IQkyHAX5I1kwSWepVi1zeF

Request Chain 298

https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@ HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=

Request Chain 299

https://sync.srv.stackadapt.com/sync?nid=11&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=GRlqTZV3QLxvc_FbQVJP0mf-mdI&gdpr=0&gdpr_consent=

Request Chain 301

https://gocm.c.appier.net/pubmatic HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=KmfVv85WA2yHneP0vWryYw

Request Chain 302

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=hdGcCXCVR16VyJ8p-Zr-gg%3D%3D&gdpr=0&gdpr_consent= HTTP 302
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=

Request Chain 303

https://idsync.rlcdn.com/420486.gif?partner_uid=85D19C09-7095-475E-95C8-9F29F99AFE82 HTTP 307
https://idsync.rlcdn.com/1000.gif?memo=CIbVGRIwCiwIARCMowEaJDg1RDE5QzA5LTcwOTUtNDc1RS05NUM4LTlGMjlGOTlBRkU4MhAAGg0IvdXJnwYSBQjoBxAAQgBKAA HTTP 307
https://pippio.com/api/sync?pid=5324&it=1&iv=77e419101270be6c42e0a23aacceaca07a982d1c810775111405035038906596791426b5417dce21&_=2 HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=pippio_dmp&google_cm&google_no_sc&m=CMwpElsKVwgBEJInGlA3N2U0MTkxMDEyNzBiZTZjNDJlMGEyM2FhY2NlYWNhMDdhOTgyZDFjODEwNzc1MTExNDA1MDM1MDM4OTA2NTk2NzkxNDI2YjU0MTdkY2UyMRAAGgwIvtXJnwYSBAgCEABCAEoA HTTP 302
https://pippio.com/api/sync/ddp?pid=2&m=CMwpElsKVwgBEJInGlA3N2U0MTkxMDEyNzBiZTZjNDJlMGEyM2FhY2NlYWNhMDdhOTgyZDFjODEwNzc1MTExNDA1MDM1MDM4OTA2NTk2NzkxNDI2YjU0MTdkY2UyMRAAGgwIvtXJnwYSBAgCEABCAEoA&google_gid=CAESELslfQyGE74XSUEwn3kUhdo&google_cver=1 HTTP 307
https://tags.rd.linksynergy.com/rcs?ns=lr&uid3= HTTP 303
https://idsync.rlcdn.com/458249.gif?partner_uid=bf9a9717-121f-4aaf-8527-d436dcf95caf

Request Chain 304

https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=85D19C09-7095-475E-95C8-9F29F99AFE82&sInitiator=external&gdpr=0&gdpr_consent= HTTP 302
https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=85D19C09-7095-475E-95C8-9F29F99AFE82&sInitiator=external&gdpr=0&gdpr_consent=

Request Chain 305

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=ODVEMTlDMDktNzA5NS00NzVFLTk1QzgtOUYyOUY5OUFGRTgy&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=

Request Chain 306

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEBaZKZxjRcyEC2ipp2ndnUg&google_cver=1

Request Chain 307

https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:A04CF4C630214E7CB0E94D2E6C11D176

Request Chain 309

https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=f91d4e2a-9548-4c26-a952-3061050615ad&gdpr=0&gdpr_consent=

Request Chain 310

https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=85D19C09-7095-475E-95C8-9F29F99AFE82&redir=true&gdpr=0&gdpr_consent= HTTP 302
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-bKvU3LBE2uWaamZoGB3tssEnpIIhJgE-~A&gdpr=0

Request Chain 311

https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=6146079985838723153

Request Chain 312

https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
https://pool.admedo.com/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic&bsw_custom_parameter=91f5f182-b782-4407-985c-6593dbbf178e HTTP 302
https://pool.admedo.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic&bsw_custom_parameter=91f5f182-b782-4407-985c-6593dbbf178e HTTP 302
https://x.bidswitch.net/sync?dsp_id=23&expires=14&user_id=04967bed-3a89-420a-be7e-ffbb132ccadf&user_group=1&ssp=pubmatic&bsw_param=91f5f182-b782-4407-985c-6593dbbf178e HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=91f5f182-b782-4407-985c-6593dbbf178e&gdpr=&gdpr_consent=&gdpr_pd=

Request Chain 313

https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=85D19C09-7095-475E-95C8-9F29F99AFE82&gdpr=0&gdpr_consent= HTTP 302
https://pubmatic-match.dotomi.com/match/bounce/current?DotomiTest=38bc08a4d43c1b0a&is_secure=true&networkId=17100&version=1&nuid=85D19C09-7095-475E-95C8-9F29F99AFE82&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAALmhfd_BEgeAMVz09HAAAAAAA&expiration=1676917821&nuid=85D19C09-7095-475E-95C8-9F29F99AFE82&is_secure=true&gdpr_consent=&gdpr=0

Request Chain 314

https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=7626325209235729978&gdpr=0&gdpr_consent=&us_privacy=

Request Chain 315

https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 307
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA%3D%26piggybackCookie%3D%24UID HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=5043346485621275506

Request Chain 319

https://match.adsrvr.org/track/cmf/casale HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=f91d4e2a-9548-4c26-a952-3061050615ad&expiration=1679423421&gdpr=0&gdpr_consent=

Request Chain 320

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y_JqvVmfHdKvpbEbBRMNQAAAFL8AAAAB HTTP 302
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y_JqvVmfHdKvpbEbBRMNQAAAFL8AAAAB&dcc=t

Request Chain 321

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=Y_JqvVmfHdKvpbEbBRMNQAAAFL8AAAAB&gdpr_consent=&us_privacy=&gdpr= HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEJ2XapWvlrIpGRMbZFHl7IY&google_cver=1

Request Chain 322

https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=Y-JqvVmfHdKvpbEbBRMNQAAA HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEFRn2HLsC4qajxnROmKt824&google_cver=1

Request Chain 323

https://dpm.demdex.net/ibs:dpid=23728&dpuuid=Y-JqvVmfHdKvpbEbBRMNQAAA%265311?gdpr_consent=&us_privacy=&gdpr= HTTP 302
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=23728&dpuuid=Y-JqvVmfHdKvpbEbBRMNQAAA%265311

Request Chain 324

https://pm.w55c.net/ping_match.gif?ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_ HTTP 302
https://pm.w55c.net/ping_match.gif?scc=1&ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_ HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=BkkwXAyr1PtOs55

Request Chain 325

https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=bfff63f2-6abd-4100-a7ca-a4b3189e2292

Request Chain 326

https://csync.loopme.me/?pubid=11466&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D24%26external_user_id%3D%7Bviewer_token%7D&us_privacy=&gdpr=&gdpr_consent= HTTP 307
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=24&external_user_id=1779c342-694a-4cf2-9573-169369e4e673&us_privacy=null&gdpr_consent=null&gdpr=null

Request Chain 337

https://taboola-supply-partners.tremorhub.com/sync?UISTB=%3CtaboolaUserId%3E&gdpr=0&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Ftelaria-rtb-network%2F1%2Frtb-h%2F%3Fgdpr%3D0%26us_privacy%3D1---%26taboola_hm%3D%5BTVUSER_ID%5D%26orig%3Dvideo HTTP 302
https://sync-t1.taboola.com/sg/telaria-rtb-network/1/rtb-h/?gdpr=0&us_privacy=1---&taboola_hm=ea3389a6971146ac8ce78c1226784ecc&orig=video

Request Chain 338

https://match.adsrvr.org/track/cmf/generic?gdpr=0&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1 HTTP 302
https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=f91d4e2a-9548-4c26-a952-3061050615ad

Request Chain 342

https://adrta.com/i?clid=opx&paid=sc&avid=537148859&caid=537350102&publisherId=540353017&plid=543894115&siteId=540353046&kv1=300x250&kv2=https%3A%2F%2Fwww.sanook.com%2Fhoroscope%2F73929&kv4=&kv5=1676831421&kv11=aa10bc0c-d5ef-4a5c-9e32-63ccd44b4d15&lineItemId=543894114&kv15=sg&kv55=1.0,1!google.com,pub-6167238712729032,1,,,!openx.com,540353017,1,aa10bc0c-d5ef-4a5c-9e32-63ccd44b4d15,,&kv10=&kv25=&kv26=Windows&kv28=desktop&kv62=&kv63=&kv9=&kv13=&kv3=&kv27=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F110.0.5481.100+Safari%2F537.36&kv7=41369f8c-6fd8-4c86-b8bb-fad81774416e&kv14=&kv16=1.28795&kv17=103.85178&kv12=540353047&kv18=&kv19=&kv23=&kv24=Desktop_Display&cb=558018 HTTP 302
https://ipds.adrta.com/i?__x=GEHFIJKFGKHCJHEBHAIGMLKILILNMLMMLKHJM@FNNKOKGJGGHMEBQGKLLLHFMKFFEHJPNHCGLLKPJFKJHFKECHIMJIMHJJKNJNKFFEPH@HNMLMHIKGIHLF@ECG@G&clid=opx&paid=sc&avid=537148859&caid=537350102&publisherId=540353017&plid=543894115&siteId=540353046&kv1=300x250&kv2=https%3A%2F%2Fwww.sanook.com%2Fhoroscope%2F73929&kv4=&kv5=1676831421&kv11=aa10bc0c-d5ef-4a5c-9e32-63ccd44b4d15&lineItemId=543894114&kv15=sg&kv55=1.0,1!google.com,pub-6167238712729032,1,,,!openx.com,540353017,1,aa10bc0c-d5ef-4a5c-9e32-63ccd44b4d15,,&kv10=&kv25=&kv26=Windows&kv28=desktop&kv62=&kv63=&kv9=&kv13=&kv3=&kv27=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F110.0.5481.100+Safari%2F537.36&kv7=41369f8c-6fd8-4c86-b8bb-fad81774416e&kv14=&kv16=1.28795&kv17=103.85178&kv12=540353047&kv18=&kv19=&kv23=&kv24=Desktop_Display&cb=558018

Request Chain 349

https://taboola-supply-partners.tremorhub.com/sync?UISTB=%3CtaboolaUserId%3E&gdpr=0&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Ftelaria-rtb-network%2F1%2Frtb-h%2F%3Fgdpr%3D0%26us_privacy%3D1---%26taboola_hm%3D%5BTVUSER_ID%5D%26orig%3Dvideo HTTP 302
https://sync-t1.taboola.com/sg/telaria-rtb-network/1/rtb-h/?gdpr=0&us_privacy=1---&taboola_hm=2efddef489dd4be7a359f437e0483f8a&orig=video

Request Chain 350

https://match.adsrvr.org/track/cmf/generic?gdpr=0&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1 HTTP 302
https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=f91d4e2a-9548-4c26-a952-3061050615ad

Request Chain 351

https://x.bidswitch.net/sync?gdpr=0&us_privacy=1---&ssp=taboola HTTP 302
https://x.bidswitch.net/ul_cb/sync?gdpr=0&us_privacy=1---&ssp=taboola HTTP 302
https://inv-nets.admixer.net/adxcm.aspx?ssp=D41B0D84-4DB7-4D9C-81CC-3A497DB5D0A6&gdpr=0&consent=&rurl=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D354%26user_id%3D%24%24visitor_cookie%24%24%26ssp%3Dtaboola%26bsw_param%3D91f5f182-b782-4407-985c-6593dbbf178e%26gdpr%3D0%26consent%3D%26gdpr_pd%3D%26expires%3D7 HTTP 302
https://x.bidswitch.net/sync?dsp_id=354&user_id=9543b93a204846a298066eac39268a26&ssp=taboola&bsw_param=91f5f182-b782-4407-985c-6593dbbf178e&gdpr=0&consent=&gdpr_pd=&expires=7 HTTP 302
https://sync-t1.taboola.com/sg/bidswitch-network/1/rtb-h?taboola_hm=91f5f182-b782-4407-985c-6593dbbf178e

Request Chain 359

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?gdpr=0&p=15414&us_privacy=1---&endpoint= HTTP 301
https://eus.rubiconproject.com/usync.html?gdpr=0&p=15414&us_privacy=1---&endpoint=

Request Chain 384

https://pixel.rubiconproject.com/exchange/sync.php?p=15414&gdpr=0&us_privacy=1---&gdpr=0&us_privacy=1---&khaos=LEBQ4TFN-V-CH0S HTTP 302
https://trc.taboola.com/sg/rubiconvideo-network/1/rtb-h/?taboola_hm=LEBQ4TFN-V-CH0S&gdpr=0&us_privacy=1---

Request Chain 386

https://i.w55c.net/ping_match.gif?ei=OPENX&rurl=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072979%26val%3D_wfivefivec_ HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072979&val=BkkwXAyr1PtOs55

Request Chain 387

https://sync-tm.everesttech.net/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537148856&val=Y-JqvQAGoQzDdQBh

Request Chain 389

https://bk.r-ad.ne.jp/3/cs HTTP 302
https://jp-u.openx.net/w/1.0/sd?id=537097918&val=531IUM00aBDAY008jXiz

Request Chain 393

https://rtb.openx.net/sync/dds HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=open&google_hm=ZuN9rhDegmKLqfDlMkgoOQ==&ox_sc=1&ox_init=1 HTTP 302
https://rtb.openx.net/sync/dds?ox_sc=1&ox_init=1

Request Chain 395

https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Fjp-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D HTTP 302
https://jp-u.openx.net/w/1.0/sd?id=536872786&val=bfff63f2-6abd-4100-a7ca-a4b3189e2292

Request Chain 405

https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&gdpr=0&us_privacy=1--- HTTP 302
https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&gdpr=0&us_privacy=1---&dcc=t HTTP 302
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=H3GlBv_nSe6Njy3rn8yZyQ&rk=usync-na&gdpr=0 HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=H3GlBv_nSe6Njy3rn8yZyQ&gdpr=0

Request Chain 406

https://token.rubiconproject.com/token?pid=2974&pt=n&a=1&gdpr=0&us_privacy=1--- HTTP 302
https://pr-bh.ybp.yahoo.com/sync/rubicon/4yoCO4ppH9D-7W-n2XzAEA?csrc=&gdpr=0&us_privacy=1--- HTTP 302
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-D628KMxE2oI5T2CAKXM0yEQOTfvkUffLSEHxuA--~A

Request Chain 407

https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&gdpr=0&us_privacy=1--- HTTP 302
https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&gdpr=0&us_privacy=1---&dcc=t HTTP 302
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=v6DuDuhIQteW8d40oljZQw&rk=usync-other&gdpr=0 HTTP 302
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=v6DuDuhIQteW8d40oljZQw&gdpr=0

Request Chain 408

https://match.adsrvr.org/track/cmf/rubicon?gdpr=0&us_privacy=1--- HTTP 302
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=f91d4e2a-9548-4c26-a952-3061050615ad&gdpr=0&gdpr_consent=&expires=30

Request Chain 409

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc&gdpr=0&us_privacy=1--- HTTP 302
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&gdpr=0&put=CAESEMS-ACrlHy3-LXG0uAaSK7s&google_cver=1

Request Chain 410

https://token.rubiconproject.com/token?pid=36584&gdpr=0&us_privacy=1--- HTTP 302
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LEBQ4TFN-V-CH0S&gdpr=0&us_privacy=1---

Request Chain 411

https://token.rubiconproject.com/token?pid=2249&pt=n&gdpr=0&us_privacy=1--- HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NGYzZTc0NDU0N2I0OGFlMDljOGI5OTZiMWE4YTBkMDVhMzY3OTcyZg&gdpr=0&us_privacy=1---

Request Chain 412

https://token.rubiconproject.com/token?pid=25470&gdpr=0&us_privacy=1--- HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEVCUTRURk4tVi1DSDBT&gdpr=0&us_privacy=1---

Request Chain 413

https://taboola-supply-partners.tremorhub.com/sync?UISTB=%3CtaboolaUserId%3E&gdpr=0&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Ftelaria-rtb-network%2F1%2Frtb-h%2F%3Fgdpr%3D0%26us_privacy%3D1---%26taboola_hm%3D%5BTVUSER_ID%5D%26orig%3Dvideo HTTP 302
https://sync-t1.taboola.com/sg/telaria-rtb-network/1/rtb-h/?gdpr=0&us_privacy=1---&taboola_hm=5bf7b829b02942ae9d716a9703c85849&orig=video

Request Chain 414

https://ups.analytics.yahoo.com/ups/58534/occ HTTP 302
https://sync.taboola.com/sg/yahoosspus-network/1/rtb-h/?taboola_hm=y-wsAbU6hE2uGikW0lm0iMi6pxHdFDOLG7iGB1Lmk-~A

Request Chain 418

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?gdpr=0&p=15414&us_privacy=1---&endpoint= HTTP 301
https://eus.rubiconproject.com/usync.html?gdpr=0&p=15414&us_privacy=1---&endpoint=

Request Chain 450

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEGAhf3QjaxIhvNRYGsYWQ9k&google_cver=1&google_push=Aa02lx8D0qq3WLlED14FUS1cX5aim9l7xO1KH6iXAifkUPsBlFSesN5iUUESh-S-Bx2lMd8g_DdPn5I8e5CKiqsAaRkdTPDzakdjA8bOFyosVdah8h-6-X8mCWMz6MTFHKRZZgHQV8WIDA HTTP 302
https://cm.g.doubleclick.net/pixel?gdpr=0&google_nid=B765081F39B1F7&google_push=Aa02lx8D0qq3WLlED14FUS1cX5aim9l7xO1KH6iXAifkUPsBlFSesN5iUUESh-S-Bx2lMd8g_DdPn5I8e5CKiqsAaRkdTPDzakdjA8bOFyosVdah8h-6-X8mCWMz6MTFHKRZZgHQV8WIDA&google_hm=Ayiq0ZPD8RMuaR_GjT-kwQ

Request Chain 452

https://cc.adingo.jp/adx/push/?google_gid=CAESEPf1VJVby5wu5NwPML3LEUw&google_cver=1&google_push=Aa02lx9h5K2dmK4FKR6F6FWTqf07fNBMWjzk8XjHdOApVEQX3iQcKxHi_xMLHHUSddhQbaECd4NnFL5hoC2BbJ5UK7vftaIs_c_XCZVAz-BTD7sXT7HK1HOEj6B9GLwUjMVXYbYsmdWEcQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=Aa02lx9h5K2dmK4FKR6F6FWTqf07fNBMWjzk8XjHdOApVEQX3iQcKxHi_xMLHHUSddhQbaECd4NnFL5hoC2BbJ5UK7vftaIs_c_XCZVAz-BTD7sXT7HK1HOEj6B9GLwUjMVXYbYsmdWEcQ&google_hm=886fc0491b835b5d9f41c1867434a979

Request Chain 453

https://an.yandex.ru/mapuid/google/CAESEHnMfCno6X5dHnqQE1vg7I0?ext-param=Aa02lx95LT1A9TSuW9GnaUaPDiN-V9loN-AO4jUayD7X6-wO1EMHxDBIUluznRfLyVm_I78_e6I_l4w1LJNeqiCknuls4GIRJP2XfyPDplSoB6WIi2ibTnPBbQzVcWge8X4Y7_VBaOfUFXE&partner-tag=yandex_ag&google_cver=1 HTTP 302
https://an.yandex.ru/mapuid/google/CAESEHnMfCno6X5dHnqQE1vg7I0?redir-setuniq=1&ext-param=Aa02lx95LT1A9TSuW9GnaUaPDiN-V9loN-AO4jUayD7X6-wO1EMHxDBIUluznRfLyVm_I78_e6I_l4w1LJNeqiCknuls4GIRJP2XfyPDplSoB6WIi2ibTnPBbQzVcWge8X4Y7_VBaOfUFXE&partner-tag=yandex_ag&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yandex_ag&google_hm=CAESEHnMfCno6X5dHnqQE1vg7I0&google_redir=https%3A%2F%2Fan.yandex.ru%2Fresource%2Fspacer.gif HTTP 302
https://an.yandex.ru/resource/spacer.gif

Request Chain 454

https://trace.mediago.io/cs/google?google_gid=CAESEPF4rA3Zn7ihx0RELTP36Ms&google_cver=1&google_push=Aa02lx_s4iMJax077gVc8hXinYz1u8vMftDrs0CcLMbZwrtJa7Hvgld_Nx7FOd2FwAOSMSX3-LefrAkciIoZQ9qQ1lj3YsxAHihatfxcPRin_dPIZEF0P0FwtYWfY0vQyuqHovmj__Q03Q HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=baidu_mediago&google_push=Aa02lx_s4iMJax077gVc8hXinYz1u8vMftDrs0CcLMbZwrtJa7Hvgld_Nx7FOd2FwAOSMSX3-LefrAkciIoZQ9qQ1lj3YsxAHihatfxcPRin_dPIZEF0P0FwtYWfY0vQyuqHovmj__Q03Q&google_hm=23cad0a1f571502cb566d5409449a8c0

Request Chain 455

https://secure.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=${BASE64_UID_ENC}&google_gid=CAESEI2IDGxlJcye5OtdA4XG0Tg&google_cver=1&google_push=Aa02lx-TMyKY6elnmItb0ZdLEXkOrcpJnlrlbb82ujigmST1jWbgpFSoJA8ApO2m-4B_Yb7cVv_oEsFUcN4Jj9UD9lnyVLzOEbTIz7SR4vc-HJTFIv5QS2h5SW9SJvoc5Z4z12gA-mmxJ7E HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=NTA0MzM0NjQ4NTYyMTI3NTUwNg%3D%3D&google_gid=CAESEI2IDGxlJcye5OtdA4XG0Tg&google_cver=1&google_push=Aa02lx-TMyKY6elnmItb0ZdLEXkOrcpJnlrlbb82ujigmST1jWbgpFSoJA8ApO2m-4B_Yb7cVv_oEsFUcN4Jj9UD9lnyVLzOEbTIz7SR4vc-HJTFIv5QS2h5SW9SJvoc5Z4z12gA-mmxJ7E

Request Chain 456

https://x.bidswitch.net/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25?google_gid=CAESEJbbjRlz631t5NV08Y8njUU&google_cver=1&google_push=Aa02lx-DohPcfp3i_S9P08TuDYBd74X0lb7IuYrCAT8Rg3B76fl9rEz-2HsuJfNcmuOnbb1bnE9SK_tPE1gMfZefJpZ57_voGQn7dGQANwKikNqWat8MNusONKnFnaguFZSHqsGjkv6Cow HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=91f5f182-b782-4407-985c-6593dbbf178e&%%GOOGLE_PUSH_PAIR%%

Request Chain 459

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.sanook.com%2F&domain=www.sanook.com&cw=1&pbt=1&lsw=1 HTTP 302
https://mug.criteo.com/sid?cpp=GfsDynxucE9zT1lzTk5lNFNOQ1dxUG1vY1Nsb0xpeXRXL2oxbHFSWEkrMHFSVytDZUIvcDlCcWhadm4wVWFEUFN3cVl6ck1Pa3B0YnlVS1FWK0s5NzRYL1hBWFNlRlJkSU5iYk5keFVqckJtVHNLZmlMUHBDdHhNSUU4YUJxQkNsMUwrMzB1VzNiWHEwWUp6c0xZUzlaUC9BYTFtYzVia2t0UFJVckVUcUJ3U2VTaVRpMFdVeDRubC85R2F4aTlnTzZjdjFZU2xmWUJHenM0Uyt6MVZjRHU2OUc4bENGSGg4ajdOTzdleGNZWGJCZ1JIQ2d3aU9xSFlXa3ZML3Q3ay82blhVditmZnZuVlNCRzdGY2dUelA0RXErQXNkR3hITngzd3VBb1JWcWo1U2xuRT18&cppv=2

Request Chain 469

https://tg.socdm.com/aux/idsync?proto=taboola HTTP 302
https://sync.taboola.com/sg/supershiprtb-display-network/1/rtb-h?taboola_hm=Y-JqvsCo8YoAAHHtC.4AAAAA

Request Chain 471

https://pixel.rubiconproject.com/exchange/sync.php?p=16698 HTTP 302
https://trc.taboola.com/sg/rubicon-network-display/1/rtb-h/?taboola_hm=LEBQ4TFN-V-CH0S

Request Chain 472

https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_cm&google_sc HTTP 302
https://trc.taboola.com/sg/google-network/1/rtb-h/?taboola_hm=CAESEHaL_996M34sI2mLcQ2v-Go&google_cver=1

Request Chain 474

https://sync.taboola.com/sg/google-network/1/rtb?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dtaboola_dbm%26google_sc%26gdpr%3D0%26gdpr_consent%3D&orig=trc HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_sc&gdpr=0&gdpr_consent=&google_hm=e4cf3f0e-bd77-425e-bf08-fa04f2579f2e-tuctaebf03c

Request Chain 475

https://match.adsrvr.org/track/cmf/generic?ttd_pid=054f32o&ttd_tpi=1 HTTP 302
https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=f91d4e2a-9548-4c26-a952-3061050615ad

Request Chain 476

https://ce.lijit.com/merge?pid=42&3pid=e4cf3f0e-bd77-425e-bf08-fa04f2579f2e-tuctaebf03c&us_privacy=&gdpr=0&gdpr_consent= HTTP 302
https://ce.lijit.com/merge?pid=42&3pid=e4cf3f0e-bd77-425e-bf08-fa04f2579f2e-tuctaebf03c&us_privacy=&gdpr=0&gdpr_consent=&dnr=1

Request Chain 479

https://dis.criteo.com/dis/usersync.aspx?r=29&p=282&cp=taboolaortb&cu=1&url=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fcriteortb-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%40%40CRITEO_USERID%40%40 HTTP 302
https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=7a472b81-c9b0-40e9-9518-260f5df784dc

Request Chain 480

https://id5-sync.com/s/464/9.gif?puid=e4cf3f0e-bd77-425e-bf08-fa04f2579f2e-tuctaebf03c&gdpr=0&gdpr_consent=&callback=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fid5-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%7BID5UID%7D HTTP 302
https://id5-sync.com/c/464/464/7/1.gif?puid=e4cf3f0e-bd77-425e-bf08-fa04f2579f2e-tuctaebf03c&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=8h9u11h&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
https://id5-sync.com/k/264.gif?puid=f91d4e2a-9548-4c26-a952-3061050615ad&ttl=%%TTL%% HTTP 302
https://ib.adnxs.com/getuid?https://id5-sync.com/c/464/2/5/3.gif?puid=$UID&gdpr=0&gdpr_consent= HTTP 302
https://id5-sync.com/c/464/2/5/3.gif?puid=5043346485621275506&gdpr=0&gdpr_consent= HTTP 302
https://sync.mathtag.com/sync/img?mt_exid=10089&mt_exuid=ID5-21701bkn3iEHsZto4RA2zK8EovKNqiQdjFG3_HrYKQ&redir=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F3%2F4%2F4.gif%3Fpuid%3D%5BUUID%5D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
https://id5-sync.com/c/464/3/4/4.gif?puid=bfff63f2-6abd-4100-a7ca-a4b3189e2292&gdpr=0&gdpr_consent= HTTP 302
https://inmobi-match.dotomi.com/match/bounce/current?networkId=98193&version=1&gdpr=0&gdpr_consent= HTTP 302
https://inmobi-match.dotomi.com/match/bounce/current?DotomiTest=5d03055a0ddd20cd&is_secure=true&networkId=98193&version=1&gdpr=0&gdpr_consent= HTTP 302
https://id5-sync.com/k/822.gif?puid=AAAJng4f8S-73AN8kXkCAAAAAAA&expiration=1676917828&is_secure=true&gdpr_consent=&gdpr=0 HTTP 302
https://ps.eyeota.net/match?gdpr=0&gdpr_consent=&bid=1mpr7m0&r=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F123%2F2%2F6.gif%3Fpuid%3D%7BUUID%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
https://ps.eyeota.net/match/bounce/?gdpr=0&gdpr_consent=&bid=1mpr7m0&r=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F123%2F2%2F6.gif%3Fpuid%3D%7BUUID%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
https://id5-sync.com/c/464/123/2/6.gif?puid=1866af11093-ca6000001084fc7&gdpr=0&gdpr_consent= HTTP 302
https://uipglob.semasio.net/id5/1/get?gdpr=0&gdpr_consent=&_url=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F112%2F1%2F7.gif%3Fpuid%3D%24%7BUIPID%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
https://id5-sync.com/c/464/112/1/7.gif?puid=982A830EA7560F42&gdpr=0&gdpr_consent= HTTP 302
https://token.rubiconproject.com/token?pid=49266&puid={ID5UID}&gdpr=0&gdpr_consent= HTTP 302
https://id5-sync.com/k/285.gif?puid=LEBQ4TFN-V-CH0S&gdpr=0 HTTP 302
https://sync.taboola.com/sg/id5-network/1/rtb-h/?taboola_hm=ID5-21701bkn3iEHsZto4RA2zK8EovKNqiQdjFG3_HrYKQ

Request Chain 481

https://x.bidswitch.net/sync?ssp=taboola&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
https://sync-dsp.ad-m.asia/dsp/api/sync/send?s=bidswitch&bidswitch_ssp_id=taboola HTTP 302
https://sync-dsp.ad-m.asia/dsp/api/sync/send?s=bidswitch&bidswitch_ssp_id=taboola&uid-set=1 HTTP 302
https://sync-tapi.admatrix.jp/data/sync.jsp?rd=https%3A%2F%2Fsync%2Ddsp%2Ead%2Dm%2Easia%2Fdsp%2Fapi%2Fsync%2Fsend%3Fs%3Dbidswitch%26bidswitch%5Fssp%5Fid%3Dtaboola%26uid%2Dset%3D1%26auid%3D HTTP 302
https://sync-dsp.ad-m.asia/dsp/api/sync/send?s=bidswitch&bidswitch_ssp_id=taboola&uid-set=1&auid=e8a68940-5f68-4b4e-bc1f-44b597c5a0ba HTTP 302
https://x.bidswitch.net/sync?dsp_id=96&user_id=pQJn-vP8b4a-Wg&ssp=taboola HTTP 302
https://sync-t1.taboola.com/sg/bidswitch-network/1/rtb-h?taboola_hm=91f5f182-b782-4407-985c-6593dbbf178e

Request Chain 482

https://rtb.mfadsrvr.com/sync?ssp=taboola HTTP 302
https://rtb.mfadsrvr.com/ul_cb/sync?ssp=taboola HTTP 302
https://sync.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=4486edcc-f9c8-41c6-a12b-0b9ea78122ca HTTP 302
https://match.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=4486edcc-f9c8-41c6-a12b-0b9ea78122ca&tbid=e4cf3f0e-bd77-425e-bf08-fa04f2579f2e-tuctaebf03c&query=taboola_hm%3D4486edcc-f9c8-41c6-a12b-0b9ea78122ca&isDirect=0

Request Chain 484

https://eb2.3lift.com/xuid?mid=7772&xuid=e4cf3f0e-bd77-425e-bf08-fa04f2579f2e-tuctaebf03c&dongle=tbla HTTP 302
https://eb2.3lift.com/xuid?ld=1&mid=7772&xuid=e4cf3f0e-bd77-425e-bf08-fa04f2579f2e-tuctaebf03c&dongle=tbla&gdpr=0&cmp_cs=&us_privacy=

Request Chain 486

https://sync.srv.stackadapt.com/sync?nid=140 HTTP 302
https://sync.taboola.com/sg/stackadaptrtb-network/1/rtb-h?taboola_hm=GRlqTZV3QLxvc_FbQVJP0mf-mdI

Request Chain 487

https://x.bidswitch.net/sync?dsp_id=453&user_id=e4cf3f0e-bd77-425e-bf08-fa04f2579f2e-tuctaebf03c&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
https://csync.loopme.me/?partner_id=1196&uid=91f5f182-b782-4407-985c-6593dbbf178e&vt=&gdpr=0&gdpr_consent=&gdpr_pd=&us_privacy=

Request Chain 489

https://u.openx.net/w/1.0/cm?gdpr=0&gdpr_consent=&ph=295bf259-a378-4089-aae8-a2a995ba8627&id=37f45540-fa88-4005-bf73-8a7ac39467e3&r=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fopenxrtb-network%2F1%2Frtb-h%2F%3Fgdpr%3D0%26us_privacy%3D1---%26orig%3Dvideo%26taboola_hm%3D HTTP 302
https://sync-t1.taboola.com/sg/openxrtb-network/1/rtb-h/?gdpr=0&us_privacy=1---&orig=video&taboola_hm=3e8f14b1-5359-0a1b-1f73-bdd4402cb637

Request Chain 496

https://rtd-tm.everesttech.net/upi/?sid=fxdmJHx6UCmHnfYFqSiO&cs=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_push&google_sc&google_hm=WS1KcXZRQUdvUXpEZFFCaA

Request Chain 497

https://rtd-tm.everesttech.net/upi/?sid=YjD1CCXtw6VH7UAXjHCH&cs=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_push&google_sc&google_hm=WS1KcXZRQUdvUXpEZFFCaA

Request Chain 498

https://pixel.quantserve.com/seg/r;a=p-T1mksRPv1rGRh;rand=-746748808518054223;redirecturl=https%3A%2F%2Frtd-tm.everesttech.net%2Fupi%2Fextseg%2Fpid%2FPYUnd1ve%3Fsid%3D!qcsegs HTTP 302
https://rtd-tm.everesttech.net/upi/extseg/pid/PYUnd1ve?sid=D

Request Chain 500

https://sync.crwdcntrl.net/qmap?c=1811&tp=TBMG&tpid=&gdpr=0&gdpr_consent= HTTP 302
https://sync.crwdcntrl.net/qmap?c=1811&tp=TBMG&tpid=&gdpr=0&gdpr_consent=&ct=y

Request Chain 523

https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEJZDS0LxC0Bt5lM5hzuBgQI&google_cver=1&google_push=Aa02lx-fv9_s1WUOmVBXbriQ6rFudl1yufxPK-9GsVjuG-gKV4P_PfvwlxRvas3LLMuv9fkAlieFOrQobOu3A05hlSvQnbf1SPq90lg__1-P7nPRz2bS6Bj-C6bYxSQkdQpUVOvy6iB4LA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=v_9j8mq9QQCnyqSzGJ4ikg&google_push=Aa02lx-fv9_s1WUOmVBXbriQ6rFudl1yufxPK-9GsVjuG-gKV4P_PfvwlxRvas3LLMuv9fkAlieFOrQobOu3A05hlSvQnbf1SPq90lg__1-P7nPRz2bS6Bj-C6bYxSQkdQpUVOvy6iB4LA

Request Chain 524

https://rtb.openx.net/sync/dds?google_gid=CAESEPsUX9zz3B-cjbzbPpSROVQ&google_cver=1&google_push=Aa02lx8ByK7csr2DmhShoTPMm6lcXcswomwr-vtlu3vCA7KWVLBTwYr2lMzni6SW07FNpklPqSWNMJJzua-x7Ycoy1C-IuIc_-boR67GwgNGJTZPeoNnFflfFBFk-t0T_4vZNDc3unGG1w HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=Aa02lx8ByK7csr2DmhShoTPMm6lcXcswomwr-vtlu3vCA7KWVLBTwYr2lMzni6SW07FNpklPqSWNMJJzua-x7Ycoy1C-IuIc_-boR67GwgNGJTZPeoNnFflfFBFk-t0T_4vZNDc3unGG1w&google_hm=ZuN9rhDegmKLqfDlMkgoOQ==

Request Chain 525

https://b1sync.zemanta.com/usersync/googleadx/?google_gid=CAESEAtryB2KgbaIaWfhoRrnPEM&google_cver=1&google_push=Aa02lx-sIejY2CSBx93lNHVIUFfTRZAD9yC1-1ZDJ9AqufXsikykbyD2HDmlBMbtAN4YX5Aeu481suuSl-JFrSkDaaJahQyoognDlV7Wr1nlT5P0Sjq6982Mm7k9InGP3MjLcd43DgprKg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=Aa02lx-sIejY2CSBx93lNHVIUFfTRZAD9yC1-1ZDJ9AqufXsikykbyD2HDmlBMbtAN4YX5Aeu481suuSl-JFrSkDaaJahQyoognDlV7Wr1nlT5P0Sjq6982Mm7k9InGP3MjLcd43DgprKg&google_hm=SDZWT2xMaGFZSkN6YmpVU0dwSEE=

Request Chain 526

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEMafuTx78r9x8eoySWUzDeQ&google_cver=1&google_push=Aa02lx_85JS2yTMA-Jb36xU24KXZzyDWrvXDiClHTiM0sLYv9FNiQuvSxQIxwBY1U3Iq_z-uYBElmk3iaCpB3NjhsZ9gaNyW9kMUprG33ZW5rh_FqNgOtcnPk8oN_h-cjmqo52TkvJUzqiI HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=hdGcCXCVR16VyJ8p-Zr-gg%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=Aa02lx_85JS2yTMA-Jb36xU24KXZzyDWrvXDiClHTiM0sLYv9FNiQuvSxQIxwBY1U3Iq_z-uYBElmk3iaCpB3NjhsZ9gaNyW9kMUprG33ZW5rh_FqNgOtcnPk8oN_h-cjmqo52TkvJUzqiI

Request Chain 527

https://google.dap.fw-ad.jp/dsp/google/pixel?google_gid=CAESEMC-3bZGxIrO0v3WG5iXkgw&google_cver=1&google_push=Aa02lx_U66lxH0bUu-iFUkyKVWO33jxjDahrNgWnlBVPNTlXqSE6uELS5EKPOQEjgHp5uklq0nmNrnOC4jsVJb_pjtzASRGO4A-mxom_HNlsjzqy19ZzhiNs-x67nxQt3J80ZL6ZBY9SP9LH HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=docomo_ads_platform&google_push=Aa02lx_U66lxH0bUu-iFUkyKVWO33jxjDahrNgWnlBVPNTlXqSE6uELS5EKPOQEjgHp5uklq0nmNrnOC4jsVJb_pjtzASRGO4A-mxom_HNlsjzqy19ZzhiNs-x67nxQt3J80ZL6ZBY9SP9LH&google_hm=NDMzMzdiMTAtMjZjMC0zYTRhLTk5MWEtOTlhMzQ2OWRkOTMy

Request Chain 528

https://b1sync.zemanta.com/usersync/googleopenbidding/?google_gid=CAESEBWlCkuhh2hLRf5huXm6xe0&google_cver=1&google_push=Aa02lx9uPoEY3ZdbComdoQnBPeuk_kNrMYPtpZIjBwS8zDYJO676C7MKJG00t2IPkMz4faI-ZzsfixNNo_nOs-KYEzEwUW2IW63tgxsVx5hJhyxGDnGWUHtxiZVx1UpTU9wZ-l9B_8FQwtJ- HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=outbrain_eb&google_push=Aa02lx9uPoEY3ZdbComdoQnBPeuk_kNrMYPtpZIjBwS8zDYJO676C7MKJG00t2IPkMz4faI-ZzsfixNNo_nOs-KYEzEwUW2IW63tgxsVx5hJhyxGDnGWUHtxiZVx1UpTU9wZ-l9B_8FQwtJ-&google_hm=SDZWT2xMaGFZSkN6YmpVU0dwSEE=

Request Chain 529

https://trace.mediago.io/cs/google?google_gid=CAESEPF4rA3Zn7ihx0RELTP36Ms&google_cver=1&google_push=Aa02lx8F3pINYOABp-eFbsWT96kEE6h13TOlp1xaURkV91UIi3_esFBSmq5952IRKRORzTiX9wGM_gkpkFlfhp4YXj1rmwWF3W_cjn52Kq45ojXpVylqBnyjR5I6s0WQHa9lzX-m_EKyAIgN HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=baidu_mediago&google_push=Aa02lx8F3pINYOABp-eFbsWT96kEE6h13TOlp1xaURkV91UIi3_esFBSmq5952IRKRORzTiX9wGM_gkpkFlfhp4YXj1rmwWF3W_cjn52Kq45ojXpVylqBnyjR5I6s0WQHa9lzX-m_EKyAIgN&google_hm=23cad0a1f571502cb566d5409449a8c0

Request Chain 631

https://ipac.ctnsnet.com/int/cm?exc=14&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA%3D%26piggybackCookie%3D%5Buser_id%5D HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=43281262af9e4dacbcc0d6cd1dfc3741

Request Chain 632

https://pm.w55c.net/ping_match.gif?ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:BkkwXAyr1PtOs55&gdpr=0&gdpr_consent=

Request Chain 633

https://cm-supply-web.gammaplatform.com/adx/usersyncsupply?pid=7&t=pixel HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTkmdGw9NDMyMDA=&piggybackCookie=1dc34205bjy0

Request Chain 634

https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent= HTTP 302
https://sync.1rx.io/usersync2/pubmatic?zcc=1&cb=1676831424236 HTTP 302
https://ad.turn.com/r/cs?pid=45&rndcb=2153387325 HTTP 302
https://sync.1rx.io/usersync/turn/7626325209235729978?dspret=1&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
https://sync.targeting.unrulymedia.com/csync/RX-0da3ebde-8a55-4432-a15e-90d171b0f3cf-004?redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA%3D%26piggybackCookie%3DRX-0da3ebde-8a55-4432-a15e-90d171b0f3cf-004 HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-0da3ebde-8a55-4432-a15e-90d171b0f3cf-004

Request Chain 637

https://csync.loopme.me/?pubid=11331&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={viewer_token} HTTP 307
https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}

Request Chain 640

https://pixel.tapad.com/idsync/ex/receive?partner_id=3371&partner_device_id=85D19C09-7095-475E-95C8-9F29F99AFE82 HTTP 302
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3371&partner_device_id=85D19C09-7095-475E-95C8-9F29F99AFE82 HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=fc27f817-c102-45be-a4a9-946d92ae0cbe%252C%252C&gdpr=0&gdpr_consent= HTTP 302
https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=f91d4e2a-9548-4c26-a952-3061050615ad&ttd_puid=fc27f817-c102-45be-a4a9-946d92ae0cbe%2C%2C

Request Chain 641

https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID} HTTP 302
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}

Request Chain 642

https://um.simpli.fi/pm_match?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:A04CF4C630214E7CB0E94D2E6C11D176&gdpr=0&gdpr_consent=

Request Chain 643

https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID} HTTP 302
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}

Request Chain 644

https://um.simpli.fi/pm_match?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:A04CF4C630214E7CB0E94D2E6C11D176&gdpr=0&gdpr_consent=

Request Chain 686

https://ads.aralego.com/cookiesync HTTP 301
https://cdn.aralego.net/ucfad/sdk/apac-sg/cookiesync

Request Chain 689

https://sync.aralego.com/idsync?usprivacy=1---& HTTP 302
https://pr-bh.ybp.yahoo.com/sync/ucfunnel/8d500d4b-2bae-3e4a-9c52-d5b9e4fc53a0?gdpr=0&euconsent= HTTP 302
https://sync.aralego.com/idsync?ucf_nid=dsp-AE38A6E4BB372DE1838A748E89487D9&ucf_user_id=y-IUITlCxE2oWGM4zUcaERRAmBcDHT3lAmfmQHPhk-~A&redirect= HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=nwuslum&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
https://sync.aralego.com/idsync?ucf_nid=dsp-9A2296D7D389BBA3144262983D2B9AEB&ucf_user_id=f91d4e2a-9548-4c26-a952-3061050615ad HTTP 302
https://x.bidswitch.net/sync?ssp=ucfunnel&user_id=8d500d4b-2bae-3e4a-9c52-d5b9e4fc53a0&gdpr=0&gdpr_consent= HTTP 302
https://dis.criteo.com/dis/usersync.aspx?r=25&p=52&dis=0&gdpr=0&gdpr_consent=&url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D462%26ssp%3Ducfunnel%26user_id%3D%40%40CRITEO_USERID%40%40 HTTP 302
https://x.bidswitch.net/sync?dsp_id=462&ssp=ucfunnel&user_id=k-TuTcRrOCY_fOXrHhclGofaSg9tao7h2gsbr5sg&gdpr=0&gdpr_consent= HTTP 302
https://sync.aralego.com/idSync?redirect=&ucf_nid=dsp-6AABDA2D3AA6EAD1E94E9442DE6444A&ucf_user_id=91f5f182-b782-4407-985c-6593dbbf178e HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=ucfunnel&google_hm=OGQ1MDBkNGItMmJhZS0zZTRhLTljNTItZDViOWU0ZmM1M2Ew&google_redir=https%3A%2F%2Fcdn.aralego.net%2Fimg%2F1x1.png HTTP 302
https://cdn.aralego.net/img/1x1.png

699 HTTP transactions
7 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request / Show response
www.sanook.com/horoscope/73929/
Redirect Chain

http://gg.gg/139z1t
https://www.sanook.com/horoscope/73929/

361 KB
62 KB

2664ms
2451ms

Document
text/html

61.91.93.41
TRUEINTERNET-AS-A...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.sanook.com/horoscope/73929/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

61.91.93.41 Nonthaburi, Thailand, ASN7470 (TRUEINTERNET-AS-AP TRUE INTERNET Co.,Ltd., TH),

Reverse DNS

61-91-93-41.static.asianet.co.th

Software

nginx /

Resource Hash

11c0f659526b852a7eb6155d27afaef8dfabb60764e158953c8f917ceed19d96

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains;

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

Cache-Control: must-revalidate
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html; charset=utf-8
Date: Sun, 19 Feb 2023 18:30:18 GMT
SN-Cache-Status: MISS
Server: nginx
Strict-Transport-Security: max-age=15724800; includeSubDomains;
Transfer-Encoding: chunked
Vary: Accept-Encoding User-Agent
X-Ua-Device: desktop
X-Ua-Exp: notset
X-Ua-Key: cover_display
X-Ua-Type: human
X-Ua-isExpReadpage: 0
X-Ua-shouldPass: 0

Redirect headers

Cache-Control: no-store, no-cache, must-revalidate post-check=0, pre-check=0
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html; charset=UTF-8
Date: Sun, 19 Feb 2023 18:30:15 GMT
Expires: Mon, 26 Jul 1997 05:00:00 GMT
Keep-Alive: timeout=60
Last-Modified: Sun, 19 Feb 2023 18:30:15 GMT
Location: https://www.sanook.com/horoscope/73929/
Pragma: no-cache
Server: ddos-guard
Transfer-Encoding: chunked
Vary: Accept-Encoding
X-Powered-By: PHP/5.3.3

GET
H2 200 pubmatic_desktop.1.0.0.js Show response
s.isanook.com/sh/0/js/ 1 KB
747 B 532ms
5ms Script
application/javascript 43.132.81.184
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to

Full URL: https://s.isanook.com/sh/0/js/pubmatic_desktop.1.0.0.js
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/horoscope/73929/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 43.132.81.184 , Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: Lego Server /
Resource Hash: f5c2cea9fb4541a86979fdf18bb69f11555678d14a9d0b9be1758b65d180553b

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 16 Feb 2023 07:19:31 GMT
content-encoding: gzip
x-cache-lookup: Cache Hit
x-original-content-length: 1087
server: Lego Server
age: 1217406
etag: W/"5afbec11-43f"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-nws-log-uuid: 15255555651918109209
accept-ranges: bytes
content-length: 550
expires: Fri, 03 Mar 2023 07:29:44 GMT

GET
H2 200 publishertag.js Show response
static.criteo.net/js/ld/ 121 KB
40 KB 15ms
5ms Script
text/javascript 2406:2600:7:100::1
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.js

Requested by

Host: www.sanook.com
URL: https://www.sanook.com/horoscope/73929/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2406:2600:7:100::1 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

nginx /

Resource Hash

7a95d6f6c1968d6c76eaff43c82dfc93acc89a9989fdc0eb2d215e3e1be4ebae

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sun, 19 Feb 2023 18:30:18 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Mon, 13 Feb 2023 18:43:00 GMT
server: nginx
etag: W/"63ea84b4-1e297"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 20 Feb 2023 18:30:18 GMT

GET
H2 200 beacon.v1.js Show response
p3.isanook.com/sh/0/js/ 319 B
438 B 498ms
3ms Script
application/javascript 43.132.80.30
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to

Full URL: https://p3.isanook.com/sh/0/js/beacon.v1.js
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/horoscope/73929/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 43.132.80.30 , Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: Lego Server /
Resource Hash: 7884ea512c3977a6c9bfa2835b3fd5200d2760b691d0ed3adf02adf271808359

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sun, 19 Feb 2023 18:30:18 GMT
content-encoding: gzip
x-cache-lookup: Cache Hit, Hit From Inner Cluster
server: Lego Server
etag: W/"PSA-aj-wjZq0flWx2"
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=1708947
x-nws-log-uuid: 8084844366628528222
accept-ranges: bytes
content-length: 239

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 214 KB
69 KB 505ms
486ms Script
application/javascript 2404:6800:4003:c0f::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-PNXLXRS

Requested by

Host: www.sanook.com
URL: https://www.sanook.com/horoscope/73929/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c0f::61 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

d867519ecff5bbdddff6680a475048d847ab38dc56ee334a5a94c1b492a9cb52

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sun, 19 Feb 2023 18:30:19 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 70295
x-xss-protection: 0
last-modified: Sun, 19 Feb 2023 18:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sun, 19 Feb 2023 18:30:19 GMT

GET
H2 200 d0004449.js Show response
lvs2.truehits.in.th/dataa/ 9 KB
9 KB 594ms
28ms Script
application/x-javascript 203.154.58.214
INET-TH-AS Intern...

General

Check archive.org

Show headers Download Go to

Full URL: https://lvs2.truehits.in.th/dataa/d0004449.js
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/horoscope/73929/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 203.154.58.214 , Thailand, ASN4618 (INET-TH-AS Internet Thailand Company Limited, TH),
Reverse DNS: 203-154-58-214.northern.inet.co.th
Software: nginx/1.23.3 /
Resource Hash: fe8db9fa3feadd6e53dc094626a209c8ac4f3c389ae1ce278454fac2f12195e5

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sun, 19 Feb 2023 18:30:19 GMT
last-modified: Thu, 16 Feb 2023 07:02:00 GMT
server: nginx/1.23.3
p3p: CP=NOI DSP COR NID ADMa OUR IND NAV; policyref="/w3c/p3p.xml"
content-type: application/x-javascript
cache-control: max-age=604800
content-length: 8719
expires: Sun, 26 Feb 2023 18:30:19 GMT

GET
H/1.1 200
OK a102.js Show response
sal.isanook.com/js/ 23 KB
24 KB 617ms
30ms Script
application/javascript 61.91.94.165
TRUEINTERNET-AS-A...

General

Check archive.org

Show headers Download Go to

Full URL: https://sal.isanook.com/js/a102.js
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/horoscope/73929/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 61.91.94.165 Nonthaburi, Thailand, ASN7470 (TRUEINTERNET-AS-AP TRUE INTERNET Co.,Ltd., TH),
Reverse DNS: 61-91-94-165.static.asianet.co.th
Software: nginx /
Resource Hash: 65a2c51a124c9c70ba2658a101e28c00535c64651897577b2ed90693e9aeabd4

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date: Sun, 19 Feb 2023 18:30:19 GMT
Last-Modified: Mon, 10 Aug 2020 09:23:14 GMT
Server: nginx
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 24035
Expires: Tue, 21 Mar 2023 18:30:19 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 106 KB
28 KB 486ms
468ms Script
application/x-javascript 2a03:2880:f00c:300:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.sanook.com
URL: https://www.sanook.com/horoscope/73929/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f00c:300:face:b00c:0:3 , Singapore, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

dca9b6afcb6c37d6a32456973fe5f2986a348a70d11774e102de6fc420992a19

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Sun, 19 Feb 2023 18:30:18 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 27843
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: 6RwOCS3WMyeNwYGL0J58mMSsnguwMpWZY+RH8Q+95J2x1+K/gPFzxJ9vVQFUpe8mn6C3U4w+PXOJlnr/UBOgoA==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-trip-id: 548340344
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 d8d1b00cf00f64a71e20.css
s.isanook.com/sr/0/_next/static/css/ 41 KB
9 KB 506ms
5ms Stylesheet
text/css 43.132.81.184
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to

Full URL: https://s.isanook.com/sr/0/_next/static/css/d8d1b00cf00f64a71e20.css
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/horoscope/73929/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 43.132.81.184 , Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: Lego Server /
Resource Hash: 3de142295f7b674b9278f666a680137b174912558131cdabe389d362eb3cfdef

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 16 Feb 2023 07:22:23 GMT
content-encoding: gzip
x-cache-lookup: Cache Hit
x-original-content-length: 42325
server: Lego Server
age: 1133332
etag: W/"63db6c85-a555"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
x-nws-log-uuid: 11743205738059333314
accept-ranges: bytes
content-length: 8767
expires: Sun, 05 Mar 2023 04:07:36 GMT

GET
H2 200 1216-75cdf64a6bee3b4a0f08.js Show response
s.isanook.com/sr/0/_next/static/chunks/ 7 KB
3 KB 500ms
6ms Script
application/javascript 43.132.81.184
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to

Full URL: https://s.isanook.com/sr/0/_next/static/chunks/1216-75cdf64a6bee3b4a0f08.js
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/horoscope/73929/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 43.132.81.184 , Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: Lego Server /
Resource Hash: c874f708f5b975cd971bc4b89f3a432a46121a549273f79c0e1363ef54001157

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 16 Feb 2023 07:22:23 GMT
content-encoding: gzip
x-cache-lookup: Cache Hit
last-modified: Fri, 20 Jan 2023 14:14:11 GMT
server: Lego Server
age: 2223604
etag: W/"63caa1b3-1ad7"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000
x-nws-log-uuid: 14179225886273887224
accept-ranges: bytes
content-length: 2560
expires: Mon, 20 Feb 2023 13:42:20 GMT

GET
H2 200 617-5cad0d06573dab8c8b0a.js Show response
s.isanook.com/sr/0/_next/static/chunks/ 16 KB
5 KB 500ms
6ms Script
application/javascript 43.132.81.184
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to

Full URL: https://s.isanook.com/sr/0/_next/static/chunks/617-5cad0d06573dab8c8b0a.js
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/horoscope/73929/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 43.132.81.184 , Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: Lego Server /
Resource Hash: 68551662722fe4ed510f4d33fd3aee3dea77c47dff7584e8c50d1dc9241f22df

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 16 Feb 2023 07:22:23 GMT
content-encoding: gzip
x-cache-lookup: Cache Hit
x-original-content-length: 16291
server: Lego Server
age: 1200043
etag: W/"63db6c85-3fa3"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000
x-nws-log-uuid: 8989516098700534816
accept-ranges: bytes
content-length: 4577
expires: Sat, 04 Mar 2023 10:01:12 GMT

GET
H2 200 1033-31010cf766d7416adbae.js Show response
s.isanook.com/sr/0/_next/static/chunks/ 8 KB
3 KB 500ms
7ms Script
application/javascript 43.132.81.184
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to

Full URL: https://s.isanook.com/sr/0/_next/static/chunks/1033-31010cf766d7416adbae.js
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/horoscope/73929/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 43.132.81.184 , Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: Lego Server /
Resource Hash: 408d7c817bb914e45a637946c84034557c79acba44f7b0bb3d95d23a992859a2

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 16 Feb 2023 07:22:23 GMT
content-encoding: gzip
x-cache-lookup: Cache Hit
x-original-content-length: 7753
server: Lego Server
age: 1200470
etag: W/"63d88b54-1e49"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-nws-log-uuid: 12800482629427356908
accept-ranges: bytes
content-length: 2480
expires: Sat, 04 Mar 2023 07:16:06 GMT

GET
H2 200 5886-0250f3a1d32ffcdd3e37.js Show response
s.isanook.com/sr/0/_next/static/chunks/ 80 KB
26 KB 501ms
8ms Script
application/javascript 43.132.81.184
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to

Full URL: https://s.isanook.com/sr/0/_next/static/chunks/5886-0250f3a1d32ffcdd3e37.js
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/horoscope/73929/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 43.132.81.184 , Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: Lego Server /
Resource Hash: 0efc2b3150feea54abc6285d834aaea36661ffd5acb56047656748c731d12330

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 16 Feb 2023 07:37:17 GMT
content-encoding: gzip
x-cache-lookup: Cache Hit
x-original-content-length: 82185
server: Lego Server
age: 0
etag: W/"63edb359-14109"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-nws-log-uuid: 16123318871835024449
accept-ranges: bytes
content-length: 26131
expires: Sat, 18 Mar 2023 07:37:17 GMT

GET
H2 200 4618-3d771c0818823fd8f756.js Show response
s.isanook.com/sr/0/_next/static/chunks/ 84 KB
25 KB 16ms
4ms Script
application/javascript 43.132.81.184
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to

Full URL: https://s.isanook.com/sr/0/_next/static/chunks/4618-3d771c0818823fd8f756.js
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/horoscope/73929/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 43.132.81.184 , Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: Lego Server /
Resource Hash: 2267c122ec0dda33597b1c2b0507c64b8bdba8400ed9e3f47de4d1f436d83f9a

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 16 Feb 2023 07:22:24 GMT
content-encoding: gzip
x-cache-lookup: Cache Hit
x-original-content-length: 85859
server: Lego Server
age: 1200005
etag: W/"63db6c83-14f63"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000
x-nws-log-uuid: 11460475195624040124
accept-ranges: bytes
content-length: 24982
expires: Sat, 04 Mar 2023 10:02:04 GMT

GET
H2 200 5884-96c7c5b8d105dc707520.js Show response
s.isanook.com/sr/0/_next/static/chunks/ 13 KB
4 KB 17ms
5ms Script
application/javascript 43.132.81.184
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to

Full URL: https://s.isanook.com/sr/0/_next/static/chunks/5884-96c7c5b8d105dc707520.js
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/horoscope/73929/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 43.132.81.184 , Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: Lego Server /
Resource Hash: 5c360f4a08727f0dbb9b0452830cb058ff02f8bd09d8e775bfc267655374e186

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 16 Feb 2023 07:22:23 GMT
content-encoding: gzip
x-cache-lookup: Cache Hit
x-original-content-length: 13796
server: Lego Server
age: 1200051
etag: W/"63db6c84-35e4"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-nws-log-uuid: 8800067852843883493
accept-ranges: bytes
content-length: 4353
expires: Sat, 04 Mar 2023 10:01:14 GMT

GET
H2 200 6323.0d4033044e074e7cb7f6.js Show response
s.isanook.com/sr/0/_next/static/chunks/ 9 KB
3 KB 16ms
4ms Script
application/javascript 43.132.81.184
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to

Full URL: https://s.isanook.com/sr/0/_next/static/chunks/6323.0d4033044e074e7cb7f6.js
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/horoscope/73929/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 43.132.81.184 , Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: Lego Server /
Resource Hash: 39c47a0e7a392df4b06d956a78178d60c9ab7759caf41871ed7cf52b29408954

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 16 Feb 2023 07:22:23 GMT
content-encoding: gzip
x-cache-lookup: Cache Hit
x-original-content-length: 9329
server: Lego Server
age: 1133703
etag: W/"63db6c84-2471"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-nws-log-uuid: 4233273336841771406
accept-ranges: bytes
content-length: 3342
expires: Sun, 05 Mar 2023 04:07:22 GMT

GET
H2 200 2182-2de900c55b59a3a8ff15.js Show response
s.isanook.com/sr/0/_next/static/chunks/ 17 KB
4 KB 27ms
15ms Script
application/javascript 43.132.81.184
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to

Full URL: https://s.isanook.com/sr/0/_next/static/chunks/2182-2de900c55b59a3a8ff15.js
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/horoscope/73929/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 43.132.81.184 , Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: Lego Server /
Resource Hash: 7cea76adea490a4845fe50f4896a60e5d1c64f37a9fd09a2211f5ce4315d245a

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 16 Feb 2023 07:22:23 GMT
content-encoding: gzip
x-cache-lookup: Cache Hit
x-original-content-length: 16975
server: Lego Server
age: 1221624
etag: W/"63d88b56-424f"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-nws-log-uuid: 6714268034077885344
accept-ranges: bytes
content-length: 3742
expires: Sat, 04 Mar 2023 04:01:23 GMT

GET
H2 200 7634-f7929061765179e37183.js Show response
s.isanook.com/sr/0/_next/static/chunks/ 14 KB
3 KB 16ms
4ms Script
application/javascript 43.132.81.184
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to

Full URL: https://s.isanook.com/sr/0/_next/static/chunks/7634-f7929061765179e37183.js
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/horoscope/73929/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 43.132.81.184 , Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: Lego Server /
Resource Hash: 5e6978ffa2a85fbd655b559ddf78df5f0795f4a3d57563a875f5543e480e9485

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 16 Feb 2023 07:22:24 GMT
content-encoding: gzip
x-cache-lookup: Cache Hit
x-original-content-length: 14059
server: Lego Server
age: 605281
etag: W/"63e46632-36eb"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-nws-log-uuid: 893336765549304323
accept-ranges: bytes
content-length: 2565
expires: Sat, 11 Mar 2023 06:36:13 GMT

GET
H2 200 3410-9fd10924631dd94a6d1c.js Show response
s.isanook.com/sr/0/_next/static/chunks/ 20 KB
5 KB 123ms
111ms Script
application/javascript 43.132.81.184
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to

Full URL: https://s.isanook.com/sr/0/_next/static/chunks/3410-9fd10924631dd94a6d1c.js
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/horoscope/73929/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 43.132.81.184 , Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: Lego Server /
Resource Hash: a6cf4e0ef9fa396d78b13f35a328dfe602d8d93b92d61c13edff00f837afd7cb

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 16 Feb 2023 07:22:24 GMT
content-encoding: gzip
x-cache-lookup: Cache Hit
x-original-content-length: 20634
server: Lego Server
age: 618780
etag: W/"63e46632-509a"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-nws-log-uuid: 15969125539251453804
accept-ranges: bytes
content-length: 4688
expires: Sat, 11 Mar 2023 03:28:19 GMT

GET
H2 200 1039-bbefb9847aaa49345498.js Show response
s.isanook.com/sr/0/_next/static/chunks/ 16 KB
4 KB 19ms
7ms Script
application/javascript 43.132.81.184
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to

Full URL: https://s.isanook.com/sr/0/_next/static/chunks/1039-bbefb9847aaa49345498.js
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/horoscope/73929/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 43.132.81.184 , Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: Lego Server /
Resource Hash: 5fa4098b1bb9d1bb396d20e9b47bc2cc36577c777179698e6ceba8a88f21afb3

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 16 Feb 2023 07:22:24 GMT
content-encoding: gzip
x-cache-lookup: Cache Hit
x-original-content-length: 16481
server: Lego Server
age: 1221360
etag: W/"63d88b55-4061"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-nws-log-uuid: 6072435568356105327
accept-ranges: bytes
content-length: 3566
expires: Sat, 04 Mar 2023 04:05:26 GMT

GET
H2 200 2995-71ba132be664ea70ff78.js Show response
s.isanook.com/sr/0/_next/static/chunks/ 15 KB
4 KB 17ms
5ms Script
application/javascript 43.132.81.184
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to

Full URL: https://s.isanook.com/sr/0/_next/static/chunks/2995-71ba132be664ea70ff78.js
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/horoscope/73929/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 43.132.81.184 , Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: Lego Server /
Resource Hash: 6b4ee410e7cc276b85b2549c35335ba435602bb6ed2854104cc3c1d576d0cff8

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Fri, 17 Feb 2023 03:22:53 GMT
content-encoding: gzip
x-cache-lookup: Cache Hit
last-modified: Fri, 17 Feb 2023 03:06:38 GMT
server: Lego Server
age: 268
etag: W/"63eeef3e-3d8f"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000, s-maxage=10
x-nws-log-uuid: 17799662062885137070
accept-ranges: bytes
content-length: 4035
expires: Fri, 17 Feb 2023 03:22:54 GMT

GET
H2 200 930-951e54f6b8074782c4f7.js Show response
s.isanook.com/sr/0/_next/static/chunks/ 54 KB
9 KB 45ms
33ms Script
application/javascript 43.132.81.184
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to

Full URL: https://s.isanook.com/sr/0/_next/static/chunks/930-951e54f6b8074782c4f7.js
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/horoscope/73929/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 43.132.81.184 , Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: Lego Server /
Resource Hash: 60c490cfa74d9ddec319406ec6575e666c410602935ebd9c5a6e628c8d8c40c9

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 16 Feb 2023 07:22:24 GMT
content-encoding: gzip
x-cache-lookup: Cache Hit
x-original-content-length: 55565
server: Lego Server
age: 88436
etag: W/"63ec4a1f-d90d"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-nws-log-uuid: 8021773733698250951
accept-ranges: bytes
content-length: 9144
expires: Fri, 17 Mar 2023 06:06:47 GMT

GET
H2 200 6310-827ad3199657796bf791.js Show response
s.isanook.com/sr/0/_next/static/chunks/ 71 KB
13 KB 18ms
6ms Script
application/javascript 43.132.81.184
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to

Full URL: https://s.isanook.com/sr/0/_next/static/chunks/6310-827ad3199657796bf791.js
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/horoscope/73929/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 43.132.81.184 , Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: Lego Server /
Resource Hash: 2026892d7720bb0312201ce3674e3f0ae8db34ffadbb9ba7fb79f2e80b224a60

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Fri, 17 Feb 2023 03:24:08 GMT
content-encoding: gzip
x-cache-lookup: Cache Hit
x-original-content-length: 72867
server: Lego Server
age: 98
etag: W/"63eeef3e-11ca3"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000
x-nws-log-uuid: 15737539630459167969
accept-ranges: bytes
content-length: 12554
expires: Sun, 19 Mar 2023 03:18:25 GMT

GET
H2 200 6295-abaa783086c2fbc07917.js Show response
s.isanook.com/sr/0/_next/static/chunks/ 12 KB
4 KB 17ms
6ms Script
application/javascript 43.132.81.184
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to

Full URL: https://s.isanook.com/sr/0/_next/static/chunks/6295-abaa783086c2fbc07917.js
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/horoscope/73929/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 43.132.81.184 , Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: Lego Server /
Resource Hash: 3609f7ec58d2e4536a4287ccacfd71b0f1785da88eaa76a1606ff921c9a9067f

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 16 Feb 2023 07:22:24 GMT
content-encoding: gzip
x-cache-lookup: Cache Hit
x-original-content-length: 12269
server: Lego Server
age: 1200023
etag: W/"63db6c84-2fed"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-nws-log-uuid: 3892888920198482308
accept-ranges: bytes
content-length: 3684
expires: Sat, 04 Mar 2023 09:41:53 GMT

GET
H2 200 7815.8bd93ed3d17e289d74af.js Show response
s.isanook.com/sr/0/_next/static/chunks/ 178 KB
34 KB 18ms
6ms Script
application/javascript 43.132.81.184
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to

Full URL: https://s.isanook.com/sr/0/_next/static/chunks/7815.8bd93ed3d17e289d74af.js
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/horoscope/73929/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 43.132.81.184 , Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: Lego Server /
Resource Hash: b26da83bfae94faf5326072ab9373afdee8a2afb2fe35f5ee645b4b2d9619c9b

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Fri, 17 Feb 2023 10:53:47 GMT
content-encoding: gzip
x-cache-lookup: Cache Hit
last-modified: Fri, 17 Feb 2023 04:34:36 GMT
server: Lego Server
age: 0
etag: "63ef03dc-2c904"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000, s-maxage=10
x-nws-log-uuid: 12411393285278368398
accept-ranges: bytes
content-length: 34798
expires: Sun, 19 Mar 2023 10:53:47 GMT

GET
H2 200 2043.be10e3e5f3854c874df3.js Show response
s.isanook.com/sr/0/_next/static/chunks/ 16 KB
4 KB 18ms
7ms Script
application/javascript 43.132.81.184
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to

Full URL: https://s.isanook.com/sr/0/_next/static/chunks/2043.be10e3e5f3854c874df3.js
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/horoscope/73929/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 43.132.81.184 , Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: Lego Server /
Resource Hash: 7954a0d6f2c6dd81496228d5665194d0c0aa4c33e1516c79ba8db0b37b116f5b

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 16 Feb 2023 07:22:24 GMT
content-encoding: gzip
x-cache-lookup: Cache Hit
x-original-content-length: 16389
server: Lego Server
age: 451139
etag: W/"63e62e65-4005"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-nws-log-uuid: 5143076998074728585
accept-ranges: bytes
content-length: 3812
expires: Mon, 13 Mar 2023 01:20:15 GMT

GET
H2 200 1957.230045db2214f3f83ace.js Show response
s.isanook.com/sr/0/_next/static/chunks/ 220 KB
36 KB 17ms
5ms Script
application/javascript 43.132.81.184
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to

Full URL: https://s.isanook.com/sr/0/_next/static/chunks/1957.230045db2214f3f83ace.js
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/horoscope/73929/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 43.132.81.184 , Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: Lego Server /
Resource Hash: 4ae41d760def3cc2d97d5b4840df6d8b6864b9ec8d9a51f9724b417ba273e476

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Fri, 17 Feb 2023 03:18:24 GMT
content-encoding: gzip
x-cache-lookup: Cache Hit
x-original-content-length: 225354
server: Lego Server
age: 108
etag: W/"63eeef3f-3704a"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-nws-log-uuid: 8295247025148066387
accept-ranges: bytes
content-length: 36788
expires: Sun, 19 Mar 2023 03:18:24 GMT

GET
H2 200 webpack-edc13bdae358b1494d8e.js Show response
s.isanook.com/sr/0/_next/static/chunks/ 8 KB
4 KB 47ms
36ms Script
application/javascript 43.132.81.184
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to

Full URL: https://s.isanook.com/sr/0/_next/static/chunks/webpack-edc13bdae358b1494d8e.js
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/horoscope/73929/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 43.132.81.184 , Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: Lego Server /
Resource Hash: 0358db7a8fa7db919507565f0e808ab572d7b59c66296acb07f82c97c7d93692

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Fri, 17 Feb 2023 05:04:03 GMT
content-encoding: gzip
x-cache-lookup: Cache Hit
x-original-content-length: 7760
server: Lego Server
age: 0
etag: W/"63ef03de-1e50"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-nws-log-uuid: 9021500671768473302
accept-ranges: bytes
content-length: 4017
expires: Sun, 19 Mar 2023 05:04:03 GMT

GET
H2 200 framework-bccd505f411f10b308c7.js Show response
s.isanook.com/sr/0/_next/static/chunks/ 147 KB
45 KB 30ms
18ms Script
application/javascript 43.132.81.184
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to

Full URL: https://s.isanook.com/sr/0/_next/static/chunks/framework-bccd505f411f10b308c7.js
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/horoscope/73929/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 43.132.81.184 , Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: Lego Server /
Resource Hash: e16941500a7e562826092aa4e31a907a0c6e9354e4c843391cd3fdec33602bb1

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 16 Feb 2023 07:22:23 GMT
content-encoding: gzip
x-cache-lookup: Cache Hit
x-original-content-length: 150360
server: Lego Server
age: 1200044
etag: W/"63db6c85-24b58"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-nws-log-uuid: 15134123528118418705
accept-ranges: bytes
content-length: 45664
expires: Sat, 04 Mar 2023 10:01:12 GMT

GET
H2 200 main-bcf4d111f618a82e6a4e.js Show response
s.isanook.com/sr/0/_next/static/chunks/ 75 KB
23 KB 27ms
15ms Script
application/javascript 43.132.81.184
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to

Full URL: https://s.isanook.com/sr/0/_next/static/chunks/main-bcf4d111f618a82e6a4e.js
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/horoscope/73929/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 43.132.81.184 , Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: Lego Server /
Resource Hash: 1c4ab2f8971959b6a8e4375092eacd41007a97c2078e14af4dd43fdfea43bb6a

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 16 Feb 2023 18:28:09 GMT
content-encoding: gzip
x-cache-lookup: Cache Hit
x-original-content-length: 76530
server: Lego Server
age: 1173670
etag: W/"63db6c85-12af2"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-nws-log-uuid: 10564194037692702667
accept-ranges: bytes
content-length: 23805
expires: Sun, 05 Mar 2023 04:07:28 GMT

GET
H2 200 _app-0dcb0f848029a84e4847.js Show response
s.isanook.com/sr/0/_next/static/chunks/pages/ 748 KB
176 KB 34ms
23ms Script
application/javascript 43.132.81.184
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to

Full URL: https://s.isanook.com/sr/0/_next/static/chunks/pages/_app-0dcb0f848029a84e4847.js
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/horoscope/73929/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 43.132.81.184 , Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: Lego Server /
Resource Hash: 7533289d707ced7a9e63e2c4affb70de2faf9ac1dfd33e3e473148245192d8b3

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Fri, 17 Feb 2023 03:08:49 GMT
content-encoding: gzip
x-cache-lookup: Cache Hit
x-original-content-length: 766452
server: Lego Server
age: 230
etag: W/"63eeef3f-bb1f4"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-nws-log-uuid: 9179485144378255092
accept-ranges: bytes
content-length: 179550
expires: Sun, 19 Mar 2023 03:08:49 GMT

GET
H2 200 2641-f644de276003517d4cf1.js Show response
s.isanook.com/sr/0/_next/static/chunks/ 29 KB
8 KB 61ms
50ms Script
application/javascript 43.132.81.184
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to

Full URL: https://s.isanook.com/sr/0/_next/static/chunks/2641-f644de276003517d4cf1.js
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/horoscope/73929/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 43.132.81.184 , Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: Lego Server /
Resource Hash: 347a1a93f15f2e4e49ec4956179590048c292cab68669b230759e5652eaefd65

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 16 Feb 2023 07:22:23 GMT
content-encoding: gzip
x-cache-lookup: Cache Hit
x-original-content-length: 30055
server: Lego Server
age: 1200473
etag: W/"63db6c84-7567"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-nws-log-uuid: 8612771581900460056
accept-ranges: bytes
content-length: 7692
expires: Sat, 04 Mar 2023 09:44:37 GMT

GET
H2 200 6261-83d84d8a907c771b925e.js Show response
s.isanook.com/sr/0/_next/static/chunks/ 29 KB
7 KB 30ms
18ms Script
application/javascript 43.132.81.184
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to

Full URL: https://s.isanook.com/sr/0/_next/static/chunks/6261-83d84d8a907c771b925e.js
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/horoscope/73929/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 43.132.81.184 , Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: Lego Server /
Resource Hash: 7874f5de129953916f7fff8debfc15f90f17e8b8138e209c93368106cfb24a95

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 16 Feb 2023 07:22:23 GMT
content-encoding: gzip
x-cache-lookup: Cache Hit
x-original-content-length: 29416
server: Lego Server
age: 1200554
etag: W/"63db6c84-72e8"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-nws-log-uuid: 4027089639630728482
accept-ranges: bytes
content-length: 6704
expires: Sat, 04 Mar 2023 09:44:37 GMT

GET
H2 200 9669-b56602280eb9384c191d.js Show response
s.isanook.com/sr/0/_next/static/chunks/ 13 KB
5 KB 35ms
23ms Script
application/javascript 43.132.81.184
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to

Full URL: https://s.isanook.com/sr/0/_next/static/chunks/9669-b56602280eb9384c191d.js
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/horoscope/73929/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 43.132.81.184 , Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: Lego Server /
Resource Hash: 9cd0cf9358f6d9ef9aecc29466faba4f8f2f5b9a79f03be60e6b220558fd4340

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 16 Feb 2023 07:22:23 GMT
content-encoding: gzip
x-cache-lookup: Cache Hit
x-original-content-length: 13794
server: Lego Server
age: 1200700
etag: W/"63db6c83-35e2"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-nws-log-uuid: 1464141038930715027
accept-ranges: bytes
content-length: 4712
expires: Sat, 04 Mar 2023 09:44:37 GMT

GET
H2 200 1354-e6e263fd45386d27bc3d.js Show response
s.isanook.com/sr/0/_next/static/chunks/ 50 KB
16 KB 30ms
19ms Script
application/javascript 43.132.81.184
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to

Full URL: https://s.isanook.com/sr/0/_next/static/chunks/1354-e6e263fd45386d27bc3d.js
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/horoscope/73929/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 43.132.81.184 , Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: Lego Server /
Resource Hash: 6110bd3d72d24a65ab45401d0318208e362f323aca3c84d57a36523d34a60f0b

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 16 Feb 2023 07:22:23 GMT
content-encoding: gzip
x-cache-lookup: Cache Hit
x-original-content-length: 50816
server: Lego Server
age: 1221360
etag: W/"63d88b55-c680"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-nws-log-uuid: 15984371810760359634
accept-ranges: bytes
content-length: 16614
expires: Sat, 04 Mar 2023 04:01:11 GMT

GET
H2 200 2962-603a28e62dde6ed2aedb.js Show response
s.isanook.com/sr/0/_next/static/chunks/ 12 KB
3 KB 47ms
36ms Script
application/javascript 43.132.81.184
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to

Full URL: https://s.isanook.com/sr/0/_next/static/chunks/2962-603a28e62dde6ed2aedb.js
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/horoscope/73929/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 43.132.81.184 , Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: Lego Server /
Resource Hash: 39a9767a33fe8b9d31f24bb9f29f98152c9f738a1bf59539cfd87285d30be231

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 16 Feb 2023 07:22:23 GMT
content-encoding: gzip
x-cache-lookup: Cache Hit
x-original-content-length: 11966
server: Lego Server
age: 1200072
etag: W/"63db6c84-2ebe"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-nws-log-uuid: 6246770176894515343
accept-ranges: bytes
content-length: 2732
expires: Sat, 04 Mar 2023 09:37:12 GMT

GET
H2 200 497-57b8d1749c6364be3409.js Show response
s.isanook.com/sr/0/_next/static/chunks/ 29 KB
8 KB 30ms
19ms Script
application/javascript 43.132.81.184
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to

Full URL: https://s.isanook.com/sr/0/_next/static/chunks/497-57b8d1749c6364be3409.js
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/horoscope/73929/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 43.132.81.184 , Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: Lego Server /
Resource Hash: 02d87655ea57925a407344fb207920270b0f67db739fee52288dcf19c5cd23f6

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 16 Feb 2023 07:22:23 GMT
content-encoding: gzip
x-cache-lookup: Cache Hit
x-original-content-length: 29760
server: Lego Server
age: 1221660
etag: W/"63d88b56-7440"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-nws-log-uuid: 2265797543316410950
accept-ranges: bytes
content-length: 8468
expires: Sat, 04 Mar 2023 04:01:12 GMT

GET
H2 200 730-5d7513a69b73aba91839.js Show response
s.isanook.com/sr/0/_next/static/chunks/ 11 KB
4 KB 107ms
95ms Script
application/javascript 43.132.81.184
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to

Full URL: https://s.isanook.com/sr/0/_next/static/chunks/730-5d7513a69b73aba91839.js
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/horoscope/73929/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 43.132.81.184 , Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: Lego Server /
Resource Hash: f0bb9c9c72b6f31a523adc1edc904fc5a8f2868bc10c4819de335d73501ce4ac

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 16 Feb 2023 07:22:23 GMT
content-encoding: gzip
x-cache-lookup: Cache Hit
x-original-content-length: 10812
server: Lego Server
age: 1200473
etag: W/"63db6c85-2a3c"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-nws-log-uuid: 1755824269123263295
accept-ranges: bytes
content-length: 3558
expires: Sat, 04 Mar 2023 09:46:49 GMT

GET
H2 200 7754-f68ad08c384279e3c2db.js Show response
s.isanook.com/sr/0/_next/static/chunks/ 5 KB
2 KB 31ms
19ms Script
application/javascript 43.132.81.184
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to

Full URL: https://s.isanook.com/sr/0/_next/static/chunks/7754-f68ad08c384279e3c2db.js
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/horoscope/73929/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 43.132.81.184 , Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: Lego Server /
Resource Hash: 7a16f06ec002e931a8e686c66c114a24332fe9602818d2a43981e3ec8bbb7d8b

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 16 Feb 2023 07:22:23 GMT
content-encoding: gzip
x-cache-lookup: Cache Hit
x-original-content-length: 4867
server: Lego Server
age: 1207327
etag: W/"63d88b55-1303"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-nws-log-uuid: 17469378032700400907
accept-ranges: bytes
content-length: 2215
expires: Fri, 03 Mar 2023 15:30:54 GMT

GET
H2 200 2930-8b63b90ce035a2d67742.js Show response
s.isanook.com/sr/0/_next/static/chunks/ 212 KB
29 KB 48ms
37ms Script
application/javascript 43.132.81.184
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to

Full URL: https://s.isanook.com/sr/0/_next/static/chunks/2930-8b63b90ce035a2d67742.js
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/horoscope/73929/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 43.132.81.184 , Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: Lego Server /
Resource Hash: 9cfba3f1b505c1cabb7f3b733bb18fb63db5d336f314f627d4d957e369096f7a

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sat, 18 Feb 2023 05:19:29 GMT
content-encoding: gzip
x-cache-lookup: Cache Hit
x-original-content-length: 217016
server: Lego Server
age: 265666
etag: W/"63ec4a1f-34fb8"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-nws-log-uuid: 7646995876225207127
accept-ranges: bytes
content-length: 29319
expires: Fri, 17 Mar 2023 03:28:10 GMT

GET
H2 200 2996-fb071b42b1a12f78d5ec.js Show response
s.isanook.com/sr/0/_next/static/chunks/ 92 KB
16 KB 48ms
36ms Script
application/javascript 43.132.81.184
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to

Full URL: https://s.isanook.com/sr/0/_next/static/chunks/2996-fb071b42b1a12f78d5ec.js
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/horoscope/73929/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 43.132.81.184 , Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: Lego Server /
Resource Hash: 13e6896962e02b5d34f51768df79aca99d7ec1d5b2eb207c062d134e48aeb5c0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Fri, 17 Feb 2023 03:23:28 GMT
content-encoding: gzip
x-cache-lookup: Cache Hit
x-original-content-length: 94022
server: Lego Server
age: 229
etag: W/"63eeef3e-16f46"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000
x-nws-log-uuid: 17540408673273078426
accept-ranges: bytes
content-length: 16557
expires: Sun, 19 Mar 2023 03:08:50 GMT

GET
H2 200 6380-82aa4ff41224f2233af6.js Show response
s.isanook.com/sr/0/_next/static/chunks/ 194 KB
40 KB 31ms
20ms Script
application/javascript 43.132.81.184
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to

Full URL: https://s.isanook.com/sr/0/_next/static/chunks/6380-82aa4ff41224f2233af6.js
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/horoscope/73929/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 43.132.81.184 , Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: Lego Server /
Resource Hash: 8a730a3f145493f8a7e4d9f5647f52b90d10ae4c6cee8ff08de67e1ffa9201b3

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Fri, 17 Feb 2023 03:08:49 GMT
content-encoding: gzip
x-cache-lookup: Cache Hit
x-original-content-length: 198212
server: Lego Server
age: 77
etag: W/"63eeef3d-30644"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-nws-log-uuid: 6136085559440678802
accept-ranges: bytes
content-length: 40461
expires: Sun, 19 Mar 2023 03:08:49 GMT

GET
H2 200 5269-db5dd255a772d738f735.js Show response
s.isanook.com/sr/0/_next/static/chunks/ 242 KB
18 KB 31ms
20ms Script
application/javascript 43.132.81.184
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to

Full URL: https://s.isanook.com/sr/0/_next/static/chunks/5269-db5dd255a772d738f735.js
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/horoscope/73929/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 43.132.81.184 , Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: Lego Server /
Resource Hash: 8bb95a8801494a5ea278fd9da6f87ac41a0a049f6e041a52fd28a8f9db53aed7

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 16 Feb 2023 07:20:40 GMT
content-encoding: gzip
x-cache-lookup: Cache Hit
x-original-content-length: 247346
server: Lego Server
age: 618715
etag: W/"63e46634-3c632"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-nws-log-uuid: 178326992405143581
accept-ranges: bytes
content-length: 18025
expires: Sat, 11 Mar 2023 03:28:06 GMT

GET
H2 200 3316-c2db2abb0c275a7040e2.js Show response
s.isanook.com/sr/0/_next/static/chunks/ 18 KB
4 KB 32ms
20ms Script
application/javascript 43.132.81.184
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to

Full URL: https://s.isanook.com/sr/0/_next/static/chunks/3316-c2db2abb0c275a7040e2.js
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/horoscope/73929/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 43.132.81.184 , Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: Lego Server /
Resource Hash: d38961bd0b1ca21df559b911d10e02450f663398373f3e6ac76eb31809b5b75e

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 16 Feb 2023 07:34:18 GMT
content-encoding: gzip
x-cache-lookup: Cache Hit
last-modified: Thu, 16 Feb 2023 04:38:51 GMT
server: Lego Server
age: 0
etag: W/"63edb35b-4663"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000, s-maxage=10
x-nws-log-uuid: 15289380456114609941
accept-ranges: bytes
content-length: 4351
expires: Sat, 18 Mar 2023 07:34:18 GMT

GET
H2 200 8316-9bebfff4e124d29960b6.js Show response
s.isanook.com/sr/0/_next/static/chunks/ 9 KB
3 KB 32ms
21ms Script
application/javascript 43.132.81.184
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to

Full URL: https://s.isanook.com/sr/0/_next/static/chunks/8316-9bebfff4e124d29960b6.js
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/horoscope/73929/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 43.132.81.184 , Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: Lego Server /
Resource Hash: e9320e8ccc04d221c1abd5476522618fc823a04c15029917e5c08b4ca4a01b1a

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Fri, 17 Feb 2023 03:24:04 GMT
content-encoding: gzip
x-cache-lookup: Cache Hit
x-original-content-length: 9275
server: Lego Server
age: 1
etag: W/"63eeef3e-243b"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000
x-nws-log-uuid: 6908250881142822356
accept-ranges: bytes
content-length: 3097
expires: Sun, 19 Mar 2023 03:08:50 GMT

GET
H2 200 6850-8dda8db531c67f86edd0.js Show response
s.isanook.com/sr/0/_next/static/chunks/ 20 KB
5 KB 35ms
23ms Script
application/javascript 43.132.81.184
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to

Full URL: https://s.isanook.com/sr/0/_next/static/chunks/6850-8dda8db531c67f86edd0.js
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/horoscope/73929/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 43.132.81.184 , Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: Lego Server /
Resource Hash: 39a863d8abfa9a15aec20c32ff0b13dac70f1692ccd2e85ef42870f1b9caa6ad

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 16 Feb 2023 07:22:23 GMT
content-encoding: gzip
x-cache-lookup: Cache Hit
last-modified: Thu, 09 Feb 2023 03:19:14 GMT
server: Lego Server
age: 618811
etag: W/"63e46632-4ebe"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000
x-nws-log-uuid: 9213888470846330274
accept-ranges: bytes
content-length: 5275
expires: Sat, 11 Mar 2023 03:28:53 GMT

GET
H2 200 entry-54b9e92e1cc2dfb6f722.js Show response
s.isanook.com/sr/0/_next/static/chunks/pages/common/ 44 KB
10 KB 49ms
37ms Script
application/javascript 43.132.81.184
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to

Full URL: https://s.isanook.com/sr/0/_next/static/chunks/pages/common/entry-54b9e92e1cc2dfb6f722.js
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/horoscope/73929/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 43.132.81.184 , Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: Lego Server /
Resource Hash: d936d44b74732d426f6be47e3b79ee566ca73355e43fd030d8f565bfccad7a54

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Fri, 17 Feb 2023 03:24:08 GMT
content-encoding: gzip
x-cache-lookup: Cache Hit
x-original-content-length: 45101
server: Lego Server
age: 98
etag: W/"63eeef3e-b02d"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-nws-log-uuid: 11556992554835996526
accept-ranges: bytes
content-length: 10253
expires: Sun, 19 Mar 2023 03:15:22 GMT

GET
H2 200 _buildManifest.js Show response
s.isanook.com/sr/0/_next/static/596zy1Q8C2fiE1L9b4N0G/ 21 KB
6 KB 33ms
21ms Script
application/javascript 43.132.81.184
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to

Full URL: https://s.isanook.com/sr/0/_next/static/596zy1Q8C2fiE1L9b4N0G/_buildManifest.js
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/horoscope/73929/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 43.132.81.184 , Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: Lego Server /
Resource Hash: 22564e0fa1b0fc2778a05d1e934e9cbcfd8473f02d3c4fc0f8cac7e23efa2689

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Fri, 17 Feb 2023 05:04:03 GMT
content-encoding: gzip
x-cache-lookup: Cache Hit
x-original-content-length: 21261
server: Lego Server
age: 0
etag: W/"63ef02ed-530d"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-nws-log-uuid: 11248814657531024561
accept-ranges: bytes
content-length: 5549
expires: Sun, 19 Mar 2023 05:04:03 GMT

GET
H2 200 _ssgManifest.js Show response
s.isanook.com/sr/0/_next/static/596zy1Q8C2fiE1L9b4N0G/ 77 B
221 B 48ms
37ms Script
application/javascript 43.132.81.184
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to

Full URL: https://s.isanook.com/sr/0/_next/static/596zy1Q8C2fiE1L9b4N0G/_ssgManifest.js
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/horoscope/73929/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 43.132.81.184 , Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: Lego Server /
Resource Hash: 6f5b4aa00d2f8d6aed9935b471806bf7acef464d0c1d390260e5fe27f800c67e

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Fri, 17 Feb 2023 05:04:03 GMT
content-encoding: gzip
x-cache-lookup: Cache Hit
x-original-content-length: 77
server: Lego Server
age: 16
etag: "63ef02ed-4d"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-nws-log-uuid: 804683590088529852
accept-ranges: bytes
content-length: 61
expires: Sun, 19 Mar 2023 05:04:03 GMT

GET
H2 200 spacer.gif
p3.isanook.com/sh/0/di/ac/vl/ 43 B
225 B 7ms
3ms Image
image/gif 43.132.80.30
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p3.isanook.com/sh/0/di/ac/vl/spacer.gif
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/horoscope/73929/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 43.132.80.30 , Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: Lego Server /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sun, 19 Feb 2023 18:30:19 GMT
x-cache-lookup: Cache Hit, Hit From Inner Cluster
server: Lego Server
etag: "4d5107cb-2b"
content-type: image/gif
x-nws-log-uuid: 10160622659303695350
accept-ranges: bytes
content-length: 43

GET
H2 200 ic-lotto.png
s.isanook.com/sr/0/images/firstpage/desktop/icons/ 2 KB
2 KB 37ms
26ms Image
image/png 43.132.81.184
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.isanook.com/sr/0/images/firstpage/desktop/icons/ic-lotto.png
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/horoscope/73929/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 43.132.81.184 , Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: Lego Server /
Resource Hash: a2927d4b587bf91bf2a958f9273e01f9447b14a161dda71f961be4be21c77df8

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 16 Feb 2023 07:22:24 GMT
x-cache-lookup: Cache Hit
x-original-content-length: 2847
server: Lego Server
age: 0
etag: W/"PSA-aj-i2eaSDRS-j"
content-type: image/png
x-nws-log-uuid: 13256866116058717283
accept-ranges: bytes
content-length: 2056
expires: Thu, 16 Feb 2023 07:23:03 GMT

GET
H2 200 joox.svg
s.isanook.com/sr/0/images/firstpage/desktop/icons/ 1 KB
734 B 35ms
24ms Image
image/svg+xml 43.132.81.184
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.isanook.com/sr/0/images/firstpage/desktop/icons/joox.svg
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/horoscope/73929/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 43.132.81.184 , Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: Lego Server /
Resource Hash: 0b2e019fbe37d9642ad85f3194ef708e5510f4e580544587d3036d2c6a22809e

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 16 Feb 2023 07:22:24 GMT
content-encoding: gzip
x-cache-lookup: Cache Hit
last-modified: Thu, 16 Feb 2023 04:39:03 GMT
server: Lego Server
age: 0
etag: W/"63edb367-4e7"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=2592000
x-nws-log-uuid: 17244553567088008181
accept-ranges: bytes
content-length: 548
expires: Sat, 18 Mar 2023 07:22:24 GMT

GET
H2 200 wetv.svg
s.isanook.com/sr/0/images/firstpage/desktop/icons/ 7 KB
2 KB 33ms
22ms Image
image/svg+xml 43.132.81.184
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.isanook.com/sr/0/images/firstpage/desktop/icons/wetv.svg
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/horoscope/73929/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 43.132.81.184 , Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: Lego Server /
Resource Hash: 08a8463bf15cca775e8cc01995f1d42758cbda90dee2b7019fee15daa62822c9

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 16 Feb 2023 14:55:39 GMT
content-encoding: gzip
x-cache-lookup: Cache Hit
last-modified: Thu, 16 Feb 2023 11:58:09 GMT
server: Lego Server
age: 34420
etag: W/"63ee1a51-1a5b"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=2592000
x-nws-log-uuid: 15998404998405352642
accept-ranges: bytes
content-length: 1827
expires: Sat, 18 Mar 2023 14:55:39 GMT

GET
H2 200 wecomics-d.png
s.isanook.com/sr/0/images/firstpage/desktop/icons/ 3 KB
3 KB 40ms
29ms Image
image/png 43.132.81.184
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.isanook.com/sr/0/images/firstpage/desktop/icons/wecomics-d.png
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/horoscope/73929/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 43.132.81.184 , Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: Lego Server /
Resource Hash: 72b957c8e33b77cbf556151dc0c974c59408561b4bf97828c5b400bb60663138

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 16 Feb 2023 07:18:03 GMT
x-cache-lookup: Cache Hit
server: Lego Server
age: 0
etag: "63edb367-bec"
content-type: image/png
x-nws-log-uuid: 2506589840754979023
accept-ranges: bytes
content-length: 3052
expires: Thu, 16 Feb 2023 07:23:03 GMT

GET
H2 200 pubg.png
s.isanook.com/sr/0/images/firstpage/desktop/icons/ 2 KB
2 KB 49ms
38ms Image
image/png 43.132.81.184
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.isanook.com/sr/0/images/firstpage/desktop/icons/pubg.png
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/horoscope/73929/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 43.132.81.184 , Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: Lego Server /
Resource Hash: b838ce70a090231be8c745e32e5b6544bb0aa5c4e83ea15cf992feab33989be2

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 16 Feb 2023 07:22:24 GMT
x-cache-lookup: Cache Hit
server: Lego Server
age: 0
etag: W/"PSA-aj-MwUb6a4gDP"
content-type: image/png
x-nws-log-uuid: 4325877904195558930
accept-ranges: bytes
content-length: 1852
expires: Thu, 16 Feb 2023 07:23:03 GMT

GET
H2 200 aHR0cHM6Ly9zLmlzYW5vb2suY29tL2hvLzAvdWQvMTQvNzM5MjkvbS5qcGc=.webp
s.isanook.com/ho/0/rp/rc/w728h437/yatxacm1w0/ 53 KB
54 KB 61ms
50ms Image
image/webp 43.132.81.184
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.isanook.com/ho/0/rp/rc/w728h437/yatxacm1w0/aHR0cHM6Ly9zLmlzYW5vb2suY29tL2hvLzAvdWQvMTQvNzM5MjkvbS5qcGc=.webp
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/horoscope/73929/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 43.132.81.184 , Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: Lego Server /
Resource Hash: 0a44693ae6bd63fbc4ba3c4deeae171040ddb8cca0ef655892d5c11d24a675d7

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 01:58:06 GMT
x-cache-lookup: Cache Hit
server: Lego Server
age: 0
vary: Accept-Encoding
access-control-allow-origin: *
cache-control: max-age=2592000, s-maxage=10
x-nws-log-uuid: 2672093634164479256
accept-ranges: bytes
content-length: 54626
expires: Sat, 04 Mar 2023 01:58:06 GMT

GET
H2 200 sanook_70x200.jpg
s.isanook.com/ho/0/uc/0/297/ 4 KB
4 KB 41ms
30ms Image
image/jpeg 43.132.81.184
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.isanook.com/ho/0/uc/0/297/sanook_70x200.jpg
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/horoscope/73929/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 43.132.81.184 , Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: Lego Server /
Resource Hash: 586584fce91860659c552a878172d7154a8870fa373ee11544963d2a43a87157

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 16 Feb 2023 07:21:10 GMT
x-cache-lookup: Cache Hit
x-original-content-length: 8538
server: Lego Server
age: 0
etag: W/"PSA-aj-9fKQOdveWL"
content-type: image/jpeg
x-nws-log-uuid: 5588967634828505019
accept-ranges: bytes
content-length: 4198
expires: Thu, 16 Feb 2023 07:23:03 GMT

GET
H2 200 164644550-600x399.jpg
s.isanook.com/cl/0/up/2014/02/ 65 KB
66 KB 75ms
64ms Image
image/jpeg 43.132.81.184
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.isanook.com/cl/0/up/2014/02/164644550-600x399.jpg
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/horoscope/73929/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 43.132.81.184 , Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: Lego Server /
Resource Hash: 3597c884e88c2de6efbaec90b28f7ccdf00681ddbc783a29dc2185f1ec69a45f

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 15:29:28 GMT
x-cache-lookup: Cache Hit
last-modified: Mon, 10 Feb 2014 10:53:01 GMT
server: Lego Server
age: 0
etag: "52f8af8d-10533"
content-type: image/jpeg
cache-control: s-maxage=10
x-nws-log-uuid: 7697620657741218524
accept-ranges: bytes
content-length: 66867

GET
H2 200 b_02865_009.jpg
s.isanook.com/ho/0/ud/0/2125/ 18 KB
18 KB 73ms
62ms Image
image/jpeg 43.132.81.184
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.isanook.com/ho/0/ud/0/2125/b_02865_009.jpg
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/horoscope/73929/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 43.132.81.184 , Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: Lego Server /
Resource Hash: be3846ed86d18e557227eae2356cafef6fc485bd7968067467787afce5f146c7

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 01:57:13 GMT
x-cache-lookup: Cache Hit
last-modified: Mon, 14 Jul 2014 10:13:32 GMT
server: Lego Server
age: 0
etag: "53c3ad4c-47e3"
content-type: image/jpeg
cache-control: s-maxage=10
x-nws-log-uuid: 17319441430982198988
accept-ranges: bytes
content-length: 18403

GET
H2 200 b_02865_007.jpg
s.isanook.com/ho/0/ud/0/2125/ 25 KB
25 KB 74ms
63ms Image
image/jpeg 43.132.81.184
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.isanook.com/ho/0/ud/0/2125/b_02865_007.jpg
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/horoscope/73929/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 43.132.81.184 , Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: Lego Server /
Resource Hash: d4319009811bfe48dfb54dcee2a2da5e4973c0e131200eb3436e86525c0f562f

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 15:29:28 GMT
x-cache-lookup: Cache Hit
last-modified: Mon, 14 Jul 2014 10:13:32 GMT
server: Lego Server
age: 0
etag: "53c3ad4c-636a"
content-type: image/jpeg
cache-control: s-maxage=10
x-nws-log-uuid: 16019555882694993839
accept-ranges: bytes
content-length: 25450

GET
H2 200 m3134.jpg
s.isanook.com/hm/0/ud/0/1725/ 58 KB
59 KB 76ms
65ms Image
image/jpeg 43.132.81.184
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.isanook.com/hm/0/ud/0/1725/m3134.jpg
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/horoscope/73929/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 43.132.81.184 , Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: Lego Server /
Resource Hash: b8c669f1ff934a66471261b83c9c06111116973db894abc363854c56e0e88e27

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 09 Feb 2023 06:16:35 GMT
x-cache-lookup: Cache Hit
last-modified: Tue, 02 Dec 2014 04:03:32 GMT
server: Lego Server
age: 0
etag: "547d3a14-e9d9"
content-type: image/jpeg
cache-control: s-maxage=10
x-nws-log-uuid: 10437743218508889995
accept-ranges: bytes
content-length: 59865

GET
H2 200 1.jpg
s.isanook.com/ho/0/ud/14/73929/ 68 KB
68 KB 76ms
65ms Image
image/jpeg 43.132.81.184
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.isanook.com/ho/0/ud/14/73929/1.jpg
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/horoscope/73929/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 43.132.81.184 , Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: Lego Server /
Resource Hash: 1a337b2b047957359483acea9143354db8c1f5957908e136b5001164d6e64745

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 15:29:28 GMT
x-cache-lookup: Cache Hit
last-modified: Thu, 20 Nov 2014 08:07:14 GMT
server: Lego Server
age: 0
etag: "546da132-11119"
content-type: image/jpeg
cache-control: s-maxage=10
x-nws-log-uuid: 6895685960989942011
accept-ranges: bytes
content-length: 69913

GET
H2 200 2.jpg
s.isanook.com/ho/0/ud/14/73929/ 48 KB
48 KB 73ms
62ms Image
image/jpeg 43.132.81.184
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.isanook.com/ho/0/ud/14/73929/2.jpg
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/horoscope/73929/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 43.132.81.184 , Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: Lego Server /
Resource Hash: c009b0e1fdc32543350a1c9dd28be68968440dbf001469114b2b304cb66f72c7

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 01:57:13 GMT
x-cache-lookup: Cache Hit
last-modified: Thu, 20 Nov 2014 08:07:14 GMT
server: Lego Server
age: 0
etag: "546da132-bf45"
content-type: image/jpeg
cache-control: s-maxage=10
x-nws-log-uuid: 11218639703545230641
accept-ranges: bytes
content-length: 48965

GET
H2 200 3.jpg
s.isanook.com/ho/0/ud/14/73929/ 44 KB
44 KB 61ms
50ms Image
image/jpeg 43.132.81.184
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.isanook.com/ho/0/ud/14/73929/3.jpg
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/horoscope/73929/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 43.132.81.184 , Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: Lego Server /
Resource Hash: 98a9c92c79c585f9aa0971143eca9630f409e7c115f4014ea1bb1c1bc1660d12

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 15:29:28 GMT
x-cache-lookup: Cache Hit
last-modified: Thu, 20 Nov 2014 08:07:15 GMT
server: Lego Server
age: 0
etag: "546da133-b083"
content-type: image/jpeg
cache-control: s-maxage=10
x-nws-log-uuid: 6554095972355611825
accept-ranges: bytes
content-length: 45187

GET
H2 200 4.jpg
s.isanook.com/ho/0/ud/14/73929/ 40 KB
41 KB 62ms
51ms Image
image/jpeg 43.132.81.184
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.isanook.com/ho/0/ud/14/73929/4.jpg
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/horoscope/73929/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 43.132.81.184 , Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: Lego Server /
Resource Hash: e05706d9bacaf36035c95c8f8159ef0a891a01f9f89765bb0244c62e0f4dc3f7

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Mon, 16 Jan 2023 04:18:55 GMT
x-cache-lookup: Cache Hit
last-modified: Thu, 20 Nov 2014 08:07:15 GMT
server: Lego Server
age: 0
etag: "546da133-a160"
content-type: image/jpeg
x-nws-log-uuid: 1121678251580379156
accept-ranges: bytes
content-length: 41312

GET
H2 200 5.jpg
s.isanook.com/ho/0/ud/14/73929/ 39 KB
39 KB 127ms
116ms Image
image/jpeg 43.132.81.184
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.isanook.com/ho/0/ud/14/73929/5.jpg
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/horoscope/73929/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 43.132.81.184 , Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: Lego Server /
Resource Hash: 50a78b64b7c35b574a343eb7b94f6d1d810cea7c22641814c53c4d852ffee2fa

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 15:29:28 GMT
x-cache-lookup: Cache Hit
last-modified: Thu, 20 Nov 2014 08:07:15 GMT
server: Lego Server
age: 0
etag: "546da133-9a81"
content-type: image/jpeg
cache-control: s-maxage=10
x-nws-log-uuid: 3332336982886085751
accept-ranges: bytes
content-length: 39553

GET
H2 200 6.jpg
s.isanook.com/ho/0/ud/14/73929/ 71 KB
71 KB 77ms
66ms Image
image/jpeg 43.132.81.184
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.isanook.com/ho/0/ud/14/73929/6.jpg
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/horoscope/73929/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 43.132.81.184 , Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: Lego Server /
Resource Hash: 3df5ee1c45f692977823e588212e402244c7afdc6dd4771a3403266d5f77065a

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 08 Feb 2023 13:25:13 GMT
x-cache-lookup: Cache Hit
last-modified: Thu, 20 Nov 2014 08:07:15 GMT
server: Lego Server
age: 0
etag: "546da133-11c94"
content-type: image/jpeg
cache-control: s-maxage=10
x-nws-log-uuid: 8606871123780362600
accept-ranges: bytes
content-length: 72852

GET
H2 200 7.jpg
s.isanook.com/ho/0/ud/14/73929/ 42 KB
42 KB 76ms
66ms Image
image/jpeg 43.132.81.184
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.isanook.com/ho/0/ud/14/73929/7.jpg
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/horoscope/73929/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 43.132.81.184 , Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: Lego Server /
Resource Hash: c3b834527b9134e55b0ba420a6ab86e59e1272beda3c6c8560ebada1dec244f3

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 15:29:29 GMT
x-cache-lookup: Cache Hit
last-modified: Thu, 20 Nov 2014 08:07:15 GMT
server: Lego Server
age: 0
etag: "546da133-a7f5"
content-type: image/jpeg
cache-control: s-maxage=10
x-nws-log-uuid: 14894347475262922771
accept-ranges: bytes
content-length: 42997

GET
H2 200 8.jpg
s.isanook.com/ho/0/ud/14/73929/ 85 KB
85 KB 96ms
85ms Image
image/jpeg 43.132.81.184
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.isanook.com/ho/0/ud/14/73929/8.jpg
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/horoscope/73929/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 43.132.81.184 , Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: Lego Server /
Resource Hash: e529b5d3ecaed65e938197f63b5173a1cac42559288d7999ded904947471f059

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sat, 18 Feb 2023 03:51:51 GMT
x-cache-lookup: Cache Hit
last-modified: Thu, 20 Nov 2014 08:07:15 GMT
server: Lego Server
age: 0
etag: "546da133-15370"
content-type: image/jpeg
cache-control: s-maxage=10
x-nws-log-uuid: 10434848251652343443
accept-ranges: bytes
content-length: 86896

GET
H2 200 9.jpg
s.isanook.com/ho/0/ud/14/73929/ 68 KB
68 KB 75ms
65ms Image
image/jpeg 43.132.81.184
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.isanook.com/ho/0/ud/14/73929/9.jpg
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/horoscope/73929/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 43.132.81.184 , Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: Lego Server /
Resource Hash: ddbeb45f8afd9708a16744ef103d5d486617986fea04b210d2e0da5cff968eb1

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 15:29:28 GMT
x-cache-lookup: Cache Hit
last-modified: Thu, 20 Nov 2014 08:07:15 GMT
server: Lego Server
age: 0
etag: "546da133-110b6"
content-type: image/jpeg
cache-control: s-maxage=10
x-nws-log-uuid: 2663685214659444386
accept-ranges: bytes
content-length: 69814

GET
H2 200 10.jpg
s.isanook.com/ho/0/ud/14/73929/ 60 KB
60 KB 69ms
59ms Image
image/jpeg 43.132.81.184
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.isanook.com/ho/0/ud/14/73929/10.jpg
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/horoscope/73929/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 43.132.81.184 , Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: Lego Server /
Resource Hash: c94a6469b701781fcb34e796fb1cb12aca51d7d40e22b5bfb55ad6bb273722a0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 15:29:29 GMT
x-cache-lookup: Cache Hit
last-modified: Thu, 20 Nov 2014 08:07:15 GMT
server: Lego Server
age: 0
etag: "546da133-f111"
content-type: image/jpeg
cache-control: s-maxage=10
x-nws-log-uuid: 17225043515424579941
accept-ranges: bytes
content-length: 61713

GET
H2 200 11.jpg
s.isanook.com/ho/0/ud/14/73929/ 89 KB
89 KB 106ms
96ms Image
image/jpeg 43.132.81.184
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.isanook.com/ho/0/ud/14/73929/11.jpg
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/horoscope/73929/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 43.132.81.184 , Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: Lego Server /
Resource Hash: ce4c2d124173f37e90066917f1bacbc6e11fab1f0ef759dd1503cf476fae7f55

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 01:57:13 GMT
x-cache-lookup: Cache Hit
last-modified: Thu, 20 Nov 2014 08:07:16 GMT
server: Lego Server
age: 0
etag: "546da134-1622c"
content-type: image/jpeg
cache-control: s-maxage=10
x-nws-log-uuid: 11717340978699816350
accept-ranges: bytes
content-length: 90668

GET
H2 200 12.jpg
s.isanook.com/ho/0/ud/14/73929/ 48 KB
48 KB 72ms
61ms Image
image/jpeg 43.132.81.184
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.isanook.com/ho/0/ud/14/73929/12.jpg
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/horoscope/73929/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 43.132.81.184 , Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: Lego Server /
Resource Hash: 276e615f4ab2d52f232682d35351ab5f646ba23248a607f60a36c4e524e3e758

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 01:57:13 GMT
x-cache-lookup: Cache Hit
last-modified: Thu, 20 Nov 2014 08:07:16 GMT
server: Lego Server
age: 0
etag: "546da134-c0f4"
content-type: image/jpeg
cache-control: s-maxage=10
x-nws-log-uuid: 7460832796190302115
accept-ranges: bytes
content-length: 49396

GET
H2 200 6.jpg
s.isanook.com/ho/0/ud/12/60457/ 68 KB
68 KB 95ms
84ms Image
image/jpeg 43.132.81.184
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.isanook.com/ho/0/ud/12/60457/6.jpg
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/horoscope/73929/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 43.132.81.184 , Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: Lego Server /
Resource Hash: 96d18284e30220164e7ac592992880445021f902ef94a38b0bff74a5f0c76596

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 01:57:13 GMT
x-cache-lookup: Cache Hit
last-modified: Mon, 14 Jul 2014 10:59:44 GMT
server: Lego Server
age: 0
etag: "53c3b820-10e36"
content-type: image/jpeg
cache-control: s-maxage=10
x-nws-log-uuid: 17018468565674023028
accept-ranges: bytes
content-length: 69174

GET
H2 200 7.jpg
s.isanook.com/ho/0/ud/12/60457/ 139 KB
139 KB 77ms
66ms Image
image/jpeg 43.132.81.184
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.isanook.com/ho/0/ud/12/60457/7.jpg
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/horoscope/73929/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 43.132.81.184 , Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: Lego Server /
Resource Hash: eb9ccd12e0acef3f2796d75171e2445b09c70f2ffcd88299d4c40cf7b6f3f02e

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 01:57:13 GMT
x-cache-lookup: Cache Hit
last-modified: Mon, 14 Jul 2014 10:59:44 GMT
server: Lego Server
age: 0
etag: "53c3b820-22a31"
content-type: image/jpeg
cache-control: s-maxage=10
x-nws-log-uuid: 7497217713958095642
accept-ranges: bytes
content-length: 141873

GET
H2 200 9.jpg
s.isanook.com/ho/0/ud/12/60457/ 176 KB
177 KB 99ms
88ms Image
image/jpeg 43.132.81.184
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.isanook.com/ho/0/ud/12/60457/9.jpg
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/horoscope/73929/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 43.132.81.184 , Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: Lego Server /
Resource Hash: 2e90a3c458995342dc35ed1c4261d0f9e306bd04892bbc82193dc19df84c73f3

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sat, 18 Feb 2023 03:51:51 GMT
x-cache-lookup: Cache Hit
last-modified: Mon, 14 Jul 2014 10:59:44 GMT
server: Lego Server
age: 0
etag: "53c3b820-2c12c"
content-type: image/jpeg
cache-control: s-maxage=10
x-nws-log-uuid: 18260088931342663038
accept-ranges: bytes
content-length: 180524

GET
H2 200 10.jpg
s.isanook.com/ho/0/ud/12/60457/ 61 KB
61 KB 129ms
119ms Image
image/jpeg 43.132.81.184
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.isanook.com/ho/0/ud/12/60457/10.jpg
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/horoscope/73929/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 43.132.81.184 , Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: Lego Server /
Resource Hash: 1612a879ca34514e60d3dd2907b0582e6b139018aa6cad45482c9e1beb2135ab

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 01:57:13 GMT
x-cache-lookup: Cache Hit
last-modified: Mon, 14 Jul 2014 10:59:44 GMT
server: Lego Server
age: 0
etag: "53c3b820-f29d"
content-type: image/jpeg
x-nws-log-uuid: 15854213693281842740
accept-ranges: bytes
content-length: 62109

GET
H2 200 15.jpg
s.isanook.com/ho/0/ud/12/60457/ 62 KB
62 KB 130ms
120ms Image
image/jpeg 43.132.81.184
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.isanook.com/ho/0/ud/12/60457/15.jpg
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/horoscope/73929/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 43.132.81.184 , Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: Lego Server /
Resource Hash: f85ba02677ae937a3b83735d7f14892723dc418d03337420f8a5cc94b3965358

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 01:57:13 GMT
x-cache-lookup: Cache Hit
last-modified: Mon, 14 Jul 2014 10:59:44 GMT
server: Lego Server
age: 0
etag: "53c3b820-f7ef"
content-type: image/jpeg
cache-control: s-maxage=10
x-nws-log-uuid: 1999776256416490742
accept-ranges: bytes
content-length: 63471

GET
H2 200 247154__22012009112618.png
s.isanook.com/gu/0/ui/1/6026/ 269 KB
270 KB 85ms
74ms Image
image/png 43.132.81.184
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.isanook.com/gu/0/ui/1/6026/247154__22012009112618.png
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/horoscope/73929/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 43.132.81.184 , Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: Lego Server /
Resource Hash: a97b6c5e2fd5099738663d419af993ac433978a67d0b3ffddf59bff437517285

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 15:29:29 GMT
x-cache-lookup: Cache Hit
last-modified: Wed, 04 Feb 2015 05:18:02 GMT
server: Lego Server
age: 0
etag: "54d1ab8a-434c8"
content-type: image/png
cache-control: s-maxage=10
x-nws-log-uuid: 7108153343933572269
accept-ranges: bytes
content-length: 275656

GET
H2 200 1371094959.jpg
s.isanook.com/gu/0/ud/5/26893/ 190 KB
190 KB 84ms
73ms Image
image/jpeg 43.132.81.184
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.isanook.com/gu/0/ud/5/26893/1371094959.jpg
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/horoscope/73929/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 43.132.81.184 , Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: Lego Server /
Resource Hash: b2c5b474a45aef937dac7768beacc1c6898c4135f22ba567132d8562ccb96e64

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 15:29:29 GMT
x-cache-lookup: Cache Hit
last-modified: Fri, 04 Apr 2014 08:05:43 GMT
server: Lego Server
age: 0
etag: "533e67d7-2f6a3"
content-type: image/jpeg
cache-control: s-maxage=10
x-nws-log-uuid: 11625355342715814745
accept-ranges: bytes
content-length: 194211

GET
H2 200 20140212214357.jpg
s.isanook.com/gu/0/ud/5/26893/ 43 KB
43 KB 97ms
87ms Image
image/jpeg 43.132.81.184
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.isanook.com/gu/0/ud/5/26893/20140212214357.jpg
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/horoscope/73929/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 43.132.81.184 , Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: Lego Server /
Resource Hash: d8964649ea3ad14e6f1f15e1d05673ded9445c705a6b554cea25afaa91fb7558

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sat, 18 Feb 2023 03:51:52 GMT
x-cache-lookup: Cache Hit
last-modified: Fri, 04 Apr 2014 08:11:29 GMT
server: Lego Server
age: 0
etag: "533e6931-aaf3"
content-type: image/jpeg
cache-control: s-maxage=10
x-nws-log-uuid: 12579648453460562003
accept-ranges: bytes
content-length: 43763

GET
H2 200 large_Fig1a.jpg
s.isanook.com/gu/0/ud/5/26893/ 202 KB
202 KB 96ms
86ms Image
image/jpeg 43.132.81.184
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.isanook.com/gu/0/ud/5/26893/large_Fig1a.jpg
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/horoscope/73929/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 43.132.81.184 , Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: Lego Server /
Resource Hash: 1facc3d40357e818e67129066b712dae6c2c47b765a9fa3f67d16c1cc92d087f

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 15:29:29 GMT
x-cache-lookup: Cache Hit
last-modified: Fri, 04 Apr 2014 08:14:59 GMT
server: Lego Server
age: 0
etag: "533e6a03-3280b"
content-type: image/jpeg
cache-control: s-maxage=10
x-nws-log-uuid: 17397820631093608664
accept-ranges: bytes
content-length: 206859

GET
H2 200 Flower.jpg
s.isanook.com/gu/0/ud/5/26893/ 74 KB
74 KB 77ms
66ms Image
image/jpeg 43.132.81.184
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.isanook.com/gu/0/ud/5/26893/Flower.jpg
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/horoscope/73929/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 43.132.81.184 , Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: Lego Server /
Resource Hash: faa6f6be85c2e5f2c68cb7dfef6679100a8b0aab8a5c60aff938392ce267121c

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 01:57:13 GMT
x-cache-lookup: Cache Hit
last-modified: Fri, 04 Apr 2014 08:18:30 GMT
server: Lego Server
age: 0
etag: "533e6ad6-1269b"
content-type: image/jpeg
cache-control: s-maxage=10
x-nws-log-uuid: 42793276989199037
accept-ranges: bytes
content-length: 75419

GET
H2 200 ttt.jpg
s.isanook.com/gu/0/ud/5/26893/ 12 KB
12 KB 122ms
112ms Image
image/jpeg 43.132.81.184
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.isanook.com/gu/0/ud/5/26893/ttt.jpg
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/horoscope/73929/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 43.132.81.184 , Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: Lego Server /
Resource Hash: 9910d82cb4f5d596bd45b6e19bee79bf3768c95042ec2c99bb3a4ed98a928d9a

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 15:29:29 GMT
x-cache-lookup: Cache Hit
last-modified: Fri, 04 Apr 2014 08:20:36 GMT
server: Lego Server
age: 0
etag: "533e6b54-2f65"
content-type: image/jpeg
cache-control: s-maxage=10
x-nws-log-uuid: 8907394343749500228
accept-ranges: bytes
content-length: 12133

GET
H2 200 5717446.jpg
s.isanook.com/gu/0/ud/5/26893/ 30 KB
30 KB 130ms
120ms Image
image/jpeg 43.132.81.184
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.isanook.com/gu/0/ud/5/26893/5717446.jpg
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/horoscope/73929/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 43.132.81.184 , Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: Lego Server /
Resource Hash: 381822fef2cfae9151c7834c38cc710ae813fa64e4f3b43b43452a43faa47bf7

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 01:57:13 GMT
x-cache-lookup: Cache Hit
last-modified: Fri, 04 Apr 2014 08:27:01 GMT
server: Lego Server
age: 0
etag: "533e6cd5-77e4"
content-type: image/jpeg
cache-control: s-maxage=10
x-nws-log-uuid: 18051558519367678857
accept-ranges: bytes
content-length: 30692

GET
H2 200 simpoh_air2.jpg
s.isanook.com/gu/0/ud/5/26893/ 51 KB
51 KB 96ms
85ms Image
image/jpeg 43.132.81.184
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.isanook.com/gu/0/ud/5/26893/simpoh_air2.jpg
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/horoscope/73929/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 43.132.81.184 , Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: Lego Server /
Resource Hash: b6f5c53039a60be477dd6410d551398bcb7337a2c2e06f47aa96bdbfa32166bf

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Mon, 23 Jan 2023 04:43:43 GMT
x-cache-lookup: Cache Hit
server: Lego Server
age: 0
etag: "533e6d56-ccea"
content-type: image/jpeg
cache-control: s-maxage=10
x-nws-log-uuid: 7339848011625305054
accept-ranges: bytes
content-length: 52458
expires: Mon, 23 Jan 2023 04:48:43 GMT

GET
H2 200 90135160.jpg
s.isanook.com/gu/0/ud/5/26893/ 47 KB
48 KB 95ms
85ms Image
image/jpeg 43.132.81.184
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.isanook.com/gu/0/ud/5/26893/90135160.jpg
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/horoscope/73929/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 43.132.81.184 , Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: Lego Server /
Resource Hash: 07e976be75f87daa3b959f50111e9394e8dd1e1f68e141ea53d13adfabd130dc

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sat, 18 Feb 2023 03:51:52 GMT
x-cache-lookup: Cache Hit
last-modified: Fri, 04 Apr 2014 08:32:25 GMT
server: Lego Server
age: 0
etag: "533e6e19-bd95"
content-type: image/jpeg
cache-control: s-maxage=10
x-nws-log-uuid: 4013711028364273958
accept-ranges: bytes
content-length: 48533

GET
H2 200 Jasmin_Sambac_-_The_Phi.jpg
s.isanook.com/gu/0/ud/5/26893/ 119 KB
120 KB 122ms
112ms Image
image/jpeg 43.132.81.184
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.isanook.com/gu/0/ud/5/26893/Jasmin_Sambac_-_The_Phi.jpg
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/horoscope/73929/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 43.132.81.184 , Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: Lego Server /
Resource Hash: 3bf480e30420852b67b66a7d9e1aa2946aa059aec0829d559f7d32e5a2dda091

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 15:29:29 GMT
x-cache-lookup: Cache Hit
last-modified: Fri, 04 Apr 2014 08:35:32 GMT
server: Lego Server
age: 0
etag: "533e6ed4-1ddcb"
content-type: image/jpeg
cache-control: s-maxage=10
x-nws-log-uuid: 1555073418001924855
accept-ranges: bytes
content-length: 122315

GET
H2 200 Y7333684-27.jpg
s.isanook.com/gu/0/ud/5/26893/ 24 KB
24 KB 107ms
96ms Image
image/jpeg 43.132.81.184
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.isanook.com/gu/0/ud/5/26893/Y7333684-27.jpg
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/horoscope/73929/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 43.132.81.184 , Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: Lego Server /
Resource Hash: b8fff16dd7907623fcd1ed926716f74c1594888a2bcc052913d573b2fd2c77dc

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 01:57:13 GMT
x-cache-lookup: Cache Hit
last-modified: Fri, 04 Apr 2014 08:37:11 GMT
server: Lego Server
age: 0
etag: "533e6f37-5f88"
content-type: image/jpeg
cache-control: s-maxage=10
x-nws-log-uuid: 15541308847626173466
accept-ranges: bytes
content-length: 24456

GET
H2 200 banner_read.jpg
s.isanook.com/sr/0/images/event-banner/2023/valentine/ 96 KB
96 KB 123ms
112ms Image
image/jpeg 43.132.81.184
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.isanook.com/sr/0/images/event-banner/2023/valentine/banner_read.jpg
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/horoscope/73929/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 43.132.81.184 , Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: Lego Server /
Resource Hash: 920ae7f1ce70a2c0e6ea23b2a5a30f8051b62e22289a533b236be9c5383fd3ab

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 16 Feb 2023 07:22:23 GMT
x-cache-lookup: Cache Hit
last-modified: Thu, 16 Feb 2023 04:39:08 GMT
server: Lego Server
age: 0
etag: "63edb36c-17edd"
content-type: image/jpeg
x-nws-log-uuid: 15726039221457097029
accept-ranges: bytes
content-length: 98013

GET
H2 200 aHR0cHM6Ly9zLmlzYW5vb2suY29tL2hvLzAvdWQvMTEvNTYyMzMvcHJheS0yMDE5LmpwZw==.jpg
s.isanook.com/ho/0/rp/rc/w350h197/ya0xa0m1w0/ 7 KB
8 KB 97ms
87ms Image
image/jpeg 43.132.81.184
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.isanook.com/ho/0/rp/rc/w350h197/ya0xa0m1w0/aHR0cHM6Ly9zLmlzYW5vb2suY29tL2hvLzAvdWQvMTEvNTYyMzMvcHJheS0yMDE5LmpwZw==.jpg
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/horoscope/73929/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 43.132.81.184 , Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: Lego Server /
Resource Hash: 9da7ecafa40670fd96045ab42990e63dbb8a84ea7aa1ed63f8a09f295d2bade5

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 16 Feb 2023 07:18:50 GMT
x-cache-lookup: Cache Hit
x-original-content-length: 8831
server: Lego Server
age: 0
etag: W/"PSA-aj-Kxn7aDpPX8"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=2564473
x-nws-log-uuid: 11588961082308124250
accept-ranges: bytes
content-length: 7533
expires: Fri, 17 Mar 2023 23:40:04 GMT

GET
H2 200 aHR0cHM6Ly9zLmlzYW5vb2suY29tL2hvLzAvdWQvMTEvNTk1MDEvdG9yLmpwZw==.jpg
s.isanook.com/ho/0/rp/rc/w350h197/ya0xa0m1w0/ 11 KB
11 KB 107ms
97ms Image
image/jpeg 43.132.81.184
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.isanook.com/ho/0/rp/rc/w350h197/ya0xa0m1w0/aHR0cHM6Ly9zLmlzYW5vb2suY29tL2hvLzAvdWQvMTEvNTk1MDEvdG9yLmpwZw==.jpg
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/horoscope/73929/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 43.132.81.184 , Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: Lego Server /
Resource Hash: 5e5ed6e83c7b2b84cbe3ddc65f0fe13d3e786b452df2f0ee9cf9b0c2ffd71814

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 16 Feb 2023 07:18:50 GMT
x-cache-lookup: Cache Hit
x-original-content-length: 13130
server: Lego Server
age: 0
etag: W/"PSA-aj-Qyezl8ljzW"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=2466886
x-nws-log-uuid: 10022773705236363352
accept-ranges: bytes
content-length: 10865
expires: Thu, 16 Mar 2023 20:33:37 GMT

GET
H2 200 aHR0cHM6Ly9zLmlzYW5vb2suY29tL2hvLzAvdWQvMjgvMTQzNDMzL3RoLmpwZw==.jpg
s.isanook.com/ho/0/rp/rc/w350h197/ya0xa0m1w0/ 19 KB
20 KB 107ms
96ms Image
image/jpeg 43.132.81.184
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.isanook.com/ho/0/rp/rc/w350h197/ya0xa0m1w0/aHR0cHM6Ly9zLmlzYW5vb2suY29tL2hvLzAvdWQvMjgvMTQzNDMzL3RoLmpwZw==.jpg
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/horoscope/73929/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 43.132.81.184 , Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: Lego Server /
Resource Hash: a016eb6f574b9e648bf030da474ee0649ef6f217024c35f39a30def748f4a2b3

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Mon, 09 Jan 2023 01:47:21 GMT
x-cache-lookup: Cache Hit
x-original-content-length: 26763
server: Lego Server
age: 0
etag: W/"PSA-aj-92K24QzHCm"
content-type: image/jpeg
access-control-allow-origin: *
x-nws-log-uuid: 7197326070388544184
accept-ranges: bytes
content-length: 19967
expires: Wed, 08 Feb 2023 01:39:42 GMT

GET
H2 200 aHR0cHM6Ly9zLmlzYW5vb2suY29tL2hvLzAvdWQvMS81NDQxL3RodW1ibmFpbC1wcmF5LmpwZw==.jpg
s.isanook.com/ho/0/rp/rc/w350h197/ya0xa0m1w0/ 10 KB
10 KB 98ms
88ms Image
image/jpeg 43.132.81.184
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.isanook.com/ho/0/rp/rc/w350h197/ya0xa0m1w0/aHR0cHM6Ly9zLmlzYW5vb2suY29tL2hvLzAvdWQvMS81NDQxL3RodW1ibmFpbC1wcmF5LmpwZw==.jpg
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/horoscope/73929/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 43.132.81.184 , Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: Lego Server /
Resource Hash: 57b375711eee7dc32c1eca072c8749ba0b352e7126c5ffe89b6deacb721451a1

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 16 Feb 2023 07:19:03 GMT
x-cache-lookup: Cache Hit
server: Lego Server
age: 0
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=2592000, s-maxage=10
x-nws-log-uuid: 15418527522079158621
accept-ranges: bytes
content-length: 9866
expires: Sat, 18 Mar 2023 07:19:03 GMT

GET
H2 200 aHR0cHM6Ly9zLmlzYW5vb2suY29tL2hvLzAvdWQvMjkvMTQ5NTg5L3RuLWRlYWRib2R5LmpwZw==.jpg
s.isanook.com/ho/0/rp/rc/w350h197/ya0xa0m1w0/ 8 KB
9 KB 122ms
112ms Image
image/jpeg 43.132.81.184
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.isanook.com/ho/0/rp/rc/w350h197/ya0xa0m1w0/aHR0cHM6Ly9zLmlzYW5vb2suY29tL2hvLzAvdWQvMjkvMTQ5NTg5L3RuLWRlYWRib2R5LmpwZw==.jpg
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/horoscope/73929/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 43.132.81.184 , Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: Lego Server /
Resource Hash: e0cbadc6c3e259c9431960653f992baaaf4ddfd9ce21c4d35679c983004e7e06

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 16 Feb 2023 08:39:29 GMT
x-cache-lookup: Cache Hit
x-original-content-length: 9981
server: Lego Server
age: 0
etag: W/"PSA-aj-prD8KS0Xys"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=2591967
x-nws-log-uuid: 10985787591546686833
accept-ranges: bytes
content-length: 8651
expires: Sat, 18 Mar 2023 08:38:57 GMT

GET
H2 200 1489944661112333 Show response
connect.facebook.net/signals/config/ 377 KB
108 KB 15ms
3ms Script
application/x-javascript 2a03:2880:f00c:300:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1489944661112333?v=2.9.96&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f00c:300:face:b00c:0:3 , Singapore, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

233152a1e30eba48f0ac0db543a04fdb61987557b8823d1f9ba17964ddfd2f55

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Sun, 19 Feb 2023 18:30:19 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 110244
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: P7Datw7lpLdEAegjXcUSkaED7zQAIq387wNlmKuIUblHDv9Hha2XRvW8Mv1VJXg1GrXk5Rd4V/rEnxrfdeiKIQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-trip-id: 548340344
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 logo-sanook-n.svg
s.isanook.com/sr/0/images/ 11 KB
5 KB 87ms
83ms Image
image/svg+xml 43.132.81.184
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.isanook.com/sr/0/images/logo-sanook-n.svg
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/horoscope/73929/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 43.132.81.184 , Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: Lego Server /
Resource Hash: 412e44de7c09f2b8d76b1ad4ca25cc6915bcca5d737aaa7c5a6b44e5965d1d6d

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 16 Feb 2023 10:04:34 GMT
content-encoding: gzip
x-cache-lookup: Cache Hit
last-modified: Thu, 16 Feb 2023 04:39:07 GMT
server: Lego Server
age: 0
etag: W/"63edb36b-2b18"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=2592000
x-nws-log-uuid: 7086386180287903007
accept-ranges: bytes
content-length: 4394
expires: Sat, 18 Mar 2023 10:04:34 GMT

GET
H2 200 base-icon-v1.0.40.woff2
s.isanook.com/sr/0/fonts/icon/ 37 KB
37 KB 60ms
30ms Font
application/octet-stream 43.132.81.184
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to

Full URL: https://s.isanook.com/sr/0/fonts/icon/base-icon-v1.0.40.woff2
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/horoscope/73929/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 43.132.81.184 , Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: Lego Server /
Resource Hash: da3e41a40c61371c6c94accdf44aa7448a60acb11f15a2a8068a5b635863018c

Request headers

Referer: https://www.sanook.com/
Origin: https://www.sanook.com
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 16 Feb 2023 07:22:24 GMT
content-encoding: gzip
x-cache-lookup: Cache Hit
last-modified: Thu, 16 Feb 2023 04:38:54 GMT
server: Lego Server
age: 0
etag: W/"63edb35e-94a0"
vary: Accept-Encoding
content-type: text/plain
access-control-allow-origin: *
cache-control: public, max-age=2592000
x-nws-log-uuid: 10628418348970568298
accept-ranges: bytes
content-length: 37976
expires: Sat, 18 Mar 2023 07:22:24 GMT

GET
H2 200 SukhumvitReg.woff2
s.isanook.com/sr/0/fonts/sukhumvit/ 31 KB
31 KB 39ms
9ms Font
application/octet-stream 43.132.81.184
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to

Full URL: https://s.isanook.com/sr/0/fonts/sukhumvit/SukhumvitReg.woff2
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/horoscope/73929/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 43.132.81.184 , Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: Lego Server /
Resource Hash: 65d92e36ac9a058f660398ed713dda9b407854b01e659fe29508f8548f9eb479

Request headers

Referer: https://www.sanook.com/
Origin: https://www.sanook.com
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 16 Feb 2023 10:49:19 GMT
content-encoding: gzip
x-cache-lookup: Cache Hit
last-modified: Thu, 16 Feb 2023 04:38:55 GMT
server: Lego Server
age: 0
etag: W/"63edb35f-7a90"
vary: Accept-Encoding
content-type: text/plain
access-control-allow-origin: *
cache-control: public, max-age=2592000
x-nws-log-uuid: 473420398627894546
accept-ranges: bytes
content-length: 31404
expires: Sat, 18 Mar 2023 10:49:19 GMT

GET
H2 200 prompt-regular-webfont.woff2
s.isanook.com/sr/0/fonts/prompt/ 50 KB
51 KB 38ms
9ms Font
application/octet-stream 43.132.81.184
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to

Full URL: https://s.isanook.com/sr/0/fonts/prompt/prompt-regular-webfont.woff2
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/horoscope/73929/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 43.132.81.184 , Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: Lego Server /
Resource Hash: 8756f19020bac3a40d2a403c5f5bcf3ac5034bc0da074d6a383bbe6c32561de5

Request headers

Referer: https://www.sanook.com/
Origin: https://www.sanook.com
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 16 Feb 2023 07:22:25 GMT
content-encoding: gzip
x-cache-lookup: Cache Hit
last-modified: Thu, 16 Feb 2023 04:38:54 GMT
server: Lego Server
age: 0
etag: W/"63edb35e-c8dc"
vary: Accept-Encoding
content-type: text/plain
access-control-allow-origin: *
cache-control: public, max-age=2592000
x-nws-log-uuid: 3818594358495912966
accept-ranges: bytes
content-length: 51458
expires: Sat, 18 Mar 2023 07:22:25 GMT

GET
H2 200 prompt-bold-webfont.woff2
s.isanook.com/sr/0/fonts/prompt/ 52 KB
52 KB 46ms
16ms Font
font/woff2 43.132.81.184
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to

Full URL: https://s.isanook.com/sr/0/fonts/prompt/prompt-bold-webfont.woff2
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/horoscope/73929/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 43.132.81.184 , Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: Lego Server /
Resource Hash: d68c3ead837103c502de483abfdb0167fa83abe2a3ba452df2d5f216289f6c9f

Request headers

Referer: https://www.sanook.com/
Origin: https://www.sanook.com
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 16 Feb 2023 07:22:25 GMT
x-cache-lookup: Cache Hit
last-modified: Thu, 16 Feb 2023 04:38:54 GMT
server: Lego Server
age: 0
etag: "63edb35e-cf40"
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=2592000
x-nws-log-uuid: 2137799309786843161
accept-ranges: bytes
content-length: 53056
expires: Sat, 18 Mar 2023 07:22:25 GMT

GET
H2 200 prompt-semibold-webfont.woff2
s.isanook.com/sr/0/fonts/prompt/ 50 KB
50 KB 40ms
13ms Font
font/woff2 43.132.81.184
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to

Full URL: https://s.isanook.com/sr/0/fonts/prompt/prompt-semibold-webfont.woff2
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/horoscope/73929/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 43.132.81.184 , Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: Lego Server /
Resource Hash: 211ce11050c57b74d7f793232305a8ee5cea7f061366efaa6df4bff5cb7a2495

Request headers

Referer: https://www.sanook.com/
Origin: https://www.sanook.com
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 16 Feb 2023 07:22:25 GMT
x-cache-lookup: Cache Hit
last-modified: Thu, 16 Feb 2023 04:38:54 GMT
server: Lego Server
age: 0
etag: "63edb35e-c930"
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=2592000
x-nws-log-uuid: 9977152180427556198
accept-ranges: bytes
content-length: 51504
expires: Sat, 18 Mar 2023 07:22:25 GMT

GET
H2 200 SukhumvitBold.woff2
s.isanook.com/sr/0/fonts/sukhumvit/ 31 KB
32 KB 35ms
7ms Font
font/woff2 43.132.81.184
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to

Full URL: https://s.isanook.com/sr/0/fonts/sukhumvit/SukhumvitBold.woff2
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/horoscope/73929/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 43.132.81.184 , Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: Lego Server /
Resource Hash: ac0d14d8b4a66299b3a84068fc5447d86121c033e665a51bbd3fb23938e00d3f

Request headers

Referer: https://www.sanook.com/
Origin: https://www.sanook.com
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 16 Feb 2023 02:56:09 GMT
x-cache-lookup: Cache Hit
last-modified: Wed, 15 Feb 2023 07:14:10 GMT
server: Lego Server
age: 15975
etag: "63ec8642-7df4"
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=2592000
x-nws-log-uuid: 18416630379985470700
accept-ranges: bytes
content-length: 32244
expires: Sat, 18 Mar 2023 02:56:09 GMT

GET
H2 200 beacon.js Show response
sb.scorecardresearch.com/ 4 KB
2 KB 86ms
4ms Script
application/javascript 13.33.88.81
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/beacon.js
Requested by: Host: p3.isanook.com
URL: https://p3.isanook.com/sh/0/js/beacon.v1.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.33.88.81 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-33-88-81.sin2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ee54b51af15f1f68f707da981f3c135c249a25e9293871e1e0cbd2c24c7b6117

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sat, 18 Feb 2023 19:59:56 GMT
content-encoding: gzip
via: 1.1 9f7a987f61c1e9f7d25cd5462f22a14a.cloudfront.net (CloudFront)
last-modified: Tue, 28 Jun 2022 13:19:23 GMT
server: AmazonS3
x-amz-cf-pop: SIN2-P2
age: 81031
x-amz-server-side-encryption: AES256
etag: W/"eaf85c1c6758e84acfe134efd70e9373"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=86400
x-amz-cf-id: aRe3uUtoygqfn3b64VNZ8aN-kIgft9G4VJDTM3O8VSbxGl7YZj_fZA==

GET
H2 200 oppa.js Show response
p3.isanook.com/sh/0/js/ 537 B
551 B 4ms
3ms Script
application/javascript 43.132.80.30
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to

Full URL: https://p3.isanook.com/sh/0/js/oppa.js
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/horoscope/73929/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 43.132.80.30 , Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: Lego Server /
Resource Hash: 8d9ca9a070463bcbe29e90af7f3b2aff78adce09eb1481d5b261af72ef998f28

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sun, 19 Feb 2023 18:30:19 GMT
content-encoding: gzip
x-cache-lookup: Cache Hit, Hit From Inner Cluster
last-modified: Wed, 17 May 2017 08:37:40 GMT
server: Lego Server
etag: "591c0bd4-219"
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000, s-maxage=10
x-nws-log-uuid: 1140675480680362169
accept-ranges: bytes
content-length: 363

GET
H2 200 db04b7e80825ebbe7211052ca9638d056f74acc8-1.11.0.js Show response
s.isanook.com/sr/0/js/izooto/ 209 KB
54 KB 4ms
4ms Script
application/javascript 43.132.81.184
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to

Full URL: https://s.isanook.com/sr/0/js/izooto/db04b7e80825ebbe7211052ca9638d056f74acc8-1.11.0.js
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/horoscope/73929/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 43.132.81.184 , Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: Lego Server /
Resource Hash: 04739cdd0a9f88f3ceac9851166b8376d4d10cc38cff7f92edc30d5e298d11b1

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 16 Feb 2023 09:28:51 GMT
content-encoding: gzip
x-cache-lookup: Cache Hit
last-modified: Thu, 16 Feb 2023 04:39:19 GMT
server: Lego Server
age: 0
etag: W/"63edb377-34574"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000, s-maxage=10
x-nws-log-uuid: 14381753960414215967
accept-ranges: bytes
content-length: 55174
expires: Sat, 18 Mar 2023 09:28:51 GMT

GET
H2 200 pwt.js Show response
ads.pubmatic.com/AdServer/js/pwt/155976/781/ 2 MB
243 KB 17ms
4ms Script
application/javascript 104.65.228.208
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js
Requested by: Host: s.isanook.com
URL: https://s.isanook.com/sh/0/js/pubmatic_desktop.1.0.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.65.228.208 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-65-228-208.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 03f954ef72361bc3428332f072bc02300b970823ece1209773c51e9519bfcd90

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sun, 19 Feb 2023 18:30:19 GMT
content-encoding: gzip
last-modified: Thu, 09 Feb 2023 08:11:34 GMT
server: Apache
vary: Accept-Encoding
content-type: application/javascript
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: max-age=49459
accept-ranges: bytes
content-length: 247767
expires: Mon, 20 Feb 2023 08:14:38 GMT

GET
H2 200 1721.746d3b3ba098fce194ce.js Show response
s.isanook.com/sr/0/_next/static/chunks/ 6 KB
2 KB 3ms
3ms Script
application/javascript 43.132.81.184
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to

Full URL: https://s.isanook.com/sr/0/_next/static/chunks/1721.746d3b3ba098fce194ce.js
Requested by: Host: s.isanook.com
URL: https://s.isanook.com/sr/0/_next/static/chunks/webpack-edc13bdae358b1494d8e.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 43.132.81.184 , Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: Lego Server /
Resource Hash: e95e27fe43272620b86647bc34a5e99608eac3cda2a6c8bf95221b11ee0a8b0c

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 16 Feb 2023 07:22:27 GMT
content-encoding: gzip
x-cache-lookup: Cache Hit
x-original-content-length: 6266
server: Lego Server
age: 923016
etag: W/"63dcc909-187a"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-nws-log-uuid: 17742418840957886950
accept-ranges: bytes
content-length: 2116
expires: Tue, 07 Mar 2023 13:43:57 GMT

GET
H2 200 2481.dcf19fe8839f8737d536.js Show response
s.isanook.com/sr/0/_next/static/chunks/ 4 KB
2 KB 3ms
2ms Script
application/javascript 43.132.81.184
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to

Full URL: https://s.isanook.com/sr/0/_next/static/chunks/2481.dcf19fe8839f8737d536.js
Requested by: Host: s.isanook.com
URL: https://s.isanook.com/sr/0/_next/static/chunks/webpack-edc13bdae358b1494d8e.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 43.132.81.184 , Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: Lego Server /
Resource Hash: 0a55a803103fd73c135ad66d1a8b9aa2a7a7bb0054618b70a9c0d46c87a59371

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 16 Feb 2023 07:22:27 GMT
content-encoding: gzip
x-cache-lookup: Cache Hit
x-original-content-length: 3810
server: Lego Server
age: 257
etag: W/"63edb359-ee2"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-nws-log-uuid: 12117367039466630011
accept-ranges: bytes
content-length: 1425
expires: Sat, 18 Mar 2023 05:30:27 GMT

GET
H2 200 950.268be4686f34540c2906.js Show response
s.isanook.com/sr/0/_next/static/chunks/ 97 KB
20 KB 18ms
18ms Script
application/javascript 43.132.81.184
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to

Full URL: https://s.isanook.com/sr/0/_next/static/chunks/950.268be4686f34540c2906.js
Requested by: Host: s.isanook.com
URL: https://s.isanook.com/sr/0/_next/static/chunks/webpack-edc13bdae358b1494d8e.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 43.132.81.184 , Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: Lego Server /
Resource Hash: 9e06da0bcecb5c3543ff295850c81e14dc9e0b6e28cccf39dae72e88c2ae1a2d

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 16 Feb 2023 07:22:27 GMT
content-encoding: gzip
x-cache-lookup: Cache Hit
last-modified: Thu, 09 Feb 2023 03:19:14 GMT
server: Lego Server
age: 618861
etag: W/"63e46632-18451"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000
x-nws-log-uuid: 10519245661221893575
accept-ranges: bytes
content-length: 20211
expires: Sat, 11 Mar 2023 03:28:07 GMT

GET
H2 200 2437.9e6c8584339c5949c677.js Show response
s.isanook.com/sr/0/_next/static/chunks/ 1 KB
1012 B 3ms
2ms Script
application/javascript 43.132.81.184
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to

Full URL: https://s.isanook.com/sr/0/_next/static/chunks/2437.9e6c8584339c5949c677.js
Requested by: Host: s.isanook.com
URL: https://s.isanook.com/sr/0/_next/static/chunks/webpack-edc13bdae358b1494d8e.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 43.132.81.184 , Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: Lego Server /
Resource Hash: 8f8559a1d533e1b9f28b7904b9328abf7defe554bb3cf4328d84e21ddf5764f2

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 16 Feb 2023 07:22:27 GMT
content-encoding: gzip
x-cache-lookup: Cache Hit
last-modified: Thu, 09 Feb 2023 03:19:14 GMT
server: Lego Server
age: 603397
etag: W/"63e46632-586"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000
x-nws-log-uuid: 14935758229210910813
accept-ranges: bytes
content-length: 791
expires: Sat, 11 Mar 2023 07:45:51 GMT

GET
H/1.1 200
OK set Show response
appx.sanook.com/counter/ 47 B
247 B 291ms
75ms Script
application/javascript 203.151.130.24
INET-TH-AS Intern...

General

Check archive.org

Show headers Download Go to

Full URL: https://appx.sanook.com/counter/set?site_name=horoscope&entry_id=73929&t=1676831419525&callback=jsonp_1676831419572_99402
Requested by: Host: s.isanook.com
URL: https://s.isanook.com/sr/0/_next/static/chunks/4618-3d771c0818823fd8f756.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 203.151.130.24 Samut Prakan, Thailand, ASN4618 (INET-TH-AS Internet Thailand Company Limited, TH),
Reverse DNS: 24.130.151.203.sta.inet.co.th
Software: nginx /
Resource Hash: ef62cc8e311db6e036fae6091ba981508de03f1cfa5def4230d5911f66a58966

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date: Sun, 19 Feb 2023 18:30:19 GMT
Cache-Control: s-maxage=10
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
Content-Type: application/javascript

GET
H2 200 responsive-voice-1.0.3.min.js Show response
s.isanook.com/sr/0/js/voice/ 90 KB
22 KB 4ms
3ms Script
application/javascript 43.132.81.184
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to

Full URL: https://s.isanook.com/sr/0/js/voice/responsive-voice-1.0.3.min.js
Requested by: Host: s.isanook.com
URL: https://s.isanook.com/sr/0/_next/static/chunks/pages/_app-0dcb0f848029a84e4847.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 43.132.81.184 , Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: Lego Server /
Resource Hash: 695e3e04c7d78887cbe74d3449f5c0a5e2ef92d173e6cbf8f692d3e028f4554d

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 16 Feb 2023 07:22:27 GMT
content-encoding: gzip
x-cache-lookup: Cache Hit
x-original-content-length: 92456
server: Lego Server
age: 1200078
etag: W/"63db6ca0-16928"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000
x-nws-log-uuid: 8023118313046378382
accept-ranges: bytes
content-length: 22234
expires: Sat, 04 Mar 2023 09:38:12 GMT

GET
H2 400 /
graph.facebook.com/ 202 B
0 215ms
202ms Fetch
application/json 2a03:2880:f00c:20d:face:b00c:0:2
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://graph.facebook.com/?id=https%3A%2F%2Fwww.sanook.com%2Fhoroscope%2F73929%2F

Requested by

Host: s.isanook.com
URL: https://s.isanook.com/sr/0/_next/static/chunks/3410-9fd10924631dd94a6d1c.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f00c:20d:face:b00c:0:2 , Singapore, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

strict-transport-security: max-age=15552000; preload
content-encoding: br
www-authenticate: OAuth "Facebook Platform" "invalid_request" "(#2) Service temporarily unavailable"
date: Sun, 19 Feb 2023 18:30:19 GMT
x-fb-rev: 1006984962
alt-svc: h3=":443"; ma=86400
content-length: 149
x-fb-rlafr: 0
pragma: no-cache
x-fb-debug: 3RWpwUvrLeyTbY859gFgpU6Ie900uDW2gp14BpeYnDyGeVaamB5CzX8tIKxvh1c9FIqYXHl3ERLhj1Hq+4pUTw==
x-fb-trace-id: ChQy5TudQHk
vary: Origin, Accept-Encoding
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
x-fb-request-id: AVVWMKgI_kUGrukQ24QXEGj
cache-control: no-store
facebook-api-version: v9.0
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 sdk.js Show response
connect.facebook.net/en_US/ 3 KB
2 KB 4ms
3ms Script
application/x-javascript 2a03:2880:f00c:300:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js

Requested by

Host: s.isanook.com
URL: https://s.isanook.com/sr/0/_next/static/chunks/4618-3d771c0818823fd8f756.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f00c:300:face:b00c:0:3 , Singapore, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

87457a044837af6b1f22d2a2f9b699132ff59b05a0a772a374e65d1d04108d70

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Sun, 19 Feb 2023 18:30:19 GMT
content-md5: uXS+z85lZ7vGp0s6VBZdzg==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 1686
x-fb-rlafr: 0
x-fb-debug: y4Zv0XFH8eKRFZGuFdQoyDMY89HryOh2VjKHmLjYiSG0oV2AWvSlljWSe1Q7JMO+8HV4jZKKzXU/k7ZPgsBq3w==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-content-md5: c33c39866420a0c2ed8703bc374727b4
cross-origin-opener-policy: same-origin-allow-popups
etag: "ea25dd34dbd36cd17dd330a5a9b55fdc"
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
x-frame-options: DENY
timing-allow-origin: *
priority: u=3,i
expires: Sun, 19 Feb 2023 18:46:06 GMT

GET
H2 200 hub.html Show response
p3.isanook.com/jo/0/mu/evt/_cross_storage/ex/ Frame 50E0 236 B
386 B 60ms
60ms Document
text/html 43.132.80.30
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to

Full URL: https://p3.isanook.com/jo/0/mu/evt/_cross_storage/ex/hub.html
Requested by: Host: s.isanook.com
URL: https://s.isanook.com/sr/0/_next/static/chunks/pages/_app-0dcb0f848029a84e4847.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 43.132.80.30 , Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: Lego Server /
Resource Hash: 076d24cbdcf9e0597833fef55d3dca79e6b5fd281e45d85957bea5925473bc6c

Request headers

Referer: https://www.sanook.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

accept-ranges: bytes
age: 495
cache-control: no-cache, max-age=0
content-encoding: gzip
content-length: 192
content-type: text/html
date: Sun, 19 Feb 2023 18:22:04 GMT
server: Lego Server
vary: Accept-Encoding
x-cache-lookup: Cache Miss Hit From Inner Cluster
x-nws-log-uuid: 8761529297773823531
x-page-speed: 1.13.35.2-0

GET
H2 200 loader.js Show response
cdn.taboola.com/libtrc/sanook/ 641 KB
59 KB 15ms
4ms Script
application/javascript 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/sanook/loader.js
Requested by: Host: s.isanook.com
URL: https://s.isanook.com/sr/0/_next/static/chunks/2995-71ba132be664ea70ff78.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 6c8ee7ca84b95afc26e66a6933136308ab2f52ff63cdcb91c98c4deb95256321

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

x-amz-version-id: bTIzJvLp8WEEHmvpHNDecr9lO_70WEMY
content-encoding: gzip
via: 1.1 varnish
date: Sun, 19 Feb 2023 18:30:19 GMT
x-amz-request-id: WWQNT5QQXNAE75R7
age: 7387
x-cache: HIT
x-from-cache: 1
x-envoy-upstream-service-time: 12
x-amz-replication-status: FAILED
content-length: 59729
x-amz-id-2: rh/5PDWGAFUCs0DejWWYXuEAgpE65lr/u5l/zhbuv3+OVzkAwUR6QCw7WHOqnbmitxe1PRUwqK8=
x-served-by: cache-qpg1249-QPG
last-modified: Sun, 19 Feb 2023 13:23:14 UTC
server: nginx
x-timer: S1676831420.632191,VS0,VE1
etag: "77e92c06f43cffca288c1376660ed4e32fd4e3f2"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
abp: 10
cache-control: private,max-age=14400
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 abbreviationv2.min.json Show response
s.isanook.com/sr/0/textToSpeech/ 14 KB
3 KB 3ms
3ms XHR
application/json 43.132.81.184
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to

Full URL: https://s.isanook.com/sr/0/textToSpeech/abbreviationv2.min.json?t=19022023
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/horoscope/73929/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 43.132.81.184 , Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: Lego Server /
Resource Hash: 964b656289b3bc187440e3556d72226c8f364bdc257acb0b3a99956ad013b60a

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.sanook.com/
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Mon, 13 Feb 2023 06:51:39 GMT
content-encoding: gzip
x-cache-lookup: Cache Hit
last-modified: Mon, 13 Feb 2023 02:09:54 GMT
server: Lego Server
age: 0
etag: "63e99bf2-38e8"
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=2592000, s-maxage=10
x-nws-log-uuid: 4054097697979640546
accept-ranges: bytes
content-length: 2550
expires: Wed, 15 Mar 2023 06:51:39 GMT

GET
H2 200 cookiepolicy.png
s.isanook.com/sr/0/images/ 17 KB
17 KB 4ms
3ms Image
image/png 43.132.81.184
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.isanook.com/sr/0/images/cookiepolicy.png
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/horoscope/73929/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 43.132.81.184 , Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: Lego Server /
Resource Hash: d57aeaf80265f0b85de1bf9798c3eb60e8b8a71869a16cea4873e21667c9f657

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 16 Feb 2023 07:22:30 GMT
x-cache-lookup: Cache Hit
last-modified: Thu, 16 Feb 2023 04:39:01 GMT
server: Lego Server
age: 0
etag: "63edb365-428b"
content-type: image/png
x-nws-log-uuid: 3336597137816909278
accept-ranges: bytes
content-length: 17035

GET
H/1.1 200
OK sanook_trend Show response
sloth-api.sanook.com/api/ 671 B
1 KB 247ms
33ms XHR
application/json 203.151.130.72
INET-TH-AS Intern...

General

Check archive.org

Show headers Download Go to

Full URL: https://sloth-api.sanook.com/api/sanook_trend?channel=horoscope&t=465786
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/horoscope/73929/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 203.151.130.72 Samut Prakan, Thailand, ASN4618 (INET-TH-AS Internet Thailand Company Limited, TH),
Reverse DNS: 72.130.151.203.sta.inet.co.th
Software: nginx / Express
Resource Hash: 3dac891cba198eab73846f185555ac2c4901f19b416979787f811094fcc094ad

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.sanook.com/
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

X-Response-Time: 2.701ms
Date: Sun, 19 Feb 2023 18:30:19 GMT
Server: nginx
X-Powered-By: Express
ETag: W/"29f-HsVGk9doU8ucACzxDBvbroIiswU"
Vary: Accept-Encoding
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=2592000
Connection: keep-alive
Content-Length: 671
Expires: Tue, 21 Mar 2023 18:30:19 GMT

GET
H2 200 logo-sanook-app02.svg
s.isanook.com/sr/0/images/icon/ 6 KB
2 KB 4ms
3ms Image
image/svg+xml 43.132.81.184
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.isanook.com/sr/0/images/icon/logo-sanook-app02.svg
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/horoscope/73929/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 43.132.81.184 , Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: Lego Server /
Resource Hash: 4d59a5633f0c0824633eb8631d3219b6893ab33de44b2f7989f7828bc599e9e9

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 16 Feb 2023 07:22:27 GMT
content-encoding: gzip
x-cache-lookup: Cache Hit
last-modified: Thu, 16 Feb 2023 04:39:02 GMT
server: Lego Server
age: 0
etag: W/"63edb366-183b"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=2592000
x-nws-log-uuid: 15656817448715809714
accept-ranges: bytes
content-length: 2091
expires: Sat, 18 Mar 2023 07:22:27 GMT

GET
H2 200 ico-ios.svg
s.isanook.com/sr/0/images/icon/ 3 KB
1 KB 4ms
4ms Image
image/svg+xml 43.132.81.184
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.isanook.com/sr/0/images/icon/ico-ios.svg
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/horoscope/73929/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 43.132.81.184 , Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: Lego Server /
Resource Hash: 734b814220ae9a3d44b59d48528f68672c9e17be6857b1dfacb6f18a37fd172b

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 16 Feb 2023 07:22:27 GMT
content-encoding: gzip
x-cache-lookup: Cache Hit
last-modified: Thu, 16 Feb 2023 04:39:02 GMT
server: Lego Server
age: 0
etag: W/"63edb366-b27"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=2592000
x-nws-log-uuid: 674697265867214507
accept-ranges: bytes
content-length: 982
expires: Sat, 18 Mar 2023 07:22:27 GMT

GET
H2 200 ico-android.svg
s.isanook.com/sr/0/images/icon/ 5 KB
2 KB 5ms
4ms Image
image/svg+xml 43.132.81.184
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.isanook.com/sr/0/images/icon/ico-android.svg
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/horoscope/73929/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 43.132.81.184 , Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: Lego Server /
Resource Hash: 13c6f1aeadd5d8c5f426b3658373db80484f412addc0070139bb11ec99f7435a

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 16 Feb 2023 07:22:27 GMT
content-encoding: gzip
x-cache-lookup: Cache Hit
last-modified: Thu, 16 Feb 2023 04:39:02 GMT
server: Lego Server
age: 0
etag: W/"63edb366-12a2"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=2592000
x-nws-log-uuid: 9991889030962086104
accept-ranges: bytes
content-length: 1400
expires: Sat, 18 Mar 2023 07:22:27 GMT

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame 0ABA 15 KB
6 KB 13ms
4ms Document
text/html 2406:2600:7:100::9
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.sanook.com

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2406:2600:7:100::9 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

Kestrel /

Resource Hash

b09a581bc29f4bdbe66bef5c69b90cc1a003e849e2f7706f47a9f0c5f5a6860e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://www.sanook.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sun, 19 Feb 2023 18:30:19 GMT
server: Kestrel
server-processing-duration-in-ticks: 328640
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 14ms
4ms Image
text/plain 2a03:2880:f10c:381:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1489944661112333&ev=PageView&dl=https%3A%2F%2Fwww.sanook.com%2Fhoroscope%2F73929%2F&rl=&if=false&ts=1676831419724&sw=1600&sh=1200&v=2.9.96&r=stable&ec=0&o=30&cs_est=true&fbp=fb.1.1676831419723.305594148&it=1676831419007&coo=false&rqm=GET

Requested by

Host: www.sanook.com
URL: https://www.sanook.com/horoscope/73929/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f10c:381:face:b00c:0:25de , Singapore, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Sun, 19 Feb 2023 18:30:19 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 goggen.php
lvs2.truehits.in.th/ 91 B
292 B 30ms
29ms Image
image/jpeg 203.154.58.214
INET-TH-AS Intern...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lvs2.truehits.in.th/goggen.php?hc=d0004449&bv=0&rf=bookmark&web=dkh9CMJwbaDG3FxX4MSlxg%3D%3D&bn=Netscape&ss=1600*1200&sc=24&sv=1.3&ck=y&ja=n&vt=83E8F0A8.1&fp=d&fv=-&truehitspage=sanook.horoscope.entry&truehitsurl=https%3a//www.sanook.com/horoscope/73929/&async=1
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/horoscope/73929/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 203.154.58.214 , Thailand, ASN4618 (INET-TH-AS Internet Thailand Company Limited, TH),
Reverse DNS: 203-154-58-214.northern.inet.co.th
Software: nginx/1.23.3 /
Resource Hash: 44a8550a5891e70e072fe307ff01f77c94c89a120117c7aaa82e5e9ac2860436

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

content-type: image/jpeg
pragma: no-cache
date: Sun, 19 Feb 2023 18:30:19 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
server: nginx/1.23.3
p3p: CP=NOI DSP COR NID ADMa OUR IND NAV; policyref="/w3c/p3p.xml"

GET
H/1.1 200
OK c
sal.isanook.com/sa/ 35 B
355 B 31ms
31ms Image
image/gif 61.91.94.165
TRUEINTERNET-AS-A...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sal.isanook.com/sa/c?v=1&_v=j41&a=1045101349&t=pageview&_s=1&dl=https%3A%2F%2Fwww.sanook.com%2Fhoroscope%2F73929%2F&dp=%2Fhoroscope%2F73929%2F&ul=en-us&de=UTF-8&dt=%E0%B8%94%E0%B8%AD%E0%B8%81%E0%B9%84%E0%B8%A1%E0%B9%89%E0%B8%9B%E0%B8%A3%E0%B8%B0%E0%B8%88%E0%B8%B3%2012%20%E0%B8%A3%E0%B8%B2%E0%B8%A8%E0%B8%B5%20%E0%B8%84%E0%B8%A7%E0%B8%B2%E0%B8%A1%E0%B8%AB%E0%B8%A1%E0%B8%B2%E0%B8%A2%E0%B8%82%E0%B8%AD%E0%B8%87%E0%B8%94%E0%B8%AD%E0%B8%81%E0%B9%84%E0%B8%A1%E0%B9%89%E0%B8%A1%E0%B8%87%E0%B8%84%E0%B8%A5%E0%B9%83%E0%B8%99%E0%B8%9B%E0%B8%A3%E0%B8%B0%E0%B9%80%E0%B8%97%E0%B8%A8%E0%B9%84%E0%B8%97%E0%B8%A2&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=QAAAAAABC~&cid=988410274.1676831420&tid=SA-8147095-6&cd4=0&cd8=b&z=1913139036
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/horoscope/73929/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 61.91.94.165 Nonthaburi, Thailand, ASN7470 (TRUEINTERNET-AS-AP TRUE INTERNET Co.,Ltd., TH),
Reverse DNS: 61-91-94-165.static.asianet.co.th
Software: nginx /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
Date: Sun, 19 Feb 2023 18:30:19 GMT
Server: nginx
Vary: Accept-Encoding
Content-Type: image/gif
Cache-Control: no-cache, no-cache, no-store, must-revalidate
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 35
Expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H2 200 hub.js Show response
p3.isanook.com/jo/0/mu/evt/_cross_storage/lib/ Frame 50E0 8 KB
3 KB 9ms
9ms Script
application/javascript 43.132.80.30
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to

Full URL: https://p3.isanook.com/jo/0/mu/evt/_cross_storage/lib/hub.js
Requested by: Host: p3.isanook.com
URL: https://p3.isanook.com/jo/0/mu/evt/_cross_storage/ex/hub.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 43.132.80.30 , Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: Lego Server /
Resource Hash: 852b86933d326a3c493f7f57ea4f3933167223b7bdfd37f3ee82523be4cd731e

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://p3.isanook.com/jo/0/mu/evt/_cross_storage/ex/hub.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sun, 19 Feb 2023 18:30:19 GMT
content-encoding: gzip
x-cache-lookup: Cache Hit, Hit From Inner Cluster
last-modified: Fri, 18 Nov 2016 04:14:33 GMT
server: Lego Server
etag: "582e8029-1e6a"
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000
x-nws-log-uuid: 1279075986276134167
accept-ranges: bytes
content-length: 2483

GET
H2 200 optimize.js Show response
www.googleoptimize.com/ 115 KB
45 KB 20ms
6ms Script
application/javascript 2404:6800:4003:c00::66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleoptimize.com/optimize.js?id=GTM-NBRLWV4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PNXLXRS

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c00::66 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

efa139fef841237c2a9ba7ca16a996fc34d43c9a67b498fe2b61de2c78f79055

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sun, 19 Feb 2023 18:30:19 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 45626
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sun, 19 Feb 2023 18:30:19 GMT

GET
H2 200 / Show response
www.googleadservices.com/pagead/conversion/1007499765/ 2 KB
2 KB 27ms
8ms Script
text/javascript 74.125.200.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion/1007499765/?random=1676831419848&cv=11&fst=1676831419848&bg=ffffff&guid=ON&async=1&gtm=45He32f0&u_w=1600&u_h=1200&label=JxFSCKqXqfMBEPXztOAD&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fwww.sanook.com%2Fhoroscope%2F73929%2F&tiba=%E0%B8%94%E0%B8%AD%E0%B8%81%E0%B9%84%E0%B8%A1%E0%B9%89%E0%B8%9B%E0%B8%A3%E0%B8%B0%E0%B8%88%E0%B8%B3%2012%20%E0%B8%A3%E0%B8%B2%E0%B8%A8%E0%B8%B5%20%E0%B8%84%E0%B8%A7%E0%B8%B2%E0%B8%A1%E0%B8%AB%E0%B8%A1%E0%B8%B2%E0%B8%A2%E0%B8%82%E0%B8%AD%E0%B8%87%E0%B8%94&value=0&bttype=purchase&auid=2123472593.1676831420&uamb=0&uaw=0&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PNXLXRS

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.200.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sa-in-f155.1e100.net

Software

cafe /

Resource Hash

fde613ee6ab59ba33b03ae2ba4223575771ff42241244da7134a5873c924f22d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 19 Feb 2023 18:30:19 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1321
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/408516141/ 2 KB
1 KB 74ms
54ms Script
text/javascript 2404:6800:4003:c03::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/408516141/?random=1676831419865&cv=11&fst=1676831419865&bg=ffffff&guid=ON&async=1&gtm=45He32f0&u_w=1600&u_h=1200&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fwww.sanook.com%2Fhoroscope%2F73929%2F&tiba=%E0%B8%94%E0%B8%AD%E0%B8%81%E0%B9%84%E0%B8%A1%E0%B9%89%E0%B8%9B%E0%B8%A3%E0%B8%B0%E0%B8%88%E0%B8%B3%2012%20%E0%B8%A3%E0%B8%B2%E0%B8%A8%E0%B8%B5%20%E0%B8%84%E0%B8%A7%E0%B8%B2%E0%B8%A1%E0%B8%AB%E0%B8%A1%E0%B8%B2%E0%B8%A2%E0%B8%82%E0%B8%AD%E0%B8%87%E0%B8%94&auid=2123472593.1676831420&uamb=0&uaw=0&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PNXLXRS

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c03::9a , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2063660c3bdeb370acfcd6445e0b0b07d6d2fbb4b60059ff967d30584a1ab416

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 19 Feb 2023 18:30:19 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 934
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

sid Show response
mug.criteo.com/ Frame 0ABA
Redirect Chain

https://gum.criteo.com/sid/json?origin=publishertag&domain=sanook.com&sn=ChromeSyncframe&so=0&topUrl=www.sanook.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0
https://mug.criteo.com/sid?cpp=XRm4Inw1VXlvNUxiR3IrYlFXaGxGMkE0aWUwN3E4RmlkYXZDZ0NtZm1BOUtpd0U2NjRXRlRTbDN3QkJiN2lvRitPeFBBSVN2UUFmeCtJbFhKWTBCWExZZ3lmMUJ0ejhaZzhGdHdYT2poam9GUVREcC93Z1phY2JzM0h3Zl...

433 B
666 B

199ms
6ms

Fetch
application/json

182.161.73.136
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=XRm4Inw1VXlvNUxiR3IrYlFXaGxGMkE0aWUwN3E4RmlkYXZDZ0NtZm1BOUtpd0U2NjRXRlRTbDN3QkJiN2lvRitPeFBBSVN2UUFmeCtJbFhKWTBCWExZZ3lmMUJ0ejhaZzhGdHdYT2poam9GUVREcC93Z1phY2JzM0h3ZlJBNTJLVXAvZFR6Zkd4Q3VQMk5xTGs2ZGJnRzNta0dwWUY0dmdRNDRWTktHTGl4Y25Fb1RHQk1GSTE5ZWliMkZ2UVNNMDNzQUUrTjdveG5iTEl6MXhRZjZWOGVxaWhrU21aUTB6d3ErQXhDOFNBTENvOVBNODNhMW9KWTZIWENlN0dWTkJ4NmNPRGg3ZWZLUG9iTG5MQ0MyNzVMWElkdz09fA&cppv=2

Requested by

Host: www.sanook.com
URL: https://www.sanook.com/horoscope/73929/

Protocol

Server

182.161.73.136 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

Kestrel /

Resource Hash

40ede4e5232259d8060c3f57afbd7acc197f85ec15ed86e4cb0a9176b2351a7c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 19 Feb 2023 18:30:20 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 2387108
expires: 0

Redirect headers

pragma: no-cache
date: Sun, 19 Feb 2023 18:30:19 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
location: https://mug.criteo.com/sid?cpp=XRm4Inw1VXlvNUxiR3IrYlFXaGxGMkE0aWUwN3E4RmlkYXZDZ0NtZm1BOUtpd0U2NjRXRlRTbDN3QkJiN2lvRitPeFBBSVN2UUFmeCtJbFhKWTBCWExZZ3lmMUJ0ejhaZzhGdHdYT2poam9GUVREcC93Z1phY2JzM0h3ZlJBNTJLVXAvZFR6Zkd4Q3VQMk5xTGs2ZGJnRzNta0dwWUY0dmdRNDRWTktHTGl4Y25Fb1RHQk1GSTE5ZWliMkZ2UVNNMDNzQUUrTjdveG5iTEl6MXhRZjZWOGVxaWhrU21aUTB6d3ErQXhDOFNBTENvOVBNODNhMW9KWTZIWENlN0dWTkJ4NmNPRGg3ZWZLUG9iTG5MQ0MyNzVMWElkdz09fA&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 338796
content-length: 0
expires: 0

GET
H2

204

b2
sb.scorecardresearch.com/
Redirect Chain

https://sb.scorecardresearch.com/b?c1=2&c2=14617386&cs_it=b3&cv=3.8.0.210223&ns__t=1676831419905&ns_c=UTF-8&c7=https%3A%2F%2Fwww.sanook.com%2Fhoroscope%2F73929%2F&c8=%E0%B8%94%E0%B8%AD%E0%B8%81%E0%...
https://sb.scorecardresearch.com/b2?c1=2&c2=14617386&cs_it=b3&cv=3.8.0.210223&ns__t=1676831419905&ns_c=UTF-8&c7=https%3A%2F%2Fwww.sanook.com%2Fhoroscope%2F73929%2F&c8=%E0%B8%94%E0%B8%AD%E0%B8%81%E0...

0
190 B

315ms
310ms

Image
text/plain

13.33.88.81
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b2?c1=2&c2=14617386&cs_it=b3&cv=3.8.0.210223&ns__t=1676831419905&ns_c=UTF-8&c7=https%3A%2F%2Fwww.sanook.com%2Fhoroscope%2F73929%2F&c8=%E0%B8%94%E0%B8%AD%E0%B8%81%E0%B9%84%E0%B8%A1%E0%B9%89%E0%B8%9B%E0%B8%A3%E0%B8%B0%E0%B8%88%E0%B8%B3%2012%20%E0%B8%A3%E0%B8%B2%E0%B8%A8%E0%B8%B5%20%E0%B8%84%E0%B8%A7%E0%B8%B2%E0%B8%A1%E0%B8%AB%E0%B8%A1%E0%B8%B2%E0%B8%A2%E0%B8%82%E0%B8%AD%E0%B8%87%E0%B8%94%E0%B8%AD%E0%B8%81%E0%B9%84%E0%B8%A1%E0%B9%89%E0%B8%A1%E0%B8%87%E0%B8%84%E0%B8%A5%E0%B9%83%E0%B8%99%E0%B8%9B%E0%B8%A3%E0%B8%B0%E0%B9%80%E0%B8%97%E0%B8%A8%E0%B9%84%E0%B8%97%E0%B8%A2&c9=
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/horoscope/73929/
Protocol: H2
Server: 13.33.88.81 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-33-88-81.sin2.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sun, 19 Feb 2023 18:30:20 GMT
via: 1.1 9f7a987f61c1e9f7d25cd5462f22a14a.cloudfront.net (CloudFront)
x-amz-cf-pop: SIN2-P2
x-amz-cf-id: gfl_-8wTSmEkTx9dwulL0Mz_MCfn87pvFYR98ISEkZK-nrHTkwPwOw==
x-cache: Miss from cloudfront

Redirect headers

location: /b2?c1=2&c2=14617386&cs_it=b3&cv=3.8.0.210223&ns__t=1676831419905&ns_c=UTF-8&c7=https%3A%2F%2Fwww.sanook.com%2Fhoroscope%2F73929%2F&c8=%E0%B8%94%E0%B8%AD%E0%B8%81%E0%B9%84%E0%B8%A1%E0%B9%89%E0%B8%9B%E0%B8%A3%E0%B8%B0%E0%B8%88%E0%B8%B3%2012%20%E0%B8%A3%E0%B8%B2%E0%B8%A8%E0%B8%B5%20%E0%B8%84%E0%B8%A7%E0%B8%B2%E0%B8%A1%E0%B8%AB%E0%B8%A1%E0%B8%B2%E0%B8%A2%E0%B8%82%E0%B8%AD%E0%B8%87%E0%B8%94%E0%B8%AD%E0%B8%81%E0%B9%84%E0%B8%A1%E0%B9%89%E0%B8%A1%E0%B8%87%E0%B8%84%E0%B8%A5%E0%B9%83%E0%B8%99%E0%B8%9B%E0%B8%A3%E0%B8%B0%E0%B9%80%E0%B8%97%E0%B8%A8%E0%B9%84%E0%B8%97%E0%B8%A2&c9=
date: Sun, 19 Feb 2023 18:30:20 GMT
via: 1.1 9f7a987f61c1e9f7d25cd5462f22a14a.cloudfront.net (CloudFront)
x-amz-cf-pop: SIN2-P2
content-length: 0
x-amz-cf-id: 6546kaH1EX7udEkngrZ7GttMc9qFiqzjlGvpD2fbBcD8clfAT4yVAA==
x-cache: Miss from cloudfront

GET
H/1.1 200
OK container_57b51f2f1c51b15b6d1e8553.js Show response
avd.innity.net/225/ 8 KB
4 KB 31ms
3ms Script
application/javascript 104.70.97.166
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://avd.innity.net/225/container_57b51f2f1c51b15b6d1e8553.js
Requested by: Host: p3.isanook.com
URL: https://p3.isanook.com/sh/0/js/oppa.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 104.70.97.166 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-70-97-166.deploy.static.akamaitechnologies.com
Software: nginx/1.20.2 /
Resource Hash: 79e294a7071dc71eebe41f088919fd137441a80f5ba5bd2765b978726ec5ee9d

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date: Sun, 19 Feb 2023 18:30:19 GMT
Content-Encoding: gzip
Last-Modified: Fri, 28 Aug 2020 08:27:45 GMT
Server: nginx/1.20.2
ETag: "5f48c001-20eb-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: public, max-age=874052
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3217
Expires: Wed, 01 Mar 2023 21:17:51 GMT

GET
H2 200 iz_setcid.html Show response
cdn.izooto.com/scripts/sak/ Frame 9CD4 4 KB
1 KB 32ms
18ms Document
text/html 2606:4700::6812:d841
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.izooto.com/scripts/sak/iz_setcid.html?v=1

Requested by

Host: s.isanook.com
URL: https://s.isanook.com/sr/0/js/izooto/db04b7e80825ebbe7211052ca9638d056f74acc8-1.11.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:d841 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d1baf1e3c12564049e49e6a2f91ab528957fa12cb80c3dc0b113329a44d4216c

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.sanook.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

access-control-allow-origin: *
age: 1065710
cache-control: public, max-age=2678400
cf-cache-status: HIT
cf-ray: 79c112b69e4b8974-SIN
content-encoding: br
content-type: text/html
date: Sun, 19 Feb 2023 18:30:19 GMT
expires: Wed, 22 Mar 2023 18:30:19 GMT
last-modified: Tue, 07 Feb 2023 10:27:13 GMT
server: cloudflare
vary: Accept-Encoding
x-xss-protection: 1; mode=block

GET
H2 200 cover_sanook_horoscope(66).jpg
s.isanook.com/ho/0/ud/48/244549/ 4 KB
4 KB 5ms
4ms Image
image/webp 43.132.81.184
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.isanook.com/ho/0/ud/48/244549/cover_sanook_horoscope(66).jpg?ip/crop/w140h85/q80/webp

Requested by

Host: www.sanook.com
URL: https://www.sanook.com/horoscope/73929/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

43.132.81.184 , Singapore, ASN139341 (ACE-AS-AP ACE, SG),

Reverse DNS

Software

Lego Server /

Resource Hash

442a86c02c0a7801b86a0a994f4ff4240865e3c188d251a5d26ae48af4f73a07

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains;

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sun, 05 Feb 2023 06:32:09 GMT
strict-transport-security: max-age=15724800; includeSubDomains;
x-cache-lookup: Cache Hit
server: Lego Server
age: 0
content-type: image/webp
x-nws-log-uuid: 17770763899952978564
accept-ranges: bytes
content-length: 3900

GET
H2 200 1_cover_sanook_horoscope(78).jpg
s.isanook.com/ho/0/ud/49/246801/ 4 KB
4 KB 5ms
4ms Image
image/webp 43.132.81.184
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.isanook.com/ho/0/ud/49/246801/1_cover_sanook_horoscope(78).jpg?ip/crop/w140h85/q80/webp

Requested by

Host: www.sanook.com
URL: https://www.sanook.com/horoscope/73929/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

43.132.81.184 , Singapore, ASN139341 (ACE-AS-AP ACE, SG),

Reverse DNS

Software

Lego Server /

Resource Hash

6f2750a2150694ab469f2851d0bf0176f7145e321473894093fe67f8e79b20ec

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains;

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sat, 11 Feb 2023 02:45:30 GMT
strict-transport-security: max-age=15724800; includeSubDomains;
x-cache-lookup: Cache Hit
server: Lego Server
age: 0
content-type: image/webp
x-nws-log-uuid: 13713381036142399386
accept-ranges: bytes
content-length: 3622

GET
H2 200 sanook_thumbnail_1200x720(19.jpg
s.isanook.com/ho/0/ud/44/222761/ 3 KB
3 KB 9ms
8ms Image
image/webp 43.132.81.184
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.isanook.com/ho/0/ud/44/222761/sanook_thumbnail_1200x720(19.jpg?ip/crop/w140h85/q80/webp

Requested by

Host: www.sanook.com
URL: https://www.sanook.com/horoscope/73929/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

43.132.81.184 , Singapore, ASN139341 (ACE-AS-AP ACE, SG),

Reverse DNS

Software

Lego Server /

Resource Hash

5750b096f6f5c1df1a3cd39efa01565d3740490a1cdea19f957989e5a604633d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains;

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 09 Feb 2023 14:32:03 GMT
strict-transport-security: max-age=15724800; includeSubDomains;
x-cache-lookup: Cache Hit
server: Lego Server
age: 0
content-type: image/webp
x-nws-log-uuid: 1421050504441494714
accept-ranges: bytes
content-length: 3426

GET
H3 200 sdk.js Show response
connect.facebook.net/en_US/ 306 KB
86 KB 14ms
5ms Script
application/x-javascript 2a03:2880:f00c:300:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js?hash=615fc7ab64b1375d18d86b10c9bef54e

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f00c:300:face:b00c:0:3 , Singapore, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

9022e99c009d556ab38c906996b36d4b0d0a1b61991e64e42d0643334bb17603

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.sanook.com/
Origin: https://www.sanook.com
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Sun, 19 Feb 2023 18:30:19 GMT
content-md5: /LUp/BIMVfn96o43o+Nv8g==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 88487
x-fb-rlafr: 0
x-fb-debug: OsoAyvw3XGQLTdaTvvTT79LKz5qWroBBoSUlQCOhuh4KyDhYullz81AyTBT6Yq3PK5ALKiXFsBo1eG/QVui9sw==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-content-md5: 897604c3406f1c8a73ad5f6420bb539b
cross-origin-opener-policy: same-origin-allow-popups
etag: "67d16cdb781bc55d65dd86cb4c26b381"
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
x-frame-options: DENY
timing-allow-origin: *
priority: u=3,i
expires: Mon, 19 Feb 2024 15:16:29 GMT

GET
H2 200 speech.gif
s.isanook.com/sr/0/images/icon/ 2 KB
2 KB 7ms
2ms Image
image/gif 43.132.81.184
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.isanook.com/sr/0/images/icon/speech.gif
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/horoscope/73929/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 43.132.81.184 , Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: Lego Server /
Resource Hash: 458f47c8d4e71d58a27ff10bd155f9f77a2f630cba8d0479f5810cb74bd8596b

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 16 Feb 2023 07:21:59 GMT
x-cache-lookup: Cache Hit
server: Lego Server
age: 0
etag: "63edb366-60d"
content-type: image/gif
x-nws-log-uuid: 7381572858931126223
accept-ranges: bytes
content-length: 1549
expires: Thu, 16 Feb 2023 07:26:59 GMT

GET
H2 200 load.js Show response
widget.perfectmarket.com/sanook/ 4 KB
2 KB 30ms
13ms Script
application/javascript 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://widget.perfectmarket.com/sanook/load.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/sanook/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e7ee4f41b39dfed3411ad9f0b8055fc197bc1256584ccb79590393a29de97793

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

x-amz-version-id: eUbOVDcouU8H_.y5ft_onJEawQ169roK
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
date: Sun, 19 Feb 2023 18:30:20 GMT
x-amz-request-id: AVK825NFP0FBAVXK
age: 199
x-cache: HIT, HIT
content-length: 1318
x-amz-id-2: dx1Tz9Vou/vANtlMrgBwWiQKQ8kigXMWrwfWpBk4X+Zt3nyHjfEyGt8D/5QFKQjyJJx3MbPXtAA=
x-served-by: cache-bur-kbur8200164-BUR, cache-qpg1271-QPG
last-modified: Fri, 23 Dec 2022 09:20:29 GMT
server: AmazonS3
x-timer: S1676831420.026647,VS0,VE1
etag: "37ffca2bcc6f66d91cc0754a6557e8a4"
vary: Accept-Encoding,,
content-type: application/javascript; charset=utf-8
cache-control: max-age=300
accept-ranges: bytes
x-cache-hits: 1, 1

GET
H2 200 impl.20230213-19_b7-PR-53447-DEV-119237-display-to-native-feed-desktop-rollout-e3e866e8b75.js Show response
cdn.taboola.com/libtrc/ 728 KB
152 KB 5ms
3ms Script
application/javascript 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/impl.20230213-19_b7-PR-53447-DEV-119237-display-to-native-feed-desktop-rollout-e3e866e8b75.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/sanook/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3-br /
Resource Hash: 47a72d958dc8510fa1df1510e7ab7c50420887875fc7b28a6662715df9330274

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

x-amz-version-id: qE2ysBN0jvwAKSqdIiEr4Qvl8ue8NjnT
content-encoding: br
via: 1.1 varnish
date: Sun, 19 Feb 2023 18:30:20 GMT
x-amz-request-id: B1Q6XENSSRXSDFH6
age: 17658
x-cache: HIT
content-length: 155336
x-amz-id-2: /iW2tKIHVNoB6OVJakYG/HZZEPqjMzO/+UQNypBTvD1aVofjjCfNUwWlazlqlfZrWmG4aXsjviw=
x-served-by: cache-qpg1249-QPG
last-modified: Wed, 15 Feb 2023 13:27:07 GMT
server: AmazonS3-br
x-timer: S1676831420.011740,VS0,VE0
etag: "bb25611bace30ee045fa3e25007047f4"
vary: Accept-Encoding
content-type: application/javascript
abp: 65
access-control-allow-origin: *
cache-control: private,max-age=14400
accept-ranges: bytes
x-cache-hits: 344

GET
H2 200 tr5
cdn.taboola.com/libtrc/ 3 B
79 B 10ms
9ms Image
text/html 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.taboola.com/libtrc/tr5?abgroup=display-desktop1_var
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/horoscope/73929/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Varnish /
Resource Hash

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

x-served-by: cache-qpg1249-QPG
date: Sun, 19 Feb 2023 18:30:20 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1676831420.011984,VS0,VE0
x-cache: HIT
content-type: text/html
access-control-allow-origin: *
cache-control: private,max-age=14400
accept-ranges: bytes
content-length: 3
retry-after: 0
x-cache-hits: 0

GET
H2

200

/
www.google.com.sg/pagead/1p-conversion/1007499765/
Redirect Chain

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1007499765/?random=194288330&cv=11&fst=1676831419848&bg=ffffff&guid=ON&async=1&gtm=45He32f0&u_w=1600&u_h=1200&label=JxFSCKqXqfMBEPXz...
https://www.google.com/pagead/1p-conversion/1007499765/?random=194288330&cv=11&fst=1676831419848&bg=ffffff&guid=ON&async=1&gtm=45He32f0&u_w=1600&u_h=1200&label=JxFSCKqXqfMBEPXztOAD&hn=www.googleads...
https://www.google.com.sg/pagead/1p-conversion/1007499765/?random=194288330&cv=11&fst=1676831419848&bg=ffffff&guid=ON&async=1&gtm=45He32f0&u_w=1600&u_h=1200&label=JxFSCKqXqfMBEPXztOAD&hn=www.google...

42 B
108 B

18ms
18ms

Image
image/gif

2404:6800:4003:c04::5e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com.sg/pagead/1p-conversion/1007499765/?random=194288330&cv=11&fst=1676831419848&bg=ffffff&guid=ON&async=1&gtm=45He32f0&u_w=1600&u_h=1200&label=JxFSCKqXqfMBEPXztOAD&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fwww.sanook.com%2Fhoroscope%2F73929%2F&tiba=%E0%B8%94%E0%B8%AD%E0%B8%81%E0%B9%84%E0%B8%A1%E0%B9%89%E0%B8%9B%E0%B8%A3%E0%B8%B0%E0%B8%88%E0%B8%B3%2012%20%E0%B8%A3%E0%B8%B2%E0%B8%A8%E0%B8%B5%20%E0%B8%84%E0%B8%A7%E0%B8%B2%E0%B8%A1%E0%B8%AB%E0%B8%A1%E0%B8%B2%E0%B8%A2%E0%B8%82%E0%B8%AD%E0%B8%87%E0%B8%94&value=0&auid=2123472593.1676831420&uamb=0&uaw=0&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek5DaEFJZ0s3SG53WVE3c0dieFkzZGxid2JFaVlBVGJwVnNlaVBZT3piZkR4MTJBN1BKbzFyWnNKQXJldkdnWTlSb2VEd3JjclVuY3MwYlEaWkNoRUlnSzdIbndZUTJwZnYwOS1NaFlTU0FSSXVBSWQwWmVxb2JoQmRGNS1DaE1jZl9UV1J2OWY1ay15TnJjazRyeU5RSFVfYm5CcElFMGZEajMtYnhBMGszUQ&is_vtc=1&ocp_id=u2ryY_WNNpiO9fwPhbao2AU&cid=CAQSKQDUE5ymzUqJpaFEg96Kuyf2DO4K_LVE-_jv0hatH1A7GheD9L3IGIWH&eitems=ChEIgK7HnwYQmJaD7dX39JPaARIdAOUsi1xNo75BqX6V0gQ34wE-vPjlEVrvn5QX04E&random=365403267&ipr=y&prhg=0

Requested by

Host: www.sanook.com
URL: https://www.sanook.com/horoscope/73929/

Protocol

Server

2404:6800:4003:c04::5e , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 19 Feb 2023 18:30:20 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 19 Feb 2023 18:30:20 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://www.google.com.sg/pagead/1p-conversion/1007499765/?random=194288330&cv=11&fst=1676831419848&bg=ffffff&guid=ON&async=1&gtm=45He32f0&u_w=1600&u_h=1200&label=JxFSCKqXqfMBEPXztOAD&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fwww.sanook.com%2Fhoroscope%2F73929%2F&tiba=%E0%B8%94%E0%B8%AD%E0%B8%81%E0%B9%84%E0%B8%A1%E0%B9%89%E0%B8%9B%E0%B8%A3%E0%B8%B0%E0%B8%88%E0%B8%B3%2012%20%E0%B8%A3%E0%B8%B2%E0%B8%A8%E0%B8%B5%20%E0%B8%84%E0%B8%A7%E0%B8%B2%E0%B8%A1%E0%B8%AB%E0%B8%A1%E0%B8%B2%E0%B8%A2%E0%B8%82%E0%B8%AD%E0%B8%87%E0%B8%94&value=0&auid=2123472593.1676831420&uamb=0&uaw=0&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek5DaEFJZ0s3SG53WVE3c0dieFkzZGxid2JFaVlBVGJwVnNlaVBZT3piZkR4MTJBN1BKbzFyWnNKQXJldkdnWTlSb2VEd3JjclVuY3MwYlEaWkNoRUlnSzdIbndZUTJwZnYwOS1NaFlTU0FSSXVBSWQwWmVxb2JoQmRGNS1DaE1jZl9UV1J2OWY1ay15TnJjazRyeU5RSFVfYm5CcElFMGZEajMtYnhBMGszUQ&is_vtc=1&ocp_id=u2ryY_WNNpiO9fwPhbao2AU&cid=CAQSKQDUE5ymzUqJpaFEg96Kuyf2DO4K_LVE-_jv0hatH1A7GheD9L3IGIWH&eitems=ChEIgK7HnwYQmJaD7dX39JPaARIdAOUsi1xNo75BqX6V0gQ34wE-vPjlEVrvn5QX04E&random=365403267&ipr=y&prhg=0
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 17ms
5ms Script
text/javascript 2404:6800:4003:c11::71
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PNXLXRS

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c11::71 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Sun, 19 Feb 2023 18:01:40 GMT
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
server: Golfe2
age: 1720
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20085
expires: Sun, 19 Feb 2023 20:01:40 GMT

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 76 KB
26 KB 12ms
8ms Script
text/javascript 2404:6800:4003:c03::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: s.isanook.com
URL: https://s.isanook.com/sh/0/js/pubmatic_desktop.1.0.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c03::9a , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

27bc7c9ca5cd564a5ff5b6099e48c8b40b872003f6ca8cb96384e33cf4d52f57

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sun, 19 Feb 2023 18:30:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 26546
x-xss-protection: 0
server: sffe
etag: "1487 / 279 of 1000 / last-modified: 1676675218"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sun, 19 Feb 2023 18:30:20 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 224 KB
77 KB 13ms
12ms Script
application/javascript 2404:6800:4003:c0f::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-M0RYDTKBFK&l=dataLayer&cx=c

Requested by

Host: www.googleoptimize.com
URL: https://www.googleoptimize.com/optimize.js?id=GTM-NBRLWV4

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c0f::61 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

8f393acdbcd4082abb4597e279f54f83103d7da847dea56c62334a46a51f56a0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sun, 19 Feb 2023 18:30:20 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 79015
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sun, 19 Feb 2023 18:30:20 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/408516141/ 42 B
455 B 19ms
10ms Image
image/gif 2404:6800:4003:c11::63
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/408516141/?random=1676831419865&cv=11&fst=1676829600000&bg=ffffff&guid=ON&async=1&gtm=45He32f0&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Fwww.sanook.com%2Fhoroscope%2F73929%2F&tiba=%E0%B8%94%E0%B8%AD%E0%B8%81%E0%B9%84%E0%B8%A1%E0%B9%89%E0%B8%9B%E0%B8%A3%E0%B8%B0%E0%B8%88%E0%B8%B3%2012%20%E0%B8%A3%E0%B8%B2%E0%B8%A8%E0%B8%B5%20%E0%B8%84%E0%B8%A7%E0%B8%B2%E0%B8%A1%E0%B8%AB%E0%B8%A1%E0%B8%B2%E0%B8%A2%E0%B8%82%E0%B8%AD%E0%B8%87%E0%B8%94&fmt=3&is_vtc=1&random=488117396&rmt_tld=0&ipr=y

Requested by

Host: www.sanook.com
URL: https://www.sanook.com/horoscope/73929/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c11::63 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 19 Feb 2023 18:30:20 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com.sg/pagead/1p-user-list/408516141/ 42 B
455 B 21ms
8ms Image
image/gif 2404:6800:4003:c04::5e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com.sg/pagead/1p-user-list/408516141/?random=1676831419865&cv=11&fst=1676829600000&bg=ffffff&guid=ON&async=1&gtm=45He32f0&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Fwww.sanook.com%2Fhoroscope%2F73929%2F&tiba=%E0%B8%94%E0%B8%AD%E0%B8%81%E0%B9%84%E0%B8%A1%E0%B9%89%E0%B8%9B%E0%B8%A3%E0%B8%B0%E0%B8%88%E0%B8%B3%2012%20%E0%B8%A3%E0%B8%B2%E0%B8%A8%E0%B8%B5%20%E0%B8%84%E0%B8%A7%E0%B8%B2%E0%B8%A1%E0%B8%AB%E0%B8%A1%E0%B8%B2%E0%B8%A2%E0%B8%82%E0%B8%AD%E0%B8%87%E0%B8%94&fmt=3&is_vtc=1&random=488117396&rmt_tld=1&ipr=y

Requested by

Host: www.sanook.com
URL: https://www.sanook.com/horoscope/73929/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c04::5e , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 19 Feb 2023 18:30:20 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK dc.js Show response
avd.innity.net/lib/ 20 KB
7 KB 9ms
8ms Script
application/javascript 104.70.97.166
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://avd.innity.net/lib/dc.js
Requested by: Host: avd.innity.net
URL: https://avd.innity.net/225/container_57b51f2f1c51b15b6d1e8553.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 104.70.97.166 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-70-97-166.deploy.static.akamaitechnologies.com
Software: nginx/1.20.2 /
Resource Hash: 0014ffccade01ae1ab385b85433decef0f11f26cbe25721faa0d13bb5c0badda

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date: Sun, 19 Feb 2023 18:30:20 GMT
Content-Encoding: gzip
Last-Modified: Fri, 22 Oct 2021 06:40:46 GMT
Server: nginx/1.20.2
ETag: "61725cee-5149-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: public, max-age=2105982
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 6407
Expires: Thu, 16 Mar 2023 03:30:02 GMT

GET
H/1.1 200
OK container_5f47736a47e7049801000002.js Show response
avd.innity.net/261/ 8 KB
3 KB 10ms
4ms Script
application/javascript 104.70.97.166
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://avd.innity.net/261/container_5f47736a47e7049801000002.js
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/horoscope/73929/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 104.70.97.166 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-70-97-166.deploy.static.akamaitechnologies.com
Software: nginx/1.20.2 /
Resource Hash: 2c3282f6361e85f669bc3d248b8693c53dd22f8f06488c99beb57258e6e00f87

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date: Sun, 19 Feb 2023 18:30:20 GMT
Content-Encoding: gzip
Last-Modified: Wed, 30 Sep 2020 01:58:26 GMT
Server: nginx/1.20.2
ETag: "5f73e642-1eac-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: public, max-age=289144
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2875
Expires: Thu, 23 Feb 2023 02:49:24 GMT

GET
H2 200 pmk-20220605.22.js Show response
widget.perfectmarket.com/sanook/ 115 KB
31 KB 3ms
2ms Script
application/javascript 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://widget.perfectmarket.com/sanook/pmk-20220605.22.js
Requested by: Host: widget.perfectmarket.com
URL: https://widget.perfectmarket.com/sanook/load.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d2aa0d6ce76a1480cff99e6e5a7e9409fd809d016f86146aea4bbc5be1c8dc63

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

x-amz-version-id: MaA_Qs_aw5P0BT4NidpIivap6TziEOxC
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
date: Sun, 19 Feb 2023 18:30:20 GMT
x-amz-request-id: YXQY0MYJFEF85VMA
age: 5044191
x-cache: HIT, HIT
content-length: 31815
x-amz-id-2: yK7RipPuRpZ6Yai+tJqurP/Jd7XWO+708WJXQ3qypEMiOIgfWiR6TP4/Roc+bM2muYPbWABlLS0=
x-served-by: cache-lax10681-LGB, cache-qpg1271-QPG
last-modified: Fri, 23 Dec 2022 09:20:28 GMT
server: AmazonS3
x-timer: S1676831420.135105,VS0,VE0
etag: "fa07e86e18459d4b1038b9d310a495b1"
vary: Accept-Encoding,,
content-type: application/javascript; charset=utf-8
cache-control: max-age=31536000
accept-ranges: bytes
x-cache-hits: 5, 96074

GET
H2 200 like.php Show response
www.facebook.com/v2.9/plugins/ Frame 299D 36 KB
15 KB 253ms
253ms Document
text/html 2a03:2880:f10c:381:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/v2.9/plugins/like.php?action=like&app_id=1675028022749749&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df240edf36ea1cf8%26domain%3Dwww.sanook.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.sanook.com%252Ff1a586d0fa522c4%26relation%3Dparent.parent&color_scheme=light&container_width=270&href=https%3A%2F%2Fwww.facebook.com%2Fsanookhoroscope%2F&layout=standard&locale=en_US&sdk=joey&share=false&show_faces=true&size=small&width=270

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js?hash=615fc7ab64b1375d18d86b10c9bef54e

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f10c:381:face:b00c:0:25de , Singapore, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

3c38adfddb21bad700dff798723485e0dd97531f915e6b48a978843faf5e5955

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com;font-src data: .gstatic.com .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com .tenor.co media.tenor.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net .giphy.com connect.facebook.net .carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com .whatsapp.net .fb.com .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com https://.giphy.com data:;frame-src .doubleclick.net .google.com .facebook.com www.googleadservices.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.sanook.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: private, no-cache, no-store, must-revalidate
content-encoding: br
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-type: text/html; charset="utf-8"
cross-origin-opener-policy: unsafe-none
date: Sun, 19 Feb 2023 18:30:20 GMT
document-policy: force-load-at-top
expires: Sat, 01 Jan 2000 00:00:00 GMT
facebook-api-version: v9.0
origin-agent-cluster: ?0
pragma: no-cache
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
strict-transport-security: max-age=15552000; preload
vary: Accept-Encoding
x-content-type-options: nosniff
x-fb-debug: 1WH8hvMCVc/i8pMvN3MWjdXOXXUn7Y8D6CFnxEI2IkCEi2yYBdVeI8RW+TEdWspPrlBjzooaBRFAdaKThF6pvg==
x-fb-rlafr: 0
x-xss-protection: 0

GET
H2 200 pubads_impl_2023021501.js Show response
securepubads.g.doubleclick.net/gpt/ 383 KB
130 KB 18ms
4ms Script
text/javascript 2404:6800:4003:c06::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023021501.js?cb=31072498

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c06::9a , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

21383a108fc0f4840b90610def8622f8af1fde2c2833693d61a1f91c075d25d1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sun, 19 Feb 2023 13:40:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 17410
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 132205
x-xss-protection: 0
last-modified: Wed, 15 Feb 2023 09:35:25 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Mon, 19 Feb 2024 13:40:10 GMT

GET
H2 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 6 KB
1 KB 17ms
6ms XHR
application/json 2404:6800:4003:c06::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.sanook.com

Requested by

Host: www.sanook.com
URL: https://www.sanook.com/horoscope/73929/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c06::9a , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5344afc6c83831275918591131fb80d4f1f89ace1ac721018e5aa4e67d5c106b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sun, 19 Feb 2023 18:30:20 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 923
x-xss-protection: 0
expires: Sun, 19 Feb 2023 18:30:20 GMT

GET
H2 200 sync Show response
gum.criteo.com/ 73 B
314 B 6ms
5ms Script
text/javascript 2406:2600:7:100::9
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sync?c=72&r=2&j=TRC.getRTUS

Requested by

Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230213-19_b7-PR-53447-DEV-119237-display-to-native-feed-desktop-rollout-e3e866e8b75.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2406:2600:7:100::9 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

Kestrel /

Resource Hash

844138b7258929cc38154cb3a3e3797405bb74fe75ee6c60efcd525f8b87c144

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sun, 19 Feb 2023 18:30:19 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
cache-control: private, max-age=3600
server-processing-duration-in-ticks: 1598516
expires: 60

GET
H2 200 json Show response
trc.taboola.com/sanook/trc/3/ 71 KB
21 KB 428ms
422ms XHR
application/javascript 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/sanook/trc/3/json?tim=18%3A30%3A20.207&lti=display-desktop1_var&data=%7B%22id%22%3A21%2C%22ii%22%3A%22%2Fhoroscope%2F73929%22%2C%22it%22%3A%22text%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22uifp%22%3Anull%2C%22lbt%22%3A1676802398624%2C%22vi%22%3A1676831420204%2C%22cv%22%3A%2220230213-19_b7-PR-53447-DEV-119237-display-to-native-feed-desktop-rollout-e3e866e8b75%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fwww.sanook.com%2Fhoroscope%2F73929%2F%22%2C%22bv%22%3A%220%22%2C%22wc%22%3Atrue%2C%22ul%22%3A%5B%22en-US%22%2C%22en%22%5D%2C%22uad%22%3A%7B%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%2C%22uaFullVersion%22%3A%22%22%7D%2C%22pev%22%3A10377%2C%22btv%22%3A%220%22%2C%22cos%22%3A%224g%22%2C%22bu%22%3A%22https%3A%2F%2Fwww.sanook.com%2Fhoroscope%2F73929%2F%22%2C%22vpi%22%3A%22%2Fhoroscope%2F73929%22%2C%22bad%22%3A-1%2C%22sw%22%3A1600%2C%22sh%22%3A1200%2C%22bw%22%3A1600%2C%22sde%22%3A%221.000%22%2C%22bh%22%3A1200%2C%22dw%22%3A1600%2C%22dh%22%3A24326%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-t2m%22%2C%22s%22%3A6%2C%22uim%22%3A%22alternating-thumbnails-a%3Aabp%3D0%22%2C%22uip%22%3A%22Below%20Article%20Thumbnails%22%2C%22orig_uip%22%3A%22Below%20Article%20Thumbnails%22%2C%22cd%22%3A24325.828125%2C%22mw%22%3A728%7D%5D%2C%22cacheKey%22%3A%22text%3D%2Fhoroscope%2F73929%2CBelow%20Article%20Thumbnails%3Dalternating-thumbnails-a%3Aabp%3D0%22%2C%22cb%22%3A%22TRC.callbacks.recommendations_1%22%2C%22lt%22%3A%22display-desktop1_var%22%7D&llvl=2
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/horoscope/73929/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 76e616ecb42e88feda75451083a89fb7ebd1db8e73296f1bb74f695f312cfb2e

Request headers

Referer: https://www.sanook.com/
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Content-Type: text/plain

Response headers

x-vcl-time-ms: 417
date: Sun, 19 Feb 2023 18:30:20 GMT
content-encoding: gzip
via: 1.1 varnish
x-served-by: cache-qpg1249-QPG
server: nginx
x-timer: S1676831420.215271,VS0,VE417
vary: Accept-Encoding
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: https://www.sanook.com
content-type: application/javascript; charset=utf-8
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 0

POST
H2 200 collect Show response
www.google-analytics.com/j/ 4 B
208 B 5ms
5ms XHR
text/plain 2404:6800:4003:c11::71
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j99&a=1861498327&t=pageview&_s=1&dl=https%3A%2F%2Fwww.sanook.com%2Fhoroscope%2F73929%2F&ul=en-us&de=UTF-8&dt=%E0%B8%94%E0%B8%AD%E0%B8%81%E0%B9%84%E0%B8%A1%E0%B9%89%E0%B8%9B%E0%B8%A3%E0%B8%B0%E0%B8%88%E0%B8%B3%2012%20%E0%B8%A3%E0%B8%B2%E0%B8%A8%E0%B8%B5%20%E0%B8%84%E0%B8%A7%E0%B8%B2%E0%B8%A1%E0%B8%AB%E0%B8%A1%E0%B8%B2%E0%B8%A2%E0%B8%82%E0%B8%AD%E0%B8%87%E0%B8%94%E0%B8%AD%E0%B8%81%E0%B9%84%E0%B8%A1%E0%B9%89%E0%B8%A1%E0%B8%87%E0%B8%84%E0%B8%A5%E0%B9%83%E0%B8%99%E0%B8%9B%E0%B8%A3%E0%B8%B0%E0%B9%80%E0%B8%97%E0%B8%A8%E0%B9%84%E0%B8%97%E0%B8%A2&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABQAAAACAEK~&jid=1636501047&gjid=915612275&cid=435404951.1676831420&tid=UA-8147095-6&_gid=484108671.1676831420&_r=1&_slc=1&gtm=45He32f0n81PNXLXRS&cd1=kanittha&cd2=S!%20Horoscope&cd3=reading&cd4=0&cd12=1676831420031.1ot275j8&cd13=%E0%B8%84%E0%B8%A7%E0%B8%B2%E0%B8%A1%E0%B8%AB%E0%B8%A1%E0%B8%B2%E0%B8%A2%E0%B8%82%E0%B8%AD%E0%B8%87%E0%B8%94%E0%B8%AD%E0%B8%81%E0%B9%84%E0%B8%A1%E0%B9%89&cd14=%E0%B8%94%E0%B8%AD%E0%B8%81%E0%B9%84%E0%B8%A1%E0%B9%89%E0%B8%9B%E0%B8%A3%E0%B8%B0%E0%B8%88%E0%B8%B3%E0%B8%A3%E0%B8%B2%E0%B8%A8%E0%B8%B5&cd15=73929&cd16=editorial&cd19=S!%20Horoscope&cd21=12038&cd22=horoscope&cd23=readpage&cd33=%E0%B8%84%E0%B8%A7%E0%B8%B2%E0%B8%A1%E0%B8%AB%E0%B8%A1%E0%B8%B2%E0%B8%A2%E0%B8%82%E0%B8%AD%E0%B8%87%E0%B8%94%E0%B8%AD%E0%B8%81%E0%B9%84%E0%B8%A1%E0%B9%89%2C%20%E0%B8%94%E0%B8%AD%E0%B8%81%E0%B9%84%E0%B8%A1%E0%B9%89%E0%B8%9B%E0%B8%A3%E0%B8%B0%E0%B8%88%E0%B8%B3%E0%B8%A3%E0%B8%B2%E0%B8%A8%E0%B8%B5%2C%2012%20%E0%B8%A3%E0%B8%B2%E0%B8%A8%E0%B8%B5%2C%20%E0%B8%94%E0%B8%AD%E0%B8%81%E0%B9%84%E0%B8%A1%E0%B9%89%2C%20%E0%B8%AA%E0%B8%B1%E0%B8%8D%E0%B8%A5%E0%B8%B1%E0%B8%81%E0%B8%A9%E0%B8%93%E0%B9%8C%E0%B8%9B%E0%B8%A3%E0%B8%B0%E0%B8%88%E0%B8%B3%E0%B8%A3%E0%B8%B2%E0%B8%A8%E0%B8%B5%2C%20%E0%B8%94%E0%B8%AD%E0%B8%81%E0%B9%84%E0%B8%A1%E0%B9%89%E0%B8%9B%E0%B8%A3%E0%B8%B0%E0%B8%88%E0%B8%B3%E0%B8%A7%E0%B8%B1%E0%B8%99%E0%B9%80%E0%B8%81%E0%B8%B4%E0%B8%94%2C%20%E0%B8%84%E0%B8%A7%E0%B8%B2%E0%B8%A1%E0%B9%80%E0%B8%8A%E0%B8%B7%E0%B9%88%E0%B8%AD%2C%2012%E0%B8%A3%E0%B8%B2%E0%B8%A8%E0%B8%B5&cd34=article&cd35=S!%20Horoscope&cd36=reading&cd43=0&cm5=1&z=1947687704

Requested by

Host: www.sanook.com
URL: https://www.sanook.com/horoscope/73929/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c11::71 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.sanook.com/
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 19 Feb 2023 18:30:20 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.sanook.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 bulk-metrics Show response
trc-events.taboola.com/sanook/log/3/ 0
246 B 36ms
3ms XHR
text/plain 141.226.229.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://trc-events.taboola.com/sanook/log/3/bulk-metrics?lti=display-desktop1_var&bulkSize=1
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/horoscope/73929/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.229.48 , Singapore, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.sanook.com/
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://www.sanook.com
pragma: no-cache
date: Sun, 19 Feb 2023 18:30:20 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

POST
H2 204 collect
analytics.google.com/g/ 0
253 B 24ms
4ms Ping
text/plain 2001:4860:4802:34::181
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-M0RYDTKBFK&gtm=45je32f0&_p=1861498327&_gaz=1&cid=435404951.1676831420&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&dl=https%3A%2F%2Fwww.sanook.com%2Fhoroscope%2F73929%2F&sid=1676831420&sct=1&seg=0&dt=%E0%B8%94%E0%B8%AD%E0%B8%81%E0%B9%84%E0%B8%A1%E0%B9%89%E0%B8%9B%E0%B8%A3%E0%B8%B0%E0%B8%88%E0%B8%B3%2012%20%E0%B8%A3%E0%B8%B2%E0%B8%A8%E0%B8%B5%20%E0%B8%84%E0%B8%A7%E0%B8%B2%E0%B8%A1%E0%B8%AB%E0%B8%A1%E0%B8%B2%E0%B8%A2%E0%B8%82%E0%B8%AD%E0%B8%87%E0%B8%94%E0%B8%AD%E0%B8%81%E0%B9%84%E0%B8%A1%E0%B9%89%E0%B8%A1%E0%B8%87%E0%B8%84%E0%B8%A5%E0%B9%83%E0%B8%99%E0%B8%9B%E0%B8%A3%E0%B8%B0%E0%B9%80%E0%B8%97%E0%B8%A8%E0%B9%84%E0%B8%97%E0%B8%A2
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-M0RYDTKBFK&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::181 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.sanook.com/
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Sun, 19 Feb 2023 18:30:20 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.sanook.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
140 B 13ms
3ms Ping
text/plain 2404:6800:4003:c03::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-M0RYDTKBFK&cid=435404951.1676831420&gtm=45je32f0&aip=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-M0RYDTKBFK&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2404:6800:4003:c03::9a , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 19 Feb 2023 18:30:20 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.sanook.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.com.sg/ads/ 42 B
63 B 16ms
11ms Image
image/gif 2404:6800:4003:c04::5e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com.sg/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-M0RYDTKBFK&cid=435404951.1676831420&gtm=45je32f0&aip=1&z=545784212

Requested by

Host: www.sanook.com
URL: https://www.sanook.com/horoscope/73929/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c04::5e , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 19 Feb 2023 18:30:20 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK / Show response
avd.innity.com/dc/cb/ 59 B
707 B 26ms
5ms Script
application/javascript 119.81.192.134
SOFTLAYER

General

Check archive.org

Show headers Download Go to

Full URL: https://avd.innity.com/dc/cb/?mt=_iampt._cbUC
Requested by: Host: avd.innity.net
URL: https://avd.innity.net/lib/dc.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 119.81.192.134 , Singapore, ASN36351 (SOFTLAYER, US),
Reverse DNS: 86.c0.5177.ip4.static.sl-reverse.com
Software: Apache /
Resource Hash: 33e528cf2cce84cc35039304d9f7f696b4e0fee36d1af02cd6c807ad374bd6e6

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 19 Feb 2023 18:30:20 GMT
Content-Encoding: gzip
Last-Modified: Sun, 19 Feb 2023 18:30:20 GMT
Server: Apache
Vary: Accept-Encoding
P3P: policyref=http://www.innity.com/p3p/p3p.xml,CP="CURa ADMa DEVa OUR BUS UNI COM NAV INT"
Content-Type: application/javascript
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Content-Length: 79
Expires: Wed, 04 Aug 1985 12:59:00 GMT

POST
H3 200 / Show response
www.facebook.com/tr/ Frame BAA7 0
18 B 5ms
2ms Document
text/plain 2a03:2880:f10c:381:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Host: www.sanook.com
URL: https://www.sanook.com/horoscope/73929/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f10c:381:face:b00c:0:25de , Singapore, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Content-Type: application/x-www-form-urlencoded
Origin: https://www.sanook.com
Referer: https://www.sanook.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-origin: https://www.sanook.com
alt-svc: h3=":443"; ma=86400
content-length: 0
content-type: text/plain
cross-origin-resource-policy: cross-origin
date: Sun, 19 Feb 2023 18:30:20 GMT
priority: u=0
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains

POST
H3 200 collect Show response
stats.g.doubleclick.net/j/ 8 B
29 B 6ms
5ms XHR
text/plain 2404:6800:4003:c03::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-8147095-6&cid=435404951.1676831420&jid=1636501047&gjid=915612275&_gid=484108671.1676831420&_u=YEBAAEAAQAAAACAEK~&z=1614239086

Requested by

Host: www.sanook.com
URL: https://www.sanook.com/horoscope/73929/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::9a , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

17bd1c297a7fd1221272d080053f887bb97c03bfc16d6f96bdd7f08bf87dbbd5

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.sanook.com/
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Sun, 19 Feb 2023 18:30:20 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.sanook.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
107 B 9ms
7ms Image
image/gif 2404:6800:4003:c11::63
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-8147095-6&cid=435404951.1676831420&jid=1636501047&_u=YEBAAEAAQAAAACAEK~&z=283135884

Requested by

Host: www.sanook.com
URL: https://www.sanook.com/horoscope/73929/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c11::63 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 19 Feb 2023 18:30:20 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.com.sg/ads/ 42 B
63 B 9ms
9ms Image
image/gif 2404:6800:4003:c04::5e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com.sg/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-8147095-6&cid=435404951.1676831420&jid=1636501047&_u=YEBAAEAAQAAAACAEK~&z=283135884

Requested by

Host: www.sanook.com
URL: https://www.sanook.com/horoscope/73929/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c04::5e , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 19 Feb 2023 18:30:20 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 cdb Show response
bidder.criteo.com/ 175 B
434 B 92ms
16ms XHR
application/json 2406:2600:7:100::12
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?ptv=135&profileId=184&cb=37627477544

Requested by

Host: www.sanook.com
URL: https://www.sanook.com/horoscope/73929/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2406:2600:7:100::12 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

Finatra /

Resource Hash

e554821ee82e6532021e972565b4485d95f356e725904a1c670919d29b3cb619

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://www.sanook.com/
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Sun, 19 Feb 2023 18:30:19 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
server: Finatra
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.sanook.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 166

POST
H2 200 cdb Show response
bidder.criteo.com/ 176 B
434 B 91ms
18ms XHR
application/json 2406:2600:7:100::12
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?ptv=135&profileId=184&cb=78786125428

Requested by

Host: www.sanook.com
URL: https://www.sanook.com/horoscope/73929/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2406:2600:7:100::12 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

Finatra /

Resource Hash

01ce8cbb4eda125c7cc74d699954a6b3d5e43dd0b227029e5295bc0d96629284

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://www.sanook.com/
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Sun, 19 Feb 2023 18:30:19 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
server: Finatra
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.sanook.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 166

POST
H2 200 cdb Show response
bidder.criteo.com/ 171 B
432 B 89ms
17ms XHR
application/json 2406:2600:7:100::12
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?ptv=135&profileId=184&cb=37358780105

Requested by

Host: www.sanook.com
URL: https://www.sanook.com/horoscope/73929/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2406:2600:7:100::12 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

Finatra /

Resource Hash

57fb8ac588ddebf72e7d5326689b595098dae1a888b013ab37f8e193072963fd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://www.sanook.com/
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Sun, 19 Feb 2023 18:30:19 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
server: Finatra
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.sanook.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 164

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ 0
59 B 29ms
4ms XHR
text/plain 103.231.98.193
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=ow-client&correlator=177
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/horoscope/73929/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 103.231.98.193 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.sanook.com/
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.sanook.com
date: Sun, 19 Feb 2023 18:30:19 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ 0
115 B 19ms
3ms XHR
text/plain 103.231.98.193
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=ow-client&correlator=202
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/horoscope/73929/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 103.231.98.193 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.sanook.com/
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.sanook.com
date: Sun, 19 Feb 2023 18:30:19 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

POST
H2 200 cdb Show response
bidder.criteo.com/ 169 B
431 B 53ms
14ms XHR
application/json 2406:2600:7:100::12
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?ptv=135&profileId=184&cb=72796708960

Requested by

Host: www.sanook.com
URL: https://www.sanook.com/horoscope/73929/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2406:2600:7:100::12 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

Finatra /

Resource Hash

7dd6ac2e88b857754a645dc3e7c10a7959bfe8b68dc5ea79faf918837c0b59da

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://www.sanook.com/
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Sun, 19 Feb 2023 18:30:19 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
server: Finatra
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.sanook.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 162

GET
H2 200 bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
281 B 172ms
93ms XHR
application/json 13.250.173.68
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a96919b0183839d590fa24b427700d9&pos=8a969dad0183839d5362a25fdbee0126&cmd=bid&secure=1
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/horoscope/73929/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 13.250.173.68 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-250-173-68.ap-southeast-1.compute.amazonaws.com
Software: ATS/9.1.10.25 /
Resource Hash: 24e309353fec1a233b60b0811836643bf3c0b01a28b34fdeed6971d6002dc45d

Request headers

Referer: https://www.sanook.com/
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 19 Feb 2023 18:30:20 GMT
content-encoding: gzip
server: ATS/9.1.10.25
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.sanook.com
access-control-allow-credentials: true
content-length: 80

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ 0
59 B 3ms
3ms XHR
text/plain 103.231.98.193
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=ow-client&correlator=990
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/horoscope/73929/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 103.231.98.193 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.sanook.com/
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.sanook.com
date: Sun, 19 Feb 2023 18:30:20 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

GET
H2 200 213794966 Show response
fundingchoicesmessages.google.com/i/ 124 KB
43 KB 52ms
38ms Script
application/javascript 2404:6800:4003:c03::64
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/i/213794966?ers=3

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023021501.js?cb=31072498

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c03::64 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ca80897c964cd5080f0aaae172241ddc5b2cb9cf3a1438bc521065c34c4e821b

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-rMPY5rmw9sMMpX6bP_zkTQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sun, 19 Feb 2023 18:30:20 GMT
content-security-policy: script-src 'report-sample' 'nonce-rMPY5rmw9sMMpX6bP_zkTQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin; report-to="ContributorServingWebSwitchboardHttp"
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
report-to: {"group":"ContributorServingWebSwitchboardHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ContributorServingWebSwitchboardHttp/external"}]}
content-type: application/javascript; charset=utf-8
x-frame-options: SAMEORIGIN
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 FEppCFCt76d.png
static.xx.fbcdn.net/rsrc.php/v3/yD/r/ Frame 299D 299 B
575 B 3ms
3ms Image
image/png 2a03:2880:f00c:300:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yD/r/FEppCFCt76d.png

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/v2.9/plugins/like.php?action=like&app_id=1675028022749749&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df240edf36ea1cf8%26domain%3Dwww.sanook.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.sanook.com%252Ff1a586d0fa522c4%26relation%3Dparent.parent&color_scheme=light&container_width=270&href=https%3A%2F%2Fwww.facebook.com%2Fsanookhoroscope%2F&layout=standard&locale=en_US&sdk=joey&share=false&show_faces=true&size=small&width=270

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f00c:300:face:b00c:0:3 , Singapore, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

d65f4b2e8eee94ddc7f762d098de19558d879a3b597c8913b4d075532e3ed4b4

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sun, 19 Feb 2023 18:30:20 GMT
x-content-type-options: nosniff
content-md5: OIlAxCmR79nrM/Ez4ygGlg==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 299
x-fb-rlafr: 0
x-fb-debug: 4RZippug/nNUJto+XSAwFHKgGbtcY9gd2TMPXF3ZFscW1/Zyaq/E3yKbJn85/9UFPXlTpuOgz+8Krub8ZhSvXw==
x-fb-trip-id: 548340344
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Mon, 19 Feb 2024 01:04:13 GMT

GET
H2 200 chartbeat.js Show response
static.chartbeat.com/js/ 37 KB
15 KB 23ms
4ms Script
application/x-javascript 2600:9000:20c7:2a00:18:1fcd:351:7bc1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.chartbeat.com/js/chartbeat.js
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/horoscope/73929/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20c7:2a00:18:1fcd:351:7bc1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 7b307f2ce73aec07bfa1ab1d6462f491de0497c8819b1d6fed66eda9638a3530

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sun, 19 Feb 2023 01:39:03 GMT
content-encoding: gzip
via: 1.1 23632109ecb3eb8245f17822f97fa88e.cloudfront.net (CloudFront)
last-modified: Thu, 08 Dec 2022 17:25:10 GMT
server: nginx
x-amz-cf-pop: SIN5-C1
age: 60676
etag: W/"63921df6-9377"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/x-javascript
cache-control: max-age=86400
cross-origin-resource-policy: cross-origin
x-amz-cf-id: oQ_7DV2VdXj06aNcHno8jKLxNpRwh1o5LBM-q9k-ylnSGavX_RBCVg==
expires: Mon, 20 Feb 2023 01:39:03 GMT

GET
H2 200 chartbeat_mab.js Show response
static.chartbeat.com/js/ 23 KB
10 KB 24ms
5ms Script
application/x-javascript 2600:9000:20c7:2a00:18:1fcd:351:7bc1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.chartbeat.com/js/chartbeat_mab.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PNXLXRS
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20c7:2a00:18:1fcd:351:7bc1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 5da042d5812f163384470df8b5fbca46e8364922c47407a8dbdcf114066fc6ab

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sun, 19 Feb 2023 01:29:07 GMT
content-encoding: gzip
via: 1.1 23632109ecb3eb8245f17822f97fa88e.cloudfront.net (CloudFront)
last-modified: Wed, 20 Jul 2022 00:57:56 GMT
server: nginx
x-amz-cf-pop: SIN5-C1
age: 61272
etag: W/"62d75314-5d6b"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/x-javascript
cache-control: max-age=86400
cross-origin-resource-policy: cross-origin
x-amz-cf-id: n5P_La-lhUYZi9Qh3WEf1vnp9-zywkjEWTX9o7YBxnAH3_SDn6tWYw==
expires: Mon, 20 Feb 2023 01:29:07 GMT

GET
H/1.1 200
OK /
avd.innity.com/dc/ 43 B
649 B 7ms
6ms Image
image/gif 119.81.192.134
SOFTLAYER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://avd.innity.com/dc/?cl=225&cuid=9c59882b5e15c350eb02fed7fe10c69c&cb=1676831420535&douid=&sess=52678624.225.1676831420534&dur=0&ref=https%3A%2F%2Fwww.sanook.com%2Fhoroscope%2F73929%2F&srf=&pk=&pt=%E0%B8%94%E0%B8%AD%E0%B8%81%E0%B9%84%E0%B8%A1%E0%B9%89%E0%B8%9B%E0%B8%A3%E0%B8%B0%E0%B8%88%E0%B8%B3%2012%20%E0%B8%A3%E0%B8%B2%E0%B8%A8%E0%B8%B5%20%E0%B8%84%E0%B8%A7%E0%B8%B2%E0%B8%A1%E0%B8%AB%E0%B8%A1%E0%B8%B2%E0%B8%A2%E0%B8%82%E0%B8%AD%E0%B8%87%E0%B8%94%E0%B8%AD%E0%B8%81%E0%B9%84%E0%B8%A1%E0%B9%89%E0%B8%A1%E0%B8%87%E0%B8%84%E0%B8%A5%E0%B9%83%E0%B8%99%E0%B8%9B%E0%B8%A3%E0%B8%B0%E0%B9%80%E0%B8%97%E0%B8%A8%E0%B9%84%E0%B8%97%E0%B8%A2&sr=1600x1200&ul=en-US&de=UTF-8&vp=1600x1200
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/horoscope/73929/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 119.81.192.134 , Singapore, ASN36351 (SOFTLAYER, US),
Reverse DNS: 86.c0.5177.ip4.static.sl-reverse.com
Software: Apache /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 19 Feb 2023 18:30:20 GMT
Last-Modified: Sun, 19 Feb 2023 18:30:20 GMT
Server: Apache
P3P: policyref=http://www.innity.com/p3p/p3p.xml,CP="CURa ADMa DEVa OUR BUS UNI COM NAV INT"
Content-Type: image/gif
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Content-Length: 43
Expires: Wed, 04 Aug 1985 12:59:00 GMT

GET
H/1.1 200
OK /
avd.innity.com/sync/ 43 B
452 B 15ms
5ms Image
image/gif 119.81.192.134
SOFTLAYER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://avd.innity.com/sync/?partner=innity&token=9c59882b5e15c350eb02fed7fe10c69c&type=cookie&itmcb=1676831420535
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/horoscope/73929/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 119.81.192.134 , Singapore, ASN36351 (SOFTLAYER, US),
Reverse DNS: 86.c0.5177.ip4.static.sl-reverse.com
Software: Apache /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 19 Feb 2023 18:30:20 GMT
Last-Modified: Sun, 19 Feb 2023 18:30:20 GMT
Server: Apache
P3P: policyref=http://www.innity.com/p3p/p3p.xml,CP="CURa ADMa DEVa OUR BUS UNI COM NAV INT"
Content-Type: image/gif
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Content-Length: 43
Expires: Wed, 04 Aug 1985 12:59:00 GMT

GET
H3 200 liVf0zkyIeq.js Show response
static.xx.fbcdn.net/rsrc.php/v3iEpO4/yM/l/en_US/ Frame 299D 526 KB
135 KB 4ms
4ms Script
application/x-javascript 2a03:2880:f00c:300:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3iEpO4/yM/l/en_US/liVf0zkyIeq.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f00c:300:face:b00c:0:3 , Singapore, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

8f0f1c3b38b88e945a4bf8e671e62b7d058973c512aa3165223517ce54401b75

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sun, 19 Feb 2023 18:30:20 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: ArTpbCrz3V4Y1zfZEUiWSA==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 138276
x-fb-rlafr: 0
x-fb-debug: jxRx4lEYyZ4cpWpm9+2TS8yyRSphRpBYXaJwd3ccOx1mN615h5Tsv5ngeWnCaF1oT1MVm8WLj6bNXUJbocsY7g==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Sun, 18 Feb 2024 02:00:19 GMT

POST
H2 200 pbjs Show response
htlb.casalemedia.com/openrtb/ 35 B
565 B 34ms
19ms XHR
application/json 104.18.25.185
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/openrtb/pbjs?s=575406
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/horoscope/73929/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.25.185 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 21cf0fc941f56960daa4ba1abe3ad6c449649093bf623eeeaed24a070a6be0a3

Request headers

Referer: https://www.sanook.com/
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 19 Feb 2023 18:30:20 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=odUYmdokZ52fWEAPjwp1EIBayHUTeepCwM%2FJkCoi4SEnHhFgLuM0xG34wqVEiGor92FOZ8Q%2FTL4mPPab7TR1qGqPLVR9tgKEdR0e2BQGZRvJOA%2FYYG%2BTPq%2BvpDAih6P2TYFibeza"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: https://www.sanook.com
cache-control: no-cache
access-control-allow-credentials: true
cf-ray: 79c112ba8c8191a2-SIN
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 35
expires: 0

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 321 B
870 B 933ms
225ms XHR
application/json 2602:803:c006:158::65
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17864&site_id=385176&zone_id=2142876&size_id=15&rf=https%3A%2F%2Fwww.sanook.com%2Fhoroscope%2F73929%2F&tg_i.pbadslot=%2F4899711%2Fhoroscope.sanook%2Fdesktop%2Freading%2Freadpage%2Freca&tk_flint=pbjs_lite_v7.25.0&x_source.tid=74b00402-6374-4730-bb37-fb34a04e4f95&l_pb_bid_id=1287cdbe29e6b04&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F4899711%2Fhoroscope.sanook%2Fdesktop%2Freading%2Freadpage%2Freca&slots=1&rand=0.14518815058225165
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/horoscope/73929/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c006:158::65 , Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 6d4c31288a6a3fcadc4680b9190df6745afb5635a43b8e1f25333676651e3d28

Request headers

Referer: https://www.sanook.com/
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 19 Feb 2023 18:30:21 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://www.sanook.com
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 321
expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H2 200 arj Show response
tencentth-d.openx.net/w/1.0/ 173 B
590 B 85ms
68ms XHR
application/json 34.98.64.218
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://tencentth-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.sanook.com%2Fhoroscope%2F73929%2F&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=74b00402-6374-4730-bb37-fb34a04e4f95&nocache=1676831420554&aus=300x250&divids=rgpt-reca-7&aucs=%252F4899711%252Fhoroscope.sanook%252Fdesktop%252Freading%252Freadpage%252Freca&auid=542511420
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/horoscope/73929/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: fbc3abe3f0c2328414e3178e1283231bf5b3ff40f99cea5ce3a9453cdd599e5d

Request headers

Referer: https://www.sanook.com/
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 19 Feb 2023 18:30:20 GMT
content-encoding: gzip
via: 1.1 google
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
content-type: application/json
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://www.sanook.com
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 165
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
503 B 114ms
92ms XHR
application/json 13.250.173.68
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a96919b0183839d590fa24b427700d9&pos=8a969dad0183839d5362a25fdbee0126&cmd=bid&secure=1
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/horoscope/73929/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 13.250.173.68 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-250-173-68.ap-southeast-1.compute.amazonaws.com
Software: ATS/9.1.10.25 /
Resource Hash: 35c2e86080f34acbea6b6ffe32cca41ee24ef346572aa55eabffbb765f7310b0

Request headers

Referer: https://www.sanook.com/
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 19 Feb 2023 18:30:20 GMT
content-encoding: gzip
server: ATS/9.1.10.25
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.sanook.com
access-control-allow-credentials: true
content-length: 80

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 19 B
828 B 713ms
188ms XHR
application/json 104.254.148.252
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: www.sanook.com
URL: https://www.sanook.com/horoscope/73929/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.254.148.252 Los Angeles, United States, ASN29990 (ASN-APPNEX, US),

Reverse DNS

894.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.sanook.com/
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Sun, 19 Feb 2023 18:30:21 GMT
AN-X-Request-Uuid: 6dc85127-399b-437d-9fbf-756e9ec0e323
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: application/json; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.sanook.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 103.254.153.210; 103.254.153.210; 894.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
Content-Length: 19
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H/1.1 204
No Content hb Show response
rtb-eu.andbeyond.media/ 0
266 B 665ms
167ms XHR
text/plain 77.245.57.78
WEBAIR-INTERNET-MTL

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb-eu.andbeyond.media/hb?zone=136922&v=1.6
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/horoscope/73929/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 77.245.57.78 , United States, ASN36057 (WEBAIR-INTERNET-MTL, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.sanook.com/
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Sun, 19 Feb 2023 18:30:21 GMT
Server: nginx
Age: 0
Access-Control-Allow-Origin: https://www.sanook.com
Cache-Control: no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0

GET
H/1.1 200
OK / Show response
as.innity.com/synd/ 2 KB
2 KB 29ms
7ms XHR
application/json 119.81.192.141
SOFTLAYER

General

Check archive.org

Show headers Download Go to

Full URL: https://as.innity.com/synd/?cb=1676831420560&ver=2&hb=1&output=js&pub=413&zone=64691&url=https%253A%252F%252Fwww.sanook.com%252Fhoroscope%252F73929%252F&width=300&height=250&vpw=1600&vph=1200&callback=json&callback_uid=229252303f89d8b&auction=8bbcc7a6-eb5b-4e9a-b33d-077755f81df1
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/horoscope/73929/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 119.81.192.141 , Singapore, ASN36351 (SOFTLAYER, US),
Reverse DNS: 8d.c0.5177.ip4.static.sl-reverse.com
Software: Apache /
Resource Hash: 53783b3be1e8040a7c811a89f55330efcbd14e111a1b1c22ab519aa9015cba2d

Request headers

Referer: https://www.sanook.com/
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Sun, 19 Feb 2023 18:30:20 GMT
Content-Encoding: gzip
Last-Modified: Sun, 19 Feb 2023 18:30:20 GMT
Server: Apache
Access-Control-Max-Age: 86400
Vary: Accept-Encoding
P3P: policyref=http://www.innity.com/p3p/p3p.xml,CP="CURa ADMa DEVa OUR BUS UNI COM NAV INT"
Access-Control-Allow-Origin: https://www.sanook.com
Content-Type: application/json; charset=utf-8
Cache-Control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
Access-Control-Allow-Credentials: true
Content-Length: 844
Expires: Sat, 03 Sep 1983 02:00:00 GMT

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ 0
59 B 19ms
19ms XHR
text/plain 103.231.98.193
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=ow-client&correlator=530
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/horoscope/73929/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 103.231.98.193 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.sanook.com/
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.sanook.com
date: Sun, 19 Feb 2023 18:30:20 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

POST
H2 200 bid-request Show response
a.teads.tv/hb/ 16 B
504 B 221ms
97ms XHR
application/json 104.83.197.63
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://a.teads.tv/hb/bid-request
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/horoscope/73929/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.83.197.63 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-83-197-63.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c

Request headers

Referer: https://www.sanook.com/
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 19 Feb 2023 18:30:20 GMT
content-encoding: gzip
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://www.sanook.com
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 42
expires: Sun, 19 Feb 2023 18:30:20 GMT

POST
H2 204 events
bidder.criteo.com/csm/ 0
215 B 5ms
3ms Ping
text/plain 2406:2600:7:100::12
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/csm/events

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2406:2600:7:100::12 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://www.sanook.com/
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Sun, 19 Feb 2023 18:30:20 GMT
strict-transport-security: max-age=31536000; preload;
server: Finatra
vary: Origin
access-control-allow-origin: https://www.sanook.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *

POST
H2 204 events
bidder.criteo.com/csm/ 0
215 B 5ms
4ms Ping
text/plain 2406:2600:7:100::12
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/csm/events

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2406:2600:7:100::12 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://www.sanook.com/
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Sun, 19 Feb 2023 18:30:19 GMT
strict-transport-security: max-age=31536000; preload;
server: Finatra
vary: Origin
access-control-allow-origin: https://www.sanook.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *

POST
H2 204 events
bidder.criteo.com/csm/ 0
215 B 5ms
4ms Ping
text/plain 2406:2600:7:100::12
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/csm/events

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2406:2600:7:100::12 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://www.sanook.com/
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Sun, 19 Feb 2023 18:30:19 GMT
strict-transport-security: max-age=31536000; preload;
server: Finatra
vary: Origin
access-control-allow-origin: https://www.sanook.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *

POST
H2 204 events
bidder.criteo.com/csm/ 0
215 B 5ms
5ms Ping
text/plain 2406:2600:7:100::12
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/csm/events

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2406:2600:7:100::12 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://www.sanook.com/
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Sun, 19 Feb 2023 18:30:20 GMT
strict-transport-security: max-age=31536000; preload;
server: Finatra
vary: Origin
access-control-allow-origin: https://www.sanook.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ 0
59 B 4ms
3ms XHR
text/plain 103.231.98.193
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=ow-client&correlator=882
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/horoscope/73929/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 103.231.98.193 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.sanook.com/
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.sanook.com
date: Sun, 19 Feb 2023 18:30:19 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

POST
H2 200 bid-request Show response
a.teads.tv/hb/ 16 B
504 B 135ms
93ms XHR
application/json 104.83.197.63
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://a.teads.tv/hb/bid-request
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/horoscope/73929/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.83.197.63 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-83-197-63.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c

Request headers

Referer: https://www.sanook.com/
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 19 Feb 2023 18:30:20 GMT
content-encoding: gzip
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://www.sanook.com
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 42
expires: Sun, 19 Feb 2023 18:30:20 GMT

GET
H2 200 bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
280 B 105ms
105ms XHR
application/json 13.250.173.68
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a96919b0183839d590fa24b427700d9&pos=8a969dad0183839d5362a2608c630129&cmd=bid&secure=1
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/horoscope/73929/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 13.250.173.68 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-250-173-68.ap-southeast-1.compute.amazonaws.com
Software: ATS/9.1.10.25 /
Resource Hash: c4882d1aafea35209fa2183b618706925e7d79cb6eac7348b1b5acf167f56123

Request headers

Referer: https://www.sanook.com/
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 19 Feb 2023 18:30:20 GMT
content-encoding: gzip
server: ATS/9.1.10.25
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.sanook.com
access-control-allow-credentials: true
content-length: 80

POST
H2 200 translator Show response
hbopenbid.pubmatic.com/ 4 KB
3 KB 62ms
61ms XHR
application/json 103.231.98.193
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=ow-client&correlator=924
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/horoscope/73929/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 103.231.98.193 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: 408c77663aa3d164b65daff568bf452e2bdabdb3a4e6061287a34e6da75d3038

Request headers

Referer: https://www.sanook.com/
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.sanook.com
date: Sun, 19 Feb 2023 18:30:20 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-openrtb-version: 2.3
content-encoding: gzip
content-type: application/json

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 346 B
669 B 864ms
247ms XHR
application/json 2602:803:c006:158::65
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17864&site_id=385176&zone_id=2142876&size_id=15&alt_size_ids=9%2C8%2C10%2C17&rf=https%3A%2F%2Fwww.sanook.com%2Fhoroscope%2F73929%2F&tg_i.pbadslot=%2F4899711%2Fhoroscope.sanook%2Fdesktop%2Freading%2Freadpage%2Ftower&tk_flint=pbjs_lite_v7.25.0&x_source.tid=e32e35b2-0116-4c59-b273-f7aec30b67d9&l_pb_bid_id=361dda469eef84f&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F4899711%2Fhoroscope.sanook%2Fdesktop%2Freading%2Freadpage%2Ftower&slots=1&rand=0.2962150559415524
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/horoscope/73929/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c006:158::65 , Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 7cc9e4d7bf690d4abb6b728cd6367276378814fe2bc44482d4aeb044f4deacc4

Request headers

Referer: https://www.sanook.com/
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 19 Feb 2023 18:30:21 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://www.sanook.com
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 346
expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ 0
59 B 46ms
45ms XHR
text/plain 103.231.98.193
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=ow-client&correlator=26
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/horoscope/73929/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 103.231.98.193 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.sanook.com/
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.sanook.com
date: Sun, 19 Feb 2023 18:30:20 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 327 B
650 B 839ms
227ms XHR
application/json 2602:803:c006:158::65
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17864&site_id=385176&zone_id=2142876&size_id=2&alt_size_ids=1&rf=https%3A%2F%2Fwww.sanook.com%2Fhoroscope%2F73929%2F&tg_i.pbadslot=%2F4899711%2Fhoroscope.sanook%2Fdesktop%2Freading%2Freadpage%2Fleaderboard&tk_flint=pbjs_lite_v7.25.0&x_source.tid=5a769d84-93a6-43f8-b4c0-f7d866bfe89a&l_pb_bid_id=40e327cfee88e68&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F4899711%2Fhoroscope.sanook%2Fdesktop%2Freading%2Freadpage%2Fleaderboard&slots=1&rand=0.39314219739569034
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/horoscope/73929/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c006:158::65 , Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 35184363334ac44aff466024f0ea5d7a06a28b4566361405d8ee03fb78413297

Request headers

Referer: https://www.sanook.com/
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 19 Feb 2023 18:30:21 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://www.sanook.com
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 327
expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H2 200 pbjs Show response
htlb.casalemedia.com/openrtb/ 37 B
314 B 29ms
28ms XHR
application/json 104.18.25.185
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/openrtb/pbjs?s=575408
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/horoscope/73929/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.25.185 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aded8b65cd6f96b3662daa697247b4c164cb043c99fbedc7d69874a99a50b42c

Request headers

Referer: https://www.sanook.com/
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 19 Feb 2023 18:30:20 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GWyhSX5E%2F51yN9VZiA92zbThfHNn5xV%2FY8x8UMep8bbdayRgN2%2FEmOoNze%2Bt70miCLzJPYfnFwteAg01K81DAVmUGC0qBsJtxEHLJ4CmoHd%2F81kQnoepRgnnHcgFzBkuFDWlCVwl"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: https://www.sanook.com
cache-control: no-cache
access-control-allow-credentials: true
cf-ray: 79c112bb1e2691a2-SIN
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 37
expires: 0

GET
H2 200 bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
280 B 102ms
101ms XHR
application/json 13.250.173.68
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a96919b0183839d590fa24b427700d9&pos=8a96958d0183839d5d90a2603e7b010f&cmd=bid&secure=1
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/horoscope/73929/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 13.250.173.68 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-250-173-68.ap-southeast-1.compute.amazonaws.com
Software: ATS/9.1.10.25 /
Resource Hash: 1891fac9ad0b1a9d538bfed0acc4fb8b483635e8247d0744032cf28d6a9aa0a1

Request headers

Referer: https://www.sanook.com/
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 19 Feb 2023 18:30:20 GMT
content-encoding: gzip
server: ATS/9.1.10.25
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.sanook.com
access-control-allow-credentials: true
content-length: 80

POST
H2 200 bid-request Show response
a.teads.tv/hb/ 16 B
504 B 125ms
92ms XHR
application/json 104.83.197.63
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://a.teads.tv/hb/bid-request
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/horoscope/73929/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.83.197.63 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-83-197-63.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c

Request headers

Referer: https://www.sanook.com/
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 19 Feb 2023 18:30:20 GMT
content-encoding: gzip
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://www.sanook.com
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 42
expires: Sun, 19 Feb 2023 18:30:20 GMT

POST
H/1.1 204
No Content hb Show response
rtb-eu.andbeyond.media/ 0
266 B 575ms
171ms XHR
text/plain 77.245.57.78
WEBAIR-INTERNET-MTL

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb-eu.andbeyond.media/hb?zone=136924&v=1.6
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/horoscope/73929/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 77.245.57.78 , United States, ASN36057 (WEBAIR-INTERNET-MTL, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.sanook.com/
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Sun, 19 Feb 2023 18:30:21 GMT
Server: nginx
Age: 0
Access-Control-Allow-Origin: https://www.sanook.com
Cache-Control: no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0

GET
H2 200 arj Show response
tencentth-d.openx.net/w/1.0/ 172 B
357 B 75ms
74ms XHR
application/json 34.98.64.218
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://tencentth-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.sanook.com%2Fhoroscope%2F73929%2F&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=5a769d84-93a6-43f8-b4c0-f7d866bfe89a&nocache=1676831420654&aus=728x90%2C468x60&divids=rgpt-leaderboard-3&aucs=%252F4899711%252Fhoroscope.sanook%252Fdesktop%252Freading%252Freadpage%252Fleaderboard&auid=542511416
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/horoscope/73929/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 38d54b888c609e6c52478eea7f1d19d9040939c76663c321122181c6d24e1334

Request headers

Referer: https://www.sanook.com/
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 19 Feb 2023 18:30:20 GMT
content-encoding: gzip
via: 1.1 google
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
content-type: application/json
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://www.sanook.com
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 162
expires: Mon, 26 Jul 1997 05:00:00 GMT

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 19 B
828 B 749ms
230ms XHR
application/json 104.254.148.252
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: www.sanook.com
URL: https://www.sanook.com/horoscope/73929/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.254.148.252 Los Angeles, United States, ASN29990 (ASN-APPNEX, US),

Reverse DNS

894.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.sanook.com/
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Sun, 19 Feb 2023 18:30:21 GMT
AN-X-Request-Uuid: 0a932e6f-19a4-426c-89ab-5a4d5aac531e
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: application/json; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.sanook.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 103.254.153.210; 103.254.153.210; 894.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
Content-Length: 19
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK / Show response
as.innity.com/synd/ 2 KB
1 KB 6ms
6ms XHR
application/json 119.81.192.141
SOFTLAYER

General

Check archive.org

Show headers Download Go to

Full URL: https://as.innity.com/synd/?cb=1676831420655&ver=2&hb=1&output=js&pub=413&zone=64733&url=https%253A%252F%252Fwww.sanook.com%252Fhoroscope%252F73929%252F&width=728&height=90&vpw=1600&vph=1200&callback=json&callback_uid=5448edef2cb2866&auction=a92cd02f-049a-41ab-9d43-78279e3a95aa
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/horoscope/73929/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 119.81.192.141 , Singapore, ASN36351 (SOFTLAYER, US),
Reverse DNS: 8d.c0.5177.ip4.static.sl-reverse.com
Software: Apache /
Resource Hash: 24e07eeda9fce57902ce4ba87e103e6848fba1b986413a82d871638a9dc105ca

Request headers

Referer: https://www.sanook.com/
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Sun, 19 Feb 2023 18:30:20 GMT
Content-Encoding: gzip
Last-Modified: Sun, 19 Feb 2023 18:30:20 GMT
Server: Apache
Access-Control-Max-Age: 86400
Vary: Accept-Encoding
P3P: policyref=http://www.innity.com/p3p/p3p.xml,CP="CURa ADMa DEVa OUR BUS UNI COM NAV INT"
Access-Control-Allow-Origin: https://www.sanook.com
Content-Type: application/json; charset=utf-8
Cache-Control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
Access-Control-Allow-Credentials: true
Content-Length: 800
Expires: Sat, 03 Sep 1983 02:00:00 GMT

GET
H2 200 feed-card-placeholder.20230213-19_b7-PR-53447-DEV-119237-display-to-native-feed-desktop-rollout-e3e866e8b75.es6.js Show response
cdn.taboola.com/libtrc/ 5 KB
2 KB 4ms
4ms Script
application/javascript 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/feed-card-placeholder.20230213-19_b7-PR-53447-DEV-119237-display-to-native-feed-desktop-rollout-e3e866e8b75.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/sanook/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 1d4741173727b0a0c3f7c0f8c1bdcf41c9a464fd8df56efaddcbcdfdc1888c3b

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

x-amz-version-id: fEuNxb.t1gS1OyEXqTwAvOkppwrRqmvj
content-encoding: gzip
via: 1.1 varnish
date: Sun, 19 Feb 2023 18:30:20 GMT
x-amz-request-id: MD9HRBKCXF207BFD
age: 70
x-cache: HIT
x-amz-replication-status: FAILED
content-length: 1308
x-amz-id-2: 1kAgOWgu72dG9UfBEr9E66tgK6TULlSGTxITsZhpxhNqslGLLiJFxtpAo9UlIhaR8S8Bb8bKaPY=
x-served-by: cache-qpg1249-QPG
last-modified: Wed, 15 Feb 2023 13:27:14 GMT
server: AmazonS3
x-timer: S1676831421.678747,VS0,VE1
etag: "add63b556fc94960e537cfb8be9049bd"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 90
access-control-allow-origin: *
cache-control: private,max-age=14400
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 cta-component.20230213-19_b7-PR-53447-DEV-119237-display-to-native-feed-desktop-rollout-e3e866e8b75.es6.js Show response
cdn.taboola.com/libtrc/ 19 KB
5 KB 4ms
4ms Script
application/javascript 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/cta-component.20230213-19_b7-PR-53447-DEV-119237-display-to-native-feed-desktop-rollout-e3e866e8b75.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/sanook/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 77fdc4263cacab2dc7c349d8fe0724672f4f5a95d9384f2f717887ea60b9d4f7

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

x-amz-version-id: zr3bBhfIBEaNd4jvShx67jFNx_rSHw4X
content-encoding: gzip
via: 1.1 varnish
date: Sun, 19 Feb 2023 18:30:20 GMT
x-amz-request-id: 2D5QW7Z4DC45RA1Q
age: 20
x-cache: HIT
x-amz-replication-status: FAILED
content-length: 4789
x-amz-id-2: 39yaUQt7KYv0+so+jw8r0gF2qkxwHkEU6CbjAaStgNPXhvPGM1w9kPToEgqjyHZmnVjvBNQq5qc=
x-served-by: cache-qpg1249-QPG
last-modified: Wed, 15 Feb 2023 13:27:08 GMT
server: AmazonS3
x-timer: S1676831421.697759,VS0,VE1
etag: "44e24f6f2a5239406a29d63ee4cbd4bf"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 90
access-control-allow-origin: *
cache-control: private,max-age=14400
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 f89e1763-220d-4e09-ba69-9e040548fb7a.svg
cdn.taboola.com/static/f8/ 4 KB
2 KB 4ms
4ms Image
image/svg+xml 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.taboola.com/static/f8/f89e1763-220d-4e09-ba69-9e040548fb7a.svg
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/horoscope/73929/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 39b076e4bb4fab9b8a142499cf6155f8c128464974691a04de7e764f71b72618

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

x-amz-version-id: cMrDKn.emLmm9kiiOOF64ulDT4DRy6LK
content-encoding: gzip
via: 1.1 varnish
date: Sun, 19 Feb 2023 18:30:20 GMT
x-amz-request-id: R2BX3XHXQH22F8ER
age: 46
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 1758
x-amz-id-2: wPNuyxpy9XcVkL5y0kNGCuUj8ZflNdeMTbmNuP6SCScow+TIcYJUQI0P3VCpKP7D8RzZ2zOxyko=
x-served-by: cache-qpg1249-QPG
last-modified: Wed, 07 Feb 2018 11:15:52 GMT
server: AmazonS3
x-timer: S1676831421.715796,VS0,VE0
etag: "b8b410e4b18d45aa2f3d9bc09cd335fb"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: image/svg+xml
access-control-allow-origin: *
abp: 90
cache-control: private,max-age=31536000
accept-ranges: bytes
access-control-allow-headers: *
x-cache-hits: 32

GET
H2 200 UnitWidgetItemDesktop.min.js Show response
vidstat.taboola.com/lite-unit/3.9.8/ 103 KB
30 KB 4ms
3ms Script
application/javascript 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vidstat.taboola.com/lite-unit/3.9.8/UnitWidgetItemDesktop.min.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230213-19_b7-PR-53447-DEV-119237-display-to-native-feed-desktop-rollout-e3e866e8b75.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e9008fe282850688d5c8544707e9d97ff6d737ee6791afc1d60448750a451b0a

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sun, 19 Feb 2023 18:30:20 GMT
via: 1.1 a372f2a2c858a55a472ec9d3d1c6b816.cloudfront.net (CloudFront), 1.1 varnish
content-encoding: gzip
x-amz-cf-pop: SIN52-C2
age: 3564396
x-cache: Hit from cloudfront, HIT
content-length: 29909
x-served-by: cache-qpg1249-QPG
last-modified: Tue, 22 Nov 2022 07:02:09 GMT
server: AmazonS3
x-timer: S1676831421.729065,VS0,VE0
etag: "1842444d4bb92087143326a4d508875d"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
access-control-allow-headers: *
x-amz-cf-id: tBMqlxzdWCy5I2LgonVdSeRa_M6BVLX4m-L493nQ44tBgGPAboFIkw==
x-cache-hits: 268192

GET
H2 204 debug
sg-trc-events.taboola.com/sanook/log/2/ 0
88 B 10ms
4ms Image
text/plain 141.226.229.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sg-trc-events.taboola.com/sanook/log/2/debug?tim=18%3A30%3A20.693&type=usage&msg=cta-_1676831420693&llvl=2&id=4268&cv=20230213-19_b7-PR-53447-DEV-119237-display-to-native-feed-desktop-rollout-e3e866e8b75&lt=display-desktop1_var&file=cta-manager&method=&position=&extraData=%7B%22v%22%3A%222%22%2C%22location%22%3A%22https%3A%2F%2Fwww.sanook.com%2Fhoroscope%2F73929%2F%22%2C%22itemId%22%3A%22~~V1~~-2354564269356714709~~Hu2JAyHrIyjb%22%2C%22type%22%3A%22event%22%2C%22module%22%3A%22cta-lazy-module%22%2C%22event%22%3A%22CTA-event-has_cta_text%22%2C%22cardIndexOnPage%22%3A0%2C%22index%22%3A0%2C%22placement%22%3A%22Below%20Article%20Thumbnails%20%7C%20Card%202%22%2C%22innerText%22%3A%22%E4%B8%80%E6%96%87%E6%8E%8C%E6%8F%A12023%E5%B9%B4%E8%B4%A2%E6%94%BF%E9%A2%84%E7%AE%97%E6%A1%88%E8%A6%81%E7%82%B9%E8%81%94%E5%90%88%E6%97%A9%E6%8A%A5%7CSponsoredSponsored%22%2C%22config%22%3A%7B%22borderColor%22%3A%22black%22%2C%22fontWeight%22%3A%22bold%22%2C%22isInheritTitleColor%22%3A%22true%22%7D%7D
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/horoscope/73929/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.229.48 , Singapore, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sun, 19 Feb 2023 18:30:20 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 2750

GET
H2 204 debug
sg-trc-events.taboola.com/sanook/log/2/ 0
88 B 8ms
3ms Image
text/plain 141.226.229.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sg-trc-events.taboola.com/sanook/log/2/debug?tim=18%3A30%3A20.694&type=usage&msg=cta-_1676831420694&llvl=2&id=8219&cv=20230213-19_b7-PR-53447-DEV-119237-display-to-native-feed-desktop-rollout-e3e866e8b75&lt=display-desktop1_var&file=cta-manager&method=&position=&extraData=%7B%22v%22%3A%222%22%2C%22location%22%3A%22https%3A%2F%2Fwww.sanook.com%2Fhoroscope%2F73929%2F%22%2C%22itemId%22%3A%22~~V1~~-2354564269356714709~~Hu2JAyHrIyjb%22%2C%22text%22%3A%22%E9%98%85%E8%AF%BB%E6%9B%B4%E5%A4%9A%22%2C%22type%22%3A%22event%22%2C%22module%22%3A%22cta-lazy-module%22%2C%22event%22%3A%22CTA-event-cta_render_candidate%22%2C%22cardIndexOnPage%22%3A0%2C%22index%22%3A0%2C%22placement%22%3A%22Below%20Article%20Thumbnails%20%7C%20Card%202%22%2C%22innerText%22%3A%22%E4%B8%80%E6%96%87%E6%8E%8C%E6%8F%A12023%E5%B9%B4%E8%B4%A2%E6%94%BF%E9%A2%84%E7%AE%97%E6%A1%88%E8%A6%81%E7%82%B9%E8%81%94%E5%90%88%E6%97%A9%E6%8A%A5%7CSponsoredSponsored%22%2C%22config%22%3A%7B%22borderColor%22%3A%22black%22%2C%22fontWeight%22%3A%22bold%22%2C%22isInheritTitleColor%22%3A%22true%22%7D%7D
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/horoscope/73929/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.229.48 , Singapore, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sun, 19 Feb 2023 18:30:20 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 2750

GET
H2 204 debug
sg-trc-events.taboola.com/sanook/log/2/ 0
88 B 8ms
4ms Image
text/plain 141.226.229.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sg-trc-events.taboola.com/sanook/log/2/debug?tim=18%3A30%3A20.699&type=usage&msg=cta-_1676831420698&llvl=2&id=3083&cv=20230213-19_b7-PR-53447-DEV-119237-display-to-native-feed-desktop-rollout-e3e866e8b75&lt=display-desktop1_var&file=cta-manager&method=&position=&extraData=%7B%22v%22%3A%222%22%2C%22location%22%3A%22https%3A%2F%2Fwww.sanook.com%2Fhoroscope%2F73929%2F%22%2C%22itemId%22%3A%22~~V1~~-2951206546250672718~~8sZN5_Bj7WhT%22%2C%22type%22%3A%22event%22%2C%22module%22%3A%22cta-lazy-module%22%2C%22event%22%3A%22CTA-event-has_cta_text%22%2C%22cardIndexOnPage%22%3A1%2C%22index%22%3A0%2C%22placement%22%3A%22Below%20Article%20Thumbnails%20%7C%20Card%203%22%2C%22innerText%22%3A%22%E4%BB%8E%E4%BD%A0%E7%9A%84%E5%87%BA%E7%94%9F%E6%97%B6%E8%BE%B0%E7%9C%8B%E4%BD%A0%E6%98%AF%E5%90%A6%E4%BA%8B%E4%B8%9A%E4%B8%8A%E5%91%BD%E8%8B%A6%E7%A6%8F%E7%A6%84%E8%96%84%E7%9A%84%E5%91%BD%EF%BC%9F%E7%8E%84%E7%87%8A%E5%91%BD%E7%90%86%7CSponsoredSponsored%22%2C%22config%22%3A%7B%22borderColor%22%3A%22black%22%2C%22fontWeight%22%3A%22bold%22%2C%22isInheritTitleColor%22%3A%22true%22%7D%7D
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/horoscope/73929/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.229.48 , Singapore, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sun, 19 Feb 2023 18:30:20 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 2750

GET
H2 204 debug
sg-trc-events.taboola.com/sanook/log/2/ 0
88 B 9ms
5ms Image
text/plain 141.226.229.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sg-trc-events.taboola.com/sanook/log/2/debug?tim=18%3A30%3A20.699&type=usage&msg=cta-_1676831420699&llvl=2&id=8565&cv=20230213-19_b7-PR-53447-DEV-119237-display-to-native-feed-desktop-rollout-e3e866e8b75&lt=display-desktop1_var&file=cta-manager&method=&position=&extraData=%7B%22v%22%3A%222%22%2C%22location%22%3A%22https%3A%2F%2Fwww.sanook.com%2Fhoroscope%2F73929%2F%22%2C%22itemId%22%3A%22~~V1~~-2951206546250672718~~8sZN5_Bj7WhT%22%2C%22text%22%3A%22%E9%98%85%E8%AF%BB%E6%9B%B4%E5%A4%9A%22%2C%22type%22%3A%22event%22%2C%22module%22%3A%22cta-lazy-module%22%2C%22event%22%3A%22CTA-event-cta_render_candidate%22%2C%22cardIndexOnPage%22%3A1%2C%22index%22%3A0%2C%22placement%22%3A%22Below%20Article%20Thumbnails%20%7C%20Card%203%22%2C%22innerText%22%3A%22%E4%BB%8E%E4%BD%A0%E7%9A%84%E5%87%BA%E7%94%9F%E6%97%B6%E8%BE%B0%E7%9C%8B%E4%BD%A0%E6%98%AF%E5%90%A6%E4%BA%8B%E4%B8%9A%E4%B8%8A%E5%91%BD%E8%8B%A6%E7%A6%8F%E7%A6%84%E8%96%84%E7%9A%84%E5%91%BD%EF%BC%9F%E7%8E%84%E7%87%8A%E5%91%BD%E7%90%86%7CSponsoredSponsored%22%2C%22config%22%3A%7B%22borderColor%22%3A%22black%22%2C%22fontWeight%22%3A%22bold%22%2C%22isInheritTitleColor%22%3A%22true%22%7D%7D
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/horoscope/73929/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.229.48 , Singapore, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sun, 19 Feb 2023 18:30:20 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 2750

GET
H2 204 debug
sg-trc-events.taboola.com/sanook/log/2/ 0
88 B 9ms
5ms Image
text/plain 141.226.229.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sg-trc-events.taboola.com/sanook/log/2/debug?tim=18%3A30%3A20.701&type=usage&msg=cta-_1676831420701&llvl=2&id=2527&cv=20230213-19_b7-PR-53447-DEV-119237-display-to-native-feed-desktop-rollout-e3e866e8b75&lt=display-desktop1_var&file=cta-manager&method=&position=&extraData=%7B%22v%22%3A%222%22%2C%22location%22%3A%22https%3A%2F%2Fwww.sanook.com%2Fhoroscope%2F73929%2F%22%2C%22itemId%22%3A%22~~V1~~-5057559706364447565~~ci07zv3clwGA%22%2C%22type%22%3A%22event%22%2C%22module%22%3A%22cta-lazy-module%22%2C%22event%22%3A%22CTA-event-has_cta_text%22%2C%22cardIndexOnPage%22%3A2%2C%22index%22%3A2%2C%22placement%22%3A%22Below%20Article%20Thumbnails%20%7C%20Card%203%22%2C%22innerText%22%3A%22%E3%80%90%E9%A2%84%E7%AE%97%E6%A1%88%E3%80%91%E7%BA%A6250%E4%B8%87%E6%96%B0%E5%8A%A0%E5%9D%A1%E4%BA%BA%E5%8F%AF%E8%8E%B7%E5%A4%9A%E8%BE%BE400%E5%85%83%E7%94%9F%E6%B4%BB%E8%B4%B9%E7%89%B9%E5%88%AB%E8%A1%A5%E5%8A%A9%E8%81%94%E5%90%88%E6%97%A9%E6%8A%A5%7CSponsoredSponsored%22%2C%22config%22%3A%7B%22borderColor%22%3A%22black%22%2C%22fontWeight%22%3A%22bold%22%2C%22isInheritTitleColor%22%3A%22true%22%7D%7D
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/horoscope/73929/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.229.48 , Singapore, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sun, 19 Feb 2023 18:30:20 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 2750

GET
H2 204 debug
sg-trc-events.taboola.com/sanook/log/2/ 0
88 B 9ms
6ms Image
text/plain 141.226.229.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sg-trc-events.taboola.com/sanook/log/2/debug?tim=18%3A30%3A20.701&type=usage&msg=cta-_1676831420701&llvl=2&id=8497&cv=20230213-19_b7-PR-53447-DEV-119237-display-to-native-feed-desktop-rollout-e3e866e8b75&lt=display-desktop1_var&file=cta-manager&method=&position=&extraData=%7B%22v%22%3A%222%22%2C%22location%22%3A%22https%3A%2F%2Fwww.sanook.com%2Fhoroscope%2F73929%2F%22%2C%22itemId%22%3A%22~~V1~~-5057559706364447565~~ci07zv3clwGA%22%2C%22text%22%3A%22%E9%98%85%E8%AF%BB%E6%9B%B4%E5%A4%9A%22%2C%22type%22%3A%22event%22%2C%22module%22%3A%22cta-lazy-module%22%2C%22event%22%3A%22CTA-event-cta_render_candidate%22%2C%22cardIndexOnPage%22%3A2%2C%22index%22%3A2%2C%22placement%22%3A%22Below%20Article%20Thumbnails%20%7C%20Card%203%22%2C%22innerText%22%3A%22%E3%80%90%E9%A2%84%E7%AE%97%E6%A1%88%E3%80%91%E7%BA%A6250%E4%B8%87%E6%96%B0%E5%8A%A0%E5%9D%A1%E4%BA%BA%E5%8F%AF%E8%8E%B7%E5%A4%9A%E8%BE%BE400%E5%85%83%E7%94%9F%E6%B4%BB%E8%B4%B9%E7%89%B9%E5%88%AB%E8%A1%A5%E5%8A%A9%E8%81%94%E5%90%88%E6%97%A9%E6%8A%A5%7CSponsoredSponsored%22%2C%22config%22%3A%7B%22borderColor%22%3A%22black%22%2C%22fontWeight%22%3A%22bold%22%2C%22isInheritTitleColor%22%3A%22true%22%7D%7D
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/horoscope/73929/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.229.48 , Singapore, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sun, 19 Feb 2023 18:30:20 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 2750

GET
H2 204 debug
sg-trc-events.taboola.com/sanook/log/2/ 0
88 B 8ms
5ms Image
text/plain 141.226.229.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sg-trc-events.taboola.com/sanook/log/2/debug?tim=18%3A30%3A20.704&type=usage&msg=cta-_1676831420704&llvl=2&id=6067&cv=20230213-19_b7-PR-53447-DEV-119237-display-to-native-feed-desktop-rollout-e3e866e8b75&lt=display-desktop1_var&file=cta-manager&method=&position=&extraData=%7B%22v%22%3A%222%22%2C%22location%22%3A%22https%3A%2F%2Fwww.sanook.com%2Fhoroscope%2F73929%2F%22%2C%22itemId%22%3A%22~~V1~~-6363287865760093705~~GJIhihDj0XZW%22%2C%22type%22%3A%22event%22%2C%22module%22%3A%22cta-lazy-module%22%2C%22event%22%3A%22CTA-event-has_cta_text%22%2C%22cardIndexOnPage%22%3A3%2C%22index%22%3A0%2C%22placement%22%3A%22Below%20Article%20Thumbnails%20%7C%20Card%204%22%2C%22innerText%22%3A%22%E3%80%90%E6%96%B0%E5%8A%A0%E5%9D%A1%E8%B4%A2%E6%94%BF%E9%A2%84%E7%AE%97%E6%A1%882023%E3%80%91%E6%83%85%E4%BA%BA%E8%8A%82%E6%B4%BE%E5%B7%A7%E5%85%8B%E5%8A%9B%20%E6%98%AF%E7%94%9C%E6%98%AF%E8%8B%A6%EF%BC%9F%E8%81%94%E5%90%88%E6%97%A9%E6%8A%A5%7CSponsoredSponsored%22%2C%22config%22%3A%7B%22borderColor%22%3A%22black%22%2C%22fontWeight%22%3A%22bold%22%2C%22isInheritTitleColor%22%3A%22true%22%7D%7D
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/horoscope/73929/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.229.48 , Singapore, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sun, 19 Feb 2023 18:30:20 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 2652

GET
H2 204 debug
sg-trc-events.taboola.com/sanook/log/2/ 0
88 B 9ms
7ms Image
text/plain 141.226.229.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sg-trc-events.taboola.com/sanook/log/2/debug?tim=18%3A30%3A20.704&type=usage&msg=cta-_1676831420704&llvl=2&id=2127&cv=20230213-19_b7-PR-53447-DEV-119237-display-to-native-feed-desktop-rollout-e3e866e8b75&lt=display-desktop1_var&file=cta-manager&method=&position=&extraData=%7B%22v%22%3A%222%22%2C%22location%22%3A%22https%3A%2F%2Fwww.sanook.com%2Fhoroscope%2F73929%2F%22%2C%22itemId%22%3A%22~~V1~~-6363287865760093705~~GJIhihDj0XZW%22%2C%22text%22%3A%22%E9%98%85%E8%AF%BB%E6%9B%B4%E5%A4%9A%22%2C%22type%22%3A%22event%22%2C%22module%22%3A%22cta-lazy-module%22%2C%22event%22%3A%22CTA-event-cta_render_candidate%22%2C%22cardIndexOnPage%22%3A3%2C%22index%22%3A0%2C%22placement%22%3A%22Below%20Article%20Thumbnails%20%7C%20Card%204%22%2C%22innerText%22%3A%22%E3%80%90%E6%96%B0%E5%8A%A0%E5%9D%A1%E8%B4%A2%E6%94%BF%E9%A2%84%E7%AE%97%E6%A1%882023%E3%80%91%E6%83%85%E4%BA%BA%E8%8A%82%E6%B4%BE%E5%B7%A7%E5%85%8B%E5%8A%9B%20%E6%98%AF%E7%94%9C%E6%98%AF%E8%8B%A6%EF%BC%9F%E8%81%94%E5%90%88%E6%97%A9%E6%8A%A5%7CSponsoredSponsored%22%2C%22config%22%3A%7B%22borderColor%22%3A%22black%22%2C%22fontWeight%22%3A%22bold%22%2C%22isInheritTitleColor%22%3A%22true%22%7D%7D
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/horoscope/73929/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.229.48 , Singapore, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sun, 19 Feb 2023 18:30:20 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 2652

GET
H2 204 debug
sg-trc-events.taboola.com/sanook/log/2/ 0
88 B 9ms
8ms Image
text/plain 141.226.229.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sg-trc-events.taboola.com/sanook/log/2/debug?tim=18%3A30%3A20.706&type=usage&msg=cta-_1676831420706&llvl=2&id=7590&cv=20230213-19_b7-PR-53447-DEV-119237-display-to-native-feed-desktop-rollout-e3e866e8b75&lt=display-desktop1_var&file=cta-manager&method=&position=&extraData=%7B%22v%22%3A%222%22%2C%22location%22%3A%22https%3A%2F%2Fwww.sanook.com%2Fhoroscope%2F73929%2F%22%2C%22itemId%22%3A%22~~V1~~1954199952168315117~~hsuGCm8Fj4cCk%22%2C%22type%22%3A%22event%22%2C%22module%22%3A%22cta-lazy-module%22%2C%22event%22%3A%22CTA-event-has_cta_text%22%2C%22cardIndexOnPage%22%3A4%2C%22index%22%3A1%2C%22placement%22%3A%22Below%20Article%20Thumbnails%20%7C%20Card%204%22%2C%22innerText%22%3A%22%E4%B8%93%E5%AE%B6%EF%BC%9A%E5%A2%9E%E5%8A%A0%E8%A1%A5%E8%B4%B4%E7%AD%89%E6%8E%AA%E6%96%BD%E4%BB%8D%E9%9A%BE%E4%BB%A5%E6%98%BE%E8%91%97%E5%BD%B1%E5%93%8D%E7%94%9F%E8%82%B2%E5%86%B3%E5%AE%9A%E8%81%94%E5%90%88%E6%97%A9%E6%8A%A5%7CSponsoredSponsored%22%2C%22config%22%3A%7B%22borderColor%22%3A%22black%22%2C%22fontWeight%22%3A%22bold%22%2C%22isInheritTitleColor%22%3A%22true%22%7D%7D
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/horoscope/73929/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.229.48 , Singapore, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sun, 19 Feb 2023 18:30:20 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 2652

GET
H2 204 debug
sg-trc-events.taboola.com/sanook/log/2/ 0
88 B 10ms
8ms Image
text/plain 141.226.229.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sg-trc-events.taboola.com/sanook/log/2/debug?tim=18%3A30%3A20.706&type=usage&msg=cta-_1676831420706&llvl=2&id=6382&cv=20230213-19_b7-PR-53447-DEV-119237-display-to-native-feed-desktop-rollout-e3e866e8b75&lt=display-desktop1_var&file=cta-manager&method=&position=&extraData=%7B%22v%22%3A%222%22%2C%22location%22%3A%22https%3A%2F%2Fwww.sanook.com%2Fhoroscope%2F73929%2F%22%2C%22itemId%22%3A%22~~V1~~1954199952168315117~~hsuGCm8Fj4cCk%22%2C%22text%22%3A%22%E9%98%85%E8%AF%BB%E6%9B%B4%E5%A4%9A%22%2C%22type%22%3A%22event%22%2C%22module%22%3A%22cta-lazy-module%22%2C%22event%22%3A%22CTA-event-cta_render_candidate%22%2C%22cardIndexOnPage%22%3A4%2C%22index%22%3A1%2C%22placement%22%3A%22Below%20Article%20Thumbnails%20%7C%20Card%204%22%2C%22innerText%22%3A%22%E4%B8%93%E5%AE%B6%EF%BC%9A%E5%A2%9E%E5%8A%A0%E8%A1%A5%E8%B4%B4%E7%AD%89%E6%8E%AA%E6%96%BD%E4%BB%8D%E9%9A%BE%E4%BB%A5%E6%98%BE%E8%91%97%E5%BD%B1%E5%93%8D%E7%94%9F%E8%82%B2%E5%86%B3%E5%AE%9A%E8%81%94%E5%90%88%E6%97%A9%E6%8A%A5%7CSponsoredSponsored%22%2C%22config%22%3A%7B%22borderColor%22%3A%22black%22%2C%22fontWeight%22%3A%22bold%22%2C%22isInheritTitleColor%22%3A%22true%22%7D%7D
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/horoscope/73929/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.229.48 , Singapore, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sun, 19 Feb 2023 18:30:20 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 2652

GET
H2 204 debug
sg-trc-events.taboola.com/sanook/log/2/ 0
88 B 11ms
9ms Image
text/plain 141.226.229.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sg-trc-events.taboola.com/sanook/log/2/debug?tim=18%3A30%3A20.729&type=usage&msg=cta-_1676831420729&llvl=2&id=8340&cv=20230213-19_b7-PR-53447-DEV-119237-display-to-native-feed-desktop-rollout-e3e866e8b75&lt=display-desktop1_var&file=cta-manager&method=&position=&extraData=%7B%22v%22%3A%222%22%2C%22location%22%3A%22https%3A%2F%2Fwww.sanook.com%2Fhoroscope%2F73929%2F%22%2C%22itemId%22%3A%22~~V1~~1949725083509388086~~Del8qmYeTtIM9%22%2C%22type%22%3A%22event%22%2C%22module%22%3A%22cta-lazy-module%22%2C%22event%22%3A%22CTA-event-has_cta_text%22%2C%22cardIndexOnPage%22%3A5%2C%22index%22%3A0%2C%22placement%22%3A%22Below%20Article%20Thumbnails%20%7C%20Card%205%22%2C%22innerText%22%3A%22%E3%80%90%E8%B4%A2%E6%94%BF%E9%A2%84%E7%AE%97%E6%A1%88%E3%80%91%E6%B6%88%E8%B4%B9%E7%A8%8E%E7%8E%B0%E9%87%91%E8%A1%A5%E5%8A%A9%E6%9C%89%E5%A4%9A%E5%B0%91%EF%BC%9F%E8%81%94%E5%90%88%E6%97%A9%E6%8A%A5%7CSponsoredSponsored%22%2C%22config%22%3A%7B%22borderColor%22%3A%22black%22%2C%22fontWeight%22%3A%22bold%22%2C%22isInheritTitleColor%22%3A%22true%22%7D%7D
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/horoscope/73929/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.229.48 , Singapore, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sun, 19 Feb 2023 18:30:20 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 2652

GET
H2 204 debug
sg-trc-events.taboola.com/sanook/log/2/ 0
88 B 11ms
10ms Image
text/plain 141.226.229.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sg-trc-events.taboola.com/sanook/log/2/debug?tim=18%3A30%3A20.729&type=usage&msg=cta-_1676831420729&llvl=2&id=4765&cv=20230213-19_b7-PR-53447-DEV-119237-display-to-native-feed-desktop-rollout-e3e866e8b75&lt=display-desktop1_var&file=cta-manager&method=&position=&extraData=%7B%22v%22%3A%222%22%2C%22location%22%3A%22https%3A%2F%2Fwww.sanook.com%2Fhoroscope%2F73929%2F%22%2C%22itemId%22%3A%22~~V1~~1949725083509388086~~Del8qmYeTtIM9%22%2C%22text%22%3A%22%E9%98%85%E8%AF%BB%E6%9B%B4%E5%A4%9A%22%2C%22type%22%3A%22event%22%2C%22module%22%3A%22cta-lazy-module%22%2C%22event%22%3A%22CTA-event-cta_render_candidate%22%2C%22cardIndexOnPage%22%3A5%2C%22index%22%3A0%2C%22placement%22%3A%22Below%20Article%20Thumbnails%20%7C%20Card%205%22%2C%22innerText%22%3A%22%E3%80%90%E8%B4%A2%E6%94%BF%E9%A2%84%E7%AE%97%E6%A1%88%E3%80%91%E6%B6%88%E8%B4%B9%E7%A8%8E%E7%8E%B0%E9%87%91%E8%A1%A5%E5%8A%A9%E6%9C%89%E5%A4%9A%E5%B0%91%EF%BC%9F%E8%81%94%E5%90%88%E6%97%A9%E6%8A%A5%7CSponsoredSponsored%22%2C%22config%22%3A%7B%22borderColor%22%3A%22black%22%2C%22fontWeight%22%3A%22bold%22%2C%22isInheritTitleColor%22%3A%22true%22%7D%7D
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/horoscope/73929/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.229.48 , Singapore, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sun, 19 Feb 2023 18:30:20 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 2652

GET
H2 200 pd Show response
jp-u.openx.net/w/1.0/ Frame 0975 533 B
635 B 22ms
9ms Document
text/html 34.98.64.218
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://jp-u.openx.net/w/1.0/pd?plm=6&ph=37e95722-5599-4708-ac2b-c16016d6597d&gdpr=0
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 60f0feb431d731ae0693a259de2ac562efb753085476ab9cf052e4f21fdf5069

Request headers

Referer: https://www.sanook.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: gzip
content-length: 323
content-type: text/html
date: Sun, 19 Feb 2023 18:30:20 GMT
p3p: CP="CUR ADM OUR NOR STA NID"
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
via: 1.1 google

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame 77E7 16 KB
6 KB 7ms
4ms Document
text/html 104.65.228.208
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=155976
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.65.228.208 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-65-228-208.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48

Request headers

Referer: https://www.sanook.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=137818
content-encoding: gzip
content-length: 5554
content-type: text/html
date: Sun, 19 Feb 2023 18:30:20 GMT
expires: Tue, 21 Feb 2023 08:47:18 GMT
last-modified: Fri, 16 Dec 2022 06:36:49 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: Apache
vary: Accept-Encoding

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame 2665 16 KB
6 KB 7ms
5ms Document
text/html 104.65.228.208
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=155976
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.65.228.208 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-65-228-208.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48

Request headers

Referer: https://www.sanook.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=137818
content-encoding: gzip
content-length: 5554
content-type: text/html
date: Sun, 19 Feb 2023 18:30:20 GMT
expires: Tue, 21 Feb 2023 08:47:18 GMT
last-modified: Fri, 16 Dec 2022 06:36:49 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: Apache
vary: Accept-Encoding

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame 6093 16 KB
6 KB 8ms
6ms Document
text/html 104.65.228.208
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=155976
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.65.228.208 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-65-228-208.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48

Request headers

Referer: https://www.sanook.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=137818
content-encoding: gzip
content-length: 5554
content-type: text/html
date: Sun, 19 Feb 2023 18:30:20 GMT
expires: Tue, 21 Feb 2023 08:47:18 GMT
last-modified: Fri, 16 Dec 2022 06:36:49 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: Apache
vary: Accept-Encoding

GET
H2 204 social
sg-trc-events.taboola.com/sanook/log/3/ 0
362 B 6ms
4ms Image
text/plain 141.226.229.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sg-trc-events.taboola.com/sanook/log/3/social?route=HK:SG:V&lti=display-desktop1_var&ri=f54a7ec18e489a1251fba8a4187c021f&sd=v2_b051729754c4f0c996f7ab61935e0d19_e4cf3f0e-bd77-425e-bf08-fa04f2579f2e-tuctaebf03c_1676831420_1676831420_CNawjgYQgeA9GKzew9fmMCABKAEwwAE4t4gNQOKaEEjXiNcDUP___________wFYAGAAaOey1_X_v7aIgwFwAQ&ui=e4cf3f0e-bd77-425e-bf08-fa04f2579f2e-tuctaebf03c&pi=/horoscope/73929&wi=1064185260234338568&pt=text&vi=1676831420204&st=social-available&d=%7B%22data%22%3A%5B%7B%22i%22%3A%22ctx%22%2C%22ism%22%3Afalse%2C%22srx%22%3A1600%2C%22sry%22%3A1200%2C%22pd%22%3Anull%2C%22tpl%22%3A%22%22%2C%22url%22%3A%22https%3A%2F%2Fwww.sanook.com%2Fhoroscope%2F73929%22%2C%22rref%22%3A%22%22%2C%22sref%22%3A%22_sessionPending_%22%2C%22hdl%22%3A%22%E0%B8%94%E0%B8%AD%E0%B8%81%E0%B9%84%E0%B8%A1%E0%B9%89%E0%B8%9B%E0%B8%A3%E0%B8%B0%E0%B8%88%E0%B8%B3%2012%20%E0%B8%A3%E0%B8%B2%E0%B8%A8%E0%B8%B5%20%E0%B8%84%E0%B8%A7%E0%B8%B2%E0%B8%A1%E0%B8%AB%E0%B8%A1%E0%B8%B2%E0%B8%A2%E0%B8%82%E0%B8%AD%E0%B8%87%E0%B8%94%E0%B8%AD%E0%B8%81%E0%B9%84%E0%B8%A1%E0%B9%89%E0%B8%A1%E0%B8%87%E0%B8%84%E0%B8%A5%E0%B9%83%E0%B8%99%E0%B8%9B%E0%B8%A3%E0%B8%B0%E0%B9%80%E0%B8%97%E0%B8%A8%E0%B9%84%E0%B8%97%E0%B8%A2%22%2C%22sec%22%3A%22undefined%22%2C%22aut%22%3A%5B%22S!%20Horoscope%22%5D%2C%22img%22%3A%22https%3A%2F%2Fs.isanook.com%2Fho%2F0%2Fud%2F14%2F73929%2Fm.jpg%22%2C%22v%22%3A15%2C%22pw%22%3Afalse%7D%5D%7D&tim=18%3A30%3A20.773&id=7348&llvl=2&cv=20230213-19_b7-PR-53447-DEV-119237-display-to-native-feed-desktop-rollout-e3e866e8b75&
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/horoscope/73929/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.229.48 , Singapore, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Sun, 19 Feb 2023 18:30:20 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

POST
H2 204 bulk-metrics Show response
sg-trc-events.taboola.com/sanook/log/3/ 0
377 B 8ms
7ms XHR
text/plain 141.226.229.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://sg-trc-events.taboola.com/sanook/log/3/bulk-metrics?route=HK%3ASG%3AV&lti=display-desktop1_var&bulkSize=18
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/horoscope/73929/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.229.48 , Singapore, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.sanook.com/
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://www.sanook.com
pragma: no-cache
date: Sun, 19 Feb 2023 18:30:20 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H2 503 ping
ping.chartbeat.net/ 0
0 992ms
246ms Image
text/html 34.198.29.55
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ping.chartbeat.net/ping?h=sanook.com&p=%2Fhoroscope%2F73929%2F&u=Cn5MfxfS3_9dn7Km&d=sanook.com&g=59732&g0=horoscope&g1=kanittha&n=1&f=00001&c=0&x=0&m=0&y=25854&o=1600&w=1200&j=45&R=1&W=0&I=0&E=0&e=0&r=&PA=https%3A%2F%2Fwww.sanook.com%2Fhoroscope%2F73929%2F&b=5611&t=DVWHerBnfX4ACTBWqjD1a6ImCWHn3d&V=139&i=%E0%B8%94%E0%B8%AD%E0%B8%81%E0%B9%84%E0%B8%A1%E0%B9%89%E0%B8%9B%E0%B8%A3%E0%B8%B0%E0%B8%88%E0%B8%B3%2012%20%E0%B8%A3%E0%B8%B2%E0%B8%A8%E0%B8%B5%20%E0%B8%84%E0%B8%A7%E0%B8%B2%E0%B8%A1%E0%B8%AB%E0%B8%A1%E0%B8%B2%E0%B8%A2%E0%B8%82%E0%B8%AD%E0%B8%87%E0%B8%94%E0%B8%AD%E0%B8%81%E0%B9%84%E0%B8%A1%E0%B9%89%E0%B8%A1%E0%B8%87%E0%B8%84%E0%B8%A5%E0%B9%83%E0%B8%99%E0%B8%9B%E0%B8%A3%E0%B8%B0%E0%B9%80%E0%B8%97%E0%B8%A8%E0%B9%84%E0%B8%97%E0%B8%A2&tz=0&sn=1&sv=BUbEwqD5-G-0CkbA1CCF8i7oDGNP-B&sd=1&im=067b2fff&_
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/horoscope/73929/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.198.29.55 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-198-29-55.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

GET
H2 200 AGSKWxXVBw-UeKvWkUXBAbTTDymU_IIKfigQUjbFnyggVyPpaVDKkqGEqMp0tWFU4LVJifABSCnTVySbTGEC41qMp4c= Show response
fundingchoicesmessages.google.com/f/ 4 KB
3 KB 36ms
35ms Script
application/javascript 2404:6800:4003:c03::64
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxXVBw-UeKvWkUXBAbTTDymU_IIKfigQUjbFnyggVyPpaVDKkqGEqMp0tWFU4LVJifABSCnTVySbTGEC41qMp4c=?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNjc2ODMxNDIwLDg2NjAwMDAwMF0sIkZCQzBCQTk1LTBBRDgtNDVDRC1CM0YyLUIwMkIyRDIwRkUxNSIsbnVsbCxudWxsLFtudWxsLFs3XSxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsdHJ1ZSx0cnVlXSwiaHR0cHM6Ly93d3cuc2Fub29rLmNvbS9ob3Jvc2NvcGUvNzM5MjkvIixudWxsLFtbOCwiTTNBN0w1a21Na3MiXSxbOSwiemgtQ04iXSxbMTYsIlt0cnVlLHRydWUsdHJ1ZV0iXV1d

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.zh_CN.M3A7L5kmMks.es5.O/d=1/rs=AJlcJMz9JuwXaSpWqDCd0bVjh9U5TCu6Cw/m=kernel_loader,loader_js_executable

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c03::64 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e21bf7eb11457e1ec155cf0c13932b3459a916bc5e8356ebcf445eafd5a0f616

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-4iAHOGuTXNXkmP8xsyzn9w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sun, 19 Feb 2023 18:30:20 GMT
content-security-policy: script-src 'report-sample' 'nonce-4iAHOGuTXNXkmP8xsyzn9w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin; report-to="ContributorGlobalRouterHttp"
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
report-to: {"group":"ContributorGlobalRouterHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ContributorGlobalRouterHttp/external"}]}
content-type: application/javascript; charset=utf-8
x-frame-options: SAMEORIGIN
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 integrator.js Show response
adservice.google.com.sg/adsid/ 107 B
531 B 15ms
6ms Script
application/javascript 2404:6800:4003:c11::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com.sg/adsid/integrator.js?domain=www.sanook.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023021501.js?cb=31072498

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c11::9c , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sun, 19 Feb 2023 18:30:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
456 B 17ms
6ms Script
application/javascript 2404:6800:4003:c04::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.sanook.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023021501.js?cb=31072498

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c04::9d , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sun, 19 Feb 2023 18:30:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 21 KB
10 KB 54ms
46ms XHR
text/plain 2404:6800:4003:c06::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1470658175133945&correlator=2559071814086943&eid=31072498%2C31072544&output=ldjh&gdfp_req=1&vrg=2023021501&ptt=17&impl=fif&us_privacy=1---&iu_parts=4899711%2Choroscope.sanook%2Cdesktop%2Creading%2Creadpage%2Cuniversalb&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4%2F5&prev_iu_szs=1x1&ifi=1&adks=3364664086&didk=2096832714&sfv=1-0-40&prev_scp=category%3Dreading%2Chidden-content-date%2Chighlight-horoscope-super%2Cs-horoscope%26subcategory%3D12zodiac%26tags%3D%25E0%25B8%2584%25E0%25B8%25A7%25E0%25B8%25B2%25E0%25B8%25A1%25E0%25B8%25AB%25E0%25B8%25A1%25E0%25B8%25B2%25E0%25B8%25A2%25E0%25B8%2582%25E0%25B8%25AD%25E0%25B8%2587%25E0%25B8%2594%25E0%25B8%25AD%25E0%25B8%2581%25E0%25B9%2584%25E0%25B8%25A1%25E0%25B9%2589%2C%25E0%25B8%2594%25E0%25B8%25AD%25E0%25B8%2581%25E0%25B9%2584%25E0%25B8%25A1%25E0%25B9%2589%25E0%25B8%259B%25E0%25B8%25A3%25E0%25B8%25B0%25E0%25B8%2588%25E0%25B8%25B3%25E0%25B8%25A3%25E0%25B8%25B2%25E0%25B8%25A8%25E0%25B8%25B5%2C12%2520%25E0%25B8%25A3%25E0%25B8%25B2%25E0%25B8%25A8%25E0%25B8%25B5%2C%25E0%25B8%2594%25E0%25B8%25AD%25E0%25B8%2581%25E0%25B9%2584%25E0%25B8%25A1%25E0%25B9%2589%2C%25E0%25B8%25AA%25E0%25B8%25B1%25E0%25B8%258D%25E0%25B8%25A5%25E0%25B8%25B1%25E0%25B8%2581%25E0%25B8%25A9%25E0%25B8%2593%25E0%25B9%258C%25E0%25B8%259B%25E0%25B8%25A3%25E0%25B8%25B0%25E0%25B8%2588%25E0%25B8%25B3%25E0%25B8%25A3%25E0%25B8%25B2%25E0%25B8%25A8%25E0%25B8%25B5%2C%25E0%25B8%2594%25E0%25B8%25AD%25E0%25B8%2581%25E0%25B9%2584%25E0%25B8%25A1%25E0%25B9%2589%25E0%25B8%259B%25E0%25B8%25A3%25E0%25B8%25B0%25E0%25B8%2588%25E0%25B8%25B3%25E0%25B8%25A7%25E0%25B8%25B1%25E0%25B8%2599%25E0%25B9%2580%25E0%25B8%2581%25E0%25B8%25B4%25E0%25B8%2594%2C%25E0%25B8%2584%25E0%25B8%25A7%25E0%25B8%25B2%25E0%25B8%25A1%25E0%25B9%2580%25E0%25B8%258A%25E0%25B8%25B7%25E0%25B9%2588%25E0%25B8%25AD%2C12%25E0%25B8%25A3%25E0%25B8%25B2%25E0%25B8%25A8%25E0%25B8%25B5%26partner%3Ds-horoscope%26entry_id%3D73929&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1676831420886&lmt=1676831420&dlt=1676831418468&idt=1955&adxs=-12245933&adys=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.sanook.com%2Fhoroscope%2F73929%2F&frm=20&vis=1&psz=0x0&msz=0x0&fws=128&ohw=0&ga_vid=435404951.1676831420&ga_sid=1676831421&ga_hid=1861498327&ga_fc=true

Requested by

Host: www.sanook.com
URL: https://www.sanook.com/horoscope/73929/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c06::9a , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7c8a500abe4bd274463515765a2872a6fa10c74ebf4ab30ed8816b39d8c3c180

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sun, 19 Feb 2023 18:30:20 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9695
x-xss-protection: 0
google-lineitem-id: 5582840632
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138373742424
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.sanook.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 49 KB
17 KB 75ms
67ms XHR
text/plain 2404:6800:4003:c06::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1470658175133945&correlator=1125199060349145&eid=31072498%2C31072544&output=ldjh&gdfp_req=1&vrg=2023021501&ptt=17&impl=fif&us_privacy=1---&iu_parts=4899711%2Choroscope.sanook%2Cdesktop%2Creading%2Creadpage%2Cinviewadrequest&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4%2F5&prev_iu_szs=640x480%7C640x360&ifi=2&adks=134200852&didk=2149787503&sfv=1-0-40&prev_scp=category%3Dreading%2Chidden-content-date%2Chighlight-horoscope-super%2Cs-horoscope%26subcategory%3D12zodiac%26tags%3D%25E0%25B8%2584%25E0%25B8%25A7%25E0%25B8%25B2%25E0%25B8%25A1%25E0%25B8%25AB%25E0%25B8%25A1%25E0%25B8%25B2%25E0%25B8%25A2%25E0%25B8%2582%25E0%25B8%25AD%25E0%25B8%2587%25E0%25B8%2594%25E0%25B8%25AD%25E0%25B8%2581%25E0%25B9%2584%25E0%25B8%25A1%25E0%25B9%2589%2C%25E0%25B8%2594%25E0%25B8%25AD%25E0%25B8%2581%25E0%25B9%2584%25E0%25B8%25A1%25E0%25B9%2589%25E0%25B8%259B%25E0%25B8%25A3%25E0%25B8%25B0%25E0%25B8%2588%25E0%25B8%25B3%25E0%25B8%25A3%25E0%25B8%25B2%25E0%25B8%25A8%25E0%25B8%25B5%2C12%2520%25E0%25B8%25A3%25E0%25B8%25B2%25E0%25B8%25A8%25E0%25B8%25B5%2C%25E0%25B8%2594%25E0%25B8%25AD%25E0%25B8%2581%25E0%25B9%2584%25E0%25B8%25A1%25E0%25B9%2589%2C%25E0%25B8%25AA%25E0%25B8%25B1%25E0%25B8%258D%25E0%25B8%25A5%25E0%25B8%25B1%25E0%25B8%2581%25E0%25B8%25A9%25E0%25B8%2593%25E0%25B9%258C%25E0%25B8%259B%25E0%25B8%25A3%25E0%25B8%25B0%25E0%25B8%2588%25E0%25B8%25B3%25E0%25B8%25A3%25E0%25B8%25B2%25E0%25B8%25A8%25E0%25B8%25B5%2C%25E0%25B8%2594%25E0%25B8%25AD%25E0%25B8%2581%25E0%25B9%2584%25E0%25B8%25A1%25E0%25B9%2589%25E0%25B8%259B%25E0%25B8%25A3%25E0%25B8%25B0%25E0%25B8%2588%25E0%25B8%25B3%25E0%25B8%25A7%25E0%25B8%25B1%25E0%25B8%2599%25E0%25B9%2580%25E0%25B8%2581%25E0%25B8%25B4%25E0%25B8%2594%2C%25E0%25B8%2584%25E0%25B8%25A7%25E0%25B8%25B2%25E0%25B8%25A1%25E0%25B9%2580%25E0%25B8%258A%25E0%25B8%25B7%25E0%25B9%2588%25E0%25B8%25AD%2C12%25E0%25B8%25A3%25E0%25B8%25B2%25E0%25B8%25A8%25E0%25B8%25B5%26partner%3Ds-horoscope%26entry_id%3D73929&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1676831420895&lmt=1676831420&dlt=1676831418468&idt=1955&adxs=1200&adys=1303&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=1&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.sanook.com%2Fhoroscope%2F73929%2F&frm=20&vis=1&psz=400x-1&msz=400x-1&fws=512&ohw=0&ga_vid=435404951.1676831420&ga_sid=1676831421&ga_hid=1861498327&ga_fc=true

Requested by

Host: www.sanook.com
URL: https://www.sanook.com/horoscope/73929/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c06::9a , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

565acb0885aa05dba6505163a73d58c323496179a853d8d0f214879064e661c6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sun, 19 Feb 2023 18:30:20 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16792
x-xss-protection: 0
google-lineitem-id: 4741987593
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138239031270
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.sanook.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 35 KB
15 KB 409ms
406ms XHR
text/plain 2404:6800:4003:c06::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1470658175133945&correlator=1769518774885587&eid=31072498%2C31072544&output=ldjh&gdfp_req=1&vrg=2023021501&ptt=17&impl=fif&us_privacy=1---&iu_parts=4899711%2Choroscope.sanook%2Cdesktop%2Creading%2Creadpage%2Cinviewarticle&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4%2F5&prev_iu_szs=640x480%7C300x250%7C640x360%7C336x280%7C320x480&ifi=3&adks=3032234896&didk=1005935157&sfv=1-0-40&prev_scp=category%3Dreading%2Chidden-content-date%2Chighlight-horoscope-super%2Cs-horoscope%26subcategory%3D12zodiac%26tags%3D%25E0%25B8%2584%25E0%25B8%25A7%25E0%25B8%25B2%25E0%25B8%25A1%25E0%25B8%25AB%25E0%25B8%25A1%25E0%25B8%25B2%25E0%25B8%25A2%25E0%25B8%2582%25E0%25B8%25AD%25E0%25B8%2587%25E0%25B8%2594%25E0%25B8%25AD%25E0%25B8%2581%25E0%25B9%2584%25E0%25B8%25A1%25E0%25B9%2589%2C%25E0%25B8%2594%25E0%25B8%25AD%25E0%25B8%2581%25E0%25B9%2584%25E0%25B8%25A1%25E0%25B9%2589%25E0%25B8%259B%25E0%25B8%25A3%25E0%25B8%25B0%25E0%25B8%2588%25E0%25B8%25B3%25E0%25B8%25A3%25E0%25B8%25B2%25E0%25B8%25A8%25E0%25B8%25B5%2C12%2520%25E0%25B8%25A3%25E0%25B8%25B2%25E0%25B8%25A8%25E0%25B8%25B5%2C%25E0%25B8%2594%25E0%25B8%25AD%25E0%25B8%2581%25E0%25B9%2584%25E0%25B8%25A1%25E0%25B9%2589%2C%25E0%25B8%25AA%25E0%25B8%25B1%25E0%25B8%258D%25E0%25B8%25A5%25E0%25B8%25B1%25E0%25B8%2581%25E0%25B8%25A9%25E0%25B8%2593%25E0%25B9%258C%25E0%25B8%259B%25E0%25B8%25A3%25E0%25B8%25B0%25E0%25B8%2588%25E0%25B8%25B3%25E0%25B8%25A3%25E0%25B8%25B2%25E0%25B8%25A8%25E0%25B8%25B5%2C%25E0%25B8%2594%25E0%25B8%25AD%25E0%25B8%2581%25E0%25B9%2584%25E0%25B8%25A1%25E0%25B9%2589%25E0%25B8%259B%25E0%25B8%25A3%25E0%25B8%25B0%25E0%25B8%2588%25E0%25B8%25B3%25E0%25B8%25A7%25E0%25B8%25B1%25E0%25B8%2599%25E0%25B9%2580%25E0%25B8%2581%25E0%25B8%25B4%25E0%25B8%2594%2C%25E0%25B8%2584%25E0%25B8%25A7%25E0%25B8%25B2%25E0%25B8%25A1%25E0%25B9%2580%25E0%25B8%258A%25E0%25B8%25B7%25E0%25B9%2588%25E0%25B8%25AD%2C12%25E0%25B8%25A3%25E0%25B8%25B2%25E0%25B8%25A8%25E0%25B8%25B5%26partner%3Ds-horoscope%26entry_id%3D73929&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1676831420899&lmt=1676831420&dlt=1676831418468&idt=1955&adxs=279&adys=12463&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=2&ucis=3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.sanook.com%2Fhoroscope%2F73929%2F&frm=20&vis=1&psz=728x0&msz=728x0&fws=0&ohw=0&ga_vid=435404951.1676831420&ga_sid=1676831421&ga_hid=1861498327&ga_fc=true

Requested by

Host: www.sanook.com
URL: https://www.sanook.com/horoscope/73929/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c06::9a , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a95bc2614b01815f87f5f5e2683541415ca8c3bfda6c253c1faf83644e3580fa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sun, 19 Feb 2023 18:30:21 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: 109357
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15701
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-mediationtag-id: 181916
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.sanook.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
980f4f4d67287649793d18d60622bf76.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 1426 6 KB
3 KB 27ms
5ms Document
text/html 2404:6800:4003:c11::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://980f4f4d67287649793d18d60622bf76.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023021501.js?cb=31072498

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c11::84 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.sanook.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 19 Feb 2023 18:30:20 GMT
expires: Mon, 19 Feb 2024 18:30:20 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 200
OK dc-script-v2.min.js Show response
sal.isanook.com/dc/ 25 KB
25 KB 31ms
30ms Script
application/javascript 61.91.94.165
TRUEINTERNET-AS-A...

General

Check archive.org

Show headers Download Go to

Full URL: https://sal.isanook.com/dc/dc-script-v2.min.js
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/horoscope/73929/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 61.91.94.165 Nonthaburi, Thailand, ASN7470 (TRUEINTERNET-AS-AP TRUE INTERNET Co.,Ltd., TH),
Reverse DNS: 61-91-94-165.static.asianet.co.th
Software: nginx /
Resource Hash: 3742d5b28f7d0667a9e788a9a6867410194c116b62d93bcd6d256dad386189ad

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date: Sun, 19 Feb 2023 18:30:20 GMT
Last-Modified: Mon, 16 Nov 2020 11:46:30 GMT
Server: nginx
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 25278
Expires: Tue, 21 Mar 2023 18:30:20 GMT

GET
H2 200 ixmatch.html Show response
js-sec.indexww.com/um/ Frame B7EA 3 KB
2 KB 24ms
8ms Document
text/html 104.18.10.47
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js-sec.indexww.com/um/ixmatch.html
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.10.47 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb

Request headers

Referer: https://www.sanook.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

age: 60
cache-control: public, max-age=14400
cf-cache-status: HIT
cf-ray: 79c112bd0ded495b-SIN
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Sun, 19 Feb 2023 18:30:20 GMT
expires: Sun, 19 Feb 2023 22:30:20 GMT
last-modified: Mon, 25 Jul 2022 19:18:26 GMT
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
server: cloudflare
vary: Accept-Encoding

GET
H2 200 ixmatch.html Show response
js-sec.indexww.com/um/ Frame DB3E 3 KB
1 KB 27ms
12ms Document
text/html 104.18.10.47
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js-sec.indexww.com/um/ixmatch.html
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.10.47 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb

Request headers

Referer: https://www.sanook.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

age: 60
cache-control: public, max-age=14400
cf-cache-status: HIT
cf-ray: 79c112bd0dee495b-SIN
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Sun, 19 Feb 2023 18:30:20 GMT
expires: Sun, 19 Feb 2023 22:30:20 GMT
last-modified: Mon, 25 Jul 2022 19:18:26 GMT
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
server: cloudflare
vary: Accept-Encoding

GET
H3

200

sd
us-u.openx.net/w/1.0/ Frame 0975
Redirect Chain

https://ad.turn.com/r/cs?pid=9&gdpr=0
https://us-u.openx.net/w/1.0/sd?id=537073061&val=7626325209235729978&gdpr=0&gdpr_consent=&us_privacy=

43 B
61 B

8ms
7ms

Image
image/gif

34.98.64.218
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537073061&val=7626325209235729978&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: jp-u.openx.net
URL: https://jp-u.openx.net/w/1.0/pd?plm=6&ph=37e95722-5599-4708-ac2b-c16016d6597d&gdpr=0
Protocol: H3
Server: 34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://jp-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 19 Feb 2023 18:30:21 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location: https://us-u.openx.net/w/1.0/sd?id=537073061&val=7626325209235729978&gdpr=0&gdpr_consent=&us_privacy=
pragma: no-cache
date: Sun, 19 Feb 2023 18:30:20 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 0
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame 0975
Redirect Chain

https://match.adsrvr.org/track/cmf/openx?oxid=b9b5f792-b958-3b4c-6ddd-bc52e1511283&gdpr=0
https://match.adsrvr.org/track/cmb/openx?oxid=b9b5f792-b958-3b4c-6ddd-bc52e1511283&gdpr=0
https://us-u.openx.net/w/1.0/sd?id=537072971&val=f91d4e2a-9548-4c26-a952-3061050615ad&ttd_puid=b9b5f792-b958-3b4c-6ddd-bc52e1511283&gdpr=0&gdpr_consent=

43 B
264 B

13ms
8ms

Image
image/gif

34.98.64.218
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072971&val=f91d4e2a-9548-4c26-a952-3061050615ad&ttd_puid=b9b5f792-b958-3b4c-6ddd-bc52e1511283&gdpr=0&gdpr_consent=
Requested by: Host: jp-u.openx.net
URL: https://jp-u.openx.net/w/1.0/pd?plm=6&ph=37e95722-5599-4708-ac2b-c16016d6597d&gdpr=0
Protocol: H2
Server: 34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://jp-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 19 Feb 2023 18:30:21 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 19 Feb 2023 18:30:21 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://us-u.openx.net/w/1.0/sd?id=537072971&val=f91d4e2a-9548-4c26-a952-3061050615ad&ttd_puid=b9b5f792-b958-3b4c-6ddd-bc52e1511283&gdpr=0&gdpr_consent=
content-type: text/html
cache-control: private,no-cache, must-revalidate
content-length: 335

GET
H3

200

sd
jp-u.openx.net/w/1.0/ Frame 0975
Redirect Chain

https://tg.socdm.com/rtb/sync_before?proto=openx
https://jp-u.openx.net/w/1.0/sd?id=537072335&val=Y-JqvcCo8YoAAHHtC1oAAAAA

43 B
61 B

6ms
6ms

Image
image/gif

34.98.64.218
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://jp-u.openx.net/w/1.0/sd?id=537072335&val=Y-JqvcCo8YoAAHHtC1oAAAAA
Requested by: Host: jp-u.openx.net
URL: https://jp-u.openx.net/w/1.0/pd?plm=6&ph=37e95722-5599-4708-ac2b-c16016d6597d&gdpr=0
Protocol: H3
Server: 34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://jp-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 19 Feb 2023 18:30:21 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

X-SO-Cluster-ID: 0
Date: Sun, 19 Feb 2023 18:30:21 GMT
X-SO-LB-Data: {"ban":false,"clean_query":"\/rtb\/sync_before?proto=openx","cluster_id":0,"gdpr":false,"ipv4":"103.254.153.210","key":"Y-JqvcCo8YoAAHHtC1oAAAAA","privacy_sensitive":false,"uid":"","upstream_id":"m-ad162"}
X-SO-Key: Y-JqvcCo8YoAAHHtC1oAAAAA
Server: nginx
X-SO-Upstream-ID: m-ad162
P3P: CP="See also http://www.scaleout.jp/privacy/"
Location: https://jp-u.openx.net/w/1.0/sd?id=537072335&val=Y-JqvcCo8YoAAHHtC1oAAAAA
Cache-Control: private
X-SO-HostName: m-ad162.dc4p.scaleout.jp
Connection: keep-alive
X-SO-Ads-Time: 2
Content-Length: 0
X-SO-LB-Hostname: m-tgng38.dc4p.scaleout.jp
X-SO-IP: 103.254.153.210

GET
H3

200

sd
jp-u.openx.net/w/1.0/ Frame 0975
Redirect Chain

https://cr-p3.ladsp.com/cookiesender/3
https://cr-p3.ladsp.com/cookiesender/3?cr=true
https://jp-u.openx.net/w/1.0/sd?id=537072451&val=AQpfCLf1HpZbks8AD1ntPLMoTs8AAAGGavDzHg

43 B
61 B

6ms
6ms

Image
image/gif

34.98.64.218
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://jp-u.openx.net/w/1.0/sd?id=537072451&val=AQpfCLf1HpZbks8AD1ntPLMoTs8AAAGGavDzHg
Requested by: Host: jp-u.openx.net
URL: https://jp-u.openx.net/w/1.0/pd?plm=6&ph=37e95722-5599-4708-ac2b-c16016d6597d&gdpr=0
Protocol: H3
Server: 34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://jp-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 19 Feb 2023 18:30:21 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 19 Feb 2023 18:30:21 GMT
via: 1.1 cebe7291f382f643e4ea2329a2d8016a.cloudfront.net (CloudFront)
server: Logicad
x-amz-cf-pop: SIN2-P2
x-cache: Miss from cloudfront
p3p: CP="NOI DEVo TAIo PSAo PSDo OUR IND UNI NAV", policyref="http://cd.ladsp.com/xml/w3c/p3p.xml"
location: https://jp-u.openx.net/w/1.0/sd?id=537072451&val=AQpfCLf1HpZbks8AD1ntPLMoTs8AAAGGavDzHg
cache-control: no-cache
content-length: 0
x-amz-cf-id: zKdwHcNSawmWe2n0pdte39s1RqltKwcn_DhQaOxb9gXmYZiKIyz-sw==
expires: -1

GET
H2 200 pixel
cm.g.doubleclick.net/ Frame 0975 170 B
409 B 22ms
7ms Image
image/png 74.125.24.156
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=OTVkYTI0NTgtNzAyZi02NWU4LTc4M2QtZTZlYjJiYjNkY2Uz

Requested by

Host: jp-u.openx.net
URL: https://jp-u.openx.net/w/1.0/pd?plm=6&ph=37e95722-5599-4708-ac2b-c16016d6597d&gdpr=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.24.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sf-in-f156.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://jp-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 19 Feb 2023 18:30:21 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame 0975
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEFfwtvHx1IykP0E0zbPXrvE&google_cver=1

43 B
106 B

13ms
10ms

Image
image/gif

34.98.64.218
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEFfwtvHx1IykP0E0zbPXrvE&google_cver=1
Requested by: Host: jp-u.openx.net
URL: https://jp-u.openx.net/w/1.0/pd?plm=6&ph=37e95722-5599-4708-ac2b-c16016d6597d&gdpr=0
Protocol: H2
Server: 34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://jp-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 19 Feb 2023 18:30:21 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 19 Feb 2023 18:30:21 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEFfwtvHx1IykP0E0zbPXrvE&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 295
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
mab.chartbeat.com/mab_strategy/headline_testing/get_strategy/ 169 B
495 B 864ms
250ms XHR
application/json 2a04:4e42:600::714
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://mab.chartbeat.com/mab_strategy/headline_testing/get_strategy/?host=sanook.com&domain=sanook.com&path=%2Fhoroscope%2F73929%2F
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/horoscope/73929/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:600::714 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 9324db5995b84b209ba882073357d90fe5032e3916197a5a43197dcca55e8af1

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

x-cache-hits: 0
date: Sun, 19 Feb 2023 18:30:21 GMT
content-encoding: gzip
via: 1.1 varnish (Varnish/6.0), 1.1 varnish
age: 0
x-cache: MISS
cross-origin-resource-policy: cross-origin
content-length: 136
x-served-by: cache-bur-kbur8200159-BUR
x-timer: S1676831422.656970,VS0,VE71
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
content-type: application/json
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0, s-maxage=0
accept-ranges: bytes
expires: Fri, 17 Feb 2023 18:30:21 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 49 KB
20 KB 407ms
406ms XHR
text/plain 2404:6800:4003:c06::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1470658175133945&correlator=4459209970522988&eid=31072498%2C31072544&output=ldjh&gdfp_req=1&vrg=2023021501&ptt=17&impl=fif&us_privacy=1---&iu_parts=4899711%2Choroscope.sanook%2Cdesktop%2Creading%2Creadpage%2Cbillboard&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4%2F5&prev_iu_szs=1x1%7C1150x90%7C1090x250%7C728x90&ifi=4&adks=2467760231&didk=498303882&sfv=1-0-40&prev_scp=category%3Dreading%2Chidden-content-date%2Chighlight-horoscope-super%2Cs-horoscope%26subcategory%3D12zodiac%26tags%3D%25E0%25B8%2584%25E0%25B8%25A7%25E0%25B8%25B2%25E0%25B8%25A1%25E0%25B8%25AB%25E0%25B8%25A1%25E0%25B8%25B2%25E0%25B8%25A2%25E0%25B8%2582%25E0%25B8%25AD%25E0%25B8%2587%25E0%25B8%2594%25E0%25B8%25AD%25E0%25B8%2581%25E0%25B9%2584%25E0%25B8%25A1%25E0%25B9%2589%2C%25E0%25B8%2594%25E0%25B8%25AD%25E0%25B8%2581%25E0%25B9%2584%25E0%25B8%25A1%25E0%25B9%2589%25E0%25B8%259B%25E0%25B8%25A3%25E0%25B8%25B0%25E0%25B8%2588%25E0%25B8%25B3%25E0%25B8%25A3%25E0%25B8%25B2%25E0%25B8%25A8%25E0%25B8%25B5%2C12%2520%25E0%25B8%25A3%25E0%25B8%25B2%25E0%25B8%25A8%25E0%25B8%25B5%2C%25E0%25B8%2594%25E0%25B8%25AD%25E0%25B8%2581%25E0%25B9%2584%25E0%25B8%25A1%25E0%25B9%2589%2C%25E0%25B8%25AA%25E0%25B8%25B1%25E0%25B8%258D%25E0%25B8%25A5%25E0%25B8%25B1%25E0%25B8%2581%25E0%25B8%25A9%25E0%25B8%2593%25E0%25B9%258C%25E0%25B8%259B%25E0%25B8%25A3%25E0%25B8%25B0%25E0%25B8%2588%25E0%25B8%25B3%25E0%25B8%25A3%25E0%25B8%25B2%25E0%25B8%25A8%25E0%25B8%25B5%2C%25E0%25B8%2594%25E0%25B8%25AD%25E0%25B8%2581%25E0%25B9%2584%25E0%25B8%25A1%25E0%25B9%2589%25E0%25B8%259B%25E0%25B8%25A3%25E0%25B8%25B0%25E0%25B8%2588%25E0%25B8%25B3%25E0%25B8%25A7%25E0%25B8%25B1%25E0%25B8%2599%25E0%25B9%2580%25E0%25B8%2581%25E0%25B8%25B4%25E0%25B8%2594%2C%25E0%25B8%2584%25E0%25B8%25A7%25E0%25B8%25B2%25E0%25B8%25A1%25E0%25B9%2580%25E0%25B8%258A%25E0%25B8%25B7%25E0%25B9%2588%25E0%25B8%25AD%2C12%25E0%25B8%25A3%25E0%25B8%25B2%25E0%25B8%25A8%25E0%25B8%25B5%26partner%3Ds-horoscope%26entry_id%3D73929&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1676831420961&lmt=1676831420&dlt=1676831418468&idt=1955&adxs=225&adys=-90&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.sanook.com%2Fhoroscope%2F73929%2F&frm=20&vis=1&psz=1150x-1&msz=1150x-1&fws=4&ohw=1150&ga_vid=435404951.1676831420&ga_sid=1676831421&ga_hid=1861498327&ga_fc=true

Requested by

Host: www.sanook.com
URL: https://www.sanook.com/horoscope/73929/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c06::9a , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8f927e1ab0c9f188532419562d5eb719ff968f6a8652afa7e3d8d3010c3df193

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sun, 19 Feb 2023 18:30:21 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20062
x-xss-protection: 0
google-lineitem-id: 6162100270
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138413690075
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.sanook.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame D660 0
0 8ms
7ms Fetch
image/gif 2404:6800:4003:c06::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssjnNB-aDIw_Z84s1NqM3GuRdZ1WK7YwSze6RYbP7SlTwIEpFsY8T5hU8Yx09mDVsV-NnsPraxMmpi-O1iJ1RmBKPam7GbJ8408DfZCa2-tKGuky7pMrqplrlfucQ_Q8fdZETExaIcNUMwi_Bn2qmTJt4IT-AiYmorFVKUXktjuSv1VrxxtSjnRLtw0WeGp2MvVFZvQdwHcaLzHZIAL6sA6d12hdA0_T0aSjSfOruhvkZ5zXZbTzGIgCimQihfMbSv_glyrh-nvKwu9dQ8_c7N57KNEt1PXFhwKLUpyDLvkhNsH4ol63h8oZFSgEUqoVq_mgZdwrH4BCQAMl3C8rLcuMJj3y1gU3RVnFEXTnDfIsi6JY_0nNo1lHz8wLA&sai=AMfl-YTg3xOuLiVftZqDx-mf25u7gFzopt9jgYfT_ix-tOw9fiY87NuxEFQCR65YbbbCJaoMOLuReF6OJzb_nf7Ii3UQ5TPcD7ySxYK9xGfytyhYSw0yrcq0EQzDQS_dsX4&sig=Cg0ArKJSzNg5i8fQ0zorEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: www.sanook.com
URL: https://www.sanook.com/horoscope/73929/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c06::9a , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sun, 19 Feb 2023 18:30:21 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 video-js.min.css
s.isanook.com/sh/0/ad/inview/ Frame D660 38 KB
13 KB 19ms
15ms Stylesheet
text/css 43.132.81.184
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to

Full URL: https://s.isanook.com/sh/0/ad/inview/video-js.min.css
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023021501.js?cb=31072498
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 43.132.81.184 , Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: Lego Server /
Resource Hash: cbbea5ddef89ab10c3ba4c56b378f820b7426c4da981721ad97f6d7638e0c2b1

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 16 Feb 2023 07:22:31 GMT
content-encoding: gzip
x-cache-lookup: Cache Hit
x-original-content-length: 39377
server: Lego Server
age: 1200323
etag: W/"5958d2e5-99d1"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
x-nws-log-uuid: 12756351258651560330
accept-ranges: bytes
content-length: 13271
expires: Sat, 04 Mar 2023 09:46:52 GMT

GET
H2 200 videojs.ads.min.css
s.isanook.com/sh/0/ad/inview/ Frame D660 359 B
384 B 19ms
16ms Stylesheet
text/css 43.132.81.184
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to

Full URL: https://s.isanook.com/sh/0/ad/inview/videojs.ads.min.css
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023021501.js?cb=31072498
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 43.132.81.184 , Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: Lego Server /
Resource Hash: 44ca2146f5e4ac14cbb7e71aefc11dc07792aa5302627fee0209b3ecdab18b25

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 16 Feb 2023 07:22:31 GMT
content-encoding: gzip
x-cache-lookup: Cache Hit
x-original-content-length: 359
server: Lego Server
age: 1218955
etag: W/"5958d2e3-167"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
x-nws-log-uuid: 14759580916865275299
accept-ranges: bytes
content-length: 196
expires: Sat, 04 Mar 2023 04:14:03 GMT

GET
H2 200 ads-v1.0.3.css
s.isanook.com/sh/0/ad/inview/ Frame D660 4 KB
2 KB 19ms
16ms Stylesheet
text/css 43.132.81.184
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to

Full URL: https://s.isanook.com/sh/0/ad/inview/ads-v1.0.3.css
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023021501.js?cb=31072498
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 43.132.81.184 , Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: Lego Server /
Resource Hash: 63a535305d3b0ca376dd8225cc817b1e6709f346016a99a5aa85c48ca2f77482

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 16 Feb 2023 07:22:31 GMT
content-encoding: gzip
x-cache-lookup: Cache Hit
x-original-content-length: 4477
server: Lego Server
age: 1199964
etag: W/"5b20b088-117d"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=2592000
x-nws-log-uuid: 4988697986235559436
accept-ranges: bytes
content-length: 1540
expires: Sat, 04 Mar 2023 01:00:24 GMT

GET
H2 200 jquery-1.8.3.min.js Show response
s.isanook.com/sh/0/ad/inview/ Frame D660 91 KB
33 KB 19ms
15ms Script
application/javascript 43.132.81.184
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to

Full URL: https://s.isanook.com/sh/0/ad/inview/jquery-1.8.3.min.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023021501.js?cb=31072498
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 43.132.81.184 , Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: Lego Server /
Resource Hash: 2295fbd4eed6fa5b0d775a17048a0f73e85c3a347bb384be7b427418cd453d23

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 16 Feb 2023 07:23:00 GMT
content-encoding: gzip
x-cache-lookup: Cache Hit
x-original-content-length: 93583
server: Lego Server
age: 1212792
etag: W/"5958d2e1-16d8f"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-nws-log-uuid: 6520820083153949713
accept-ranges: bytes
content-length: 33384
expires: Sat, 04 Mar 2023 06:21:56 GMT

GET
H2 200 video.min.js Show response
s.isanook.com/sh/0/ad/inview/ Frame D660 246 KB
53 KB 19ms
16ms Script
application/javascript 43.132.81.184
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to

Full URL: https://s.isanook.com/sh/0/ad/inview/video.min.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023021501.js?cb=31072498
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 43.132.81.184 , Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: Lego Server /
Resource Hash: 4b73ba1653aaddc0c19e9729053ed92d6273c68705d70d145bf83080feee8deb

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 16 Feb 2023 07:20:58 GMT
content-encoding: gzip
x-cache-lookup: Cache Hit
x-original-content-length: 251547
server: Lego Server
age: 171
etag: W/"5958d2e3-3d69b"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-nws-log-uuid: 2645943948952038975
accept-ranges: bytes
content-length: 53989
expires: Sat, 18 Mar 2023 07:04:59 GMT

GET
H2 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ Frame D660 366 KB
123 KB 38ms
6ms Script
text/javascript 2404:6800:4003:c04::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023021501.js?cb=31072498

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c04::5f , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

83f7e0e06a0d668dcdd507d0518cefb1774af7f67830c0d031c315733f9e6448

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sun, 19 Feb 2023 18:30:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 124936
x-xss-protection: 0
expires: Sun, 19 Feb 2023 18:30:21 GMT

GET
H2 200 videojs.ads.min.js Show response
s.isanook.com/sh/0/ad/inview/ Frame D660 18 KB
5 KB 28ms
26ms Script
application/javascript 43.132.81.184
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to

Full URL: https://s.isanook.com/sh/0/ad/inview/videojs.ads.min.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023021501.js?cb=31072498
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 43.132.81.184 , Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: Lego Server /
Resource Hash: d021a42429c9121303b4aa9316b84d89377992c1ba5c680eadb5b3e38989fe61

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 16 Feb 2023 07:20:38 GMT
content-encoding: gzip
x-cache-lookup: Cache Hit
x-original-content-length: 18700
server: Lego Server
age: 151
etag: W/"5958d2e4-490c"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000
x-nws-log-uuid: 5741867874874571692
accept-ranges: bytes
content-length: 5141
expires: Sat, 18 Mar 2023 07:04:59 GMT

GET
H2 200 videojs.ima.js Show response
s.isanook.com/sh/0/ad/inview/ Frame D660 47 KB
11 KB 19ms
16ms Script
application/javascript 43.132.81.184
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to

Full URL: https://s.isanook.com/sh/0/ad/inview/videojs.ima.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023021501.js?cb=31072498
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 43.132.81.184 , Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: Lego Server /
Resource Hash: 10b7f660bbe70fc660e99f219bfd972dafc4837c50260a04c0ec63f7a7c2cead

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 16 Feb 2023 07:20:38 GMT
content-encoding: gzip
x-cache-lookup: Cache Hit
last-modified: Sun, 02 Jul 2017 11:03:00 GMT
server: Lego Server
age: 1205413
etag: W/"5958d2e4-bbbc"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000
x-nws-log-uuid: 5088063761465705472
accept-ranges: bytes
content-length: 10915
expires: Thu, 02 Feb 2023 10:01:57 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame D660 156 KB
48 KB 21ms
19ms Script
text/javascript 2404:6800:4003:c03::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023021501.js?cb=31072498

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::9a , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a85af52452417453ae5ced98aa54a149925de2155e823234dce588c331d11aa0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sun, 19 Feb 2023 18:30:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48814
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1676465787912926"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 19 Feb 2023 18:30:21 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame B6EF 0
0 16ms
16ms Fetch
image/gif 2404:6800:4003:c06::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstJWgbeBXyKcZykhtw2Nbywg9iQNVn-1YTedFDm3JksZyU8hG1XkkV6aSAcBT76bI4nc39q2Xh0VM8JTtH4VjMShum97NzQTqBBJrKzReIBV9H1Z87uu0pJGHjymn7uqpnY-ceGYzUQHMH-zJoy3cU-V8jEGHPgRRwrc4u8fw_RZXTK2FpS9RT9rFz06v-gms59SwOVkMLybvSsQlfwEM2G-fCvNkBh5C1R02DZej7-N0_m821dBHc6Dmjuf0XHEgjqRSQC_bu-PksqJ4ysokteOgNl7GhUoX6tZgZyB2Xi3fAcF3giT8Qo6WXm7ir3mPmzRVhfGzZRQWBRKFz-xo416uiYt4tfHkDiO_m-X61lFzHZ2EA&sai=AMfl-YQVlEStWPPwj6b22-dc78871YeX-zsqIpe6Di6kUdf4gzuhLUf2z1-aVqNWZyUIp5RFl4NaIsndbkUTrBJnIy9vQwRhIz1q1xoRR1yyDiXr5pUHw8sGkGdV0z1McQ&sig=Cg0ArKJSzMOuOWUHtdJIEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: www.sanook.com
URL: https://www.sanook.com/horoscope/73929/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c06::9a , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sun, 19 Feb 2023 18:30:21 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ Frame B6EF 76 KB
26 KB 14ms
13ms Script
text/javascript 2404:6800:4003:c06::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023021501.js?cb=31072498

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c06::9a , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7c87f89709d7e67e66fea5de8c363a18c4a0825d5bf7fcb015cf462016295d0a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sun, 19 Feb 2023 18:30:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 26543
x-xss-protection: 0
server: sffe
etag: "1487 / 957 of 1000 / last-modified: 1676675148"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sun, 19 Feb 2023 18:30:21 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame B6EF 156 KB
48 KB 12ms
11ms Script
text/javascript 2404:6800:4003:c03::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023021501.js?cb=31072498

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::9a , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a85af52452417453ae5ced98aa54a149925de2155e823234dce588c331d11aa0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sun, 19 Feb 2023 18:30:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48814
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1676465787912926"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 19 Feb 2023 18:30:21 GMT

GET
H2 204 debug
sg-trc-events.taboola.com/sanook/log/2/ 0
88 B 7ms
3ms Image
text/plain 141.226.229.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sg-trc-events.taboola.com/sanook/log/2/debug?tim=18%3A30%3A21.074&type=usage&msg=cta-_1676831421074&llvl=2&id=1681&cv=20230213-19_b7-PR-53447-DEV-119237-display-to-native-feed-desktop-rollout-e3e866e8b75&lt=display-desktop1_var&file=cta-manager&method=&position=&extraData=%7B%22v%22%3A%222%22%2C%22location%22%3A%22https%3A%2F%2Fwww.sanook.com%2Fhoroscope%2F73929%2F%22%2C%22itemId%22%3A%22~~V1~~-2354564269356714709~~Hu2JAyHrIyjb%22%2C%22text%22%3A%22%E9%98%85%E8%AF%BB%E6%9B%B4%E5%A4%9A%22%2C%22type%22%3A%22event%22%2C%22module%22%3A%22cta-lazy-module%22%2C%22event%22%3A%22CTA-event-rendered%22%2C%22cardIndexOnPage%22%3A0%2C%22index%22%3A0%2C%22placement%22%3A%22Below%20Article%20Thumbnails%20%7C%20Card%202%22%2C%22innerText%22%3A%22%E4%B8%80%E6%96%87%E6%8E%8C%E6%8F%A12023%E5%B9%B4%E8%B4%A2%E6%94%BF%E9%A2%84%E7%AE%97%E6%A1%88%E8%A6%81%E7%82%B9%5Cn%E8%81%94%E5%90%88%E6%97%A9%E6%8A%A5%5Cn%7C%5CnSponsored%22%2C%22config%22%3A%7B%22borderColor%22%3A%22black%22%2C%22fontWeight%22%3A%22bold%22%2C%22isInheritTitleColor%22%3A%22true%22%7D%7D
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/horoscope/73929/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.229.48 , Singapore, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sun, 19 Feb 2023 18:30:21 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 8090

GET
H2 204 debug
sg-trc-events.taboola.com/sanook/log/2/ 0
88 B 7ms
4ms Image
text/plain 141.226.229.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sg-trc-events.taboola.com/sanook/log/2/debug?tim=18%3A30%3A21.075&type=usage&msg=cta-_1676831421075&llvl=2&id=6354&cv=20230213-19_b7-PR-53447-DEV-119237-display-to-native-feed-desktop-rollout-e3e866e8b75&lt=display-desktop1_var&file=cta-manager&method=&position=&extraData=%7B%22v%22%3A%222%22%2C%22location%22%3A%22https%3A%2F%2Fwww.sanook.com%2Fhoroscope%2F73929%2F%22%2C%22itemId%22%3A%22~~V1~~-2354564269356714709~~Hu2JAyHrIyjb%22%2C%22text%22%3A%22%E9%98%85%E8%AF%BB%E6%9B%B4%E5%A4%9A%22%2C%22type%22%3A%22event%22%2C%22module%22%3A%22cta-lazy-module%22%2C%22event%22%3A%22CTA-event-CTA_Title_Not_Black%22%2C%22cardIndexOnPage%22%3A0%2C%22index%22%3A0%2C%22placement%22%3A%22Below%20Article%20Thumbnails%20%7C%20Card%202%22%2C%22innerText%22%3A%22%E4%B8%80%E6%96%87%E6%8E%8C%E6%8F%A12023%E5%B9%B4%E8%B4%A2%E6%94%BF%E9%A2%84%E7%AE%97%E6%A1%88%E8%A6%81%E7%82%B9%5Cn%E8%81%94%E5%90%88%E6%97%A9%E6%8A%A5%5Cn%7C%5CnSponsored%22%2C%22config%22%3A%7B%22borderColor%22%3A%22black%22%2C%22fontWeight%22%3A%22bold%22%2C%22isInheritTitleColor%22%3A%22true%22%7D%7D
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/horoscope/73929/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.229.48 , Singapore, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sun, 19 Feb 2023 18:30:21 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 8090

GET
H2 204 debug
sg-trc-events.taboola.com/sanook/log/2/ 0
88 B 7ms
4ms Image
text/plain 141.226.229.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sg-trc-events.taboola.com/sanook/log/2/debug?tim=18%3A30%3A21.080&type=usage&msg=cta-_1676831421080&llvl=2&id=6166&cv=20230213-19_b7-PR-53447-DEV-119237-display-to-native-feed-desktop-rollout-e3e866e8b75&lt=display-desktop1_var&file=cta-manager&method=&position=&extraData=%7B%22v%22%3A%222%22%2C%22location%22%3A%22https%3A%2F%2Fwww.sanook.com%2Fhoroscope%2F73929%2F%22%2C%22itemId%22%3A%22~~V1~~-2951206546250672718~~8sZN5_Bj7WhT%22%2C%22text%22%3A%22%E9%98%85%E8%AF%BB%E6%9B%B4%E5%A4%9A%22%2C%22type%22%3A%22event%22%2C%22module%22%3A%22cta-lazy-module%22%2C%22event%22%3A%22CTA-event-rendered%22%2C%22cardIndexOnPage%22%3A1%2C%22index%22%3A0%2C%22placement%22%3A%22Below%20Article%20Thumbnails%20%7C%20Card%203%22%2C%22innerText%22%3A%22%E4%BB%8E%E4%BD%A0%E7%9A%84%E5%87%BA%E7%94%9F%E6%97%B6%E8%BE%B0%E7%9C%8B%E4%BD%A0%E6%98%AF%E5%90%A6%E4%BA%8B%E4%B8%9A%E4%B8%8A%E5%91%BD%E8%8B%A6%E7%A6%8F%E7%A6%84%E8%96%84%E7%9A%84%E5%91%BD%EF%BC%9F%5Cn%E7%8E%84%E7%87%8A%E5%91%BD%E7%90%86%5Cn%7C%5CnSponsored%22%2C%22config%22%3A%7B%22borderColor%22%3A%22black%22%2C%22fontWeight%22%3A%22bold%22%2C%22isInheritTitleColor%22%3A%22true%22%7D%7D
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/horoscope/73929/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.229.48 , Singapore, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sun, 19 Feb 2023 18:30:21 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 8090

GET
H2 204 debug
sg-trc-events.taboola.com/sanook/log/2/ 0
88 B 8ms
5ms Image
text/plain 141.226.229.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sg-trc-events.taboola.com/sanook/log/2/debug?tim=18%3A30%3A21.080&type=usage&msg=cta-_1676831421080&llvl=2&id=7416&cv=20230213-19_b7-PR-53447-DEV-119237-display-to-native-feed-desktop-rollout-e3e866e8b75&lt=display-desktop1_var&file=cta-manager&method=&position=&extraData=%7B%22v%22%3A%222%22%2C%22location%22%3A%22https%3A%2F%2Fwww.sanook.com%2Fhoroscope%2F73929%2F%22%2C%22itemId%22%3A%22~~V1~~-2951206546250672718~~8sZN5_Bj7WhT%22%2C%22text%22%3A%22%E9%98%85%E8%AF%BB%E6%9B%B4%E5%A4%9A%22%2C%22type%22%3A%22event%22%2C%22module%22%3A%22cta-lazy-module%22%2C%22event%22%3A%22CTA-event-CTA_Title_Not_Black%22%2C%22cardIndexOnPage%22%3A1%2C%22index%22%3A0%2C%22placement%22%3A%22Below%20Article%20Thumbnails%20%7C%20Card%203%22%2C%22innerText%22%3A%22%E4%BB%8E%E4%BD%A0%E7%9A%84%E5%87%BA%E7%94%9F%E6%97%B6%E8%BE%B0%E7%9C%8B%E4%BD%A0%E6%98%AF%E5%90%A6%E4%BA%8B%E4%B8%9A%E4%B8%8A%E5%91%BD%E8%8B%A6%E7%A6%8F%E7%A6%84%E8%96%84%E7%9A%84%E5%91%BD%EF%BC%9F%5Cn%E7%8E%84%E7%87%8A%E5%91%BD%E7%90%86%5Cn%7C%5CnSponsored%22%2C%22config%22%3A%7B%22borderColor%22%3A%22black%22%2C%22fontWeight%22%3A%22bold%22%2C%22isInheritTitleColor%22%3A%22true%22%7D%7D
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/horoscope/73929/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.229.48 , Singapore, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sun, 19 Feb 2023 18:30:21 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 8090

GET
H2 204 debug
sg-trc-events.taboola.com/sanook/log/2/ 0
88 B 8ms
6ms Image
text/plain 141.226.229.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sg-trc-events.taboola.com/sanook/log/2/debug?tim=18%3A30%3A21.081&type=usage&msg=cta-_1676831421081&llvl=2&id=8604&cv=20230213-19_b7-PR-53447-DEV-119237-display-to-native-feed-desktop-rollout-e3e866e8b75&lt=display-desktop1_var&file=cta-manager&method=&position=&extraData=%7B%22v%22%3A%222%22%2C%22location%22%3A%22https%3A%2F%2Fwww.sanook.com%2Fhoroscope%2F73929%2F%22%2C%22itemId%22%3A%22~~V1~~-5057559706364447565~~ci07zv3clwGA%22%2C%22text%22%3A%22%E9%98%85%E8%AF%BB%E6%9B%B4%E5%A4%9A%22%2C%22type%22%3A%22event%22%2C%22module%22%3A%22cta-lazy-module%22%2C%22event%22%3A%22CTA-event-rendered%22%2C%22cardIndexOnPage%22%3A2%2C%22index%22%3A2%2C%22placement%22%3A%22Below%20Article%20Thumbnails%20%7C%20Card%203%22%2C%22innerText%22%3A%22%E3%80%90%E9%A2%84%E7%AE%97%E6%A1%88%E3%80%91%E7%BA%A6250%E4%B8%87%E6%96%B0%E5%8A%A0%E5%9D%A1%E4%BA%BA%E5%8F%AF%E8%8E%B7%E5%A4%9A%E8%BE%BE400%E5%85%83%E7%94%9F%E6%B4%BB%E8%B4%B9%E7%89%B9%E5%88%AB%E8%A1%A5%E5%8A%A9%5Cn%E8%81%94%E5%90%88%E6%97%A9%E6%8A%A5%5Cn%7C%5CnSponsored%22%2C%22config%22%3A%7B%22borderColor%22%3A%22black%22%2C%22fontWeight%22%3A%22bold%22%2C%22isInheritTitleColor%22%3A%22true%22%7D%7D
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/horoscope/73929/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.229.48 , Singapore, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sun, 19 Feb 2023 18:30:21 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 8090

GET
H2 204 debug
sg-trc-events.taboola.com/sanook/log/2/ 0
88 B 8ms
6ms Image
text/plain 141.226.229.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sg-trc-events.taboola.com/sanook/log/2/debug?tim=18%3A30%3A21.082&type=usage&msg=cta-_1676831421082&llvl=2&id=8725&cv=20230213-19_b7-PR-53447-DEV-119237-display-to-native-feed-desktop-rollout-e3e866e8b75&lt=display-desktop1_var&file=cta-manager&method=&position=&extraData=%7B%22v%22%3A%222%22%2C%22location%22%3A%22https%3A%2F%2Fwww.sanook.com%2Fhoroscope%2F73929%2F%22%2C%22itemId%22%3A%22~~V1~~-5057559706364447565~~ci07zv3clwGA%22%2C%22text%22%3A%22%E9%98%85%E8%AF%BB%E6%9B%B4%E5%A4%9A%22%2C%22type%22%3A%22event%22%2C%22module%22%3A%22cta-lazy-module%22%2C%22event%22%3A%22CTA-event-CTA_Title_Not_Black%22%2C%22cardIndexOnPage%22%3A2%2C%22index%22%3A2%2C%22placement%22%3A%22Below%20Article%20Thumbnails%20%7C%20Card%203%22%2C%22innerText%22%3A%22%E3%80%90%E9%A2%84%E7%AE%97%E6%A1%88%E3%80%91%E7%BA%A6250%E4%B8%87%E6%96%B0%E5%8A%A0%E5%9D%A1%E4%BA%BA%E5%8F%AF%E8%8E%B7%E5%A4%9A%E8%BE%BE400%E5%85%83%E7%94%9F%E6%B4%BB%E8%B4%B9%E7%89%B9%E5%88%AB%E8%A1%A5%E5%8A%A9%5Cn%E8%81%94%E5%90%88%E6%97%A9%E6%8A%A5%5Cn%7C%5CnSponsored%22%2C%22config%22%3A%7B%22borderColor%22%3A%22black%22%2C%22fontWeight%22%3A%22bold%22%2C%22isInheritTitleColor%22%3A%22true%22%7D%7D
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/horoscope/73929/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.229.48 , Singapore, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sun, 19 Feb 2023 18:30:21 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 8090

GET
H2 204 debug
sg-trc-events.taboola.com/sanook/log/2/ 0
88 B 5ms
3ms Image
text/plain 141.226.229.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sg-trc-events.taboola.com/sanook/log/2/debug?tim=18%3A30%3A21.085&type=usage&msg=cta-_1676831421085&llvl=2&id=2614&cv=20230213-19_b7-PR-53447-DEV-119237-display-to-native-feed-desktop-rollout-e3e866e8b75&lt=display-desktop1_var&file=cta-manager&method=&position=&extraData=%7B%22v%22%3A%222%22%2C%22location%22%3A%22https%3A%2F%2Fwww.sanook.com%2Fhoroscope%2F73929%2F%22%2C%22itemId%22%3A%22~~V1~~-6363287865760093705~~GJIhihDj0XZW%22%2C%22text%22%3A%22%E9%98%85%E8%AF%BB%E6%9B%B4%E5%A4%9A%22%2C%22type%22%3A%22event%22%2C%22module%22%3A%22cta-lazy-module%22%2C%22event%22%3A%22CTA-event-rendered%22%2C%22cardIndexOnPage%22%3A3%2C%22index%22%3A0%2C%22placement%22%3A%22Below%20Article%20Thumbnails%20%7C%20Card%204%22%2C%22innerText%22%3A%22%E3%80%90%E6%96%B0%E5%8A%A0%E5%9D%A1%E8%B4%A2%E6%94%BF%E9%A2%84%E7%AE%97%E6%A1%882023%E3%80%91%E6%83%85%E4%BA%BA%E8%8A%82%E6%B4%BE%E5%B7%A7%E5%85%8B%E5%8A%9B%20%E6%98%AF%E7%94%9C%E6%98%AF%E8%8B%A6%EF%BC%9F%5Cn%E8%81%94%E5%90%88%E6%97%A9%E6%8A%A5%5Cn%7C%5CnSponsored%22%2C%22config%22%3A%7B%22borderColor%22%3A%22black%22%2C%22fontWeight%22%3A%22bold%22%2C%22isInheritTitleColor%22%3A%22true%22%7D%7D
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/horoscope/73929/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.229.48 , Singapore, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sun, 19 Feb 2023 18:30:21 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 5320

GET
H2 204 debug
sg-trc-events.taboola.com/sanook/log/2/ 0
88 B 5ms
3ms Image
text/plain 141.226.229.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sg-trc-events.taboola.com/sanook/log/2/debug?tim=18%3A30%3A21.085&type=usage&msg=cta-_1676831421085&llvl=2&id=8960&cv=20230213-19_b7-PR-53447-DEV-119237-display-to-native-feed-desktop-rollout-e3e866e8b75&lt=display-desktop1_var&file=cta-manager&method=&position=&extraData=%7B%22v%22%3A%222%22%2C%22location%22%3A%22https%3A%2F%2Fwww.sanook.com%2Fhoroscope%2F73929%2F%22%2C%22itemId%22%3A%22~~V1~~-6363287865760093705~~GJIhihDj0XZW%22%2C%22text%22%3A%22%E9%98%85%E8%AF%BB%E6%9B%B4%E5%A4%9A%22%2C%22type%22%3A%22event%22%2C%22module%22%3A%22cta-lazy-module%22%2C%22event%22%3A%22CTA-event-CTA_Title_Not_Black%22%2C%22cardIndexOnPage%22%3A3%2C%22index%22%3A0%2C%22placement%22%3A%22Below%20Article%20Thumbnails%20%7C%20Card%204%22%2C%22innerText%22%3A%22%E3%80%90%E6%96%B0%E5%8A%A0%E5%9D%A1%E8%B4%A2%E6%94%BF%E9%A2%84%E7%AE%97%E6%A1%882023%E3%80%91%E6%83%85%E4%BA%BA%E8%8A%82%E6%B4%BE%E5%B7%A7%E5%85%8B%E5%8A%9B%20%E6%98%AF%E7%94%9C%E6%98%AF%E8%8B%A6%EF%BC%9F%5Cn%E8%81%94%E5%90%88%E6%97%A9%E6%8A%A5%5Cn%7C%5CnSponsored%22%2C%22config%22%3A%7B%22borderColor%22%3A%22black%22%2C%22fontWeight%22%3A%22bold%22%2C%22isInheritTitleColor%22%3A%22true%22%7D%7D
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/horoscope/73929/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.229.48 , Singapore, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sun, 19 Feb 2023 18:30:21 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 5320

GET
H2 204 debug
sg-trc-events.taboola.com/sanook/log/2/ 0
88 B 5ms
4ms Image
text/plain 141.226.229.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sg-trc-events.taboola.com/sanook/log/2/debug?tim=18%3A30%3A21.086&type=usage&msg=cta-_1676831421086&llvl=2&id=6478&cv=20230213-19_b7-PR-53447-DEV-119237-display-to-native-feed-desktop-rollout-e3e866e8b75&lt=display-desktop1_var&file=cta-manager&method=&position=&extraData=%7B%22v%22%3A%222%22%2C%22location%22%3A%22https%3A%2F%2Fwww.sanook.com%2Fhoroscope%2F73929%2F%22%2C%22itemId%22%3A%22~~V1~~1954199952168315117~~hsuGCm8Fj4cCk%22%2C%22text%22%3A%22%E9%98%85%E8%AF%BB%E6%9B%B4%E5%A4%9A%22%2C%22type%22%3A%22event%22%2C%22module%22%3A%22cta-lazy-module%22%2C%22event%22%3A%22CTA-event-rendered%22%2C%22cardIndexOnPage%22%3A4%2C%22index%22%3A1%2C%22placement%22%3A%22Below%20Article%20Thumbnails%20%7C%20Card%204%22%2C%22innerText%22%3A%22%E4%B8%93%E5%AE%B6%EF%BC%9A%E5%A2%9E%E5%8A%A0%E8%A1%A5%E8%B4%B4%E7%AD%89%E6%8E%AA%E6%96%BD%E4%BB%8D%E9%9A%BE%E4%BB%A5%E6%98%BE%E8%91%97%E5%BD%B1%E5%93%8D%E7%94%9F%E8%82%B2%E5%86%B3%E5%AE%9A%5Cn%E8%81%94%E5%90%88%E6%97%A9%E6%8A%A5%5Cn%7C%5CnSponsored%22%2C%22config%22%3A%7B%22borderColor%22%3A%22black%22%2C%22fontWeight%22%3A%22bold%22%2C%22isInheritTitleColor%22%3A%22true%22%7D%7D
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/horoscope/73929/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.229.48 , Singapore, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sun, 19 Feb 2023 18:30:21 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 5320

GET
H2 204 debug
sg-trc-events.taboola.com/sanook/log/2/ 0
88 B 5ms
4ms Image
text/plain 141.226.229.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sg-trc-events.taboola.com/sanook/log/2/debug?tim=18%3A30%3A21.087&type=usage&msg=cta-_1676831421087&llvl=2&id=3044&cv=20230213-19_b7-PR-53447-DEV-119237-display-to-native-feed-desktop-rollout-e3e866e8b75&lt=display-desktop1_var&file=cta-manager&method=&position=&extraData=%7B%22v%22%3A%222%22%2C%22location%22%3A%22https%3A%2F%2Fwww.sanook.com%2Fhoroscope%2F73929%2F%22%2C%22itemId%22%3A%22~~V1~~1954199952168315117~~hsuGCm8Fj4cCk%22%2C%22text%22%3A%22%E9%98%85%E8%AF%BB%E6%9B%B4%E5%A4%9A%22%2C%22type%22%3A%22event%22%2C%22module%22%3A%22cta-lazy-module%22%2C%22event%22%3A%22CTA-event-CTA_Title_Not_Black%22%2C%22cardIndexOnPage%22%3A4%2C%22index%22%3A1%2C%22placement%22%3A%22Below%20Article%20Thumbnails%20%7C%20Card%204%22%2C%22innerText%22%3A%22%E4%B8%93%E5%AE%B6%EF%BC%9A%E5%A2%9E%E5%8A%A0%E8%A1%A5%E8%B4%B4%E7%AD%89%E6%8E%AA%E6%96%BD%E4%BB%8D%E9%9A%BE%E4%BB%A5%E6%98%BE%E8%91%97%E5%BD%B1%E5%93%8D%E7%94%9F%E8%82%B2%E5%86%B3%E5%AE%9A%5Cn%E8%81%94%E5%90%88%E6%97%A9%E6%8A%A5%5Cn%7C%5CnSponsored%22%2C%22config%22%3A%7B%22borderColor%22%3A%22black%22%2C%22fontWeight%22%3A%22bold%22%2C%22isInheritTitleColor%22%3A%22true%22%7D%7D
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/horoscope/73929/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.229.48 , Singapore, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sun, 19 Feb 2023 18:30:21 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 5320

GET
H2 204 debug
sg-trc-events.taboola.com/sanook/log/2/ 0
88 B 6ms
5ms Image
text/plain 141.226.229.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sg-trc-events.taboola.com/sanook/log/2/debug?tim=18%3A30%3A21.089&type=usage&msg=cta-_1676831421089&llvl=2&id=2644&cv=20230213-19_b7-PR-53447-DEV-119237-display-to-native-feed-desktop-rollout-e3e866e8b75&lt=display-desktop1_var&file=cta-manager&method=&position=&extraData=%7B%22v%22%3A%222%22%2C%22location%22%3A%22https%3A%2F%2Fwww.sanook.com%2Fhoroscope%2F73929%2F%22%2C%22itemId%22%3A%22~~V1~~1949725083509388086~~Del8qmYeTtIM9%22%2C%22text%22%3A%22%E9%98%85%E8%AF%BB%E6%9B%B4%E5%A4%9A%22%2C%22type%22%3A%22event%22%2C%22module%22%3A%22cta-lazy-module%22%2C%22event%22%3A%22CTA-event-rendered%22%2C%22cardIndexOnPage%22%3A5%2C%22index%22%3A0%2C%22placement%22%3A%22Below%20Article%20Thumbnails%20%7C%20Card%205%22%2C%22innerText%22%3A%22%E3%80%90%E8%B4%A2%E6%94%BF%E9%A2%84%E7%AE%97%E6%A1%88%E3%80%91%E6%B6%88%E8%B4%B9%E7%A8%8E%E7%8E%B0%E9%87%91%E8%A1%A5%E5%8A%A9%E6%9C%89%E5%A4%9A%E5%B0%91%EF%BC%9F%5Cn%E8%81%94%E5%90%88%E6%97%A9%E6%8A%A5%5Cn%7C%5CnSponsored%22%2C%22config%22%3A%7B%22borderColor%22%3A%22black%22%2C%22fontWeight%22%3A%22bold%22%2C%22isInheritTitleColor%22%3A%22true%22%7D%7D
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/horoscope/73929/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.229.48 , Singapore, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sun, 19 Feb 2023 18:30:21 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 5320

GET
H2 204 debug
sg-trc-events.taboola.com/sanook/log/2/ 0
88 B 6ms
5ms Image
text/plain 141.226.229.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sg-trc-events.taboola.com/sanook/log/2/debug?tim=18%3A30%3A21.090&type=usage&msg=cta-_1676831421090&llvl=2&id=2712&cv=20230213-19_b7-PR-53447-DEV-119237-display-to-native-feed-desktop-rollout-e3e866e8b75&lt=display-desktop1_var&file=cta-manager&method=&position=&extraData=%7B%22v%22%3A%222%22%2C%22location%22%3A%22https%3A%2F%2Fwww.sanook.com%2Fhoroscope%2F73929%2F%22%2C%22itemId%22%3A%22~~V1~~1949725083509388086~~Del8qmYeTtIM9%22%2C%22text%22%3A%22%E9%98%85%E8%AF%BB%E6%9B%B4%E5%A4%9A%22%2C%22type%22%3A%22event%22%2C%22module%22%3A%22cta-lazy-module%22%2C%22event%22%3A%22CTA-event-CTA_Title_Not_Black%22%2C%22cardIndexOnPage%22%3A5%2C%22index%22%3A0%2C%22placement%22%3A%22Below%20Article%20Thumbnails%20%7C%20Card%205%22%2C%22innerText%22%3A%22%E3%80%90%E8%B4%A2%E6%94%BF%E9%A2%84%E7%AE%97%E6%A1%88%E3%80%91%E6%B6%88%E8%B4%B9%E7%A8%8E%E7%8E%B0%E9%87%91%E8%A1%A5%E5%8A%A9%E6%9C%89%E5%A4%9A%E5%B0%91%EF%BC%9F%5Cn%E8%81%94%E5%90%88%E6%97%A9%E6%8A%A5%5Cn%7C%5CnSponsored%22%2C%22config%22%3A%7B%22borderColor%22%3A%22black%22%2C%22fontWeight%22%3A%22bold%22%2C%22isInheritTitleColor%22%3A%22true%22%7D%7D
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/horoscope/73929/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.229.48 , Singapore, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sun, 19 Feb 2023 18:30:21 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 5320

GET
H2 200 PugMaster Show response
image6.pubmatic.com/AdServer/ Frame 77E7 4 KB
4 KB 167ms
3ms Script
text/html 67.199.150.81
GTT-BACKBONE GTT

General

Check archive.org

Show headers Download Go to

Full URL: https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=11336688&p=155976&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=1---
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=155976
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 67.199.150.81 , Singapore, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software: /
Resource Hash: ab511f40d84d900b95239c8f9a48f32326bca3ab1ab47394a5ce76c24c708dff

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

content-type: text/html; charset=UTF-8
date: Sun, 19 Feb 2023 18:30:21 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

POST
H2 204 bulk-metrics Show response
sg-trc-events.taboola.com/sanook/log/3/ 0
377 B 5ms
4ms XHR
text/plain 141.226.229.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://sg-trc-events.taboola.com/sanook/log/3/bulk-metrics?route=HK%3ASG%3AV&lti=display-desktop1_var&bulkSize=12
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/horoscope/73929/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.229.48 , Singapore, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.sanook.com/
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://www.sanook.com
pragma: no-cache
date: Sun, 19 Feb 2023 18:30:21 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H2

200

usermatch Show response
ssum-sec.casalemedia.com/ Frame A073
Redirect Chain

https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fwww.sanook.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fwww.sanook.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1

2 KB
866 B

22ms
21ms

Document
text/html

104.18.24.185
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fwww.sanook.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.24.185 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 21e827dad3ba1d40f6c62e3248591156da5e2348b3ac2b76d4265bd170ae9b06

Request headers

Referer: https://js-sec.indexww.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-cache
cf-cache-status: DYNAMIC
cf-ray: 79c112be8c034637-SIN
content-encoding: br
content-type: text/html
date: Sun, 19 Feb 2023 18:30:21 GMT
expires: 0
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mUlnbiyJvFGhiggEdS0hLhq3V%2FCQBObax55pChdj28och17BkuqhUmAMLU8%2F4mEgLv8HWero2aSP9XmlUk%2F9HEj9t%2B0TPW6tgaF9zbTFfniKb2%2FNhlRpX3xvDRQGdgcWjM%2FRNCHUjfCh1w%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

Redirect headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-cache
cf-cache-status: DYNAMIC
cf-ray: 79c112be2bb64637-SIN
content-length: 0
date: Sun, 19 Feb 2023 18:30:21 GMT
expires: 0
location: /usermatch?us_privacy=1---&d=https%3A%2F%2Fwww.sanook.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UiHpEZSXpYRP9BOEPhPmnlZHVUu%2FVVbGf9trg5%2F2co9MKdcC3%2B7S0OCAvGdnLTvw%2FNE4fn9HOvMm2nTL4Mm5DJsigo2YzuGh%2FpiGXce6qyjniQnOXQhxgArhkanjSpQcvkARu06H3Ika%2Bg%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H3 200 AGSKWxVQ13-ZF8Ie7uv2U9lKzILKGl_Yahvwpoh7byTiaFWIs5AGha1GDZ1RBJuC28q3wilrjhWN2uta5nCikcmvisF_Qw8wBffH3x8LL3d0MxapL5s_VjZUQiQ1cfYWgZCg0zqFnrbXvA== Show response
fundingchoicesmessages.google.com/f/ 13 KB
6 KB 59ms
58ms Script
application/javascript 2404:6800:4003:c03::64
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxVQ13-ZF8Ie7uv2U9lKzILKGl_Yahvwpoh7byTiaFWIs5AGha1GDZ1RBJuC28q3wilrjhWN2uta5nCikcmvisF_Qw8wBffH3x8LL3d0MxapL5s_VjZUQiQ1cfYWgZCg0zqFnrbXvA==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNjc2ODMxNDIxLDE0MTAwMDAwMF0sIkZCQzBCQTk1LTBBRDgtNDVDRC1CM0YyLUIwMkIyRDIwRkUxNSIsbnVsbCxudWxsLFtudWxsLFs3LDEwXSxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsMSwxXSwiaHR0cHM6Ly93d3cuc2Fub29rLmNvbS9ob3Jvc2NvcGUvNzM5MjkvIixudWxsLFtbOCwiTTNBN0w1a21Na3MiXSxbOSwiemgtQ04iXSxbMTYsIlt0cnVlLHRydWUsdHJ1ZV0iXV1d

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::64 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

eae494c4b634dceb18708c896df1ebfc4f00db5a436eca332fc032e73bb0d261

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-pFMsGVt1vmfN-mz_CmZAgg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sun, 19 Feb 2023 18:30:21 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-pFMsGVt1vmfN-mz_CmZAgg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin; report-to="ContributorGlobalRouterHttp"
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
report-to: {"group":"ContributorGlobalRouterHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ContributorGlobalRouterHttp/external"}]}
content-type: application/javascript; charset=utf-8
x-frame-options: SAMEORIGIN
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3

200

usermatch Show response
ssum-sec.casalemedia.com/ Frame 4993
Redirect Chain

https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fwww.sanook.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fwww.sanook.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1

2 KB
1 KB

90ms
90ms

Document
text/html

104.18.24.185
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fwww.sanook.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.24.185 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c2e8731a1418a0de46f0bdaaada73c7cc4ed300d9fb46b95397da9d33c1a15ae

Request headers

Referer: https://js-sec.indexww.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-cache
cf-cache-status: DYNAMIC
cf-ray: 79c112bed89d9f7a-SIN
content-encoding: br
content-type: text/html
date: Sun, 19 Feb 2023 18:30:21 GMT
expires: 0
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=huQ5YWD%2Fym30nxv9i1XF0u%2FM%2Brx0VqkMAnuqO8IEbM2NaBK6kT4fpZs%2BN%2FKaJ0VP%2BjTZzSRABhZoe8HSkQ8L63XgzvUbsdP26GWj5dcFi0%2BJEXD3wbdeNLRUgUXoYcf7x7IKoNX%2B%2B3pb2w%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

Redirect headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-cache
cf-cache-status: DYNAMIC
cf-ray: 79c112be3bc34637-SIN
content-length: 0
date: Sun, 19 Feb 2023 18:30:21 GMT
expires: 0
location: /usermatch?us_privacy=1---&d=https%3A%2F%2Fwww.sanook.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yIG4tV7FiM%2Bf3DlhES9SEzgYGyP4ZVMGohhIa2MGl6%2FwgPkZ08Xx%2FEnmDf%2FmAIwP8bcL%2FBl0w3gwRlLnXLpGkMHeI0R5G1KzWGPyrbGn7UY8FZ0Kf8mItTJLcgMygQbiMzoJIDDOwi2umA%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H3 200 pubads_impl_2023021401.js Show response
securepubads.g.doubleclick.net/gpt/ Frame B6EF 383 KB
129 KB 5ms
4ms Script
text/javascript 2404:6800:4003:c06::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023021401.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c06::9a , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3ae88f57f0348d9b11258f88926e791d4dc8dc66b365d8aca36cb731257b7fc0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sun, 19 Feb 2023 13:18:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 18732
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 132139
x-xss-protection: 0
last-modified: Tue, 14 Feb 2023 09:35:40 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Mon, 19 Feb 2024 13:18:09 GMT

GET
H2 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ Frame B6EF 6 KB
1 KB 7ms
7ms XHR
application/json 2404:6800:4003:c06::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.sanook.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c06::9a , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5344afc6c83831275918591131fb80d4f1f89ace1ac721018e5aa4e67d5c106b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sun, 19 Feb 2023 18:30:21 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 923
x-xss-protection: 0
expires: Sun, 19 Feb 2023 18:30:21 GMT

GET
DATA 200
OK truncated
/ Frame D660 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ebd38b46ba2abe46875d905e72aaf187c1c19e7f023de5b17c49c9962a597025

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Content-Type: image/png

GET
H3

200

usermatchredir
ssum-sec.casalemedia.com/ Frame A073
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=Y_JqvfoFZumd2NB_TEhajgAAFMEAAAAB&gdpr_consent=&us_privacy=&gdpr=
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEJ2XapWvlrIpGRMbZFHl7IY&google_cver=1

43 B
786 B

41ms
39ms

Image
image/gif

104.18.24.185
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEJ2XapWvlrIpGRMbZFHl7IY&google_cver=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fwww.sanook.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: H3
Server: 104.18.24.185 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 19 Feb 2023 18:30:21 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HDyfvItrCGXbNPvzATMUSJMqe7Se1sdYta55t2UbAKCzJ2FWuErVRdsHgnI3aAr5oBsMpwH8jxQ5%2FyEog7i9LvgNynlhpbNATwGS4qPvYIP9%2BqIU0QhnM9eEBWPW5oAchxMDfBohiQdAWg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 79c112bf28d79f7a-SIN
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Sun, 19 Feb 2023 18:30:21 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEJ2XapWvlrIpGRMbZFHl7IY&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 342
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

dcm
s.amazon-adsystem.com/ Frame A073
Redirect Chain

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y_JqvfoFZumd2NB_TEhajgAAFMEAAAAB
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y_JqvfoFZumd2NB_TEhajgAAFMEAAAAB&dcc=t

43 B
855 B

289ms
289ms

Image
image/gif

52.46.143.56
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y_JqvfoFZumd2NB_TEhajgAAFMEAAAAB&dcc=t

Requested by

Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fwww.sanook.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1

Protocol

HTTP/1.1

Server

52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 19 Feb 2023 18:30:22 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: WYZ4EFXR8NFGAJD2FVV2
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sun, 19 Feb 2023 18:30:22 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: A12CE8Y5932J9132TBCS
Vary: Content-Type,Accept-Encoding,User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location: https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y_JqvfoFZumd2NB_TEhajgAAFMEAAAAB&dcc=t
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame A073
Redirect Chain

https://match.adsrvr.org/track/cmf/casale
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=f91d4e2a-9548-4c26-a952-3061050615ad&expiration=1679423421&gdpr=0&gdpr_consent=

43 B
632 B

230ms
35ms

Image
image/gif

139.5.84.243
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=f91d4e2a-9548-4c26-a952-3061050615ad&expiration=1679423421&gdpr=0&gdpr_consent=
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fwww.sanook.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: HTTP/1.1
Server: 139.5.84.243 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 19 Feb 2023 18:30:21 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=500
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Sun, 19 Feb 2023 18:30:21 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=f91d4e2a-9548-4c26-a952-3061050615ad&expiration=1679423421&gdpr=0&gdpr_consent=
content-type: text/html
cache-control: private,no-cache, must-revalidate
content-length: 323

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame A073
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=Y-JqvVmfHdKvpbEbBRMNQAAA
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEFRn2HLsC4qajxnROmKt824&google_cver=1

43 B
632 B

35ms
35ms

Image
image/gif

139.5.84.243
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEFRn2HLsC4qajxnROmKt824&google_cver=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fwww.sanook.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: HTTP/1.1
Server: 139.5.84.243 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 19 Feb 2023 18:30:21 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=498
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Sun, 19 Feb 2023 18:30:21 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEFRn2HLsC4qajxnROmKt824&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 314
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 tp_out
d.adroll.com/cm/index/ Frame A073 42 B
181 B 96ms
8ms Image
image/gif 2406:da18:22e:4f04:558a:3fb0:baff:a5ce
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d.adroll.com/cm/index/tp_out?advertisable=3GMDZMBFQREVBC75SYYKWH
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fwww.sanook.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2406:da18:22e:4f04:558a:3fb0:baff:a5ce , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.22.1 /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sun, 19 Feb 2023 18:30:21 GMT
cache-control: no-transform,public,max-age=300,s-maxage=900
server: nginx/1.22.1
content-length: 42
vary: Cookie
content-type: image/gif

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame A073
Redirect Chain

https://b1sync.zemanta.com/usersync/index/?us_privacy=&gdpr=&gdpr_consent=
https://stags.bluekai.com/site/23178?id=H6VOlLhaYJCzbjUSGpHA&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS6ZDTOVWS243FMMXGGYLTMFWGK3LFMRUWCLTDN5WS6Y3S...
https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS6ZDTOVWS243FMMXGGYLTMFWGK3LFMRUWCLTDN5WS6Y3SOVWT6Y3NL5SHG4C7NFSD2MJXEZSXQY3IMFXGOZJ5NFXGIZLYEZSXQ5DFOJXGC3C7OVZWK4S7NFSD2SBWKZHWY...
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=17&external_user_id=H6VOlLhaYJCzbjUSGpHA

43 B
632 B

38ms
36ms

Image
image/gif

139.5.84.243
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=17&external_user_id=H6VOlLhaYJCzbjUSGpHA
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fwww.sanook.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: HTTP/1.1
Server: 139.5.84.243 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 19 Feb 2023 18:30:23 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=496
Content-Length: 43
Expires: 0

Redirect headers

Pragma: no-cache
Date: Sun, 19 Feb 2023 18:30:22 GMT
Content-Type: text/html; charset=utf-8
Location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=17&external_user_id=H6VOlLhaYJCzbjUSGpHA
P3p: CP="We do not support P3P header."
Cache-Control: no-cache, no-store, must-revalidate
Content-Length: 115
Expires: Thu, 01 Dec 1994 16:00:00 GMT

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame A073
Redirect Chain

https://pm.w55c.net/ping_match.gif?ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_
https://pm.w55c.net/ping_match.gif?scc=1&ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=BkkwXAyr1PtOs55

43 B
632 B

36ms
35ms

Image
image/gif

139.5.84.243
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=BkkwXAyr1PtOs55
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fwww.sanook.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: HTTP/1.1
Server: 139.5.84.243 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 19 Feb 2023 18:30:21 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=499
Content-Length: 43
Expires: 0

Redirect headers

Pragma: no-cache
Date: Sun, 19 Feb 2023 18:30:21 GMT
Strict-Transport-Security: max-age=2592000; includeSubDomains
Server: PingMatch/d601d38#rel-ec2-master i-03b21858210cde1c8@ap-southeast-1a@dxedge-app-ap-southeast-1-prod-asg
Location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=BkkwXAyr1PtOs55
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 Y_JqvfoFZumd2NB_TEhajgAAFMEAAAAB
pr-bh.ybp.yahoo.com/sync/casale/ Frame A073 43 B
601 B 74ms
8ms Image
image/gif 2406:da18:929:5a00:7360:21f2:1e24:ce6
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pr-bh.ybp.yahoo.com/sync/casale/Y_JqvfoFZumd2NB_TEhajgAAFMEAAAAB?gdpr_consent=&us_privacy=&gdpr=

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2406:da18:929:5a00:7360:21f2:1e24:ce6 , Singapore, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

ATS /

Resource Hash

48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Security Headers

Name	Value
Content-Security-Policy	sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sun, 19 Feb 2023 18:30:21 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: image/gif
content-length: 43

GET
H2 200 htw-pixel.gif
cdn.indexww.com/ht/ Frame A073 43 B
353 B 76ms
10ms Image
image/gif 104.18.10.47
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.indexww.com/ht/htw-pixel.gif?Y-JqvfoFZumd2NB-TEhajgAA%265313
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fwww.sanook.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.10.47 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sun, 19 Feb 2023 18:30:21 GMT
cf-cache-status: HIT
last-modified: Tue, 24 Jan 2017 19:36:04 GMT
server: cloudflare
age: 80376
etag: "761e21-2b-546dc3a097100"
vary: Accept-Encoding
content-type: image/gif
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
edge-control: cache-maxage=1h
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 79c112bf8c8f19ac-SIN
content-length: 43
expires: Mon, 20 Feb 2023 18:30:21 GMT

GET
H2 206 default_video.mp4
s.isanook.com/vi/0/ud/1/ext/video/ Frame D660 23 KB
23 KB 3ms
3ms Media
video/mp4 43.132.81.184
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to

Full URL: https://s.isanook.com/vi/0/ud/1/ext/video/default_video.mp4
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/horoscope/73929/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 43.132.81.184 , Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: Lego Server /
Resource Hash: c7e91ec737c4456ae82d47d50d3099d60105d58ddfe04c0001b9b13887d41d21

Request headers

Referer: https://www.sanook.com/
Accept-Encoding: identity;q=1, *;q=0
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Range: bytes=0-

Response headers

date: Thu, 16 Feb 2023 07:21:36 GMT
x-cache-lookup: Cache Hit
last-modified: Thu, 20 Aug 2015 06:26:08 GMT
server: Lego Server
age: 56
etag: "55d57300-5b54"
content-type: video/mp4
Content-Range: bytes 0-23379/23380
x-nws-log-uuid: 13752169664310414823
Content-Length: 23380

GET
H2

200

match Show response
c1.adform.net/serving/cookie/ Frame CAA9
Redirect Chain

https://c1.adform.net/serving/cookie/match?party=14&cid=85D19C09-7095-475E-95C8-9F29F99AFE82&gdpr=0&gdpr_consent=
https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=85D19C09-7095-475E-95C8-9F29F99AFE82&gdpr=0&gdpr_consent=

35 B
468 B

38ms
35ms

Document
image/gif

185.84.60.21
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=85D19C09-7095-475E-95C8-9F29F99AFE82&gdpr=0&gdpr_consent=

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=155976

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

185.84.60.21 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: no-cache, no-store, must-revalidate, no-transform
content-type: image/gif
date: Sun, 19 Feb 2023 18:30:21 GMT
expires: -1
pragma: no-cache
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains

Redirect headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: no-cache, no-store, must-revalidate, no-transform
content-length: 0
date: Sun, 19 Feb 2023 18:30:21 GMT
expires: -1
location: https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=85D19C09-7095-475E-95C8-9F29F99AFE82&gdpr=0&gdpr_consent=
pragma: no-cache
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame A012
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:028d63f2-6abd-4300-8a87-36805cc62154&gdpr=0&gdpr_consent=

42 B
325 B

4ms
3ms

Document
image/gif

103.231.98.194
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:028d63f2-6abd-4300-8a87-36805cc62154&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=155976
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 103.231.98.194 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Sun, 19 Feb 2023 18:30:21 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

Access-Control-Allow-Origin: *
Cache-Control: no-cache
Connection: keep-alive
Content-Length: 0
Content-Type: image/gif
Date: Sun, 19 Feb 2023 18:30:21 GMT
Expires: Sun, 19 Feb 2023 18:30:20 GMT
Keep-Alive: timeout=360
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Server: MT3 475 4bd2ccd master hkg-pixel-x22 config:1.0.0
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:028d63f2-6abd-4300-8a87-36805cc62154&gdpr=0&gdpr_consent=

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame 6733
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_con...
https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Y-JqvQAGoQzDdQBh&gdpr=1&gdpr_consent=&_test=Y-JqvQAGoQzDdQBh

0
74 B

4ms
3ms

Document
text/html

103.231.98.194
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Y-JqvQAGoQzDdQBh&gdpr=1&gdpr_consent=&_test=Y-JqvQAGoQzDdQBh
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=155976
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 103.231.98.194 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Sun, 19 Feb 2023 18:30:21 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

accept-ranges: bytes
cache-control: no-cache
content-length: 0
date: Sun, 19 Feb 2023 18:30:21 GMT
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Y-JqvQAGoQzDdQBh&gdpr=1&gdpr_consent=&_test=Y-JqvQAGoQzDdQBh
pragma: no-cache
retry-after: 0
server: Varnish
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 0
x-served-by: cache-bkk2310023-BKK
x-timer: S1676831422.721619,VS0,VE0

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame 55A2
Redirect Chain

https://cm.ambientdsp.com/cm/send?vc=pmj
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQ0OSZ0bD00MzIwMA==&piggybackCookie=z0mrtbvuj81

1 B
378 B

17ms
4ms

Document
text/html

103.231.98.194
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQ0OSZ0bD00MzIwMA==&piggybackCookie=z0mrtbvuj81
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=155976
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 103.231.98.194 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 1
content-type: text/html; charset=utf-8
date: Sun, 19 Feb 2023 18:30:21 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

accept-encoding: utf-8
cache-control: no-store
content-length: 0
date: Sun, 19 Feb 2023 18:30:21 GMT
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQ0OSZ0bD00MzIwMA==&piggybackCookie=z0mrtbvuj81
lws: 127.0.0.1
strict-transport-security: max-age=31536000; includeSubDomains
time-ms: 0

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame 9F18
Redirect Chain

https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA%3D%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=5043346485621275506&gdpr=0&gdpr_consent=

42 B
218 B

4ms
3ms

Document
image/gif

103.231.98.194
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=5043346485621275506&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=155976
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 103.231.98.194 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Sun, 19 Feb 2023 18:30:21 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

AN-X-Request-Uuid: 0f59b5ab-2d56-4706-aa5b-0688518ec305
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Length: 0
Content-Type: text/html; charset=utf-8
Date: Sun, 19 Feb 2023 18:30:21 GMT
Expires: Sat, 15 Nov 2008 16:00:00 GMT
Location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=5043346485621275506&gdpr=0&gdpr_consent=
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Pragma: no-cache
Server: nginx/1.21.3
X-Proxy-Origin: 103.254.153.210; 103.254.153.210; 894.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
X-XSS-Protection: 0

GET
H2

200

Pug Show response
image2.pubmatic.com/AdServer/ Frame 47E1
Redirect Chain

https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=LsVbly6XX8E1wFmRL5IQkyHAX5I1kwSWepVi1zeF

42 B
341 B

8ms
3ms

Document
image/gif

103.231.98.194
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=LsVbly6XX8E1wFmRL5IQkyHAX5I1kwSWepVi1zeF
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=155976
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 103.231.98.194 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Sun, 19 Feb 2023 18:30:21 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

access-control-allow-credentials: true
access-control-allow-origin: *
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 0
date: Sun, 19 Feb 2023 18:30:21 GMT
expires: Fri, 04 Aug 1978 12:00:00 GMT
location: https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=LsVbly6XX8E1wFmRL5IQkyHAX5I1kwSWepVi1zeF
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
pragma: no-cache
strict-transport-security: max-age=86400

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame 1ADC
Redirect Chain

https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCooki...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=

42 B
95 B

4ms
3ms

Document
image/gif

103.231.98.194
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=155976
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 103.231.98.194 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Sun, 19 Feb 2023 18:30:21 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

cache-control: no-cache
content-length: 0
cross-origin-resource-policy: cross-origin
date: Sun, 19 Feb 2023 18:30:20 GMT
expires: Sun, 19 Feb 2023 00:00:00 GMT
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
pragma: no-cache
server: Kestrel
server-processing-duration-in-ticks: 1446328
strict-transport-security: max-age=31536000; preload;
x-errorlevel: 0

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame FEFE
Redirect Chain

https://sync.srv.stackadapt.com/sync?nid=11&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=GRlqTZV3QLxvc_FbQVJP0mf-mdI&gdpr=0&gdpr_consent=

42 B
380 B

4ms
3ms

Document
image/gif

103.231.98.194
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=GRlqTZV3QLxvc_FbQVJP0mf-mdI&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=155976
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 103.231.98.194 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Sun, 19 Feb 2023 18:30:22 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

Connection: keep-alive
Content-Length: 188
Content-Type: text/html; charset=utf-8
Date: Sun, 19 Feb 2023 18:30:22 GMT
Location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=GRlqTZV3QLxvc_FbQVJP0mf-mdI&gdpr=0&gdpr_consent=

GET
H/1.1 200
OK send Show response
sync-dsp.ad-m.asia/dsp/api/sync/ Frame 51A9 43 B
243 B 1223ms
223ms Document
image/gif 220.150.223.50
BEKKOAME BEKKOAME...

General

Check archive.org

Show headers Download Go to

Full URL: https://sync-dsp.ad-m.asia/dsp/api/sync/send?s=pubmatic&rd=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyNTMmdGw9MTI5NjAw%26piggybackCookie%3D
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=155976
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 220.150.223.50 , Japan, ASN4686 (BEKKOAME BEKKOAME INTERNET INC., JP),
Reverse DNS: 50.223.150.220.in-addr.arpa
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

Cache-Control: no-store,no-cache
Connection: close
Content-Length: 43
Content-Type: image/gif
Date: Sun, 19 Feb 2023 18:30:22 GMT
Pragma: no-cache
Server: nginx
expires: -1

GET
H2

200

Pug Show response
image2.pubmatic.com/AdServer/ Frame E27E
Redirect Chain

https://gocm.c.appier.net/pubmatic
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=KmfVv85WA2yHneP0vWryYw

42 B
199 B

4ms
4ms

Document
image/gif

103.231.98.194
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=KmfVv85WA2yHneP0vWryYw
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=155976
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 103.231.98.194 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Sun, 19 Feb 2023 18:30:21 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

cache-control: no-store
content-length: 153
content-type: text/html; charset=utf-8
date: Sun, 19 Feb 2023 18:30:21 GMT
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=KmfVv85WA2yHneP0vWryYw
p3p: CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: nginx

GET
H2

200

user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 77E7
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=hdGcCXCVR16VyJ8p-Zr-gg%3D%3D&gdpr=0&gdpr_consent=
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=

16 KB
16 KB

5ms
3ms

Image
text/html

104.65.228.208
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/horoscope/73929/
Protocol: H2
Server: 104.65.228.208 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-65-228-208.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sun, 19 Feb 2023 18:30:21 GMT
content-encoding: gzip
last-modified: Fri, 16 Dec 2022 06:36:49 GMT
server: Apache
vary: Accept-Encoding
content-type: text/html
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: max-age=137817
accept-ranges: bytes
content-length: 5554
expires: Tue, 21 Feb 2023 08:47:18 GMT

Redirect headers

pragma: no-cache
date: Sun, 19 Feb 2023 18:30:21 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 301
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

458249.gif
idsync.rlcdn.com/ Frame 77E7
Redirect Chain

https://idsync.rlcdn.com/420486.gif?partner_uid=85D19C09-7095-475E-95C8-9F29F99AFE82
https://idsync.rlcdn.com/1000.gif?memo=CIbVGRIwCiwIARCMowEaJDg1RDE5QzA5LTcwOTUtNDc1RS05NUM4LTlGMjlGOTlBRkU4MhAAGg0IvdXJnwYSBQjoBxAAQgBKAA
https://pippio.com/api/sync?pid=5324&it=1&iv=77e419101270be6c42e0a23aacceaca07a982d1c810775111405035038906596791426b5417dce21&_=2
https://cm.g.doubleclick.net/pixel?google_nid=pippio_dmp&google_cm&google_no_sc&m=CMwpElsKVwgBEJInGlA3N2U0MTkxMDEyNzBiZTZjNDJlMGEyM2FhY2NlYWNhMDdhOTgyZDFjODEwNzc1MTExNDA1MDM1MDM4OTA2NTk2NzkxNDI2YjU...
https://pippio.com/api/sync/ddp?pid=2&m=CMwpElsKVwgBEJInGlA3N2U0MTkxMDEyNzBiZTZjNDJlMGEyM2FhY2NlYWNhMDdhOTgyZDFjODEwNzc1MTExNDA1MDM1MDM4OTA2NTk2NzkxNDI2YjU0MTdkY2UyMRAAGgwIvtXJnwYSBAgCEABCAEoA&goog...
https://tags.rd.linksynergy.com/rcs?ns=lr&uid3=
https://idsync.rlcdn.com/458249.gif?partner_uid=bf9a9717-121f-4aaf-8527-d436dcf95caf

42 B
60 B

223ms
222ms

Image
image/gif

35.190.60.146
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/458249.gif?partner_uid=bf9a9717-121f-4aaf-8527-d436dcf95caf
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/horoscope/73929/
Protocol: H3
Server: 35.190.60.146 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 146.60.190.35.bc.googleusercontent.com
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sun, 19 Feb 2023 18:30:23 GMT
via: 1.1 google
content-type: image/gif
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control: no-cache, no-store
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42

Redirect headers

location: https://idsync.rlcdn.com/458249.gif?partner_uid=bf9a9717-121f-4aaf-8527-d436dcf95caf
date: Sun, 19 Feb 2023 18:30:22 GMT
via: 1.1 google
x-samesite: secure
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 111
content-type: text/html; charset=utf-8

GET
H/1.1

200
OK

info2
uipglob.semasio.net/pubmatic/1/ Frame 77E7
Redirect Chain

https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=85D19C09-7095-475E-95C8-9F29F99AFE82&sInitiator=external&gdpr=0&gdpr_consent=
https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=85D19C09-7095-475E-95C8-9F29F99AFE82&sInitiator=external&gdpr=0&gdpr_consent=

42 B
570 B

39ms
38ms

Image
image/gif

119.9.108.191
RACKSPACE-AP Rack...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=85D19C09-7095-475E-95C8-9F29F99AFE82&sInitiator=external&gdpr=0&gdpr_consent=
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/horoscope/73929/
Protocol: HTTP/1.1
Server: 119.9.108.191 , Hong Kong, ASN45187 (RACKSPACE-AP Rackspace IT Hosting AS IT Hosting Provider Hong Kong, HK),
Reverse DNS
Software: /
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 19 Feb 2023 18:30:21 GMT
frontend-id: 0
p3p: policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
content-type: image/gif
uip-response-status: Ok
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length: 42
routing-server-id: 1
expires: Sat, 01 Jan 2011 12:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 19 Feb 2023 18:30:20 GMT
frontend-id: 0
p3p: policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
location: /pubmatic/1/info2?sType=sync&sExtCookieId=85D19C09-7095-475E-95C8-9F29F99AFE82&sInitiator=external&gdpr=0&gdpr_consent=
uip-response-status: Ok
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length: 0
routing-server-id: 1
expires: Sat, 01 Jan 2011 12:00:00 GMT

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame 77E7
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=ODVEMTlDMDktNzA5NS00NzVFLTk1QzgtOUYyOUY5OUFGRTgy&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=

42 B
95 B

11ms
4ms

Image
image/gif

103.231.98.194
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/horoscope/73929/
Protocol: H2
Server: 103.231.98.194 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

content-type: image/gif; charset=utf-8
date: Sun, 19 Feb 2023 18:30:21 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Sun, 19 Feb 2023 18:30:21 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame 77E7
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEBaZKZxjRcyEC2ipp2ndnUg&google_cver=1

42 B
298 B

10ms
3ms

Image
image/gif

103.231.98.194
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEBaZKZxjRcyEC2ipp2ndnUg&google_cver=1
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/horoscope/73929/
Protocol: H2
Server: 103.231.98.194 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

content-type: image/gif; charset=utf-8
date: Sun, 19 Feb 2023 18:30:21 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Sun, 19 Feb 2023 18:30:21 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEBaZKZxjRcyEC2ipp2ndnUg&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 379
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame 77E7
Redirect Chain

https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:A04CF4C630214E7CB0E94D2E6C11D176

42 B
209 B

4ms
3ms

Image
image/gif

103.231.98.194
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:A04CF4C630214E7CB0E94D2E6C11D176
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/horoscope/73929/
Protocol: H2
Server: 103.231.98.194 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

content-type: image/gif; charset=utf-8
date: Sun, 19 Feb 2023 18:30:21 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

date: Sun, 19 Feb 2023 18:30:21 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:A04CF4C630214E7CB0E94D2E6C11D176
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Sat, 18 Feb 2023 18:30:21 GMT

GET
H2 200 85D19C09-7095-475E-95C8-9F29F99AFE82
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame 77E7 43 B
602 B 35ms
7ms Image
image/gif 2406:da18:929:5a00:7360:21f2:1e24:ce6
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pr-bh.ybp.yahoo.com/sync/pubmatic/85D19C09-7095-475E-95C8-9F29F99AFE82?gdpr=0&gdpr_consent=

Requested by

Host: www.sanook.com
URL: https://www.sanook.com/horoscope/73929/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2406:da18:929:5a00:7360:21f2:1e24:ce6 , Singapore, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

ATS /

Resource Hash

48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Security Headers

Name	Value
Content-Security-Policy	sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sun, 19 Feb 2023 18:30:21 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: image/gif
content-length: 43

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame 77E7
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=f91d4e2a-9548-4c26-a952-3061050615ad&gdpr=0&gdpr_consent=

42 B
295 B

5ms
5ms

Image
image/gif

103.231.98.194
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=f91d4e2a-9548-4c26-a952-3061050615ad&gdpr=0&gdpr_consent=
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/horoscope/73929/
Protocol: H2
Server: 103.231.98.194 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

content-type: image/gif; charset=utf-8
date: Sun, 19 Feb 2023 18:30:21 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Sun, 19 Feb 2023 18:30:21 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=f91d4e2a-9548-4c26-a952-3061050615ad&gdpr=0&gdpr_consent=
content-type: text/html
cache-control: private,no-cache, must-revalidate
content-length: 355

GET
H2

200

SPug
image4.pubmatic.com/AdServer/ Frame 77E7
Redirect Chain

https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=85D19C09-7095-475E-95C8-9F29F99AFE82&redir=true&gdpr=0&gdpr_consent=
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-bKvU3LBE2uWaamZoGB3tssEnpIIhJgE-~A&gdpr=0

0
260 B

18ms
5ms

Image
text/plain

67.199.150.85
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-bKvU3LBE2uWaamZoGB3tssEnpIIhJgE-~A&gdpr=0
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/horoscope/73929/
Protocol: H2
Server: 67.199.150.85 , Singapore, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sun, 19 Feb 2023 18:30:21 GMT
cache-control: no-store, no-cache, private
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location: https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-bKvU3LBE2uWaamZoGB3tssEnpIIhJgE-~A&gdpr=0
date: Sun, 19 Feb 2023 18:30:21 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.25
age: 0
content-length: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame 77E7
Redirect Chain

https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=6146079985838723153

42 B
219 B

4ms
3ms

Image
image/gif

103.231.98.194
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=6146079985838723153
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/horoscope/73929/
Protocol: H2
Server: 103.231.98.194 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

content-type: image/gif; charset=utf-8
date: Sun, 19 Feb 2023 18:30:21 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Sun, 19 Feb 2023 18:30:21 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=6146079985838723153
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame 77E7
Redirect Chain

https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
https://x.bidswitch.net/ul_cb/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
https://pool.admedo.com/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic&bsw_custom_parameter=91f5f182-b782-4407-985c-6593dbbf178e
https://pool.admedo.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic&bsw_custom_parameter=91f5f182-b782-4407-985c-6593dbbf178e
https://x.bidswitch.net/sync?dsp_id=23&expires=14&user_id=04967bed-3a89-420a-be7e-ffbb132ccadf&user_group=1&ssp=pubmatic&bsw_param=91f5f182-b782-4407-985c-6593dbbf178e
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=91f5f182-b782-4407-985c-6593dbbf178e&gdpr=&gdpr_consent=&gdpr_pd=

1 B
245 B

5ms
4ms

Image
text/html

103.231.98.194
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=91f5f182-b782-4407-985c-6593dbbf178e&gdpr=&gdpr_consent=&gdpr_pd=
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/horoscope/73929/
Protocol: H2
Server: 103.231.98.194 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

content-type: text/html; charset=utf-8
date: Sun, 19 Feb 2023 18:30:23 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 1
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Location: //simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=91f5f182-b782-4407-985c-6593dbbf178e&gdpr=&gdpr_consent=&gdpr_pd=
Date: Sun, 19 Feb 2023 18:30:23 GMT
Cache-Control: no-cache, no-store, must-revalidate
Server: nginx
Connection: keep-alive
Content-Length: 0

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame 77E7
Redirect Chain

https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=85D19C09-7095-475E-95C8-9F29F99AFE82&gdpr=0&gdpr_consent=
https://pubmatic-match.dotomi.com/match/bounce/current?DotomiTest=38bc08a4d43c1b0a&is_secure=true&networkId=17100&version=1&nuid=85D19C09-7095-475E-95C8-9F29F99AFE82&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAALmhfd_BEgeAMVz09HAAAAAAA&expiration=1676917821&nuid=85D19C09-7095-475E-95C8-9F29F99AFE82&...

42 B
264 B

4ms
4ms

Image
image/gif

103.231.98.194
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAALmhfd_BEgeAMVz09HAAAAAAA&expiration=1676917821&nuid=85D19C09-7095-475E-95C8-9F29F99AFE82&is_secure=true&gdpr_consent=&gdpr=0
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/horoscope/73929/
Protocol: H2
Server: 103.231.98.194 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

content-type: image/gif; charset=utf-8
date: Sun, 19 Feb 2023 18:30:21 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Sun, 19 Feb 2023 18:30:21 GMT
server: nginx
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAALmhfd_BEgeAMVz09HAAAAAAA&expiration=1676917821&nuid=85D19C09-7095-475E-95C8-9F29F99AFE82&is_secure=true&gdpr_consent=&gdpr=0
cache-control: no-cache, private, max-age=0, no-store
content-length: 0
expires: 0

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame 77E7
Redirect Chain

https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=7626325209235729978&gdpr=0&gdpr_consent=&us_privacy=

1 B
175 B

6ms
4ms

Image
text/html

103.231.98.194
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=7626325209235729978&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/horoscope/73929/
Protocol: H2
Server: 103.231.98.194 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

content-type: text/html; charset=utf-8
date: Sun, 19 Feb 2023 18:30:21 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 1
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=7626325209235729978&gdpr=0&gdpr_consent=&us_privacy=
pragma: no-cache
date: Sun, 19 Feb 2023 18:30:20 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 0
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame 77E7
Redirect Chain

https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA%3D%26piggybackCookie%3D%24UID
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=5043346485621275506

42 B
95 B

5ms
4ms

Image
image/gif

103.231.98.194
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=5043346485621275506
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/horoscope/73929/
Protocol: H2
Server: 103.231.98.194 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

content-type: image/gif; charset=utf-8
date: Sun, 19 Feb 2023 18:30:22 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date: Sun, 19 Feb 2023 18:30:22 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 103.254.153.210; 103.254.153.210; 906.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: 678118f0-d4df-4c52-a456-6f627cbf91b0
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=5043346485621275506
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 container.html Show response
980f4f4d67287649793d18d60622bf76.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 40E8 6 KB
3 KB 7ms
5ms Document
text/html 2404:6800:4003:c11::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://980f4f4d67287649793d18d60622bf76.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023021501.js?cb=31072498

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c11::84 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.sanook.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 19 Feb 2023 18:30:20 GMT
expires: Mon, 19 Feb 2024 18:30:20 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame B6EF 0
0 13ms
9ms Fetch
image/gif 2404:6800:4003:c06::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvjPIcP1P7z98TH8VFq6OWm9-4g5St_r2GPTzTyfI1DtdOCa3JSpuAqUmaSH4jn5DGJdnW44YvQkMTJyg35ee-_NRugzlzZT5L2uExrL8-nk8-crXh8P2d40Mg80EhCsADjKBy7mZH3yjsKKtYz32RE3n4vsOLeUKRsh_LoVm5sZzxk2zMyJue9ooC33uX1vzT7yKyfXAj8VIOkhns6_aZvv8bjeVRdFZJmLuujZmuIFDyYg-OhIkN3ls_7L4sf415JtPxrf8FEk4h4KSBThAdQU5_yEHhY1UqTgLANixPqON_zjYH2gkwH7zg-BulHU-hx7ZtnwIUbb6weJQMs6yEmzuJZpNHZDOmeaAGa8bQNs1hnLG4kkw&sai=AMfl-YT_LUm7Q5UqHfoC0yhXpE3lpIBmExZSXB59lVkaPlEoJIBCquCI7na5oxpsxh02x0dJTHJ1aIoaSWDQ8ka1b9SQWBkgAAVHM80Ca3dCMawjSDFLPvndK31BBOLj7g&sig=Cg0ArKJSzFnF_p0VnRK_EAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c06::9a , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sun, 19 Feb 2023 18:30:21 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sun, 19 Feb 2023 18:30:21 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame D660 0
0 9ms
9ms Fetch
image/gif 2404:6800:4003:c06::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuLSIz5U_B78FdOKKm-W7ISTlP3JssMYX78zKKIYujdPAijl4mGrGJFOMd_iQ6Ub1DEd2_sw3E3NrvQb3G_oEqqil2IDcMLnrK22csfVxMHlQbgJNfxvUQ_EDDqxflLfbUqPN5KF3IA9gDRKijVrXfpKrD6knfd1_gL7y4B4J8VBY8w358erYkb2-o9kKN0HlQNw2Z5RlXQRV1u5fT0TeqGwVHQEhIdLRxwYqbHPEmy6Fqwzrkno3f_9y0It4Kg2jNOwj-lESjXwBhuoa-py6vkCnvEzAzzgvK0mHep1GckqGP1QpNK416LmO7_AVDBqqLxb73jafjGNWvM_lJKXQabsSd_vgW68vg-ptG8Z-GiKKYnLrh_FqR_pc2XdGTX&sai=AMfl-YQi844uJo4h0fKjiW5w39sHNzm-tQjjk3mFswLN_fqOCvCd5m_veAg2DENPW3N9voFXJED_X5jBpVikO-FZg8Ul9f-9z8qCerE1vtVyLQJ_7byrB3XM2G5-5Eqthlg&sig=Cg0ArKJSzGu35FVDOE7JEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c06::9a , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sun, 19 Feb 2023 18:30:21 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sun, 19 Feb 2023 18:30:21 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 4993
Redirect Chain

https://match.adsrvr.org/track/cmf/casale
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=f91d4e2a-9548-4c26-a952-3061050615ad&expiration=1679423421&gdpr=0&gdpr_consent=

43 B
632 B

119ms
36ms

Image
image/gif

139.5.84.243
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=f91d4e2a-9548-4c26-a952-3061050615ad&expiration=1679423421&gdpr=0&gdpr_consent=
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fwww.sanook.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: HTTP/1.1
Server: 139.5.84.243 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 19 Feb 2023 18:30:21 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=500
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Sun, 19 Feb 2023 18:30:21 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=f91d4e2a-9548-4c26-a952-3061050615ad&expiration=1679423421&gdpr=0&gdpr_consent=
content-type: text/html
cache-control: private,no-cache, must-revalidate
content-length: 323

GET
H/1.1

200
OK

dcm
s.amazon-adsystem.com/ Frame 4993
Redirect Chain

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y_JqvVmfHdKvpbEbBRMNQAAAFL8AAAAB
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y_JqvVmfHdKvpbEbBRMNQAAAFL8AAAAB&dcc=t

43 B
855 B

271ms
270ms

Image
image/gif

52.46.143.56
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y_JqvVmfHdKvpbEbBRMNQAAAFL8AAAAB&dcc=t

Requested by

Protocol

HTTP/1.1

Server

52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 19 Feb 2023 18:30:22 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: PEFEE69SCCJXAGR7D0PZ
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sun, 19 Feb 2023 18:30:22 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: FY86NW7AWAWHGHXHFPKG
Vary: Content-Type,Accept-Encoding,User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location: https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y_JqvVmfHdKvpbEbBRMNQAAAFL8AAAAB&dcc=t
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3

200

usermatchredir
ssum-sec.casalemedia.com/ Frame 4993
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=Y_JqvVmfHdKvpbEbBRMNQAAAFL8AAAAB&gdpr_consent=&us_privacy=&gdpr=
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEJ2XapWvlrIpGRMbZFHl7IY&google_cver=1

43 B
754 B

138ms
138ms

Image
image/gif

104.18.24.185
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEJ2XapWvlrIpGRMbZFHl7IY&google_cver=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fwww.sanook.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: H3
Server: 104.18.24.185 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 19 Feb 2023 18:30:21 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MvwmuqJZhNSMNrN8zdXM4UnWLg4F6eb93rNPXV%2BmijmWJELeGx%2B9ug4MOCKryIzufpS57yp1svKd98v%2B2kxhzmh1Nm9cc3g5272LpREIfZ0YgR4MV6mezoX7Qy6z9LqQg%2B4KaWUEQGVpXw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 79c112c0aa5d9f7a-SIN
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Sun, 19 Feb 2023 18:30:21 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEJ2XapWvlrIpGRMbZFHl7IY&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 342
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame 4993
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=Y-JqvVmfHdKvpbEbBRMNQAAA
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEFRn2HLsC4qajxnROmKt824&google_cver=1

43 B
632 B

37ms
36ms

Image
image/gif

139.5.84.243
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEFRn2HLsC4qajxnROmKt824&google_cver=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fwww.sanook.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: HTTP/1.1
Server: 139.5.84.243 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 19 Feb 2023 18:30:21 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=498
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Sun, 19 Feb 2023 18:30:21 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEFRn2HLsC4qajxnROmKt824&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 314
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

demconf.jpg
dpm.demdex.net/ Frame 4993
Redirect Chain

https://dpm.demdex.net/ibs:dpid=23728&dpuuid=Y-JqvVmfHdKvpbEbBRMNQAAA%265311?gdpr_consent=&us_privacy=&gdpr=
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=23728&dpuuid=Y-JqvVmfHdKvpbEbBRMNQAAA%265311

42 B
942 B

7ms
6ms

Image
image/gif

18.139.23.58
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=23728&dpuuid=Y-JqvVmfHdKvpbEbBRMNQAAA%265311

Requested by

Protocol

HTTP/1.1

Server

18.139.23.58 , Singapore, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-139-23-58.ap-southeast-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

DCS: dcs-prod-apse-2-v043-02f7750fb.edge-apse.demdex.com 2 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: 2K4t01ODT9M=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type: image/gif
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

DCS: dcs-prod-apse-2-v043-01d4c9963.edge-apse.demdex.com 0 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: es+hGTH0QvI=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location: https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=23728&dpuuid=Y-JqvVmfHdKvpbEbBRMNQAAA%265311
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame 4993
Redirect Chain

https://pm.w55c.net/ping_match.gif?ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_
https://pm.w55c.net/ping_match.gif?scc=1&ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=BkkwXAyr1PtOs55

43 B
632 B

37ms
37ms

Image
image/gif

139.5.84.243
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=BkkwXAyr1PtOs55
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fwww.sanook.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: HTTP/1.1
Server: 139.5.84.243 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 19 Feb 2023 18:30:21 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=499
Content-Length: 43
Expires: 0

Redirect headers

Pragma: no-cache
Date: Sun, 19 Feb 2023 18:30:20 GMT
Strict-Transport-Security: max-age=2592000; includeSubDomains
Server: PingMatch/d601d38#rel-ec2-master i-06803fae837696b94@ap-southeast-1b@dxedge-app-ap-southeast-1-prod-asg
Location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=BkkwXAyr1PtOs55
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame 4993
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=bfff63f2-6abd-4100-a7ca-a4b3189e2292

43 B
632 B

35ms
35ms

Image
image/gif

139.5.84.243
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=bfff63f2-6abd-4100-a7ca-a4b3189e2292
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fwww.sanook.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: HTTP/1.1
Server: 139.5.84.243 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 19 Feb 2023 18:30:21 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=499
Content-Length: 43
Expires: 0

Redirect headers

Date: Sun, 19 Feb 2023 18:30:21 GMT
Server: MT3 475 4bd2ccd master hkg-pixel-x3 config:1.0.0
Content-Type: image/gif
Access-Control-Allow-Origin: *
location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=bfff63f2-6abd-4100-a7ca-a4b3189e2292
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache
Connection: keep-alive
Keep-Alive: timeout=360
Content-Length: 0
Expires: Sun, 19 Feb 2023 18:30:20 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 4993
Redirect Chain

https://csync.loopme.me/?pubid=11466&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D24%26external_user_id%3D%7Bviewer_token%7D&us_privacy=&gdpr=&gdpr_consent=
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=24&external_user_id=1779c342-694a-4cf2-9573-169369e4e673&us_privacy=null&gdpr_consent=null&gdpr=null

43 B
632 B

37ms
36ms

Image
image/gif

139.5.84.243
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=24&external_user_id=1779c342-694a-4cf2-9573-169369e4e673&us_privacy=null&gdpr_consent=null&gdpr=null
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fwww.sanook.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: HTTP/1.1
Server: 139.5.84.243 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 19 Feb 2023 18:30:22 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=497
Content-Length: 43
Expires: 0

Redirect headers

location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=24&external_user_id=1779c342-694a-4cf2-9573-169369e4e673&us_privacy=null&gdpr_consent=null&gdpr=null
date: Sun, 19 Feb 2023 18:30:21 GMT
server: _
content-length: 0

GET
H2 200 htw-pixel.gif
cdn.indexww.com/ht/ Frame 4993 43 B
102 B 15ms
12ms Image
image/gif 104.18.10.47
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.indexww.com/ht/htw-pixel.gif?Y-JqvVmfHdKvpbEbBRMNQAAA%265311
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fwww.sanook.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.10.47 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sun, 19 Feb 2023 18:30:21 GMT
cf-cache-status: HIT
last-modified: Tue, 24 Jan 2017 19:36:04 GMT
server: cloudflare
age: 80376
etag: "761e21-2b-546dc3a097100"
vary: Accept-Encoding
content-type: image/gif
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
edge-control: cache-maxage=1h
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 79c112c01d7619ac-SIN
content-length: 43
expires: Mon, 20 Feb 2023 18:30:21 GMT

GET
H2 200 st Show response
imprsgmp.taboola.com/ Frame F152 737 B
553 B 10ms
6ms Document
text/html 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://imprsgmp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V7yg4CFgMtJZNQBpbcQwQtJZNQBpbcQwUAAAAGBuIHJGEbjDbL0W4t2mxca9HEN3MrnJvNWmaxLCaTjW-2WKyMQBK2wWizHO3Wos3GtRZNfDO3wrnZrGUWy2Iy2fhmi8XKCh_GcpkMaoGEZfb7DgrK6ekxuwyiouttsTucZs8bTtB0Onyue73u97trHna_32vX-N1-od_y93z8hpdft1lOlns5AAAAADz8____QwAAAABEAAAAAEgAAAAAUARU_FsIXAAAAABg_P___2sAAHMkzNPucxj-lpc_AAAAAEAAAAAASAAIOtZKACywqk7-_________2MG6DNvZP7___9vGHoAHnwAHoQAAAAehlbJ10QW8P6CiAo6ihgBAAAAnPlnSh9N6oTKour__7_fCuAKACDAUA3-PSpLd1DiLQwAAEBgbIEeFr_f7LBr_G6X_f________-b_Z_9o_2MXiukCT3Pzqj9AgIArP0CAgCwqRsAwFsAXNARtGIwWN1ArlazAwAAALj7____1wMRw2qxmyx3q9HGNDNsnMvZzLew2BbLzWplGDmW28OsxEkRcPtQ7AsRltnvOygop6fH7DKIiq63xe5wmj0H8UHDsJwMovlN2GK0mkw2y-FsuZgMhqPhaLS_gVgMBjgRg-VyMllMdqvRarQZ7kazwQIFYjBBihYNJqvRaLKYDFejyWq2XOx2G6Ro1Wo22gyGq9lkttuthoPhcjTCCVuMVpPJZjmcLReTwXA0HI2GCFOmjc0zM6zcEpNvtxZNViu3xGYYrmUOw2hmWe2WM8vKLXp9TA-XxWbYbLwoGDCyF8nTIp3IXKOFb-VxDFem4XLhmKwWM4vDuDAthruNYbKYWcQSzckincgu-4phtdhNlrvVaGOaGTbO5WzmW1hsi-VmtTKMHMt9y7SxeWaGlVti8u3Woslq5ZbYDMO1zGEYzSyr3XJmWblFr4_p4bLYDJuNvzHbzYabxWgy2Ddmu9lwsxhNBvsOneG7-pyNnsvB3HGpL99z5nZzGBQug8X7PVik0WlnZ_S5DBeLamzaOSZWod_v9_v9fr_f7_duzAaPwWD4Wc7Hvtiv_RZOnu_GezAqYongIp1oHna_32sRS5Smi3SiF_otf8_Hb3j5dZvlZDkRSwSni3QiehlPF_UfH2KwmUtWo7litZlLFoNVAgAAAAAAAABYwpR5EwAAAIDTQGbL2W61zoMYzUajwWq5AA9wAbo_vGaYs682tbsOxL7bG3lxCMWNHxvMw-73e60MACGYzbz5M0Gs1WpZAwAACGADAAAEcOvmLQCLif____-PAwAAkJGjBwAAEN8HMvLCjVov_OAfaNVg!&cmcv=&pix=undefined&cb=1676831421391&uv=3255&tms=1676831421391&abt=ufm&ft=0&unm=WIDGET_ITEM&aure=false&agl=1&cirid=a6043947-43c5-4b7f-a933-fb2122c7611e&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/3.9.8/UnitWidgetItemDesktop.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 53eb07d44eaf1490412e7850b7cb92822bd630e222e28c1990a7dc2c97ba4e2c

Request headers

Referer: https://www.sanook.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

accept-ranges: bytes
content-encoding: gzip
content-type: text/html;charset=ISO-8859-1
date: Sun, 19 Feb 2023 18:30:21 GMT
server: nginx
vary: Accept-Encoding
via: 1.1 varnish
x-cache: MISS
x-cache-hits: 0
x-served-by: cache-qpg1249-QPG
x-timer: S1676831421.406742,VS0,VE3

GET
H2 200 sync Show response
sg-match.taboola.com/ Frame 7FEE 564 B
658 B 20ms
4ms Document
text/html 141.226.229.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://sg-match.taboola.com/sync?dast=V7yg4CFgMtJZNQBpbcQwQtJZNQBpbcQwUAAAAGBuIHJGEbjDbL0W4t2mxca9HEN3MrnJvNWmaxLCaTjW-2WKyMQBK2wWizHO3Wos3GtRZNfDO3wrnZrGUWy2Iy2fhmi8XKCh_GcpkMaoGEZfb7DgrK6ekxuwyiouttsTucZs8bTtB0Onyue73u97trHna_32vX-N1-od_y93z8hpdft1lOlns5AAAAADz8____QwAAAABEAAAAAEgAAAAAUARU_FsIXAAAAABg_P___2sAAHMkzNPucxj-lpc_AAAAAEAAAAAASAAIOtZKACywqk7-_________2MG6DNvZP7___9vGHoAHnwAHoQAAAAehlbJ10QW8P6CiAo6ihgBAAAAnPlnSh9N6oTKour__7_fCuAKACDAUA3-PSpLd1DiLQwAAEBgbIEeFr_f7LBr_G6X_f________-b_Z_9o_2MXiukCT3Pzqj9AgIArP0CAgCwqRsAwFsAXNARtGIwWN1ArlazAwAAALj7____1wMRw2qxmyx3q9HGNDNsnMvZzLew2BbLzWplGDmW28OsxEkRcPtQ7AsRltnvOygop6fH7DKIiq63xe5wmj0H8UHDsJwMovlN2GK0mkw2y-FsuZgMhqPhaLS_gVgMBjgRg-VyMllMdqvRarQZ7kazwQIFYjBBihYNJqvRaLKYDFejyWq2XOx2G6Ro1Wo22gyGq9lkttuthoPhcjTCCVuMVpPJZjmcLReTwXA0HI2GCFOmjc0zM6zcEpNvtxZNViu3xGYYrmUOw2hmWe2WM8vKLXp9TA-XxWbYbLwoGDCyF8nTIp3IXKOFb-VxDFem4XLhmKwWM4vDuDAthruNYbKYWcQSzckincgu-4phtdhNlrvVaGOaGTbO5WzmW1hsi-VmtTKMHMt9y7SxeWaGlVti8u3Woslq5ZbYDMO1zGEYzSyr3XJmWblFr4_p4bLYDJuNvzHbzYabxWgy2Ddmu9lwsxhNBvsOneG7-pyNnsvB3HGpL99z5nZzGBQug8X7PVik0WlnZ_S5DBeLamzaOSZWod_v9_v9fr_f7_duzAaPwWD4Wc7Hvtiv_RZOnu_GezAqYongIp1oHna_32sRS5Smi3SiF_otf8_Hb3j5dZvlZDkRSwSni3QiehlPF_UfH2KwmUtWo7litZlLFoNVAgAAAAAAAABYwpR5EwAAAIDTQGbL2W61zoMYzUajwWq5AA9wAbo_vGaYs682tbsOxL7bG3lxCMWNHxvMw-73e60MACGYzbz5M0Gs1WpZAwAACGADAAAEcOvmLQCLif____-PAwAAkJGjBwAAEN8HMvLCjVov_OAfaNVg!&excid=22&docw=0&cijs=1&nlb=false
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/3.9.8/UnitWidgetItemDesktop.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.229.48 , Singapore, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: 5c9e8e8d6d41e257703acdc0691c1590eec4bc7311ff08bfddd367ecd9a1a5df

Request headers

Referer: https://www.sanook.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

content-type: text/html;charset=ISO-8859-1
date: Sun, 19 Feb 2023 18:30:21 GMT
machineid: 3301
server: nginx

POST
H2 200 VideoBidRequestHandlerServlet Show response
sg-wf.taboola.com/ 1 KB
932 B 163ms
144ms XHR
application/json 141.226.229.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://sg-wf.taboola.com/VideoBidRequestHandlerServlet?oid=15&width=357&height=200&pubid=169497&tagid=953497&crid=-1&noaop=3&sortOrderType=0&cb=1676831421405&mimes=5,10,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=1&pv=1504&pt=-1377852819&tz=0&viewable=true&ddast=V7yg4CFgMtJZNQBpbcQwQtJZNQBpbcQwUAAAAGBuIHJGEbjDbL0W4t2mxca9HEN3MrnJvNWmaxLCaTjW-2WKyMQBK2wWizHO3Wos3GtRZNfDO3wrnZrGUWy2Iy2fhmi8XKCh_GcpkMaoGEZfb7DgrK6ekxuwyiouttsTucZs8bTtB0Onyue73u97trHna_32vX-N1-od_y93z8hpdft1lOlns5AAAAADz8____QwAAAABEAAAAAEgAAAAAUARU_FsIXAAAAABg_P___2sAAHMkzNPucxj-lpc_AAAAAEAAAAAASAAIOtZKACywqk7-_________2MG6DNvZP7___9vGHoAHnwAHoQAAAAehlbJ10QW8P6CiAo6ihgBAAAAnPlnSh9N6oTKour__7_fCuAKACDAUA3-PSpLd1DiLQwAAEBgbIEeFr_f7LBr_G6X_f________-b_Z_9o_2MXiukCT3Pzqj9AgIArP0CAgCwqRsAwFsAXNARtGIwWN1ArlazAwAAALj7____1wMRw2qxmyx3q9HGNDNsnMvZzLew2BbLzWplGDmW28OsxEkRcPtQ7AsRltnvOygop6fH7DKIiq63xe5wmj0H8UHDsJwMovlN2GK0mkw2y-FsuZgMhqPhaLS_gVgMBjgRg-VyMllMdqvRarQZ7kazwQIFYjBBihYNJqvRaLKYDFejyWq2XOx2G6Ro1Wo22gyGq9lkttuthoPhcjTCCVuMVpPJZjmcLReTwXA0HI2GCFOmjc0zM6zcEpNvtxZNViu3xGYYrmUOw2hmWe2WM8vKLXp9TA-XxWbYbLwoGDCyF8nTIp3IXKOFb-VxDFem4XLhmKwWM4vDuDAthruNYbKYWcQSzckincgu-4phtdhNlrvVaGOaGTbO5WzmW1hsi-VmtTKMHMt9y7SxeWaGlVti8u3Woslq5ZbYDMO1zGEYzSyr3XJmWblFr4_p4bLYDJuNvzHbzYabxWgy2Ddmu9lwsxhNBvsOneG7-pyNnsvB3HGpL99z5nZzGBQug8X7PVik0WlnZ_S5DBeLamzaOSZWod_v9_v9fr_f7_duzAaPwWD4Wc7Hvtiv_RZOnu_GezAqYongIp1oHna_32sRS5Smi3SiF_otf8_Hb3j5dZvlZDkRSwSni3QiehlPF_UfH2KwmUtWo7litZlLFoNVAgAAAAAAAABYwpR5EwAAAIDTQGbL2W61zoMYzUajwWq5AA9wAbo_vGaYs682tbsOxL7bG3lxCMWNHxvMw-73e60MACGYzbz5M0Gs1WpZAwAACGADAAAEcOvmLQCLif____-PAwAAkJGjBwAAEN8HMvLCjVov_OAfaNVg!&proto=2,3,5,6&encoded=1&pstn=vforce2&callback=&wfv=1&amp=0&qsz=6&ft=0&pb=0&pagg=1&sd=undefined&ctsldr=0&dtagid=1464405&dpubid=269675&abtst=ufm&mPre=0.033&cirf=https%3A%2F%2Fwww.sanook.com&en=1
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/horoscope/73929/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.229.48 , Singapore, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: a4ff991688902b49d07031d108f1285257b726a571b3fd69df52422a8d49374a

Request headers

Referer: https://www.sanook.com/
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Content-type: text/plain

Response headers

pragma: no-cache
date: Sun, 19 Feb 2023 18:30:21 GMT
content-encoding: gzip
server: nginx
machineid: 1304
vary: Accept-Encoding
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.sanook.com
cache-control: no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
access-control-allow-credentials: true
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame FEF7 0
0 10ms
10ms Fetch
image/gif 2404:6800:4003:c06::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuQv2lrP1mUKIn2wPbdmYQIebbscKOl0_RxXzkjbuZvUh93wL_uZQqSdkqJ3GtqLa6dFqJvBaDMOLEr288lkyoAL-aYZFfNYGyuFNN_FmNnP9hMkmFd6G4tH-UWOics1F_Ia3-YlyqFeA6l5Mt0ZskEKSOEcl5YIU2O7KQACcbWYHKpZzxeoiYIzbDQ4JIrrh4kIavghDQ54P5jplGFQaroyEhsUn0WxHOv3tSntT78oPpltuJUI4H7minAw6RorhGt8QDFXCuxG5UCebrq8-ODi65TiHy0EifEnWzsOq8pDyjudI97_Z6J0-OYkG1oMSgDjkVqPgRuvC4TGWdKSwPd0sbHtVfSIdqZCVMDYVkckwzDSA&sai=AMfl-YRuYVoLQnFrgSjh5bvgt1vkP9otOXYXk8myiKn62S7Y9971GFibCoyiDro4631HDdplaMRqh-PusFLULwIngZ1AwVBVrRtD0F_bVpxVD6LaDoI8Ic7tTI4CUL2_r3k&sig=Cg0ArKJSzEq0rIhes0RMEAE&uach_m=[UACH]&adurl=

Requested by

Host: www.sanook.com
URL: https://www.sanook.com/horoscope/73929/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c06::9a , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sun, 19 Feb 2023 18:30:21 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230215/r20110914/ Frame FEF7 22 KB
9 KB 16ms
3ms Script
text/javascript 2404:6800:4003:c01::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230215/r20110914/abg_lite_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023021501.js?cb=31072498

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c01::84 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0ceb563d6ce39ba6ab2e90a1d7e6a39d737a2fa59db1914b115f784bbf97fa5f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sun, 19 Feb 2023 13:06:02 GMT
content-encoding: br
x-content-type-options: nosniff
age: 19459
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8814
x-xss-protection: 0
server: cafe
etag: 11378319237421819138
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 05 Mar 2023 13:06:02 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230215/r20110914/client/ Frame FEF7 3 KB
1 KB 17ms
4ms Script
text/javascript 2404:6800:4003:c01::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230215/r20110914/client/window_focus_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023021501.js?cb=31072498

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c01::84 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sun, 19 Feb 2023 10:31:59 GMT
content-encoding: br
x-content-type-options: nosniff
age: 28702
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 05 Mar 2023 10:31:59 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame FEF7 0
0 60ms
59ms Image
text/html 2404:6800:4003:c11::63
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaT_5xCHtbAJhTzHYPrBYRTAExernLuuEOzdbq20ptooU1cxNcQmu64X9OcbUU_2qbEU3kN5SJtxqFi2WHqkjAMEgOSKWw
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023021501.js?cb=31072498
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2404:6800:4003:c11::63 , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame FEF7 156 KB
48 KB 6ms
4ms Script
text/javascript 2404:6800:4003:c03::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023021501.js?cb=31072498

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::9a , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a85af52452417453ae5ced98aa54a149925de2155e823234dce588c331d11aa0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sun, 19 Feb 2023 18:30:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48814
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1676465787912926"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 19 Feb 2023 18:30:21 GMT

GET
H2 200 o_1gihrnvbp1nvr1akpn9263jt16j.jpg
img-as.fsanook.com/files/uploads/ads/dfp/20221123/ Frame FEF7 162 KB
163 KB 741ms
2ms Image
image/jpeg 43.132.80.28
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img-as.fsanook.com/files/uploads/ads/dfp/20221123/o_1gihrnvbp1nvr1akpn9263jt16j.jpg
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023021501.js?cb=31072498
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 43.132.80.28 , Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: Lego Server /
Resource Hash: 2cff8f6c3aa789bda0791bbfe369f5e33f8749a9c9c5e9e4ff8983b1f0c75e0d

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sun, 19 Feb 2023 18:30:22 GMT
x-cache-lookup: Cache Hit, Hit From Inner Cluster
last-modified: Wed, 23 Nov 2022 09:05:19 GMT
server: Lego Server
etag: "637de24f-28908"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=2592000
x-nws-log-uuid: 4289934130709111541
accept-ranges: bytes
content-length: 166152

GET
H2

200

/
sync-t1.taboola.com/sg/telaria-rtb-network/1/rtb-h/ Frame F152
Redirect Chain

https://taboola-supply-partners.tremorhub.com/sync?UISTB=%3CtaboolaUserId%3E&gdpr=0&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Ftelaria-rtb-network%2F1%2Frtb-h%2F%3Fgdpr%3D0%26us...
https://sync-t1.taboola.com/sg/telaria-rtb-network/1/rtb-h/?gdpr=0&us_privacy=1---&taboola_hm=ea3389a6971146ac8ce78c1226784ecc&orig=video

0
229 B

6ms
5ms

Image
text/plain

141.226.229.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync-t1.taboola.com/sg/telaria-rtb-network/1/rtb-h/?gdpr=0&us_privacy=1---&taboola_hm=ea3389a6971146ac8ce78c1226784ecc&orig=video
Requested by: Host: imprsgmp.taboola.com
URL: https://imprsgmp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V7yg4CFgMtJZNQBpbcQwQtJZNQBpbcQwUAAAAGBuIHJGEbjDbL0W4t2mxca9HEN3MrnJvNWmaxLCaTjW-2WKyMQBK2wWizHO3Wos3GtRZNfDO3wrnZrGUWy2Iy2fhmi8XKCh_GcpkMaoGEZfb7DgrK6ekxuwyiouttsTucZs8bTtB0Onyue73u97trHna_32vX-N1-od_y93z8hpdft1lOlns5AAAAADz8____QwAAAABEAAAAAEgAAAAAUARU_FsIXAAAAABg_P___2sAAHMkzNPucxj-lpc_AAAAAEAAAAAASAAIOtZKACywqk7-_________2MG6DNvZP7___9vGHoAHnwAHoQAAAAehlbJ10QW8P6CiAo6ihgBAAAAnPlnSh9N6oTKour__7_fCuAKACDAUA3-PSpLd1DiLQwAAEBgbIEeFr_f7LBr_G6X_f________-b_Z_9o_2MXiukCT3Pzqj9AgIArP0CAgCwqRsAwFsAXNARtGIwWN1ArlazAwAAALj7____1wMRw2qxmyx3q9HGNDNsnMvZzLew2BbLzWplGDmW28OsxEkRcPtQ7AsRltnvOygop6fH7DKIiq63xe5wmj0H8UHDsJwMovlN2GK0mkw2y-FsuZgMhqPhaLS_gVgMBjgRg-VyMllMdqvRarQZ7kazwQIFYjBBihYNJqvRaLKYDFejyWq2XOx2G6Ro1Wo22gyGq9lkttuthoPhcjTCCVuMVpPJZjmcLReTwXA0HI2GCFOmjc0zM6zcEpNvtxZNViu3xGYYrmUOw2hmWe2WM8vKLXp9TA-XxWbYbLwoGDCyF8nTIp3IXKOFb-VxDFem4XLhmKwWM4vDuDAthruNYbKYWcQSzckincgu-4phtdhNlrvVaGOaGTbO5WzmW1hsi-VmtTKMHMt9y7SxeWaGlVti8u3Woslq5ZbYDMO1zGEYzSyr3XJmWblFr4_p4bLYDJuNvzHbzYabxWgy2Ddmu9lwsxhNBvsOneG7-pyNnsvB3HGpL99z5nZzGBQug8X7PVik0WlnZ_S5DBeLamzaOSZWod_v9_v9fr_f7_duzAaPwWD4Wc7Hvtiv_RZOnu_GezAqYongIp1oHna_32sRS5Smi3SiF_otf8_Hb3j5dZvlZDkRSwSni3QiehlPF_UfH2KwmUtWo7litZlLFoNVAgAAAAAAAABYwpR5EwAAAIDTQGbL2W61zoMYzUajwWq5AA9wAbo_vGaYs682tbsOxL7bG3lxCMWNHxvMw-73e60MACGYzbz5M0Gs1WpZAwAACGADAAAEcOvmLQCLif____-PAwAAkJGjBwAAEN8HMvLCjVov_OAfaNVg!&cmcv=&pix=undefined&cb=1676831421391&uv=3255&tms=1676831421391&abt=ufm&ft=0&unm=WIDGET_ITEM&aure=false&agl=1&cirid=a6043947-43c5-4b7f-a933-fb2122c7611e&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol: H2
Server: 141.226.229.48 , Singapore, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://imprsgmp.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sun, 19 Feb 2023 18:30:22 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 3084

Redirect headers

location: https://sync-t1.taboola.com/sg/telaria-rtb-network/1/rtb-h/?gdpr=0&us_privacy=1---&taboola_hm=ea3389a6971146ac8ce78c1226784ecc&orig=video
date: Sun, 19 Feb 2023 18:30:22 GMT
server: Apache-Coyote/1.1
content-length: 0
p3p: CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'

GET
H2

200

/
trc.taboola.com/sg/thetradedesk-network/1/rtb-h/ Frame F152
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?gdpr=0&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=f91d4e2a-9548-4c26-a952-3061050615ad

0
191 B

6ms
5ms

Image
text/plain

151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=f91d4e2a-9548-4c26-a952-3061050615ad
Requested by: Host: imprsgmp.taboola.com
URL: https://imprsgmp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V7yg4CFgMtJZNQBpbcQwQtJZNQBpbcQwUAAAAGBuIHJGEbjDbL0W4t2mxca9HEN3MrnJvNWmaxLCaTjW-2WKyMQBK2wWizHO3Wos3GtRZNfDO3wrnZrGUWy2Iy2fhmi8XKCh_GcpkMaoGEZfb7DgrK6ekxuwyiouttsTucZs8bTtB0Onyue73u97trHna_32vX-N1-od_y93z8hpdft1lOlns5AAAAADz8____QwAAAABEAAAAAEgAAAAAUARU_FsIXAAAAABg_P___2sAAHMkzNPucxj-lpc_AAAAAEAAAAAASAAIOtZKACywqk7-_________2MG6DNvZP7___9vGHoAHnwAHoQAAAAehlbJ10QW8P6CiAo6ihgBAAAAnPlnSh9N6oTKour__7_fCuAKACDAUA3-PSpLd1DiLQwAAEBgbIEeFr_f7LBr_G6X_f________-b_Z_9o_2MXiukCT3Pzqj9AgIArP0CAgCwqRsAwFsAXNARtGIwWN1ArlazAwAAALj7____1wMRw2qxmyx3q9HGNDNsnMvZzLew2BbLzWplGDmW28OsxEkRcPtQ7AsRltnvOygop6fH7DKIiq63xe5wmj0H8UHDsJwMovlN2GK0mkw2y-FsuZgMhqPhaLS_gVgMBjgRg-VyMllMdqvRarQZ7kazwQIFYjBBihYNJqvRaLKYDFejyWq2XOx2G6Ro1Wo22gyGq9lkttuthoPhcjTCCVuMVpPJZjmcLReTwXA0HI2GCFOmjc0zM6zcEpNvtxZNViu3xGYYrmUOw2hmWe2WM8vKLXp9TA-XxWbYbLwoGDCyF8nTIp3IXKOFb-VxDFem4XLhmKwWM4vDuDAthruNYbKYWcQSzckincgu-4phtdhNlrvVaGOaGTbO5WzmW1hsi-VmtTKMHMt9y7SxeWaGlVti8u3Woslq5ZbYDMO1zGEYzSyr3XJmWblFr4_p4bLYDJuNvzHbzYabxWgy2Ddmu9lwsxhNBvsOneG7-pyNnsvB3HGpL99z5nZzGBQug8X7PVik0WlnZ_S5DBeLamzaOSZWod_v9_v9fr_f7_duzAaPwWD4Wc7Hvtiv_RZOnu_GezAqYongIp1oHna_32sRS5Smi3SiF_otf8_Hb3j5dZvlZDkRSwSni3QiehlPF_UfH2KwmUtWo7litZlLFoNVAgAAAAAAAABYwpR5EwAAAIDTQGbL2W61zoMYzUajwWq5AA9wAbo_vGaYs682tbsOxL7bG3lxCMWNHxvMw-73e60MACGYzbz5M0Gs1WpZAwAACGADAAAEcOvmLQCLif____-PAwAAkJGjBwAAEN8HMvLCjVov_OAfaNVg!&cmcv=&pix=undefined&cb=1676831421391&uv=3255&tms=1676831421391&abt=ufm&ft=0&unm=WIDGET_ITEM&aure=false&agl=1&cirid=a6043947-43c5-4b7f-a933-fb2122c7611e&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol: H2
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://imprsgmp.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

x-vcl-time-ms: 2
date: Sun, 19 Feb 2023 18:30:21 GMT
via: 1.1 varnish
x-cache-hits: 0
server: nginx
x-timer: S1676831422.549245,VS0,VE2
x-cache: MISS
accept-ranges: bytes
content-length: 0
x-served-by: cache-qpg1249-QPG

Redirect headers

pragma: no-cache
date: Sun, 19 Feb 2023 18:30:21 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=f91d4e2a-9548-4c26-a952-3061050615ad
content-type: text/html
cache-control: private,no-cache, must-revalidate
content-length: 239

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 40E8 0
0 19ms
18ms Fetch
text/html 2404:6800:4003:c06::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CIUuCvGryY7i-OYmYvQSTprKYC4bK5Z5chIHg9s4CwI23ARABIABgvwWCARdjYS1wdWItNjE2NzIzODcxMjcyOTAzMsgBCeACAKgDAaoEkgJP0DtqwX-YapV2d9zuj-PRvvO6o0paEFjExXoed372gckNQWtUDYII--aaoTFYw0CmHH5pHyeYBpnICAza9fyX6_XszP_1lgbTYLTtG0HKTrpcR7JOxYjP-__i96eqevnAauD5D-juC6yTIyBwzZyVrHSpbChrSXIpNeNnS9q1h9g9hHOdXokZEgz5yPgpB-5fQ2SxFTuUuIEofqZrN_Cqjez_YLQw6JgFEbR078twA60566ZaQLg0Z_Tu__hobOPDFpp_A7zwirT1-z7dCdWF2d8L_fnalECeEjrtRJFG_kGP7gwKh2jg3I8psww9K-hxBU3ntXi3T-aFD_o1vLNjcWtVJIYJxfHLDGsHFOJuOeyY4AQBgAbukNCc-5Gp6b0BoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgECACgP6CwIIAYAMAdAVAYAXAbIXHAoaEhRwdWItNjE2NzIzODcxMjcyOTAzMhj3gRA&sigh=Q55B2zbijqs&uach_m=[UACH]&cid=CAQSOwDUE5ymjdLyLguBRuL7SlL53RVjVWDLKS-y1JvaRHrlJfTr5xAo-wHhPMCP8WNj5jmtZ18O6e5CQ_4UGAE&tpd=AGWhJmuu33KFkzazzRc-dovF8leYSdXMC3zSnWJy3lWEse1k--eBxvjeWY39_CajP7_K4jv0FrI5Sh1RQ_0TiZEilKvkuKDjL0L685VWdYQnD9LsimlQ4TnPBTQui47rDBZ7RG68hvNj0GJ4toSsAYf1G33thoLU2qroj5yzaztNoGmdftbgXZN9vEF79ApglbWY2_y4A_A4avPyoEOKFtzL08hqaDIK981NdllQE75AkcTpZ0IBUaX09obcehMbEXb-sBRrytVSqU7ofyaJ6uKFQH4CvIyNH6h1kq4nBXFHcjKwuz6Ht7UPVYVJZxNIoxync4JkuvhibsHljnW3Mlh0isK53-va1lvdEtKdz9jV0MN2Bnj86YznOaot5Jhi-cy_6S7NmYRQTNQrp_EpepzvzGhNz_36d8ZBDC9y6c-qZcdDk73axwqLrzcUsIHT6nMSsWiL1in5-IzKMbGwDjRjAK583N9QLjRBzntcF274Cq5JbWRyWUD6Qg0lkie90Th2RLLy3YUDvC4dYn8ok6eGGa_dTO1QlUAxlMGu0gZc8qz-89Izs0uyLYBnZ4S7Bh2Czx9s2iJt1Wnc6cQdeq5t6JnZvjUkyVEbRFmHvNqAFPvJfV4MIX2IWdMq1shgv_ilOhLD9ajg64B4mjxCiu0swybTv-RoVVGRaeejJXQJZdbZbrJRrYE_YdBTIAt_8D0DW9GkDh1FezHaU5l4w24zPb15x6bHqNSfDpEoBTHqTZfPcN_7lBdnNBnzmCZqHPuxoorirIWZWx2Pqktb5xEBI0B5CZ8--UAtd6jbymPcfCNfYOuFPAapDgzyFpEi3njZ0UcLDS3gbU6fAzXgIsQ6MVvV-x3Ktfh4XU_Or4ZfGGy2Qj2CnoRJrEON4wiC7sJn50CJQoTE4LhyqQYetg7NL6N6M4L8H0iEYsX1F9l7G3Gj4qLJocVNDlu02_5JoLZOuUwLn6wFhA
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/horoscope/73929/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2404:6800:4003:c06::9a , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://980f4f4d67287649793d18d60622bf76.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

GET
H2 200 placement.js Show response
displayf-tm.everesttech.net/feed/ Frame 40E8 23 KB
5 KB 67ms
62ms Script
text/plain 151.101.130.49
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://displayf-tm.everesttech.net/feed/placement.js?id=Kxj2ilefT2dP544VKFNQ&site_id=naoDlBlH0O8G6nt8hTUu&rand=3119561323650651991&tm_auction_id=aa10bc0c-d5ef-4a5c-9e32-63ccd44b4d15.1&didtype=UNK&bi=B09NsxsXe0W_W5qLpiV796RiuWS-L-IeUzJndEcZAS501dop2yn7E0i52PVJzJi0JB0cfX-TJ-JHerzJK_s7di8J9RV5yJmtzd4Qe8m1o7xq8vELc-H__I0f3oI3wRee5AT9xMz1InD0JW8WnSLi5EJurlQ9iQoXdkE9W9qAZbLFuwyB3odmc5TMEHttw24jqULi6ox07UVn5AZWy6VBP9azhU4DO3iac2uRGL46IPznVDA1HJzl-iYtMX8sqHDO8_R&page_url=https%3A%2F%2Fwww.sanook.com%2Fhoroscope%2F73929&seller_id=540353017&tm_user_agent=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F110.0.5481.100+Safari%2F537.36&q=H4sIAAAAAAAAAGWRP0wTUQDGuTuwcjERSU1IB3MwGIre9b3evfYKA5a2tFjanr1SwO3-vCuPXu8ddwctsjG6mDASjc4aE-PI4uigO4txcTBxEEOMJkyCuPmNX_L7Dd83yn_9udef3Ht286SZKiZ-DfMz0a6PpQ6lHRcbPgkli_ZSJrFtHEh5W8fBDg6aeGsbh9H4--GJ0y8jU_HqYDNNXOy00raGFKVdXaw_mD4-OWTScccJyn6tTuF6B6mVSuE-6Lvq64-fX11fiK8Mlnc3d9e9NvJ2CprW2wq81QMmqtFHxHWNFJKAML1KPJv2Q6HeEiCQwJxwXmSUOWGQUZJC3vddvIrNKolSSM5KckaYrlZateW7gku6WChjq0uTQmEjoD2cghcCCSkqlCAAgm44RkD-cYeMYFlZpOQMJKezyMhC7GCcw4qtYscxTQisI-a2YUBgWsASbYQdUTGQJeawnBYzsmXZimIqNkQS_MbAq9-PE-Nxz6BFd8GtgIZazniRutFa2U7woeFR2r2YVWByQ3_zY_6UGUUKkJEMYPaMiS-V6qSkGhAttdsKbmpW7mFzn72Bow0aQiD6AbXFsOPLB-xYEJni5T2iQ4IweskOhyTCb9nYttf1aN87ZZP8_-T4lUto6posAVGv5zW90midsTF-BA98N9rnSvwI9bE3GHvxlElwerk4xa3oxeS7Ox_Edvh7fpYjPX_h1uL5tKVBhAPPcLWAWLjgkxqxAto4Z9e00cfc0CF3KTriJnhWL6dj5VKj0CiWZmO1_FptqV68x0w-n_GenH160_0DPTy0v5ACAAA*&click_url=https%3A%2F%2Fgoogle-bidout-jp-d.openx.net%2Fw%2F1.0%2Frc%3Fts%3D2DAABBgABAAECAAIBAAsAAgAAAZ0cGApEWks1dWVyOHplHBbD0a3K6Kv--TcWr5mx4ZGjz5yuAQAcFrvX3afyvfDB0QEW48S8g8em7sTMAQAW-qqTvwwVBgAsHBUCABwVAgAcFQIAABwmroipgwQVBBUEJqyIqYMEFvKHqYMEJQIVAqYgFiAWIBYUFhQWFBYUFigAHBwsFoCxiqS77IOtKhbrsrXZ5-KA56UBAAAW9vahgAQWrL-6gAQWxqnZhgQWxKnZhgQVGBwU9AMU2AQAFQQmKBYoFigRNQ4mKAAsLBbH1oWh5fyh76sBFtXLpbvljM7NwwEAFvqqk78MBij29qGABBasv7qABBbEqdmGBBbGqdmGBBgKNDExODI1OTI0NRas_AIWKCUEFggYBjQ2MTAwMxUClozz9AURERgHY2NpLXNlYQx6FPgDFNoEABYCGANydGIA3BsCiB5NTF9GRUVfT1BUSU1JWkVSX0lOU1RBTkNFX1RZUEUJZ29vZ2xlX29iGE1MX0ZFRV9PUFRJTUlaRVJfQVBQTElFRAR0cnVlAKw4CnVvYi5jb20uc2cAAAA%26r%3D&uoo=0&tm_os_group=windows&tm_device_group=unknown
Requested by: Host: 980f4f4d67287649793d18d60622bf76.safeframe.googlesyndication.com
URL: https://980f4f4d67287649793d18d60622bf76.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.130.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: adobe /
Resource Hash: 10fb9113c1829bedb5df310a91cf3ccc9f275ef13392b1bd8dd197b7f624e5b6

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://980f4f4d67287649793d18d60622bf76.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

x-cache-hits: 0
date: Sun, 19 Feb 2023 18:30:21 GMT
content-encoding: gzip
via: 1.1 varnish
x-pt: P=1975 0=0
x-cache: MISS
x-region: Asia
x-served-by: cache-bkk2310023-BKK
server: adobe
x-timer: S1676831421.495998,VS0,VE32
x-failover: none
vary: Accept-Encoding, User-Agent
access-control-allow-origin: *
access-control-allow-credentials: true
accept-ranges: bytes
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 e.png
rtb-lb-event-adcloud-prod-ap-southeast-1-tm.everesttech.net/rtb/ Frame 40E8 85 B
236 B 108ms
6ms Image
image/png 122.248.197.40
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb-lb-event-adcloud-prod-ap-southeast-1-tm.everesttech.net/rtb/e.png?e=win&aid=aa10bc0c-d5ef-4a5c-9e32-63ccd44b4d15.1&cp=2537431&slot=1&x_price=AAABhmrw8qPKKpuUMV9Yp9EW745ZSqkd7tJ3fg&ets=1676831421019&tz=Asia%2FSingapore&source=openx&fc=3&fci=1&country=SG&region=UNKNOWN&mc=48&ap=0&ut=0&vis=UNKNOWN&site=naoDlBlH0O8G6nt8hTUu&bp=20000&curr=SGD&exr=1.33728&fid=Kxj2ilefT2dP544VKFNQ&c=4118259245&ccurr=USD&cuxr=1.0&a=461003&ca=718694&st=DISPLAY%7CDISPLAY_AUTOPLAY&sh=250&sw=300&rid=-1&mp=143&psk=naoDlBlH0O8G6nt8hTUu&cfc=0&cfci=0&dur=-1&cityid=-1&metroid=-1&countryid=198&postalid=-1&duration=180&v=1&auth=9_wUoYl8c78pGQ1YdSd_R7dDj0Y&x_r=4R4PCQ
Requested by: Host: 980f4f4d67287649793d18d60622bf76.safeframe.googlesyndication.com
URL: https://980f4f4d67287649793d18d60622bf76.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 122.248.197.40 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-122-248-197-40.ap-southeast-1.compute.amazonaws.com
Software: adobe /
Resource Hash: acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://980f4f4d67287649793d18d60622bf76.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 19 Feb 2023 18:30:21 GMT
x-pt: P=152 0=0
server: adobe
content-type: image/png
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2

200

i Show response
ipds.adrta.com/ Frame 40E8
Redirect Chain

https://adrta.com/i?clid=opx&paid=sc&avid=537148859&caid=537350102&publisherId=540353017&plid=543894115&siteId=540353046&kv1=300x250&kv2=https%3A%2F%2Fwww.sanook.com%2Fhoroscope%2F73929&kv4=&kv5=16...
https://ipds.adrta.com/i?__x=GEHFIJKFGKHCJHEBHAIGMLKILILNMLMMLKHJM@FNNKOKGJGGHMEBQGKLLLHFMKFFEHJPNHCGLLKPJFKJHFKECHIMJIMHJJKNJNKFFEPH@HNMLMHIKGIHLF@ECG@G&clid=opx&paid=sc&avid=537148859&caid=537350...

43 B
182 B

283ms
207ms

Script
image/gif

35.160.42.230
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ipds.adrta.com/i?__x=GEHFIJKFGKHCJHEBHAIGMLKILILNMLMMLKHJM@FNNKOKGJGGHMEBQGKLLLHFMKFFEHJPNHCGLLKPJFKJHFKECHIMJIMHJJKNJNKFFEPH@HNMLMHIKGIHLF@ECG@G&clid=opx&paid=sc&avid=537148859&caid=537350102&publisherId=540353017&plid=543894115&siteId=540353046&kv1=300x250&kv2=https%3A%2F%2Fwww.sanook.com%2Fhoroscope%2F73929&kv4=&kv5=1676831421&kv11=aa10bc0c-d5ef-4a5c-9e32-63ccd44b4d15&lineItemId=543894114&kv15=sg&kv55=1.0,1!google.com,pub-6167238712729032,1,,,!openx.com,540353017,1,aa10bc0c-d5ef-4a5c-9e32-63ccd44b4d15,,&kv10=&kv25=&kv26=Windows&kv28=desktop&kv62=&kv63=&kv9=&kv13=&kv3=&kv27=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F110.0.5481.100+Safari%2F537.36&kv7=41369f8c-6fd8-4c86-b8bb-fad81774416e&kv14=&kv16=1.28795&kv17=103.85178&kv12=540353047&kv18=&kv19=&kv23=&kv24=Desktop_Display&cb=558018
Requested by: Host: 980f4f4d67287649793d18d60622bf76.safeframe.googlesyndication.com
URL: https://980f4f4d67287649793d18d60622bf76.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Server: 35.160.42.230 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-160-42-230.us-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash: d346801abbf9bb4e9e9a055239053d4ab5596514304f601a6c70604187acb744

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://980f4f4d67287649793d18d60622bf76.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Sun, 19 Feb 2023 18:30:22 GMT
cache-control: no-cache
server: nginx
content-length: 43
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location: https://ipds.adrta.com/i?__x=GEHFIJKFGKHCJHEBHAIGMLKILILNMLMMLKHJM@FNNKOKGJGGHMEBQGKLLLHFMKFFEHJPNHCGLLKPJFKJHFKECHIMJIMHJJKNJNKFFEPH@HNMLMHIKGIHLF@ECG@G&clid=opx&paid=sc&avid=537148859&caid=537350102&publisherId=540353017&plid=543894115&siteId=540353046&kv1=300x250&kv2=https%3A%2F%2Fwww.sanook.com%2Fhoroscope%2F73929&kv4=&kv5=1676831421&kv11=aa10bc0c-d5ef-4a5c-9e32-63ccd44b4d15&lineItemId=543894114&kv15=sg&kv55=1.0,1!google.com,pub-6167238712729032,1,,,!openx.com,540353017,1,aa10bc0c-d5ef-4a5c-9e32-63ccd44b4d15,,&kv10=&kv25=&kv26=Windows&kv28=desktop&kv62=&kv63=&kv9=&kv13=&kv3=&kv27=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F110.0.5481.100+Safari%2F537.36&kv7=41369f8c-6fd8-4c86-b8bb-fad81774416e&kv14=&kv16=1.28795&kv17=103.85178&kv12=540353047&kv18=&kv19=&kv23=&kv24=Desktop_Display&cb=558018
date: Sun, 19 Feb 2023 18:30:22 GMT
server: nginx
content-length: 0

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230215/r20110914/client/ Frame 40E8 3 KB
1 KB 10ms
6ms Script
text/javascript 2404:6800:4003:c01::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230215/r20110914/client/window_focus_fy2021.js

Requested by

Host: 980f4f4d67287649793d18d60622bf76.safeframe.googlesyndication.com
URL: https://980f4f4d67287649793d18d60622bf76.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c01::84 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://980f4f4d67287649793d18d60622bf76.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sun, 19 Feb 2023 10:31:59 GMT
content-encoding: br
x-content-type-options: nosniff
age: 28702
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 05 Mar 2023 10:31:59 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230215/r20110914/client/ Frame 40E8 20 KB
8 KB 8ms
4ms Script
text/javascript 2404:6800:4003:c01::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230215/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 980f4f4d67287649793d18d60622bf76.safeframe.googlesyndication.com
URL: https://980f4f4d67287649793d18d60622bf76.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c01::84 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5e713a207017a40f54387d0e25bbb3cbbe1b3d10338cdd4a7342cc1486b19140

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://980f4f4d67287649793d18d60622bf76.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sun, 19 Feb 2023 08:31:57 GMT
content-encoding: br
x-content-type-options: nosniff
age: 35904
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8274
x-xss-protection: 0
server: cafe
etag: 9471482037410804447
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 05 Mar 2023 08:31:57 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 40E8 0
0 227ms
224ms Image
text/html 2404:6800:4003:c11::63
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaS2aXFj8KbW3HZ5c7sq3vTw8tpFRUdnIV7p1XX7l8SD9QMQFEOFrV6J7lQU3y2v4XCnU-CIEa3untmd36YiQkWVODsslw
Requested by: Host: 980f4f4d67287649793d18d60622bf76.safeframe.googlesyndication.com
URL: https://980f4f4d67287649793d18d60622bf76.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2404:6800:4003:c11::63 , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://980f4f4d67287649793d18d60622bf76.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

GET
H2 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 40E8 24 KB
7 KB 8ms
5ms Script
text/javascript 2404:6800:4003:c01::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js

Requested by

Host: 980f4f4d67287649793d18d60622bf76.safeframe.googlesyndication.com
URL: https://980f4f4d67287649793d18d60622bf76.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c01::84 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://980f4f4d67287649793d18d60622bf76.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sun, 19 Feb 2023 03:47:05 GMT
content-encoding: br
x-content-type-options: nosniff
age: 52996
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6402
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Mon, 19 Feb 2024 03:47:05 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 40E8 156 KB
48 KB 6ms
4ms Script
text/javascript 2404:6800:4003:c03::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 980f4f4d67287649793d18d60622bf76.safeframe.googlesyndication.com
URL: https://980f4f4d67287649793d18d60622bf76.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::9a , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a85af52452417453ae5ced98aa54a149925de2155e823234dce588c331d11aa0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://980f4f4d67287649793d18d60622bf76.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sun, 19 Feb 2023 18:30:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48814
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1676465787912926"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 19 Feb 2023 18:30:21 GMT

GET
H2 200 imp
statsf-tm.everesttech.net/stats/1/ Frame 40E8 85 B
161 B 289ms
286ms Image
image/png 151.101.130.49
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://statsf-tm.everesttech.net/stats/1/imp?sessId=aa10bc0c-d5ef-4a5c-9e32-63ccd44b4d15.1&cpKey=ffrGpMNo1Yg58HHCJ0wl&mpKey=Kxj2ilefT2dP544VKFNQ&adKey=UxLyjyYnV5nvCPPmqrnW&psId=naoDlBlH0O8G6nt8hTUu&burl=https%3A%2F%2F980f4f4d67287649793d18d60622bf76.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&w=300&h=250&bi=B09NsxsXe0W_W5qLpiV796RiuWS-L-IeUzJndEcZAS501dop2yn7E0i52PVJzJi0JB0cfX-TJ-JHerzJK_s7di8J9RV5yJmtzd4Qe8m1o7xq8vELc-H__I0f3oI3wRee5AT9xMz1InD0JW8WnSLi5EJurlQ9iQoXdkE9W9qAZbLFuwyB3odmc5TMEHttw24jqULi6ox07UVn5AZWy6VBP9azhU4DO3iac2uRGL46IPznVDA1HJzl-iYtMX8sqHDO8_R&price=AAABhmrw8qPKKpuUMV9Yp9EW745ZSqkd7tJ3fg&PG=F&seller_id=540353017&campaignKey=IENiE8a15IVV4eRPc9ZR&bidderZone=ethos10-prod-sgp3&bidderGroup=rtb-bidder-first&env=site&conn=unknown&s=H4sIAAAAAAAAAAGwAE__e2eJQttcfxvbZTh59Nta7BZT71_9PDrvBYKd2fSHLXyE16sAQExK4Jxjr5d7GlhAHkCdyGOtK1ioCrWxesll_CdKRrgi0ZNDN-Pgp3vSDtPcMU5BkI0FA0AgkOl5CvzwQhTTb1t14kpQMkpSdFuJN3jc1QahDFyoil2jQjZj3CAdgtKGBy6papE9-AepVXLtsfW-PXPMbfLddMnucdY-BWkkv3GoNQTf947R955g05C7hAaRsAAAAA&date=1676831421020&auth=ee6a536d070fdc58acd297138aff73c6&vinst=t&rurl=https%3A%2F%2Fwww.sanook.com%2F&wd=1
Requested by: Host: 980f4f4d67287649793d18d60622bf76.safeframe.googlesyndication.com
URL: https://980f4f4d67287649793d18d60622bf76.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.130.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Jetty(9.4.35.v20201120) /
Resource Hash: acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://980f4f4d67287649793d18d60622bf76.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

x-cache-hits: 0
date: Sun, 19 Feb 2023 18:30:21 GMT
via: 1.1 varnish
x-pt: P=349
x-cache: MISS
p3p: CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
x-region: Asia
content-length: 85
x-served-by: cache-bkk2310023-BKK
pragma: no-cache
server: Jetty(9.4.35.v20201120)
content-type: image/png
access-control-allow-origin: *
cache-control: no-cache
accept-ranges: bytes
expires: Sun, 19 Feb 2023 18:30:21 UTC

GET
H2

200

/
sync-t1.taboola.com/sg/telaria-rtb-network/1/rtb-h/ Frame 7FEE
Redirect Chain

https://taboola-supply-partners.tremorhub.com/sync?UISTB=%3CtaboolaUserId%3E&gdpr=0&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Ftelaria-rtb-network%2F1%2Frtb-h%2F%3Fgdpr%3D0%26us...
https://sync-t1.taboola.com/sg/telaria-rtb-network/1/rtb-h/?gdpr=0&us_privacy=1---&taboola_hm=2efddef489dd4be7a359f437e0483f8a&orig=video

0
229 B

5ms
4ms

Image
text/plain

141.226.229.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync-t1.taboola.com/sg/telaria-rtb-network/1/rtb-h/?gdpr=0&us_privacy=1---&taboola_hm=2efddef489dd4be7a359f437e0483f8a&orig=video
Requested by: Host: sg-match.taboola.com
URL: https://sg-match.taboola.com/sync?dast=V7yg4CFgMtJZNQBpbcQwQtJZNQBpbcQwUAAAAGBuIHJGEbjDbL0W4t2mxca9HEN3MrnJvNWmaxLCaTjW-2WKyMQBK2wWizHO3Wos3GtRZNfDO3wrnZrGUWy2Iy2fhmi8XKCh_GcpkMaoGEZfb7DgrK6ekxuwyiouttsTucZs8bTtB0Onyue73u97trHna_32vX-N1-od_y93z8hpdft1lOlns5AAAAADz8____QwAAAABEAAAAAEgAAAAAUARU_FsIXAAAAABg_P___2sAAHMkzNPucxj-lpc_AAAAAEAAAAAASAAIOtZKACywqk7-_________2MG6DNvZP7___9vGHoAHnwAHoQAAAAehlbJ10QW8P6CiAo6ihgBAAAAnPlnSh9N6oTKour__7_fCuAKACDAUA3-PSpLd1DiLQwAAEBgbIEeFr_f7LBr_G6X_f________-b_Z_9o_2MXiukCT3Pzqj9AgIArP0CAgCwqRsAwFsAXNARtGIwWN1ArlazAwAAALj7____1wMRw2qxmyx3q9HGNDNsnMvZzLew2BbLzWplGDmW28OsxEkRcPtQ7AsRltnvOygop6fH7DKIiq63xe5wmj0H8UHDsJwMovlN2GK0mkw2y-FsuZgMhqPhaLS_gVgMBjgRg-VyMllMdqvRarQZ7kazwQIFYjBBihYNJqvRaLKYDFejyWq2XOx2G6Ro1Wo22gyGq9lkttuthoPhcjTCCVuMVpPJZjmcLReTwXA0HI2GCFOmjc0zM6zcEpNvtxZNViu3xGYYrmUOw2hmWe2WM8vKLXp9TA-XxWbYbLwoGDCyF8nTIp3IXKOFb-VxDFem4XLhmKwWM4vDuDAthruNYbKYWcQSzckincgu-4phtdhNlrvVaGOaGTbO5WzmW1hsi-VmtTKMHMt9y7SxeWaGlVti8u3Woslq5ZbYDMO1zGEYzSyr3XJmWblFr4_p4bLYDJuNvzHbzYabxWgy2Ddmu9lwsxhNBvsOneG7-pyNnsvB3HGpL99z5nZzGBQug8X7PVik0WlnZ_S5DBeLamzaOSZWod_v9_v9fr_f7_duzAaPwWD4Wc7Hvtiv_RZOnu_GezAqYongIp1oHna_32sRS5Smi3SiF_otf8_Hb3j5dZvlZDkRSwSni3QiehlPF_UfH2KwmUtWo7litZlLFoNVAgAAAAAAAABYwpR5EwAAAIDTQGbL2W61zoMYzUajwWq5AA9wAbo_vGaYs682tbsOxL7bG3lxCMWNHxvMw-73e60MACGYzbz5M0Gs1WpZAwAACGADAAAEcOvmLQCLif____-PAwAAkJGjBwAAEN8HMvLCjVov_OAfaNVg!&excid=22&docw=0&cijs=1&nlb=false
Protocol: H2
Server: 141.226.229.48 , Singapore, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://sg-match.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sun, 19 Feb 2023 18:30:22 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 3084

Redirect headers

location: https://sync-t1.taboola.com/sg/telaria-rtb-network/1/rtb-h/?gdpr=0&us_privacy=1---&taboola_hm=2efddef489dd4be7a359f437e0483f8a&orig=video
date: Sun, 19 Feb 2023 18:30:22 GMT
server: Apache-Coyote/1.1
content-length: 0
p3p: CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'

GET
H2

200

/
trc.taboola.com/sg/thetradedesk-network/1/rtb-h/ Frame 7FEE
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?gdpr=0&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=f91d4e2a-9548-4c26-a952-3061050615ad

0
93 B

5ms
4ms

Image
text/plain

151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=f91d4e2a-9548-4c26-a952-3061050615ad
Requested by: Host: sg-match.taboola.com
URL: https://sg-match.taboola.com/sync?dast=V7yg4CFgMtJZNQBpbcQwQtJZNQBpbcQwUAAAAGBuIHJGEbjDbL0W4t2mxca9HEN3MrnJvNWmaxLCaTjW-2WKyMQBK2wWizHO3Wos3GtRZNfDO3wrnZrGUWy2Iy2fhmi8XKCh_GcpkMaoGEZfb7DgrK6ekxuwyiouttsTucZs8bTtB0Onyue73u97trHna_32vX-N1-od_y93z8hpdft1lOlns5AAAAADz8____QwAAAABEAAAAAEgAAAAAUARU_FsIXAAAAABg_P___2sAAHMkzNPucxj-lpc_AAAAAEAAAAAASAAIOtZKACywqk7-_________2MG6DNvZP7___9vGHoAHnwAHoQAAAAehlbJ10QW8P6CiAo6ihgBAAAAnPlnSh9N6oTKour__7_fCuAKACDAUA3-PSpLd1DiLQwAAEBgbIEeFr_f7LBr_G6X_f________-b_Z_9o_2MXiukCT3Pzqj9AgIArP0CAgCwqRsAwFsAXNARtGIwWN1ArlazAwAAALj7____1wMRw2qxmyx3q9HGNDNsnMvZzLew2BbLzWplGDmW28OsxEkRcPtQ7AsRltnvOygop6fH7DKIiq63xe5wmj0H8UHDsJwMovlN2GK0mkw2y-FsuZgMhqPhaLS_gVgMBjgRg-VyMllMdqvRarQZ7kazwQIFYjBBihYNJqvRaLKYDFejyWq2XOx2G6Ro1Wo22gyGq9lkttuthoPhcjTCCVuMVpPJZjmcLReTwXA0HI2GCFOmjc0zM6zcEpNvtxZNViu3xGYYrmUOw2hmWe2WM8vKLXp9TA-XxWbYbLwoGDCyF8nTIp3IXKOFb-VxDFem4XLhmKwWM4vDuDAthruNYbKYWcQSzckincgu-4phtdhNlrvVaGOaGTbO5WzmW1hsi-VmtTKMHMt9y7SxeWaGlVti8u3Woslq5ZbYDMO1zGEYzSyr3XJmWblFr4_p4bLYDJuNvzHbzYabxWgy2Ddmu9lwsxhNBvsOneG7-pyNnsvB3HGpL99z5nZzGBQug8X7PVik0WlnZ_S5DBeLamzaOSZWod_v9_v9fr_f7_duzAaPwWD4Wc7Hvtiv_RZOnu_GezAqYongIp1oHna_32sRS5Smi3SiF_otf8_Hb3j5dZvlZDkRSwSni3QiehlPF_UfH2KwmUtWo7litZlLFoNVAgAAAAAAAABYwpR5EwAAAIDTQGbL2W61zoMYzUajwWq5AA9wAbo_vGaYs682tbsOxL7bG3lxCMWNHxvMw-73e60MACGYzbz5M0Gs1WpZAwAACGADAAAEcOvmLQCLif____-PAwAAkJGjBwAAEN8HMvLCjVov_OAfaNVg!&excid=22&docw=0&cijs=1&nlb=false
Protocol: H2
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://sg-match.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

x-vcl-time-ms: 2
date: Sun, 19 Feb 2023 18:30:21 GMT
via: 1.1 varnish
x-cache-hits: 0
server: nginx
x-timer: S1676831422.560728,VS0,VE2
x-cache: MISS
accept-ranges: bytes
content-length: 0
x-served-by: cache-qpg1249-QPG

Redirect headers

pragma: no-cache
date: Sun, 19 Feb 2023 18:30:21 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=f91d4e2a-9548-4c26-a952-3061050615ad
content-type: text/html
cache-control: private,no-cache, must-revalidate
content-length: 239

GET
H2

200

rtb-h
sync-t1.taboola.com/sg/bidswitch-network/1/ Frame 7FEE
Redirect Chain

https://x.bidswitch.net/sync?gdpr=0&us_privacy=1---&ssp=taboola
https://x.bidswitch.net/ul_cb/sync?gdpr=0&us_privacy=1---&ssp=taboola
https://inv-nets.admixer.net/adxcm.aspx?ssp=D41B0D84-4DB7-4D9C-81CC-3A497DB5D0A6&gdpr=0&consent=&rurl=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D354%26user_id%3D%24%24visitor_cookie%24%24%26ssp%3Dtabo...
https://x.bidswitch.net/sync?dsp_id=354&user_id=9543b93a204846a298066eac39268a26&ssp=taboola&bsw_param=91f5f182-b782-4407-985c-6593dbbf178e&gdpr=0&consent=&gdpr_pd=&expires=7
https://sync-t1.taboola.com/sg/bidswitch-network/1/rtb-h?taboola_hm=91f5f182-b782-4407-985c-6593dbbf178e

0
229 B

16ms
4ms

Image
text/plain

141.226.229.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync-t1.taboola.com/sg/bidswitch-network/1/rtb-h?taboola_hm=91f5f182-b782-4407-985c-6593dbbf178e
Requested by: Host: sg-match.taboola.com
URL: https://sg-match.taboola.com/sync?dast=V7yg4CFgMtJZNQBpbcQwQtJZNQBpbcQwUAAAAGBuIHJGEbjDbL0W4t2mxca9HEN3MrnJvNWmaxLCaTjW-2WKyMQBK2wWizHO3Wos3GtRZNfDO3wrnZrGUWy2Iy2fhmi8XKCh_GcpkMaoGEZfb7DgrK6ekxuwyiouttsTucZs8bTtB0Onyue73u97trHna_32vX-N1-od_y93z8hpdft1lOlns5AAAAADz8____QwAAAABEAAAAAEgAAAAAUARU_FsIXAAAAABg_P___2sAAHMkzNPucxj-lpc_AAAAAEAAAAAASAAIOtZKACywqk7-_________2MG6DNvZP7___9vGHoAHnwAHoQAAAAehlbJ10QW8P6CiAo6ihgBAAAAnPlnSh9N6oTKour__7_fCuAKACDAUA3-PSpLd1DiLQwAAEBgbIEeFr_f7LBr_G6X_f________-b_Z_9o_2MXiukCT3Pzqj9AgIArP0CAgCwqRsAwFsAXNARtGIwWN1ArlazAwAAALj7____1wMRw2qxmyx3q9HGNDNsnMvZzLew2BbLzWplGDmW28OsxEkRcPtQ7AsRltnvOygop6fH7DKIiq63xe5wmj0H8UHDsJwMovlN2GK0mkw2y-FsuZgMhqPhaLS_gVgMBjgRg-VyMllMdqvRarQZ7kazwQIFYjBBihYNJqvRaLKYDFejyWq2XOx2G6Ro1Wo22gyGq9lkttuthoPhcjTCCVuMVpPJZjmcLReTwXA0HI2GCFOmjc0zM6zcEpNvtxZNViu3xGYYrmUOw2hmWe2WM8vKLXp9TA-XxWbYbLwoGDCyF8nTIp3IXKOFb-VxDFem4XLhmKwWM4vDuDAthruNYbKYWcQSzckincgu-4phtdhNlrvVaGOaGTbO5WzmW1hsi-VmtTKMHMt9y7SxeWaGlVti8u3Woslq5ZbYDMO1zGEYzSyr3XJmWblFr4_p4bLYDJuNvzHbzYabxWgy2Ddmu9lwsxhNBvsOneG7-pyNnsvB3HGpL99z5nZzGBQug8X7PVik0WlnZ_S5DBeLamzaOSZWod_v9_v9fr_f7_duzAaPwWD4Wc7Hvtiv_RZOnu_GezAqYongIp1oHna_32sRS5Smi3SiF_otf8_Hb3j5dZvlZDkRSwSni3QiehlPF_UfH2KwmUtWo7litZlLFoNVAgAAAAAAAABYwpR5EwAAAIDTQGbL2W61zoMYzUajwWq5AA9wAbo_vGaYs682tbsOxL7bG3lxCMWNHxvMw-73e60MACGYzbz5M0Gs1WpZAwAACGADAAAEcOvmLQCLif____-PAwAAkJGjBwAAEN8HMvLCjVov_OAfaNVg!&excid=22&docw=0&cijs=1&nlb=false
Protocol: H2
Server: 141.226.229.48 , Singapore, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://sg-match.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sun, 19 Feb 2023 18:30:22 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 3128

Redirect headers

Location: //sync-t1.taboola.com/sg/bidswitch-network/1/rtb-h?taboola_hm=91f5f182-b782-4407-985c-6593dbbf178e
Date: Sun, 19 Feb 2023 18:30:22 GMT
Cache-Control: no-cache, no-store, must-revalidate
Server: nginx
Connection: keep-alive
Content-Length: 0

GET
H2 200 integrator.js Show response
adservice.google.com.sg/adsid/ Frame B6EF 107 B
165 B 8ms
5ms Script
application/javascript 2404:6800:4003:c11::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com.sg/adsid/integrator.js?domain=www.sanook.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023021401.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c11::9c , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sun, 19 Feb 2023 18:30:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ Frame B6EF 107 B
165 B 10ms
6ms Script
application/javascript 2404:6800:4003:c04::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.sanook.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023021401.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c04::9d , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sun, 19 Feb 2023 18:30:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame B6EF 1020 KB
94 KB 78ms
78ms XHR
text/plain 2404:6800:4003:c06::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=971978167921208&correlator=2765932076244229&eid=31072020%2C31072520%2C44761478%2C31068367&output=ldjh&gdfp_req=1&vrg=2023021401&ptt=17&impl=fif&us_privacy=1---&iu_parts=21927187246%2C55034_Sanook_1x1&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=1&adks=178697795&sfv=1-0-40&sc=1&cookie=ID%3Dc2e0d5f2d7a4b4ce%3AT%3D1676831420%3AS%3DALNI_MaOWetUvtCK1BdIIekhyMzp_ZtsnA&gpic=UID%3D00000bc64d7b8629%3AT%3D1676831420%3ART%3D1676831420%3AS%3DALNI_Mbq60WvHP_6QowoJUHNzr3lNtEtbA&abxe=1&dt=1676831421507&lmt=1676831421&dlt=1676831421057&idt=251&adxs=-12245933&adys=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=t0oeubfk1bz7&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&nhd=1&url=https%3A%2F%2Fwww.sanook.com%2Fhoroscope%2F73929%2F&ref=https%3A%2F%2Fwww.sanook.com%2Fhoroscope%2F73929%2F&top=https%3A%2F%2Fwww.sanook.com%2Fhoroscope%2F73929%2F&frm=23&vis=1&psz=0x0&msz=0x0&fws=256&ohw=0&ea=0&ga_vid=435404951.1676831420&ga_sid=1676831422&ga_hid=1824241935&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023021401.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c06::9a , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c930e982e1df867181400882fafaaacfa88923b1bb20349936216ba9294f2140

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sun, 19 Feb 2023 18:30:21 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 96508
x-xss-protection: 0
google-lineitem-id: 5849485604
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138373690262
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.sanook.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame B6EF 15 KB
11 KB 19ms
9ms XHR
application/json 2404:6800:4003:c03::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2023021401&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023021401.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c03::9c , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7b692e56ac3161e2b290577aedba1f422f24b0e04fbddff61dd17beeb0dac694

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sun, 19 Feb 2023 18:30:21 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11267
x-xss-protection: 0

GET
H2 200 container.html Show response
088c9d8089bfb08149a26301c057cbad.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 3686 6 KB
3 KB 12ms
4ms Document
text/html 2404:6800:4003:c11::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://088c9d8089bfb08149a26301c057cbad.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023021401.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c11::84 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.sanook.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 19 Feb 2023 18:30:21 GMT
expires: Mon, 19 Feb 2024 18:30:21 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 200
OK / Show response
graph.sanook.com/ 4 KB
2 KB 230ms
229ms Fetch
application/json 61.91.93.41
TRUEINTERNET-AS-A...

General

Check archive.org

Show headers Download Go to

Full URL

https://graph.sanook.com/?operationName=getDiscussion&variables=%7B%22app%22%3A%22horoscope%22%2C%22entryId%22%3A%2273929%22%2C%22orderBy%22%3A%22DESC%22%2C%22limit%22%3A3%2C%22first%22%3A20%2C%22status%22%3A%5B%22online%22%2C%22approve%22%2C%22pending%22%5D%7D&extensions=%7B%22persistedQuery%22%3A%7B%22version%22%3A1%2C%22sha256Hash%22%3A%22a59061cdbb7378531ac02ef6b766b1fa659bd748%22%7D%7D

Requested by

Host: s.isanook.com
URL: https://s.isanook.com/sr/0/_next/static/chunks/pages/_app-0dcb0f848029a84e4847.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

61.91.93.41 Nonthaburi, Thailand, ASN7470 (TRUEINTERNET-AS-AP TRUE INTERNET Co.,Ltd., TH),

Reverse DNS

61-91-93-41.static.asianet.co.th

Software

nginx /

Resource Hash

f8a17c9ad722dde77941555c441240f2a6ede72dd6a1ee1c4e5ad17d2a34564f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains;

Request headers

accept: */*
Referer: https://www.sanook.com/
accept-language: zh-SG,zh;q=0.9
XPURGE: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
content-type: application/json

Response headers

Date: Sun, 19 Feb 2023 18:30:21 GMT
Content-Encoding: gzip
Strict-Transport-Security: max-age=15724800; includeSubDomains;
Server: nginx
Transfer-Encoding: chunked
X-Cache: BYPASS
Content-Type: application/json
Access-Control-Allow-Origin: https://www.sanook.com
Access-Control-Allow-Methods: GET, POST, OPTIONS, HEAD
Vary: Accept-Encoding, Origin
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range,XPURGE,XNAME,Authorization

OPTIONS
H/1.1 204
No Content /
graph.sanook.com/ Frame 0
0 225ms
33ms Preflight 61.91.93.41
TRUEINTERNET-AS-A...

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

61.91.93.41 Nonthaburi, Thailand, ASN7470 (TRUEINTERNET-AS-AP TRUE INTERNET Co.,Ltd., TH),

Reverse DNS

61-91-93-41.static.asianet.co.th

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains;

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,xpurge
Access-Control-Request-Method: GET
Origin: https://www.sanook.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range,XPURGE,XNAME,Authorization
Access-Control-Allow-Methods: GET, POST, OPTIONS, HEAD
Access-Control-Allow-Origin: https://www.sanook.com
Access-Control-Max-Age: 300
Connection: keep-alive
Date: Sun, 19 Feb 2023 18:30:21 GMT
Server: nginx
Strict-Transport-Security: max-age=15724800; includeSubDomains;
Vary: Origin
X-Cache: BYPASS

GET
H2

200

usync.html Show response
eus.rubiconproject.com/ Frame F003
Redirect Chain

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?gdpr=0&p=15414&us_privacy=1---&endpoint=
https://eus.rubiconproject.com/usync.html?gdpr=0&p=15414&us_privacy=1---&endpoint=

281 B
410 B

9ms
4ms

Document
text/html

184.31.5.52
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?gdpr=0&p=15414&us_privacy=1---&endpoint=
Requested by: Host: imprsgmp.taboola.com
URL: https://imprsgmp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V7yg4CFgMtJZNQBpbcQwQtJZNQBpbcQwUAAAAGBuIHJGEbjDbL0W4t2mxca9HEN3MrnJvNWmaxLCaTjW-2WKyMQBK2wWizHO3Wos3GtRZNfDO3wrnZrGUWy2Iy2fhmi8XKCh_GcpkMaoGEZfb7DgrK6ekxuwyiouttsTucZs8bTtB0Onyue73u97trHna_32vX-N1-od_y93z8hpdft1lOlns5AAAAADz8____QwAAAABEAAAAAEgAAAAAUARU_FsIXAAAAABg_P___2sAAHMkzNPucxj-lpc_AAAAAEAAAAAASAAIOtZKACywqk7-_________2MG6DNvZP7___9vGHoAHnwAHoQAAAAehlbJ10QW8P6CiAo6ihgBAAAAnPlnSh9N6oTKour__7_fCuAKACDAUA3-PSpLd1DiLQwAAEBgbIEeFr_f7LBr_G6X_f________-b_Z_9o_2MXiukCT3Pzqj9AgIArP0CAgCwqRsAwFsAXNARtGIwWN1ArlazAwAAALj7____1wMRw2qxmyx3q9HGNDNsnMvZzLew2BbLzWplGDmW28OsxEkRcPtQ7AsRltnvOygop6fH7DKIiq63xe5wmj0H8UHDsJwMovlN2GK0mkw2y-FsuZgMhqPhaLS_gVgMBjgRg-VyMllMdqvRarQZ7kazwQIFYjBBihYNJqvRaLKYDFejyWq2XOx2G6Ro1Wo22gyGq9lkttuthoPhcjTCCVuMVpPJZjmcLReTwXA0HI2GCFOmjc0zM6zcEpNvtxZNViu3xGYYrmUOw2hmWe2WM8vKLXp9TA-XxWbYbLwoGDCyF8nTIp3IXKOFb-VxDFem4XLhmKwWM4vDuDAthruNYbKYWcQSzckincgu-4phtdhNlrvVaGOaGTbO5WzmW1hsi-VmtTKMHMt9y7SxeWaGlVti8u3Woslq5ZbYDMO1zGEYzSyr3XJmWblFr4_p4bLYDJuNvzHbzYabxWgy2Ddmu9lwsxhNBvsOneG7-pyNnsvB3HGpL99z5nZzGBQug8X7PVik0WlnZ_S5DBeLamzaOSZWod_v9_v9fr_f7_duzAaPwWD4Wc7Hvtiv_RZOnu_GezAqYongIp1oHna_32sRS5Smi3SiF_otf8_Hb3j5dZvlZDkRSwSni3QiehlPF_UfH2KwmUtWo7litZlLFoNVAgAAAAAAAABYwpR5EwAAAIDTQGbL2W61zoMYzUajwWq5AA9wAbo_vGaYs682tbsOxL7bG3lxCMWNHxvMw-73e60MACGYzbz5M0Gs1WpZAwAACGADAAAEcOvmLQCLif____-PAwAAkJGjBwAAEN8HMvLCjVov_OAfaNVg!&cmcv=&pix=undefined&cb=1676831421391&uv=3255&tms=1676831421391&abt=ufm&ft=0&unm=WIDGET_ITEM&aure=false&agl=1&cirid=a6043947-43c5-4b7f-a933-fb2122c7611e&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.31.5.52 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-31-5-52.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://imprsgmp.taboola.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

accept-ranges: bytes
content-encoding: gzip
content-length: 233
content-type: text/html; charset=UTF-8
date: Sun, 19 Feb 2023 18:30:21 GMT
etag: "403b9-119-5ec73a0a33d00"
last-modified: Wed, 02 Nov 2022 02:30:44 GMT
server: Apache/2.2.15 (CentOS)
vary: Accept-Encoding

Redirect headers

access-control-allow-credentials: true
access-control-allow-origin: *
content-length: 0
date: Sun, 19 Feb 2023 18:30:21 GMT
location: https://eus.rubiconproject.com/usync.html?gdpr=0&p=15414&us_privacy=1---&endpoint=
server: AkamaiGHost

GET
H3 200 integrator.js Show response
adservice.google.com.sg/adsid/ 107 B
122 B 6ms
6ms Script
application/javascript 2404:6800:4003:c03::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com.sg/adsid/integrator.js?domain=www.sanook.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023021501.js?cb=31072498

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::9a , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sun, 19 Feb 2023 18:30:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 7ms
6ms Script
application/javascript 2404:6800:4003:c04::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.sanook.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023021501.js?cb=31072498

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c04::9d , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sun, 19 Feb 2023 18:30:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 26 KB
12 KB 406ms
404ms XHR
text/plain 2404:6800:4003:c06::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1470658175133945&correlator=1943543183690701&eid=31072498%2C31072544&output=ldjh&gdfp_req=1&vrg=2023021501&ptt=17&impl=fif&us_privacy=1---&iu_parts=4899711%2Choroscope.sanook%2Cdesktop%2Creading%2Creadpage%2Ctower&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4%2F5&prev_iu_szs=300x250%7C300x600%7C160x600%7C120x600%7C240x400&ifi=5&adks=1635323504&didk=1425532729&sfv=1-0-40&prev_scp=category%3Dreading%2Chidden-content-date%2Chighlight-horoscope-super%2Cs-horoscope%26subcategory%3D12zodiac%26tags%3D%25E0%25B8%2584%25E0%25B8%25A7%25E0%25B8%25B2%25E0%25B8%25A1%25E0%25B8%25AB%25E0%25B8%25A1%25E0%25B8%25B2%25E0%25B8%25A2%25E0%25B8%2582%25E0%25B8%25AD%25E0%25B8%2587%25E0%25B8%2594%25E0%25B8%25AD%25E0%25B8%2581%25E0%25B9%2584%25E0%25B8%25A1%25E0%25B9%2589%2C%25E0%25B8%2594%25E0%25B8%25AD%25E0%25B8%2581%25E0%25B9%2584%25E0%25B8%25A1%25E0%25B9%2589%25E0%25B8%259B%25E0%25B8%25A3%25E0%25B8%25B0%25E0%25B8%2588%25E0%25B8%25B3%25E0%25B8%25A3%25E0%25B8%25B2%25E0%25B8%25A8%25E0%25B8%25B5%2C12%2520%25E0%25B8%25A3%25E0%25B8%25B2%25E0%25B8%25A8%25E0%25B8%25B5%2C%25E0%25B8%2594%25E0%25B8%25AD%25E0%25B8%2581%25E0%25B9%2584%25E0%25B8%25A1%25E0%25B9%2589%2C%25E0%25B8%25AA%25E0%25B8%25B1%25E0%25B8%258D%25E0%25B8%25A5%25E0%25B8%25B1%25E0%25B8%2581%25E0%25B8%25A9%25E0%25B8%2593%25E0%25B9%258C%25E0%25B8%259B%25E0%25B8%25A3%25E0%25B8%25B0%25E0%25B8%2588%25E0%25B8%25B3%25E0%25B8%25A3%25E0%25B8%25B2%25E0%25B8%25A8%25E0%25B8%25B5%2C%25E0%25B8%2594%25E0%25B8%25AD%25E0%25B8%2581%25E0%25B9%2584%25E0%25B8%25A1%25E0%25B9%2589%25E0%25B8%259B%25E0%25B8%25A3%25E0%25B8%25B0%25E0%25B8%2588%25E0%25B8%25B3%25E0%25B8%25A7%25E0%25B8%25B1%25E0%25B8%2599%25E0%25B9%2580%25E0%25B8%2581%25E0%25B8%25B4%25E0%25B8%2594%2C%25E0%25B8%2584%25E0%25B8%25A7%25E0%25B8%25B2%25E0%25B8%25A1%25E0%25B9%2580%25E0%25B8%258A%25E0%25B8%25B7%25E0%25B9%2588%25E0%25B8%25AD%2C12%25E0%25B8%25A3%25E0%25B8%25B2%25E0%25B8%25A8%25E0%25B8%25B5%26partner%3Ds-horoscope%26entry_id%3D73929%26pwtverid%3D63%26pwtprofid%3D781%26pwtpubid%3D155976%26pwtbst%3D1%26pwtplt%3Ddisplay%26pwtsz%3D160x600%26pwtecp%3D0.01%26pwtsid%3D657822f508d860c%26pwtpid%3Dpubmatic&eri=1&sc=1&cookie=ID%3Dc2e0d5f2d7a4b4ce%3AT%3D1676831420%3AS%3DALNI_MaOWetUvtCK1BdIIekhyMzp_ZtsnA&gpic=UID%3D00000bc64d7b8629%3AT%3D1676831420%3ART%3D1676831420%3AS%3DALNI_Mbq60WvHP_6QowoJUHNzr3lNtEtbA&abxe=1&dt=1676831421586&lmt=1676831421&dlt=1676831418468&idt=1955&adxs=1065&adys=2659&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=3&ucis=5&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.sanook.com%2Fhoroscope%2F73929%2F&frm=20&vis=1&psz=300x0&msz=300x0&fws=0&ohw=0&psts=AD37Y7sGfIseVwdIlZZxBekrRjyy_hkrX4_ecFelSkAI_tCMIntXNivvmE48V-QNN16rrs53wAjiUEVNgW_yCcMsu1-Z_pE942ymbTlyi49dfwvpJQ%2CAD37Y7tU0olguxS9FvADLGEe2bhr12SDBROwYqLN6QVa-z9JjFKAp3q3s6HsZAguWZV6XGPnbXU8H0XB8HktRkiaDMpdF0q0Gw5_YttB2TOm3DjZKQ%2CAD37Y7u4fK0KaTYX1s7nUXYIHgAIUClri9csqAcvbx9VBj-NSRNtQC8Ybq-jzGAg_q7XufJr2qLQ1YEMut3Sx_d7jG6yLT8pYlHR1CyAtZEDZVYk41pxNigH9es&ga_vid=435404951.1676831420&ga_sid=1676831421&ga_hid=1861498327&ga_fc=true

Requested by

Host: www.sanook.com
URL: https://www.sanook.com/horoscope/73929/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c06::9a , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a3343a334df6894a041aa15b28b84f4ec6cb819b1bdefc4df0e196438d3bc7d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sun, 19 Feb 2023 18:30:21 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12056
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.sanook.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 21 KB
10 KB 246ms
246ms XHR
text/plain 2404:6800:4003:c06::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1470658175133945&correlator=1941241122849059&eid=31072498%2C31072544&output=ldjh&gdfp_req=1&vrg=2023021501&ptt=17&impl=fif&us_privacy=1---&iu_parts=4899711%2Choroscope.sanook%2Cdesktop%2Creading%2Creadpage%2Cleaderboard&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4%2F5&prev_iu_szs=728x90%7C468x60&ifi=6&adks=801534324&didk=3402878632&sfv=1-0-40&prev_scp=category%3Dreading%2Chidden-content-date%2Chighlight-horoscope-super%2Cs-horoscope%26subcategory%3D12zodiac%26tags%3D%25E0%25B8%2584%25E0%25B8%25A7%25E0%25B8%25B2%25E0%25B8%25A1%25E0%25B8%25AB%25E0%25B8%25A1%25E0%25B8%25B2%25E0%25B8%25A2%25E0%25B8%2582%25E0%25B8%25AD%25E0%25B8%2587%25E0%25B8%2594%25E0%25B8%25AD%25E0%25B8%2581%25E0%25B9%2584%25E0%25B8%25A1%25E0%25B9%2589%2C%25E0%25B8%2594%25E0%25B8%25AD%25E0%25B8%2581%25E0%25B9%2584%25E0%25B8%25A1%25E0%25B9%2589%25E0%25B8%259B%25E0%25B8%25A3%25E0%25B8%25B0%25E0%25B8%2588%25E0%25B8%25B3%25E0%25B8%25A3%25E0%25B8%25B2%25E0%25B8%25A8%25E0%25B8%25B5%2C12%2520%25E0%25B8%25A3%25E0%25B8%25B2%25E0%25B8%25A8%25E0%25B8%25B5%2C%25E0%25B8%2594%25E0%25B8%25AD%25E0%25B8%2581%25E0%25B9%2584%25E0%25B8%25A1%25E0%25B9%2589%2C%25E0%25B8%25AA%25E0%25B8%25B1%25E0%25B8%258D%25E0%25B8%25A5%25E0%25B8%25B1%25E0%25B8%2581%25E0%25B8%25A9%25E0%25B8%2593%25E0%25B9%258C%25E0%25B8%259B%25E0%25B8%25A3%25E0%25B8%25B0%25E0%25B8%2588%25E0%25B8%25B3%25E0%25B8%25A3%25E0%25B8%25B2%25E0%25B8%25A8%25E0%25B8%25B5%2C%25E0%25B8%2594%25E0%25B8%25AD%25E0%25B8%2581%25E0%25B9%2584%25E0%25B8%25A1%25E0%25B9%2589%25E0%25B8%259B%25E0%25B8%25A3%25E0%25B8%25B0%25E0%25B8%2588%25E0%25B8%25B3%25E0%25B8%25A7%25E0%25B8%25B1%25E0%25B8%2599%25E0%25B9%2580%25E0%25B8%2581%25E0%25B8%25B4%25E0%25B8%2594%2C%25E0%25B8%2584%25E0%25B8%25A7%25E0%25B8%25B2%25E0%25B8%25A1%25E0%25B9%2580%25E0%25B8%258A%25E0%25B8%25B7%25E0%25B9%2588%25E0%25B8%25AD%2C12%25E0%25B8%25A3%25E0%25B8%25B2%25E0%25B8%25A8%25E0%25B8%25B5%26partner%3Ds-horoscope%26entry_id%3D73929&eri=1&sc=1&cookie=ID%3Dc2e0d5f2d7a4b4ce%3AT%3D1676831420%3AS%3DALNI_MaOWetUvtCK1BdIIekhyMzp_ZtsnA&gpic=UID%3D00000bc64d7b8629%3AT%3D1676831420%3ART%3D1676831420%3AS%3DALNI_Mbq60WvHP_6QowoJUHNzr3lNtEtbA&abxe=1&dt=1676831421602&lmt=1676831421&dlt=1676831418468&idt=1955&adxs=235&adys=1163&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=6&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.sanook.com%2Fhoroscope%2F73929%2F&frm=20&vis=1&psz=728x0&msz=728x0&fws=0&ohw=0&psts=AD37Y7sGfIseVwdIlZZxBekrRjyy_hkrX4_ecFelSkAI_tCMIntXNivvmE48V-QNN16rrs53wAjiUEVNgW_yCcMsu1-Z_pE942ymbTlyi49dfwvpJQ%2CAD37Y7tU0olguxS9FvADLGEe2bhr12SDBROwYqLN6QVa-z9JjFKAp3q3s6HsZAguWZV6XGPnbXU8H0XB8HktRkiaDMpdF0q0Gw5_YttB2TOm3DjZKQ%2CAD37Y7u4fK0KaTYX1s7nUXYIHgAIUClri9csqAcvbx9VBj-NSRNtQC8Ybq-jzGAg_q7XufJr2qLQ1YEMut3Sx_d7jG6yLT8pYlHR1CyAtZEDZVYk41pxNigH9es&ga_vid=435404951.1676831420&ga_sid=1676831421&ga_hid=1861498327&ga_fc=true

Requested by

Host: www.sanook.com
URL: https://www.sanook.com/horoscope/73929/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c06::9a , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a7bc64bf10ff708e306570a1cb92f8c3eaa4a0458e9a140c9a0f7dd769d3809d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sun, 19 Feb 2023 18:30:21 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10003
x-xss-protection: 0
google-lineitem-id: 6130918536
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138407608043
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.sanook.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 21 KB
10 KB 413ms
412ms XHR
text/plain 2404:6800:4003:c06::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1470658175133945&correlator=1006863144337891&eid=31072498%2C31072544&output=ldjh&gdfp_req=1&vrg=2023021501&ptt=17&impl=fif&us_privacy=1---&iu_parts=4899711%2Choroscope.sanook%2Cdesktop%2Creading%2Creadpage%2Creca&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4%2F5&prev_iu_szs=300x250&ifi=7&adks=1277783336&didk=4218483588&sfv=1-0-40&prev_scp=category%3Dreading%2Chidden-content-date%2Chighlight-horoscope-super%2Cs-horoscope%26subcategory%3D12zodiac%26tags%3D%25E0%25B8%2584%25E0%25B8%25A7%25E0%25B8%25B2%25E0%25B8%25A1%25E0%25B8%25AB%25E0%25B8%25A1%25E0%25B8%25B2%25E0%25B8%25A2%25E0%25B8%2582%25E0%25B8%25AD%25E0%25B8%2587%25E0%25B8%2594%25E0%25B8%25AD%25E0%25B8%2581%25E0%25B9%2584%25E0%25B8%25A1%25E0%25B9%2589%2C%25E0%25B8%2594%25E0%25B8%25AD%25E0%25B8%2581%25E0%25B9%2584%25E0%25B8%25A1%25E0%25B9%2589%25E0%25B8%259B%25E0%25B8%25A3%25E0%25B8%25B0%25E0%25B8%2588%25E0%25B8%25B3%25E0%25B8%25A3%25E0%25B8%25B2%25E0%25B8%25A8%25E0%25B8%25B5%2C12%2520%25E0%25B8%25A3%25E0%25B8%25B2%25E0%25B8%25A8%25E0%25B8%25B5%2C%25E0%25B8%2594%25E0%25B8%25AD%25E0%25B8%2581%25E0%25B9%2584%25E0%25B8%25A1%25E0%25B9%2589%2C%25E0%25B8%25AA%25E0%25B8%25B1%25E0%25B8%258D%25E0%25B8%25A5%25E0%25B8%25B1%25E0%25B8%2581%25E0%25B8%25A9%25E0%25B8%2593%25E0%25B9%258C%25E0%25B8%259B%25E0%25B8%25A3%25E0%25B8%25B0%25E0%25B8%2588%25E0%25B8%25B3%25E0%25B8%25A3%25E0%25B8%25B2%25E0%25B8%25A8%25E0%25B8%25B5%2C%25E0%25B8%2594%25E0%25B8%25AD%25E0%25B8%2581%25E0%25B9%2584%25E0%25B8%25A1%25E0%25B9%2589%25E0%25B8%259B%25E0%25B8%25A3%25E0%25B8%25B0%25E0%25B8%2588%25E0%25B8%25B3%25E0%25B8%25A7%25E0%25B8%25B1%25E0%25B8%2599%25E0%25B9%2580%25E0%25B8%2581%25E0%25B8%25B4%25E0%25B8%2594%2C%25E0%25B8%2584%25E0%25B8%25A7%25E0%25B8%25B2%25E0%25B8%25A1%25E0%25B9%2580%25E0%25B8%258A%25E0%25B8%25B7%25E0%25B9%2588%25E0%25B8%25AD%2C12%25E0%25B8%25A3%25E0%25B8%25B2%25E0%25B8%25A8%25E0%25B8%25B5%26partner%3Ds-horoscope%26entry_id%3D73929&eri=1&sc=1&cookie=ID%3Dc2e0d5f2d7a4b4ce%3AT%3D1676831420%3AS%3DALNI_MaOWetUvtCK1BdIIekhyMzp_ZtsnA&gpic=UID%3D00000bc64d7b8629%3AT%3D1676831420%3ART%3D1676831420%3AS%3DALNI_Mbq60WvHP_6QowoJUHNzr3lNtEtbA&abxe=1&dt=1676831421633&lmt=1676831421&dlt=1676831418468&idt=1955&adxs=1065&adys=649&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=7&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.sanook.com%2Fhoroscope%2F73929%2F&frm=20&vis=1&psz=300x0&msz=300x0&fws=0&ohw=0&psts=AD37Y7sGfIseVwdIlZZxBekrRjyy_hkrX4_ecFelSkAI_tCMIntXNivvmE48V-QNN16rrs53wAjiUEVNgW_yCcMsu1-Z_pE942ymbTlyi49dfwvpJQ%2CAD37Y7tU0olguxS9FvADLGEe2bhr12SDBROwYqLN6QVa-z9JjFKAp3q3s6HsZAguWZV6XGPnbXU8H0XB8HktRkiaDMpdF0q0Gw5_YttB2TOm3DjZKQ%2CAD37Y7u4fK0KaTYX1s7nUXYIHgAIUClri9csqAcvbx9VBj-NSRNtQC8Ybq-jzGAg_q7XufJr2qLQ1YEMut3Sx_d7jG6yLT8pYlHR1CyAtZEDZVYk41pxNigH9es&ga_vid=435404951.1676831420&ga_sid=1676831421&ga_hid=1861498327&ga_fc=true

Requested by

Host: www.sanook.com
URL: https://www.sanook.com/horoscope/73929/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c06::9a , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

30d4e55873fe47cf364cdf7a03c2f92387058ff27ec64db046985867e0ff6bae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sun, 19 Feb 2023 18:30:22 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9931
x-xss-protection: 0
google-lineitem-id: 6132264643
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138408225448
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.sanook.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ Frame FEF7 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 754ce5f8019cf9b80ca86fb03803eb46d228e15255cd4543ee5d8505bf4d7be5

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame 0B3F 52 KB
17 KB 23ms
7ms Document
text/html 104.65.228.195
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.65.228.195 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-65-228-195.deploy.static.akamaitechnologies.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer: https://www.sanook.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

Access-Control-Allow-Origin: *
Cache-Control: max-age=86402
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 17053
Content-Type: text/html
Date: Sun, 19 Feb 2023 18:30:21 GMT
ETag: "623de86a-cf34"
Expires: Mon, 20 Feb 2023 18:30:23 GMT
Last-Modified: Fri, 25 Mar 2022 16:06:02 GMT
Server: nginx/1.18.0 (Ubuntu)
Vary: Accept-Encoding

GET
H2 200 usync.html Show response
eus.rubiconproject.com/ Frame 324E 281 B
410 B 4ms
4ms Document
text/html 184.31.5.52
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.31.5.52 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-31-5-52.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://www.sanook.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

accept-ranges: bytes
content-encoding: gzip
content-length: 233
content-type: text/html; charset=UTF-8
date: Sun, 19 Feb 2023 18:30:21 GMT
etag: "403b9-119-5ec73a0a33d00"
last-modified: Wed, 02 Nov 2022 02:30:44 GMT
server: Apache/2.2.15 (CentOS)
vary: Accept-Encoding

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame 5730 52 KB
17 KB 19ms
6ms Document
text/html 104.65.228.195
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.65.228.195 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-65-228-195.deploy.static.akamaitechnologies.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer: https://www.sanook.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

Access-Control-Allow-Origin: *
Cache-Control: max-age=86402
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 17053
Content-Type: text/html
Date: Sun, 19 Feb 2023 18:30:21 GMT
ETag: "623de86a-cf34"
Expires: Mon, 20 Feb 2023 18:30:23 GMT
Last-Modified: Fri, 25 Mar 2022 16:06:02 GMT
Server: nginx/1.18.0 (Ubuntu)
Vary: Accept-Encoding

GET
H2 200 cmTagWIDGET_ITEM.js Show response
vidstat.taboola.com/vpaid/units/32_5_5/infra/ 739 KB
124 KB 28ms
3ms Script
application/javascript 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vidstat.taboola.com/vpaid/units/32_5_5/infra/cmTagWIDGET_ITEM.js
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/3.9.8/UnitWidgetItemDesktop.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3-br /
Resource Hash: 88e3e3bfcf232e93c3de77cb2f644801a7e812b8b933ae6bdece0a5b031dba7d

Request headers

Referer: https://www.sanook.com/
Origin: https://www.sanook.com
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

x-amz-meta-mtime: 1676528451
date: Sun, 19 Feb 2023 18:30:21 GMT
via: 1.1 varnish
content-encoding: br
x-amz-request-id: GV6YDK4246BYVH40
age: 302820
x-cache: HIT
x-amz-meta-ctime: 1676528452
x-amz-meta-mode: 33188
content-length: 126619
x-amz-id-2: YSwqxcLQj0jAFbqx9guayiKOS7rVk0c7/mI6QjBulO8HfUmkb46DcDQvs7rmSAoE+S59jMastfg=
x-served-by: cache-qpg1267-QPG
last-modified: Thu, 16 Feb 2023 06:20:53 GMT
server: AmazonS3-br
x-timer: S1676831422.689029,VS0,VE0
etag: "4cb47e7c3ee358bc96c1d2eab1c03e29"
x-amz-meta-uid: 0
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
x-amz-meta-gid: 0
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
access-control-allow-headers: *
x-cache-hits: 84885

GET
H2 200 cmOsUnit.css
vidstat.taboola.com/vpaid/units/32_5_5/assets/css/ 59 KB
8 KB 5ms
3ms Stylesheet
text/css 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vidstat.taboola.com/vpaid/units/32_5_5/assets/css/cmOsUnit.css
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/3.9.8/UnitWidgetItemDesktop.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3-br /
Resource Hash: 4e902c64b724e110bbb3a8840f46d79f8569949376c73edf7955dbf388159cc5

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

x-amz-meta-mtime: 1676528501
date: Sun, 19 Feb 2023 18:30:21 GMT
via: 1.1 varnish
content-encoding: br
x-amz-request-id: WAA5AE0BMCH5P0JJ
age: 302821
x-cache: HIT
x-amz-meta-ctime: 1676528502
x-amz-meta-mode: 33188
content-length: 7742
x-amz-id-2: 8VqQeQnmcy1TMT77dK0DGw3SwChKSplgyNUslYeY0lQoRImbCxlL2En4HB8Q9/JaiD7xC5eO7jI=
x-served-by: cache-qpg1249-QPG
last-modified: Thu, 16 Feb 2023 06:21:43 GMT
server: AmazonS3-br
x-timer: S1676831422.664839,VS0,VE0
etag: "910667a2fde737fb00f85f576307d7c1"
x-amz-meta-uid: 0
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
x-amz-meta-gid: 0
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
access-control-allow-headers: *
x-cache-hits: 544171

GET
H2 200 usync.js Show response
eus.rubiconproject.com/ Frame F003 33 KB
10 KB 7ms
3ms Script
text/html 184.31.5.52
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?gdpr=0&p=15414&us_privacy=1---&endpoint=
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.31.5.52 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-31-5-52.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 91ca25df885bd981eeae4ea03d889d85de8a71b58990610cf08e2ebd55b8c37a

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?gdpr=0&p=15414&us_privacy=1---&endpoint=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sun, 19 Feb 2023 18:30:21 GMT
content-encoding: gzip
last-modified: Sun, 19 Feb 2023 08:05:42 GMT
server: Apache/2.2.15 (CentOS)
x-powered-by: PHP/5.3.3
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
cache-control: max-age=48894
content-length: 10006
expires: Mon, 20 Feb 2023 08:05:15 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 0D88 0
0 8ms
8ms Fetch
image/gif 2404:6800:4003:c06::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstoM0kBOc0H0pRLiWnbbQ4pTZ0wIaVDpoHMW3p07UYfTBJe6cdWGJJYs3yGN6ydheMgGLQuRIrPjzUoY7Rp9INrKzcKZNPJSzuWJ5soyKSqmZfXzfrPr6eN5a7IioQUJRGu4X2VHYb-quU8fdYecQ9tU9kuSKJFMdYuTcS0B85dwHYobwTNhYC0z81KU9W9IjxGJ57jSxjkVPk0x40exSgfGob37oCWY5ZsorVNfc7mjeQswYXr5OLt2arci0GJSkrjMN0qZgO1jDbENzGGOHZmqi8lvUJwl9AvFbXijdRBuKjairi_jCUTqn_otWyFxApC_CIl490&sai=AMfl-YRXYHAHe1oPvlu3PMP3e7XQKjdq45IfqJ4kS8tI0gR5-38O7YBsSg8zqGhpfs2zmBeJSnuOKKayX9C6vl71OL2dmkF7gSDFXd6GP5-IgeAhfEd0hv6ieyaZw57yJmI&sig=Cg0ArKJSzCroV4h1GkRwEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: www.sanook.com
URL: https://www.sanook.com/horoscope/73929/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c06::9a , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sun, 19 Feb 2023 18:30:21 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/3.3.1/ Frame 0D88 85 KB
30 KB 9ms
4ms Script
text/javascript 2404:6800:4003:c04::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023021401.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c04::5f , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Fri, 17 Feb 2023 06:41:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 215312
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30399
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 17 Feb 2024 06:41:49 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 0D88 156 KB
48 KB 5ms
5ms Script
text/javascript 2404:6800:4003:c03::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023021401.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::9a , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a85af52452417453ae5ced98aa54a149925de2155e823234dce588c331d11aa0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sun, 19 Feb 2023 18:30:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48814
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1676465787912926"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 19 Feb 2023 18:30:21 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame B6EF 17 KB
6 KB 6ms
6ms Script
text/javascript 2404:6800:4003:c01::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023021401.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c01::84 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sun, 19 Feb 2023 18:30:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 19 Feb 2023 18:30:21 GMT

GET
H2 200 usync.js Show response
eus.rubiconproject.com/ Frame 324E 33 KB
10 KB 4ms
4ms Script
text/html 184.31.5.52
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.31.5.52 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-31-5-52.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 91ca25df885bd981eeae4ea03d889d85de8a71b58990610cf08e2ebd55b8c37a

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://eus.rubiconproject.com/usync.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sun, 19 Feb 2023 18:30:21 GMT
content-encoding: gzip
last-modified: Sun, 19 Feb 2023 08:05:42 GMT
server: Apache/2.2.15 (CentOS)
x-powered-by: PHP/5.3.3
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
cache-control: max-age=48894
content-length: 10006
expires: Mon, 20 Feb 2023 08:05:15 GMT

POST
H2 204 bulk Show response
trc.taboola.com/sanook/log/3/ 0
275 B 16ms
15ms XHR
image/gif 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/sanook/log/3/bulk?route=HK%3ASG%3AV&lti=display-desktop1_var&bulkSize=6
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/horoscope/73929/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.sanook.com/
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-vcl-time-ms: 8
pragma: no-cache
date: Sun, 19 Feb 2023 18:30:21 GMT
via: 1.1 varnish
x-served-by: cache-qpg1249-QPG
server: nginx
x-timer: S1676831422.893822,VS0,VE8
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: https://www.sanook.com
content-type: image/gif
cache-control: no-cache
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 0

GET
H3 200 pd Show response
jp-u.openx.net/w/1.0/ Frame 62CC 943 B
517 B 8ms
7ms Document
text/html 34.98.64.218
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://jp-u.openx.net/w/1.0/pd?plm=10&ph=41369f8c-6fd8-4c86-b8bb-fad81774416e
Requested by: Host: 980f4f4d67287649793d18d60622bf76.safeframe.googlesyndication.com
URL: https://980f4f4d67287649793d18d60622bf76.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 7b9d9b6969f32648bc154740b6ab658af1963f7a1172cb3345c67026d981fb19

Request headers

Referer: https://980f4f4d67287649793d18d60622bf76.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: gzip
content-length: 498
content-type: text/html
date: Sun, 19 Feb 2023 18:30:21 GMT
p3p: CP="CUR ADM OUR NOR STA NID"
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
via: 1.1 google

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame 5730 0
863 B 186ms
186ms Script
text/html 104.254.148.252
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.254.148.252 Los Angeles, United States, ASN29990 (ASN-APPNEX, US),

Reverse DNS

894.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 19 Feb 2023 18:30:22 GMT
AN-X-Request-Uuid: 15b0ddf5-6abf-41e6-bd06-4616d25d627b
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 103.254.153.210; 103.254.153.210; 894.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 5782 0
0 12ms
11ms Fetch
image/gif 2404:6800:4003:c06::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuVhGBPa_YB_ccqJbDEjBwh1M2WwX7HkIAnu8Ylc5Dz_nGYtxolEjN0WXfWeY-b9Adm0VXz1Pchiet-VjWNIyGsI9Wh8_IwijU_nSvVhHroz6AUPAmwhxMRxJr0D26k2Iz8FPqAkfCYPRLOprhk5UVhtyjwI6N1SK3HxBQwpR5V62VuBFTJtl303QJr6hBesmRpfyXEISu1wSNuCd4jqZRFuFsbzg8hasgZlkBJFqH0gXzZQuC4LcAJecHOXugiBxcvaDS-0HwmgiApR2f3WCA2ITDxZ6IIoDMcp55jUN5o6m0SHsUJUlMpA7ac_7sz1Lpk2BlbYNkuCMe0_VtsINqcWfFS8Mu3Bk16OyjPhvCOFOOs6B7-&sai=AMfl-YQzw6UZMDUxBw6ZmSMhgDsrCGhc9cQsJXZ7W_ztmqUzQLJkFcWXE5h3HycrSt8LnSwKqZ1kr4t_J-iEBcYj6SENreCmi42H2eJbJ4CMtsbeiq3fT5LG6v8BrdM9WMw&sig=Cg0ArKJSzFeI4A6kHfsYEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: www.sanook.com
URL: https://www.sanook.com/horoscope/73929/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c06::9a , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sun, 19 Feb 2023 18:30:21 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ Frame 5782 76 KB
26 KB 11ms
9ms Script
text/javascript 2404:6800:4003:c06::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023021501.js?cb=31072498

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c06::9a , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

27bc7c9ca5cd564a5ff5b6099e48c8b40b872003f6ca8cb96384e33cf4d52f57

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sun, 19 Feb 2023 18:30:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 26546
x-xss-protection: 0
server: sffe
etag: "1487 / 113 of 1000 / last-modified: 1676675218"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sun, 19 Feb 2023 18:30:21 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 5782 156 KB
48 KB 8ms
7ms Script
text/javascript 2404:6800:4003:c03::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023021501.js?cb=31072498

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::9a , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a85af52452417453ae5ced98aa54a149925de2155e823234dce588c331d11aa0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sun, 19 Feb 2023 18:30:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48814
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1676465787912926"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 19 Feb 2023 18:30:21 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame 0B3F 0
863 B 234ms
232ms Script
text/html 104.254.148.252
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.254.148.252 Los Angeles, United States, ASN29990 (ASN-APPNEX, US),

Reverse DNS

894.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 19 Feb 2023 18:30:22 GMT
AN-X-Request-Uuid: 4c7db68f-f762-40d6-8b42-ef53598eb99b
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 103.254.153.210; 103.254.153.210; 894.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

/
trc.taboola.com/sg/rubiconvideo-network/1/rtb-h/ Frame F003
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=15414&gdpr=0&us_privacy=1---&gdpr=0&us_privacy=1---&khaos=LEBQ4TFN-V-CH0S
https://trc.taboola.com/sg/rubiconvideo-network/1/rtb-h/?taboola_hm=LEBQ4TFN-V-CH0S&gdpr=0&us_privacy=1---

0
186 B

6ms
5ms

Image
text/plain

151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc.taboola.com/sg/rubiconvideo-network/1/rtb-h/?taboola_hm=LEBQ4TFN-V-CH0S&gdpr=0&us_privacy=1---
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?gdpr=0&p=15414&us_privacy=1---&endpoint=
Protocol: H2
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

x-vcl-time-ms: 2
date: Sun, 19 Feb 2023 18:30:22 GMT
via: 1.1 varnish
x-cache-hits: 0
server: nginx
x-timer: S1676831422.141424,VS0,VE2
x-cache: MISS
accept-ranges: bytes
content-length: 0
x-served-by: cache-qpg1249-QPG

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://trc.taboola.com/sg/rubiconvideo-network/1/rtb-h/?taboola_hm=LEBQ4TFN-V-CH0S&gdpr=0&us_privacy=1---
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: d335433bbbe0efeac67146df47932f6f
Expires: 0

GET
H2 200 displayproxy-20201012.js Show response
playtime.tubemogul.com/ud/prod/ad_plugins/release/ Frame DF77 17 KB
6 KB 438ms
38ms Script
text/javascript 117.18.232.64
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://playtime.tubemogul.com/ud/prod/ad_plugins/release/displayproxy-20201012.js?auction_id=aa10bc0c-d5ef-4a5c-9e32-63ccd44b4d15.1
Requested by: Host: displayf-tm.everesttech.net
URL: https://displayf-tm.everesttech.net/feed/placement.js?id=Kxj2ilefT2dP544VKFNQ&site_id=naoDlBlH0O8G6nt8hTUu&rand=3119561323650651991&tm_auction_id=aa10bc0c-d5ef-4a5c-9e32-63ccd44b4d15.1&didtype=UNK&bi=B09NsxsXe0W_W5qLpiV796RiuWS-L-IeUzJndEcZAS501dop2yn7E0i52PVJzJi0JB0cfX-TJ-JHerzJK_s7di8J9RV5yJmtzd4Qe8m1o7xq8vELc-H__I0f3oI3wRee5AT9xMz1InD0JW8WnSLi5EJurlQ9iQoXdkE9W9qAZbLFuwyB3odmc5TMEHttw24jqULi6ox07UVn5AZWy6VBP9azhU4DO3iac2uRGL46IPznVDA1HJzl-iYtMX8sqHDO8_R&page_url=https%3A%2F%2Fwww.sanook.com%2Fhoroscope%2F73929&seller_id=540353017&tm_user_agent=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F110.0.5481.100+Safari%2F537.36&q=H4sIAAAAAAAAAGWRP0wTUQDGuTuwcjERSU1IB3MwGIre9b3evfYKA5a2tFjanr1SwO3-vCuPXu8ddwctsjG6mDASjc4aE-PI4uigO4txcTBxEEOMJkyCuPmNX_L7Dd83yn_9udef3Ht286SZKiZ-DfMz0a6PpQ6lHRcbPgkli_ZSJrFtHEh5W8fBDg6aeGsbh9H4--GJ0y8jU_HqYDNNXOy00raGFKVdXaw_mD4-OWTScccJyn6tTuF6B6mVSuE-6Lvq64-fX11fiK8Mlnc3d9e9NvJ2CprW2wq81QMmqtFHxHWNFJKAML1KPJv2Q6HeEiCQwJxwXmSUOWGQUZJC3vddvIrNKolSSM5KckaYrlZateW7gku6WChjq0uTQmEjoD2cghcCCSkqlCAAgm44RkD-cYeMYFlZpOQMJKezyMhC7GCcw4qtYscxTQisI-a2YUBgWsASbYQdUTGQJeawnBYzsmXZimIqNkQS_MbAq9-PE-Nxz6BFd8GtgIZazniRutFa2U7woeFR2r2YVWByQ3_zY_6UGUUKkJEMYPaMiS-V6qSkGhAttdsKbmpW7mFzn72Bow0aQiD6AbXFsOPLB-xYEJni5T2iQ4IweskOhyTCb9nYttf1aN87ZZP8_-T4lUto6posAVGv5zW90midsTF-BA98N9rnSvwI9bE3GHvxlElwerk4xa3oxeS7Ox_Edvh7fpYjPX_h1uL5tKVBhAPPcLWAWLjgkxqxAto4Z9e00cfc0CF3KTriJnhWL6dj5VKj0CiWZmO1_FptqV68x0w-n_GenH160_0DPTy0v5ACAAA*&click_url=https%3A%2F%2Fgoogle-bidout-jp-d.openx.net%2Fw%2F1.0%2Frc%3Fts%3D2DAABBgABAAECAAIBAAsAAgAAAZ0cGApEWks1dWVyOHplHBbD0a3K6Kv--TcWr5mx4ZGjz5yuAQAcFrvX3afyvfDB0QEW48S8g8em7sTMAQAW-qqTvwwVBgAsHBUCABwVAgAcFQIAABwmroipgwQVBBUEJqyIqYMEFvKHqYMEJQIVAqYgFiAWIBYUFhQWFBYUFigAHBwsFoCxiqS77IOtKhbrsrXZ5-KA56UBAAAW9vahgAQWrL-6gAQWxqnZhgQWxKnZhgQVGBwU9AMU2AQAFQQmKBYoFigRNQ4mKAAsLBbH1oWh5fyh76sBFtXLpbvljM7NwwEAFvqqk78MBij29qGABBasv7qABBbEqdmGBBbGqdmGBBgKNDExODI1OTI0NRas_AIWKCUEFggYBjQ2MTAwMxUClozz9AURERgHY2NpLXNlYQx6FPgDFNoEABYCGANydGIA3BsCiB5NTF9GRUVfT1BUSU1JWkVSX0lOU1RBTkNFX1RZUEUJZ29vZ2xlX29iGE1MX0ZFRV9PUFRJTUlaRVJfQVBQTElFRAR0cnVlAKw4CnVvYi5jb20uc2cAAAA%26r%3D&uoo=0&tm_os_group=windows&tm_device_group=unknown
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 117.18.232.64 , Australia, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (hkc/BD51) /
Resource Hash: 848c2b11a39d6af4a9cb08e516faaa87f05227446e5af4e2a1b7634e929806d4

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sun, 19 Feb 2023 18:30:22 GMT
content-encoding: gzip
last-modified: Mon, 12 Oct 2020 21:43:55 GMT
server: ECAcc (hkc/BD51)
age: 69251
etag: "261452876"
vary: Accept-Encoding
x-cache: HIT
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400
accept-ranges: bytes
content-length: 5891
expires: Mon, 20 Feb 2023 18:30:22 GMT

GET
H3

200

sd
us-u.openx.net/w/1.0/ Frame 62CC
Redirect Chain

https://i.w55c.net/ping_match.gif?ei=OPENX&rurl=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072979%26val%3D_wfivefivec_
https://us-u.openx.net/w/1.0/sd?id=537072979&val=BkkwXAyr1PtOs55

43 B
61 B

9ms
6ms

Image
image/gif

34.98.64.218
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072979&val=BkkwXAyr1PtOs55
Requested by: Host: jp-u.openx.net
URL: https://jp-u.openx.net/w/1.0/pd?plm=10&ph=41369f8c-6fd8-4c86-b8bb-fad81774416e
Protocol: H3
Server: 34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://jp-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 19 Feb 2023 18:30:22 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sun, 19 Feb 2023 18:30:21 GMT
Strict-Transport-Security: max-age=2592000; includeSubDomains
Server: PingMatch/d601d38#rel-ec2-master i-03b21858210cde1c8@ap-southeast-1a@dxedge-app-ap-southeast-1-prod-asg
Location: https://us-u.openx.net/w/1.0/sd?id=537072979&val=BkkwXAyr1PtOs55
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

sd
us-u.openx.net/w/1.0/ Frame 62CC
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D
https://us-u.openx.net/w/1.0/sd?id=537148856&val=Y-JqvQAGoQzDdQBh

43 B
61 B

10ms
7ms

Image
image/gif

34.98.64.218
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537148856&val=Y-JqvQAGoQzDdQBh
Requested by: Host: jp-u.openx.net
URL: https://jp-u.openx.net/w/1.0/pd?plm=10&ph=41369f8c-6fd8-4c86-b8bb-fad81774416e
Protocol: H3
Server: 34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://jp-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 19 Feb 2023 18:30:22 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

x-served-by: cache-bkk2310023-BKK
pragma: no-cache
date: Sun, 19 Feb 2023 18:30:22 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1676831422.030150,VS0,VE0
x-cache: HIT
location: https://us-u.openx.net/w/1.0/sd?id=537148856&val=Y-JqvQAGoQzDdQBh
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H2 204 openx
tr.blismedia.com/v1/api/sync/ Frame 62CC 0
173 B 23ms
6ms Image
text/plain 34.96.105.8
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tr.blismedia.com/v1/api/sync/openx
Requested by: Host: jp-u.openx.net
URL: https://jp-u.openx.net/w/1.0/pd?plm=10&ph=41369f8c-6fd8-4c86-b8bb-fad81774416e
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.105.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 8.105.96.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://jp-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sun, 19 Feb 2023 18:30:22 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H3

200

sd
jp-u.openx.net/w/1.0/ Frame 62CC
Redirect Chain

https://bk.r-ad.ne.jp/3/cs
https://jp-u.openx.net/w/1.0/sd?id=537097918&val=531IUM00aBDAY008jXiz

43 B
61 B

8ms
8ms

Image
image/gif

34.98.64.218
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://jp-u.openx.net/w/1.0/sd?id=537097918&val=531IUM00aBDAY008jXiz
Requested by: Host: jp-u.openx.net
URL: https://jp-u.openx.net/w/1.0/pd?plm=10&ph=41369f8c-6fd8-4c86-b8bb-fad81774416e
Protocol: H3
Server: 34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://jp-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 19 Feb 2023 18:30:22 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-store, no-cache
Date: Sun, 19 Feb 2023 18:30:22 GMT
Server: nginx
P3P: CP="NON DSP COR CURa ADMa DEVa CUSo TAIa PSDo OUR BUS UNI COM NAV STA"
location: //jp-u.openx.net/w/1.0/sd?id=537097918&val=531IUM00aBDAY008jXiz
cache-control: private, no-store, no-cache, must-revalidate, max-age=0
Connection: keep-alive
Content-Length: 0
X-SID: 159f32b0

GET
H/1.1 200
OK pxd
dps.jp.cinarra.com/ Frame 62CC 95 B
220 B 419ms
82ms Image
image/png 13.115.197.76
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dps.jp.cinarra.com/pxd?PLATFORM_ID=1&USER_ID=df076a92-a78d-c100-67d5-0e0672cdad7d
Requested by: Host: jp-u.openx.net
URL: https://jp-u.openx.net/w/1.0/pd?plm=10&ph=41369f8c-6fd8-4c86-b8bb-fad81774416e
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.115.197.76 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-115-197-76.ap-northeast-1.compute.amazonaws.com
Software: /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://jp-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date: Sun, 19 Feb 2023 18:30:22 GMT
Connection: keep-alive
Content-Length: 95
Content-Type: image/png

GET
H2 200 2d7291d6-29f4-a905-5c0a-aaa71e06dfca
pr-bh.ybp.yahoo.com/sync/openx/ Frame 62CC 43 B
601 B 18ms
8ms Image
image/gif 2406:da18:929:5a00:7360:21f2:1e24:ce6
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pr-bh.ybp.yahoo.com/sync/openx/2d7291d6-29f4-a905-5c0a-aaa71e06dfca?gdpr=0

Requested by

Host: jp-u.openx.net
URL: https://jp-u.openx.net/w/1.0/pd?plm=10&ph=41369f8c-6fd8-4c86-b8bb-fad81774416e

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2406:da18:929:5a00:7360:21f2:1e24:ce6 , Singapore, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

ATS /

Resource Hash

48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Security Headers

Name	Value
Content-Security-Policy	sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://jp-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sun, 19 Feb 2023 18:30:22 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: image/gif
content-length: 43

GET openx
cs.nex8.net/cs/ Frame 62CC 0
0

GET
H2

200

dds
rtb.openx.net/sync/ Frame 62CC
Redirect Chain

https://rtb.openx.net/sync/dds
https://cm.g.doubleclick.net/pixel?google_nid=open&google_hm=ZuN9rhDegmKLqfDlMkgoOQ==&ox_sc=1&ox_init=1
https://rtb.openx.net/sync/dds?ox_sc=1&ox_init=1

43 B
146 B

7ms
7ms

Image
image/gif

35.227.252.103
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.openx.net/sync/dds?ox_sc=1&ox_init=1
Requested by: Host: jp-u.openx.net
URL: https://jp-u.openx.net/w/1.0/pd?plm=10&ph=41369f8c-6fd8-4c86-b8bb-fad81774416e
Protocol: H2
Server: 35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 103.252.227.35.bc.googleusercontent.com
Software: Cowboy /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://jp-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 19 Feb 2023 18:30:22 GMT
via: 1.1 google
server: Cowboy
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: null
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-request-id: resq96kc4abpm43tugemrg00jo054kgl

Redirect headers

pragma: no-cache
date: Sun, 19 Feb 2023 18:30:22 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://rtb.openx.net/sync/dds?ox_sc=1&ox_init=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 249
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK send
sync-dsp.ad-m.asia/dsp/api/sync/ Frame 62CC 43 B
243 B 559ms
186ms Image
image/gif 220.150.223.50
BEKKOAME BEKKOAME...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync-dsp.ad-m.asia/dsp/api/sync/send?s=openx
Requested by: Host: jp-u.openx.net
URL: https://jp-u.openx.net/w/1.0/pd?plm=10&ph=41369f8c-6fd8-4c86-b8bb-fad81774416e
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 220.150.223.50 , Japan, ASN4686 (BEKKOAME BEKKOAME INTERNET INC., JP),
Reverse DNS: 50.223.150.220.in-addr.arpa
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://jp-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 19 Feb 2023 18:30:22 GMT
Server: nginx
Content-Type: image/gif
Cache-Control: no-store,no-cache
Connection: close
Content-Length: 43
expires: -1

GET
H3

200

sd
jp-u.openx.net/w/1.0/ Frame 62CC
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Fjp-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D
https://jp-u.openx.net/w/1.0/sd?id=536872786&val=bfff63f2-6abd-4100-a7ca-a4b3189e2292

43 B
61 B

8ms
8ms

Image
image/gif

34.98.64.218
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://jp-u.openx.net/w/1.0/sd?id=536872786&val=bfff63f2-6abd-4100-a7ca-a4b3189e2292
Requested by: Host: jp-u.openx.net
URL: https://jp-u.openx.net/w/1.0/pd?plm=10&ph=41369f8c-6fd8-4c86-b8bb-fad81774416e
Protocol: H3
Server: 34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://jp-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 19 Feb 2023 18:30:22 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Date: Sun, 19 Feb 2023 18:30:22 GMT
Server: MT3 475 4bd2ccd master hkg-pixel-x6 config:1.0.0
Content-Type: image/gif
Access-Control-Allow-Origin: *
location: https://jp-u.openx.net/w/1.0/sd?id=536872786&val=bfff63f2-6abd-4100-a7ca-a4b3189e2292
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache
Connection: keep-alive
Keep-Alive: timeout=360
Content-Length: 0
Expires: Sun, 19 Feb 2023 18:30:21 GMT

GET
H2 200 OvaMediaPlayer.js Show response
vidstat.taboola.com/vpaid/vPlayer/player/v15.0.4/ 439 KB
84 KB 4ms
4ms Script
application/javascript 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v15.0.4/OvaMediaPlayer.js
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/32_5_5/infra/cmTagWIDGET_ITEM.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3-br /
Resource Hash: 8401217f2ac37f85a2c5980f84dfe1ce2476a5ce0f3f8b83ae89aeb01d86603e

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

x-amz-meta-mtime: 1676714769
date: Sun, 19 Feb 2023 18:30:22 GMT
via: 1.1 varnish
content-encoding: br
x-amz-request-id: 73Z54TECFS62Y16C
age: 116607
x-cache: HIT
x-amz-meta-ctime: 1676714781
x-amz-meta-mode: 33188
content-length: 85345
x-amz-id-2: RWXkA2Z9h6NbJsRjyLct9VewnHEU5I0oFoPuuHe95DSMZrsmiTm/MnEYqc3mv7vZ9tlMshazkDE=
x-served-by: cache-qpg1249-QPG
last-modified: Sat, 18 Feb 2023 10:06:22 GMT
server: AmazonS3-br
x-timer: S1676831422.115634,VS0,VE0
etag: "e705beca3d2c3ef7c6bf2ffbac87db94"
x-amz-meta-uid: 0
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
x-amz-meta-gid: 0
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
access-control-allow-headers: *
x-cache-hits: 80873

GET
H2 200 sync Show response
sg-match.taboola.com/ Frame 7287 692 B
777 B 6ms
5ms Document
text/html 141.226.229.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://sg-match.taboola.com/sync?dast=V7yg4CFgMtJZNQBpbcQwQtJZNQBpbcQwUAAAAGBuIHJGEbjDbL0W4t2mxca9HEN3MrnJvNWmaxLCaTjW-2WKyMQBK2wWizHO3Wos3GtRZNfDO3wrnZrGUWy2Iy2fhmi8XKCh_GcpkMaoGEZfb7DgrK6ekxuwyiouttsTucZs8bTtB0Onyue73u97trHna_32vX-N1-od_y93z8hpdft1lOlns5AAAAADz8____QwAAAABEAAAAAEgAAAAAUARU_FsIXAAAAABg_P___2sAAHMkzNPucxj-lpc_AAAAAEAAAAAASAAIOtZKACywqk7-_________2MG6DNvZP7___9vGHoAHnwAHoQAAAAehlbJ10QW8P6CiAo6ihgBAAAAnPlnSh9N6oTKour__7_fCuAKACDAUA3-PSpLd1DiLQwAAEBgbIEeFr_f7LBr_G6X_f________-b_Z_9o_2MXiukCT3Pzqj9AgIArP0CAgCwqRsAwFsAXNARtGIwWN1ArlazAwAAALj7____1wMRw2qxmyx3q9HGNDNsnMvZzLew2BbLzWplGDmW28OsxEkRcPtQ7AsRltnvOygop6fH7DKIiq63xe5wmj0H8UHDsJwMovlN2GK0mkw2y-FsuZgMhqPhaLS_gVgMBjgRg-VyMllMdqvRarQZ7kazwQIFYjBBihYNJqvRaLKYDFejyWq2XOx2G6Ro1Wo22gyGq9lkttuthoPhcjTCCVuMVpPJZjmcLReTwXA0HI2GCFOmjc0zM6zcEpNvtxZNViu3xGYYrmUOw2hmWe2WM8vKLXp9TA-XxWbYbLwoGDCyF8nTIp3IXKOFb-VxDFem4XLhmKwWM4vDuDAthruNYbKYWcQSzckincgu-4phtdhNlrvVaGOaGTbO5WzmW1hsi-VmtTKMHMt9y7SxeWaGlVti8u3Woslq5ZbYDMO1zGEYzSyr3XJmWblFr4_p4bLYDJuNvzHbzYabxWgy2Ddmu9lwsxhNBvsOneG7-pyNnsvB3HGpL99z5nZzGBQug8X7PVik0WlnZ_S5DBeLamzaOSZWod_v9_v9fr_f7_duzAaPwWD4Wc7Hvtiv_RZOnu_GezAqYongIp1oHna_32sRS5Smi3SiF_otf8_Hb3j5dZvlZDkRSwSni3QiehlPF_UfH2KwmUtWo7litZlLFoNVAgAAAAAAAABYwpR5EwAAAIDTQGbL2W61zoMYzUajwWq5AA9wAbo_vGaYs682tbsOxL7bG3lxCMWNHxvMw-73e60MACGYzbz5M0Gs1WpZAwAACGADAAAEcOvmLQCLif____-PAwAAkJGjBwAAEN8HMvLCjVov_OAfaNVg!&excid=22&docw=0&cijs=1&nlb=false
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/32_5_5/infra/cmTagWIDGET_ITEM.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.229.48 , Singapore, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e204e1f437a4ed189d1d242d5a38f101aa086b88d2fd69b364ce63d5ab000dd1

Request headers

Referer: https://www.sanook.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

content-type: text/html;charset=ISO-8859-1
date: Sun, 19 Feb 2023 18:30:22 GMT
machineid: 3302
server: nginx

GET
H3 200 container.html Show response
980f4f4d67287649793d18d60622bf76.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 73CA 6 KB
3 KB 6ms
5ms Document
text/html 2404:6800:4003:c11::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://980f4f4d67287649793d18d60622bf76.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023021501.js?cb=31072498

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c11::84 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.sanook.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

accept-ranges: bytes
age: 2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 19 Feb 2023 18:30:20 GMT
expires: Mon, 19 Feb 2024 18:30:20 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 9903 13 KB
5 KB 7ms
5ms Document
text/html 2404:6800:4003:c01::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c01::84 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.sanook.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

accept-ranges: bytes
age: 19460
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 19 Feb 2023 13:06:02 GMT
expires: Mon, 19 Feb 2024 13:06:02 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 34C3 783 B
535 B 23ms
17ms Document
text/html 2404:6800:4003:c11::63
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c11::63 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

aba5389a7446e54e1cbef6eee9b589562f26982a445f97ba69a65efa50480aa8

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-vFliWK4iHqF51OLdb1mH-Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.sanook.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 513
content-security-policy: script-src 'report-sample' 'nonce-vFliWK4iHqF51OLdb1mH-Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sun, 19 Feb 2023 18:30:22 GMT
expires: Sun, 19 Feb 2023 18:30:22 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 019F 0
0 15ms
14ms Fetch
image/gif 2404:6800:4003:c06::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuoJKoCb0wDZqe_93Aqzt2Lm16f1VDhyNW_GsaeY1XW82Z6hF4KjTdlgMJzR7tDODE9gC5S7cgSuR_uC3C-i6uF66_Q516NpLbQqrTAq4Mnm4VdKKQhFNEC8A9p5hKSUlhGVJxAZ3Ob0E4Kapk0CfUUTlT4W9pqRfe97AxdVmm0mTZPKtdeVlKQFdcFDAgGcBWe5SOAVGXs4iSiODJsSWb0I_zOW5bVv-kP1TdDoRJrBIgNPvhPubN5VwerBrBXEgEbxtYQfcyFoaahfsCg2wdY3zaoD9ZYN0R5m7PiKVoroWN263da1rW8E0ynN3QgTNs1IbHYrjWgi7BDc5-xTuhdAsAYuMhw790P-_1o600&sai=AMfl-YTPtfNwHOTc6dtFfDvXdi9M_lMIIoAp0fHmBk79rJq6MJkwHuTYgbHUSyaWpXqXcmoVn7UHaYAiNwAhnHK9g3J8u9cXwyhfkrqEsnFtnx-HPm1WZ7g_LzGBMC-Xcr0&sig=Cg0ArKJSzMDgubv-31DJEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: www.sanook.com
URL: https://www.sanook.com/horoscope/73929/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c06::9a , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sun, 19 Feb 2023 18:30:22 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ Frame 019F 76 KB
26 KB 13ms
12ms Script
text/javascript 2404:6800:4003:c06::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023021501.js?cb=31072498

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c06::9a , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7c87f89709d7e67e66fea5de8c363a18c4a0825d5bf7fcb015cf462016295d0a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sun, 19 Feb 2023 18:30:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 26543
x-xss-protection: 0
server: sffe
etag: "1487 / 860 of 1000 / last-modified: 1676675148"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sun, 19 Feb 2023 18:30:22 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 019F 156 KB
48 KB 5ms
4ms Script
text/javascript 2404:6800:4003:c03::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023021501.js?cb=31072498

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::9a , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a85af52452417453ae5ced98aa54a149925de2155e823234dce588c331d11aa0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sun, 19 Feb 2023 18:30:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48814
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1676465787912926"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 19 Feb 2023 18:30:22 GMT

GET
H2 206 blackScreen5.mp4
vidstatb.taboola.com/vid/ 89 KB
89 KB 7ms
5ms Media
video/mp4 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vidstatb.taboola.com/vid/blackScreen5.mp4
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/horoscope/73929/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 0407dafc112212a135d1aa4dd9b40ba0208c6bb6b1959f5535af093254189d66

Request headers

Referer: https://www.sanook.com/
Accept-Encoding: identity;q=1, *;q=0
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Range: bytes=0-

Response headers

x-amz-meta-mtime: 1497790207
date: Sun, 19 Feb 2023 18:30:22 GMT
via: 1.1 3c5649f7d49e8f5b916e18a72b919074.cloudfront.net (CloudFront), 1.1 varnish
x-amz-cf-pop: SIN2-P2
age: 330740
x-cache: Miss from cloudfront, HIT
Content-Range: bytes 0-90783/90784
x-amz-meta-mode: 33188
Content-Length: 90784
x-served-by: cache-qpg1249-QPG
last-modified: Sun, 02 Jul 2017 20:40:57 GMT
server: AmazonS3
x-timer: S1676831422.208308,VS0,VE0
etag: "b2b087fe4ae638c533731c347fcd4df8"
x-amz-meta-uid: 0
access-control-allow-methods: GET, OPTIONS, HEAD
x-amz-meta-gid: 0
content-type: video/mp4
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
access-control-allow-headers: *
x-amz-cf-id: t1LsCurb3RdVy_xOkN36z-5GwDbHGxThSyUuj5DSQ0g43EJkdV9FGw==
x-cache-hits: 214634

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame F003
Redirect Chain

https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&gdpr=0&us_privacy=1---
https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&gdpr=0&us_privacy=1---&dcc=t
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=H3GlBv_nSe6Njy3rn8yZyQ&rk=usync-na&gdpr=0
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=H3GlBv_nSe6Njy3rn8yZyQ&gdpr=0

43 B
479 B

257ms
256ms

Image
image/gif

52.46.143.56
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=H3GlBv_nSe6Njy3rn8yZyQ&gdpr=0

Requested by

Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?gdpr=0&p=15414&us_privacy=1---&endpoint=

Protocol

HTTP/1.1

Server

52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 19 Feb 2023 18:30:23 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: R8ZC7RCVS4F44JH5Z2G5
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location: https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=H3GlBv_nSe6Njy3rn8yZyQ&gdpr=0
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 4b9b5fe4fdc8ed94e0f7cdc225df187a
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1

200
OK

tap.php
pixel.rubiconproject.com/ Frame F003
Redirect Chain

https://token.rubiconproject.com/token?pid=2974&pt=n&a=1&gdpr=0&us_privacy=1---
https://pr-bh.ybp.yahoo.com/sync/rubicon/4yoCO4ppH9D-7W-n2XzAEA?csrc=&gdpr=0&us_privacy=1---
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-D628KMxE2oI5T2CAKXM0yEQOTfvkUffLSEHxuA--~A

42 B
702 B

6ms
5ms

Image
image/gif

69.173.158.64
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-D628KMxE2oI5T2CAKXM0yEQOTfvkUffLSEHxuA--~A
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?gdpr=0&p=15414&us_privacy=1---&endpoint=
Protocol: HTTP/1.1
Server: 69.173.158.64 , Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 42
X-RPHost: beb52df1a5a4b2f2cb3f37642c514298
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

date: Sun, 19 Feb 2023 18:30:22 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-D628KMxE2oI5T2CAKXM0yEQOTfvkUffLSEHxuA--~A
content-length: 0

GET
H/1.1

200
OK

ecm3
aax-eu.amazon-adsystem.com/s/ Frame F003
Redirect Chain

https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&gdpr=0&us_privacy=1---
https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&gdpr=0&us_privacy=1---&dcc=t
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=v6DuDuhIQteW8d40oljZQw&rk=usync-other&gdpr=0
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=v6DuDuhIQteW8d40oljZQw&gdpr=0

43 B
479 B

195ms
194ms

Image
image/gif

54.239.38.253
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=v6DuDuhIQteW8d40oljZQw&gdpr=0

Requested by

Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?gdpr=0&p=15414&us_privacy=1---&endpoint=

Protocol

HTTP/1.1

Server

54.239.38.253 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 19 Feb 2023 18:30:23 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: X8EGFBYF8XBVEVB2XD01
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location: https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=v6DuDuhIQteW8d40oljZQw&gdpr=0
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 94869a3d6d62a785bc2a9351b08a70bb
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1

200
OK

tap.php
pixel.rubiconproject.com/ Frame F003
Redirect Chain

https://match.adsrvr.org/track/cmf/rubicon?gdpr=0&us_privacy=1---
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=f91d4e2a-9548-4c26-a952-3061050615ad&gdpr=0&gdpr_consent=&expires=30

42 B
702 B

4ms
4ms

Image
image/gif

69.173.158.64
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=f91d4e2a-9548-4c26-a952-3061050615ad&gdpr=0&gdpr_consent=&expires=30
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?gdpr=0&p=15414&us_privacy=1---&endpoint=
Protocol: HTTP/1.1
Server: 69.173.158.64 , Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 42
X-RPHost: 4b9b5fe4fdc8ed94e0f7cdc225df187a
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma: no-cache
date: Sun, 19 Feb 2023 18:30:22 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=f91d4e2a-9548-4c26-a952-3061050615ad&gdpr=0&gdpr_consent=&expires=30
content-type: text/html
cache-control: private,no-cache, must-revalidate
content-length: 289

GET
H/1.1

200
OK

tap.php
pixel.rubiconproject.com/ Frame F003
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc&gdpr=0&us_privacy=1---
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&gdpr=0&put=CAESEMS-ACrlHy3-LXG0uAaSK7s&google_cver=1

42 B
702 B

10ms
4ms

Image
image/gif

69.173.158.64
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&gdpr=0&put=CAESEMS-ACrlHy3-LXG0uAaSK7s&google_cver=1
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?gdpr=0&p=15414&us_privacy=1---&endpoint=
Protocol: HTTP/1.1
Server: 69.173.158.64 , Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 42
X-RPHost: 808ed95536e7f55d8adbcb9fc76d309d
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma: no-cache
date: Sun, 19 Feb 2023 18:30:22 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&gdpr=0&put=CAESEMS-ACrlHy3-LXG0uAaSK7s&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 337
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

setuid
px.ads.linkedin.com/ Frame F003
Redirect Chain

https://token.rubiconproject.com/token?pid=36584&gdpr=0&us_privacy=1---
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LEBQ4TFN-V-CH0S&gdpr=0&us_privacy=1---

0
515 B

268ms
249ms

Image
text/plain

2620:1ec:21::14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LEBQ4TFN-V-CH0S&gdpr=0&us_privacy=1---
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?gdpr=0&p=15414&us_privacy=1---&endpoint=
Protocol: H2
Server: 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sun, 19 Feb 2023 18:30:22 GMT
x-li-pop: afd-prod-lva1-x
x-msedge-ref: Ref A: 069DC85D90F740ABB05F276AC77D62AB Ref B: SIN30EDGE0416 Ref C: 2023-02-19T18:30:22Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lva1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAX1Eb1Inc3bbZMEWi9XZw==

Redirect headers

Location: https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LEBQ4TFN-V-CH0S&gdpr=0&us_privacy=1---
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: d335433bbbe0efeac67146df47932f6f
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame F003
Redirect Chain

https://token.rubiconproject.com/token?pid=2249&pt=n&gdpr=0&us_privacy=1---
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NGYzZTc0NDU0N2I0OGFlMDljOGI5OTZiMWE4YTBkMDVhMzY3OTcyZg&gdpr=0&us_privacy=1---

170 B
188 B

9ms
7ms

Image
image/png

74.125.24.156
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NGYzZTc0NDU0N2I0OGFlMDljOGI5OTZiMWE4YTBkMDVhMzY3OTcyZg&gdpr=0&us_privacy=1---

Requested by

Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?gdpr=0&p=15414&us_privacy=1---&endpoint=

Protocol

Server

74.125.24.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sf-in-f156.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 19 Feb 2023 18:30:22 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NGYzZTc0NDU0N2I0OGFlMDljOGI5OTZiMWE4YTBkMDVhMzY3OTcyZg&gdpr=0&us_privacy=1---
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: d264e84c9dc1a645a3048554992c5d82
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame F003
Redirect Chain

https://token.rubiconproject.com/token?pid=25470&gdpr=0&us_privacy=1---
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEVCUTRURk4tVi1DSDBT&gdpr=0&us_privacy=1---

170 B
188 B

11ms
8ms

Image
image/png

74.125.24.156
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEVCUTRURk4tVi1DSDBT&gdpr=0&us_privacy=1---

Requested by

Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?gdpr=0&p=15414&us_privacy=1---&endpoint=

Protocol

Server

74.125.24.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sf-in-f156.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 19 Feb 2023 18:30:22 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEVCUTRURk4tVi1DSDBT&gdpr=0&us_privacy=1---
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: d335433bbbe0efeac67146df47932f6f
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2

200

/
sync-t1.taboola.com/sg/telaria-rtb-network/1/rtb-h/ Frame 7287
Redirect Chain

https://taboola-supply-partners.tremorhub.com/sync?UISTB=%3CtaboolaUserId%3E&gdpr=0&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Ftelaria-rtb-network%2F1%2Frtb-h%2F%3Fgdpr%3D0%26us...
https://sync-t1.taboola.com/sg/telaria-rtb-network/1/rtb-h/?gdpr=0&us_privacy=1---&taboola_hm=5bf7b829b02942ae9d716a9703c85849&orig=video

0
229 B

4ms
3ms

Image
text/plain

141.226.229.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync-t1.taboola.com/sg/telaria-rtb-network/1/rtb-h/?gdpr=0&us_privacy=1---&taboola_hm=5bf7b829b02942ae9d716a9703c85849&orig=video
Requested by: Host: sg-match.taboola.com
URL: https://sg-match.taboola.com/sync?dast=V7yg4CFgMtJZNQBpbcQwQtJZNQBpbcQwUAAAAGBuIHJGEbjDbL0W4t2mxca9HEN3MrnJvNWmaxLCaTjW-2WKyMQBK2wWizHO3Wos3GtRZNfDO3wrnZrGUWy2Iy2fhmi8XKCh_GcpkMaoGEZfb7DgrK6ekxuwyiouttsTucZs8bTtB0Onyue73u97trHna_32vX-N1-od_y93z8hpdft1lOlns5AAAAADz8____QwAAAABEAAAAAEgAAAAAUARU_FsIXAAAAABg_P___2sAAHMkzNPucxj-lpc_AAAAAEAAAAAASAAIOtZKACywqk7-_________2MG6DNvZP7___9vGHoAHnwAHoQAAAAehlbJ10QW8P6CiAo6ihgBAAAAnPlnSh9N6oTKour__7_fCuAKACDAUA3-PSpLd1DiLQwAAEBgbIEeFr_f7LBr_G6X_f________-b_Z_9o_2MXiukCT3Pzqj9AgIArP0CAgCwqRsAwFsAXNARtGIwWN1ArlazAwAAALj7____1wMRw2qxmyx3q9HGNDNsnMvZzLew2BbLzWplGDmW28OsxEkRcPtQ7AsRltnvOygop6fH7DKIiq63xe5wmj0H8UHDsJwMovlN2GK0mkw2y-FsuZgMhqPhaLS_gVgMBjgRg-VyMllMdqvRarQZ7kazwQIFYjBBihYNJqvRaLKYDFejyWq2XOx2G6Ro1Wo22gyGq9lkttuthoPhcjTCCVuMVpPJZjmcLReTwXA0HI2GCFOmjc0zM6zcEpNvtxZNViu3xGYYrmUOw2hmWe2WM8vKLXp9TA-XxWbYbLwoGDCyF8nTIp3IXKOFb-VxDFem4XLhmKwWM4vDuDAthruNYbKYWcQSzckincgu-4phtdhNlrvVaGOaGTbO5WzmW1hsi-VmtTKMHMt9y7SxeWaGlVti8u3Woslq5ZbYDMO1zGEYzSyr3XJmWblFr4_p4bLYDJuNvzHbzYabxWgy2Ddmu9lwsxhNBvsOneG7-pyNnsvB3HGpL99z5nZzGBQug8X7PVik0WlnZ_S5DBeLamzaOSZWod_v9_v9fr_f7_duzAaPwWD4Wc7Hvtiv_RZOnu_GezAqYongIp1oHna_32sRS5Smi3SiF_otf8_Hb3j5dZvlZDkRSwSni3QiehlPF_UfH2KwmUtWo7litZlLFoNVAgAAAAAAAABYwpR5EwAAAIDTQGbL2W61zoMYzUajwWq5AA9wAbo_vGaYs682tbsOxL7bG3lxCMWNHxvMw-73e60MACGYzbz5M0Gs1WpZAwAACGADAAAEcOvmLQCLif____-PAwAAkJGjBwAAEN8HMvLCjVov_OAfaNVg!&excid=22&docw=0&cijs=1&nlb=false
Protocol: H2
Server: 141.226.229.48 , Singapore, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://sg-match.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sun, 19 Feb 2023 18:30:22 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 3136

Redirect headers

location: https://sync-t1.taboola.com/sg/telaria-rtb-network/1/rtb-h/?gdpr=0&us_privacy=1---&taboola_hm=5bf7b829b02942ae9d716a9703c85849&orig=video
date: Sun, 19 Feb 2023 18:30:22 GMT
server: Apache-Coyote/1.1
content-length: 0
p3p: CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'

GET
H2

200

/
sync.taboola.com/sg/yahoosspus-network/1/rtb-h/ Frame 7287
Redirect Chain

https://ups.analytics.yahoo.com/ups/58534/occ
https://sync.taboola.com/sg/yahoosspus-network/1/rtb-h/?taboola_hm=y-wsAbU6hE2uGikW0lm0iMi6pxHdFDOLG7iGB1Lmk-~A

0
229 B

17ms
3ms

Image
text/plain

141.226.229.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.taboola.com/sg/yahoosspus-network/1/rtb-h/?taboola_hm=y-wsAbU6hE2uGikW0lm0iMi6pxHdFDOLG7iGB1Lmk-~A
Requested by: Host: sg-match.taboola.com
URL: https://sg-match.taboola.com/sync?dast=V7yg4CFgMtJZNQBpbcQwQtJZNQBpbcQwUAAAAGBuIHJGEbjDbL0W4t2mxca9HEN3MrnJvNWmaxLCaTjW-2WKyMQBK2wWizHO3Wos3GtRZNfDO3wrnZrGUWy2Iy2fhmi8XKCh_GcpkMaoGEZfb7DgrK6ekxuwyiouttsTucZs8bTtB0Onyue73u97trHna_32vX-N1-od_y93z8hpdft1lOlns5AAAAADz8____QwAAAABEAAAAAEgAAAAAUARU_FsIXAAAAABg_P___2sAAHMkzNPucxj-lpc_AAAAAEAAAAAASAAIOtZKACywqk7-_________2MG6DNvZP7___9vGHoAHnwAHoQAAAAehlbJ10QW8P6CiAo6ihgBAAAAnPlnSh9N6oTKour__7_fCuAKACDAUA3-PSpLd1DiLQwAAEBgbIEeFr_f7LBr_G6X_f________-b_Z_9o_2MXiukCT3Pzqj9AgIArP0CAgCwqRsAwFsAXNARtGIwWN1ArlazAwAAALj7____1wMRw2qxmyx3q9HGNDNsnMvZzLew2BbLzWplGDmW28OsxEkRcPtQ7AsRltnvOygop6fH7DKIiq63xe5wmj0H8UHDsJwMovlN2GK0mkw2y-FsuZgMhqPhaLS_gVgMBjgRg-VyMllMdqvRarQZ7kazwQIFYjBBihYNJqvRaLKYDFejyWq2XOx2G6Ro1Wo22gyGq9lkttuthoPhcjTCCVuMVpPJZjmcLReTwXA0HI2GCFOmjc0zM6zcEpNvtxZNViu3xGYYrmUOw2hmWe2WM8vKLXp9TA-XxWbYbLwoGDCyF8nTIp3IXKOFb-VxDFem4XLhmKwWM4vDuDAthruNYbKYWcQSzckincgu-4phtdhNlrvVaGOaGTbO5WzmW1hsi-VmtTKMHMt9y7SxeWaGlVti8u3Woslq5ZbYDMO1zGEYzSyr3XJmWblFr4_p4bLYDJuNvzHbzYabxWgy2Ddmu9lwsxhNBvsOneG7-pyNnsvB3HGpL99z5nZzGBQug8X7PVik0WlnZ_S5DBeLamzaOSZWod_v9_v9fr_f7_duzAaPwWD4Wc7Hvtiv_RZOnu_GezAqYongIp1oHna_32sRS5Smi3SiF_otf8_Hb3j5dZvlZDkRSwSni3QiehlPF_UfH2KwmUtWo7litZlLFoNVAgAAAAAAAABYwpR5EwAAAIDTQGbL2W61zoMYzUajwWq5AA9wAbo_vGaYs682tbsOxL7bG3lxCMWNHxvMw-73e60MACGYzbz5M0Gs1WpZAwAACGADAAAEcOvmLQCLif____-PAwAAkJGjBwAAEN8HMvLCjVov_OAfaNVg!&excid=22&docw=0&cijs=1&nlb=false
Protocol: H2
Server: 141.226.229.48 , Singapore, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://sg-match.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sun, 19 Feb 2023 18:30:22 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 3205

Redirect headers

location: https://sync.taboola.com/sg/yahoosspus-network/1/rtb-h/?taboola_hm=y-wsAbU6hE2uGikW0lm0iMi6pxHdFDOLG7iGB1Lmk-~A
date: Sun, 19 Feb 2023 18:30:22 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.25
age: 0
content-length: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 0D88 0
0 7ms
7ms Fetch
image/gif 2404:6800:4003:c06::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvfTFUMxsyMyeP3q_q5Dm4VkFVsGtP0pqORiWgjmb0YuRnWh83PPwyK0gynmSh9YVmJgQZzp37JlU8FTTDXAIvFZW1oN4PdRc7rBIX2rjXLt6i_RriepmgTFanIKMW9E-17GlA_-g0HNOTMrINdDY4y68bpdAtlCw4ELQJJisgwmx_XP2KBiH6OUr1Asube8Gun_MFJmBUQP4GZXl0Me-3qKpAE57PNXWgQ8JUAQz4ce5wJGG7NiQ2ZK3vMFx_KaO4alMCdVcalNC6SbPythhEdy9ebO5MCoPcHBEWUsdPWVXFgS_F2-zG4H0Ly2tnjt_jLm4dF9_74yA&sai=AMfl-YSL8g_1bz_KDur5s-nX-iDhpGDQ6dlyVMDk3gTBdpzkSxs18eZ8PHvWhjev8oQLCW_i9CEdoH5yjntdGCzBPtJsr5UDmY3umxbtDsCGsiPfDw5WGtc9WLbMLTwZvlY&sig=Cg0ArKJSzIsFc81UTY-IEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c06::9a , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sun, 19 Feb 2023 18:30:22 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sun, 19 Feb 2023 18:30:22 GMT

GET
H3 200 pubads_impl_2023021501.js Show response
securepubads.g.doubleclick.net/gpt/ Frame 5782 383 KB
129 KB 5ms
4ms Script
text/javascript 2404:6800:4003:c06::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023021501.js?cb=31072498

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c06::9a , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

21383a108fc0f4840b90610def8622f8af1fde2c2833693d61a1f91c075d25d1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sun, 19 Feb 2023 13:40:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 17412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 132205
x-xss-protection: 0
last-modified: Wed, 15 Feb 2023 09:35:25 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Mon, 19 Feb 2024 13:40:10 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ Frame 5782 6 KB
948 B 9ms
9ms XHR
application/json 2404:6800:4003:c06::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.sanook.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c06::9a , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5344afc6c83831275918591131fb80d4f1f89ace1ac721018e5aa4e67d5c106b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sun, 19 Feb 2023 18:30:22 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 923
x-xss-protection: 0
expires: Sun, 19 Feb 2023 18:30:22 GMT

GET
H2

200

usync.html Show response
eus.rubiconproject.com/ Frame DCF9
Redirect Chain

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?gdpr=0&p=15414&us_privacy=1---&endpoint=
https://eus.rubiconproject.com/usync.html?gdpr=0&p=15414&us_privacy=1---&endpoint=

281 B
410 B

5ms
3ms

Document
text/html

184.31.5.52
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?gdpr=0&p=15414&us_privacy=1---&endpoint=
Requested by: Host: sg-match.taboola.com
URL: https://sg-match.taboola.com/sync?dast=V7yg4CFgMtJZNQBpbcQwQtJZNQBpbcQwUAAAAGBuIHJGEbjDbL0W4t2mxca9HEN3MrnJvNWmaxLCaTjW-2WKyMQBK2wWizHO3Wos3GtRZNfDO3wrnZrGUWy2Iy2fhmi8XKCh_GcpkMaoGEZfb7DgrK6ekxuwyiouttsTucZs8bTtB0Onyue73u97trHna_32vX-N1-od_y93z8hpdft1lOlns5AAAAADz8____QwAAAABEAAAAAEgAAAAAUARU_FsIXAAAAABg_P___2sAAHMkzNPucxj-lpc_AAAAAEAAAAAASAAIOtZKACywqk7-_________2MG6DNvZP7___9vGHoAHnwAHoQAAAAehlbJ10QW8P6CiAo6ihgBAAAAnPlnSh9N6oTKour__7_fCuAKACDAUA3-PSpLd1DiLQwAAEBgbIEeFr_f7LBr_G6X_f________-b_Z_9o_2MXiukCT3Pzqj9AgIArP0CAgCwqRsAwFsAXNARtGIwWN1ArlazAwAAALj7____1wMRw2qxmyx3q9HGNDNsnMvZzLew2BbLzWplGDmW28OsxEkRcPtQ7AsRltnvOygop6fH7DKIiq63xe5wmj0H8UHDsJwMovlN2GK0mkw2y-FsuZgMhqPhaLS_gVgMBjgRg-VyMllMdqvRarQZ7kazwQIFYjBBihYNJqvRaLKYDFejyWq2XOx2G6Ro1Wo22gyGq9lkttuthoPhcjTCCVuMVpPJZjmcLReTwXA0HI2GCFOmjc0zM6zcEpNvtxZNViu3xGYYrmUOw2hmWe2WM8vKLXp9TA-XxWbYbLwoGDCyF8nTIp3IXKOFb-VxDFem4XLhmKwWM4vDuDAthruNYbKYWcQSzckincgu-4phtdhNlrvVaGOaGTbO5WzmW1hsi-VmtTKMHMt9y7SxeWaGlVti8u3Woslq5ZbYDMO1zGEYzSyr3XJmWblFr4_p4bLYDJuNvzHbzYabxWgy2Ddmu9lwsxhNBvsOneG7-pyNnsvB3HGpL99z5nZzGBQug8X7PVik0WlnZ_S5DBeLamzaOSZWod_v9_v9fr_f7_duzAaPwWD4Wc7Hvtiv_RZOnu_GezAqYongIp1oHna_32sRS5Smi3SiF_otf8_Hb3j5dZvlZDkRSwSni3QiehlPF_UfH2KwmUtWo7litZlLFoNVAgAAAAAAAABYwpR5EwAAAIDTQGbL2W61zoMYzUajwWq5AA9wAbo_vGaYs682tbsOxL7bG3lxCMWNHxvMw-73e60MACGYzbz5M0Gs1WpZAwAACGADAAAEcOvmLQCLif____-PAwAAkJGjBwAAEN8HMvLCjVov_OAfaNVg!&excid=22&docw=0&cijs=1&nlb=false
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.31.5.52 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-31-5-52.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://sg-match.taboola.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

accept-ranges: bytes
content-encoding: gzip
content-length: 233
content-type: text/html; charset=UTF-8
date: Sun, 19 Feb 2023 18:30:22 GMT
etag: "403b9-119-5ec73a0a33d00"
last-modified: Wed, 02 Nov 2022 02:30:44 GMT
server: Apache/2.2.15 (CentOS)
vary: Accept-Encoding

Redirect headers

access-control-allow-credentials: true
access-control-allow-origin: *
content-length: 0
date: Sun, 19 Feb 2023 18:30:22 GMT
location: https://eus.rubiconproject.com/usync.html?gdpr=0&p=15414&us_privacy=1---&endpoint=
server: AkamaiGHost

GET
H2 200 bridge3.556.1_en.html Show response
imasdk.googleapis.com/js/core/ Frame 2083 694 KB
222 KB 6ms
5ms Document
text/html 2404:6800:4003:c04::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.556.1_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c04::5f , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2d2d82139509245ce71581a4109da21a8e531ec4744b6a0d53f5fbef9e5a8506

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.sanook.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

accept-ranges: bytes
age: 26506
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 227471
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy: cross-origin
date: Sun, 19 Feb 2023 11:08:36 GMT
expires: Mon, 19 Feb 2024 11:08:36 GMT
last-modified: Mon, 13 Feb 2023 14:26:22 GMT
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 client.js Show response
s0.2mdn.net/instream/video/ Frame D660 44 KB
17 KB 17ms
6ms Script
text/javascript 2404:6800:4003:c05::95
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/instream/video/client.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c05::95 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sun, 19 Feb 2023 18:30:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16746
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 19 Feb 2023 18:30:22 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 73CA 0
0 17ms
16ms Fetch
text/html 2404:6800:4003:c06::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=C6ScavWryY62NJpeD9fwP8fuJ2Aa91O6wXPCvxL59wI23ARABIABgvwWCARdjYS1wdWItNjE2NzIzODcxMjcyOTAzMsgBCeACAKgDAaoEiwJP0EesDVjZo95eoSs03ZumXOxMZNPRLl-nCVXz7_B23C-IuO136qY58OXTv85xYJ0I6T30TnlCOHDHMXWkYpjfINwb3Ciw_tqBQfwwcxYueO_tsy7IQxhQJaINDinEBc50som5M0TRmW1YudBCZrKP5AsL82M_USP983ubm6TwXf0TU0JqbgBiA2-VRDt0x-S-j6PRnu36oD8nZwZ-Nu5hA6hhYSbBqtl4ed4tIv9o-4hiryGXjr88XjUsbWdr6cO3FInOgpoUsQKtvHLOon24ZRccxAFsqHE0z3AaT2gu7txEwR5Y0raepJ6OA_KWy8o-I7WirYfZBEDWl9LgVRHeY_R7QQo2D3yemoHgBAGABqrO7rWinp-JNKAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBAgAoD-gsCCAGADAHQFQGAFwGyFxwKGhIUcHViLTYxNjcyMzg3MTI3MjkwMzIY94EQ&sigh=wVFJegTpFiM&uach_m=[UACH]&cid=CAQSPADUE5ymyL0iNens1DKQe-4-X8Lm8bHf5wUtC5OSYQwRZFh0UbASqwdmfkdUPNlq4mNL78vTX8M_sMNiRhgB
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/horoscope/73929/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2404:6800:4003:c06::9a , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://980f4f4d67287649793d18d60622bf76.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

GET
H2 200 notify
rtb.jp2.as.criteo.com/google/auction/ Frame 73CA 0
0 542ms
180ms Fetch 2406:2600:4::13
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to

Full URL

https://rtb.jp2.as.criteo.com/google/auction/notify?profile=14&payload=k7n3FYbIC6wC2ATgvNldAgAAAFjA2zP9ES_EQ9ZygrI_TfEQvGryY66Cyq4NWPy-wPBKABIAAAoOQVFVRERRWUJEUUVCRFE&wp=Y_JqvQAJhq0JnUGXAAJ98SBQFgJrsNxLmIvNjg

Requested by

Host: www.sanook.com
URL: https://www.sanook.com/horoscope/73929/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2406:2600:4::13 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://980f4f4d67287649793d18d60622bf76.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sun, 19 Feb 2023 18:30:21 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
server-processing-duration-in-ticks: 161653
content-length: 0

GET
H2 200 afr.php Show response
ads.as.criteo.com/delivery/r/ Frame 7833 52 KB
20 KB 24ms
8ms Document
text/html 2406:2600:7:100::15
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.as.criteo.com/delivery/r/afr.php?z=Y_JqvQAJhq0JnUGXAAJ98SBQFgJrsNxLmIvNjg&u=%7CVsO%2Ft9BgOqjUwQKhzQtqTR49YbkJ7rt84p0OVHezfsg%3D%7C&c1=wLMhjbQtwRerfuYQvtYvucUfx71c_57oVqw7Cvg7ORav6XsKrfZypYKuspo5MklQJGJaQ5D3HuutBNk8kyd6S3Mda_41sNkH0TkLrN0YzQ86-SZNzXUXEMg3aREKNw_z_XgGm8q5vSpAJ2NqYIydHv8KGkiX_gy3l8FyoR5fKTib0VVn4JIhf3MwTkHK_GIQjoXlnRo8nMwjGJM2lIQHUSoHQJBLMx4v2936XWo5cm_1TDswhZLVNzXvL6I0Ur5d5T2wvx9-U7n9OM4qG701J4EOn7AvApRZ3oY4l6MNZTl4z8-n851CaedUH3n1Cgt9SF-QC2YlR2hD_6IBo7hiTbWnjwhjBBm-NBwSaxpFqmLe8ubZrcRjo6zorH8ncV58Q2agTHZhmifN5clVye9pQ9ioFEDjo2Aq8O67MmfF-MSWv4Btt8_R5fb-ZTd4oEHvz-kBiom9oFlEqDK8WrYCY2tPabEgAVpkhbh1bKMvd0oJNs1uMCUwhMCFPUxwpZfxGtgWr2qg56nWgC0sxRSm5U38VxPrqnuw1inak1LTlo42J6xkEppMYMP1Q2vItC_Wc-ah3HEO8wz1vpsjbApktePgUJu6ExxSf3CbzFH5Kf9s1qM1I1G-wN-tDZkmXLP9nRT0Ahnqspo&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCnlefvWryY62NJpeD9fwP8fuJ2Aa91O6wXPCvxL59wI23ARABIABgvwWCARdjYS1wdWItNjE2NzIzODcxMjcyOTAzMsgBCeACAKgDAaoEjgJP0EesDVjZo95eoSs03ZumXOxMZNPRLl-nCVXz7_B23C-IuO136qY58OXTv85xYJ0I6T30TnlCOHDHMXWkYpjfINwb3Ciw_tqBQfwwcxYueO_tsy7IQxhQJaINDinEBc50som5M0TRmW1YudBCZrKP5AsL82M_USP983ubm6TwXf0TU0JqbgBiA2-VRDt0x-S-j6PRnu36oD8nZwZ-Nu5hA6hhYSbBqtl4ed4tIv9o-4hiryGXjr88XjUsbWdr6cO3FInOgpoUsQKtvHLOon24ZRccxAFsqHE0z3AaT2gu7txEwR5YkLS_Nh9FrpxsZreP85oXVc3ODrXfucpw8tnx1gbEXyYujJIr9HsVaKPgBAGABqrO7rWinp-JNKAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1ppPFNVKp8nDu71YfJBRSH_VwnbA%26client%3Dca-pub-6167238712729032%26adurl%3D

Requested by

Host: 980f4f4d67287649793d18d60622bf76.safeframe.googlesyndication.com
URL: https://980f4f4d67287649793d18d60622bf76.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2406:2600:7:100::15 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

Kestrel /

Resource Hash

ecc867644f6abdf7fecdfe9acbeb274d6608cce808b81b32fd5abd60404918eb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://980f4f4d67287649793d18d60622bf76.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cache-control: private, max-age=0, no-cache
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
date: Sun, 19 Feb 2023 18:30:21 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
link: <pix.as.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p: CP='CUR ADM OUR NOR STA NID'
pragma: no-cache
report-to: {"endpoints":[{"url":"https://csm.as.criteo.net/heavyad?cppv=3&cpp=QyibnMCBfL_rThrgt_xdPTt9d7r0pcYVLR98YhOn8Q-FFDp1HOShh4Ta4_mvOdlczfHCdAWembhxfnnhLpIhEIKiDg86Ks7d7-R83DD6jWhYEx2JN31B92uTT2FCAWTaQNNh-G8PgK3NEvIj7A6TVidtDCkBrqD_GOX-1nN2WtsvTamldZRPTkOwtmTnWcRq1-MVVLdll39NTBlrjxzzayAqxB1pbkjPUOTnfKEn2jFkrsGcgJ-T1MbY7wy_4lZ8Yb2f4kzv3xlKe2T-"}], "max_age": 86400}
server: Kestrel
server-processing-duration-in-ticks: 3968339
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230215/r20110914/client/ Frame 73CA 3 KB
1 KB 7ms
4ms Script
text/javascript 2404:6800:4003:c01::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230215/r20110914/client/window_focus_fy2021.js

Requested by

Host: 980f4f4d67287649793d18d60622bf76.safeframe.googlesyndication.com
URL: https://980f4f4d67287649793d18d60622bf76.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c01::84 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://980f4f4d67287649793d18d60622bf76.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sun, 19 Feb 2023 10:31:59 GMT
content-encoding: br
x-content-type-options: nosniff
age: 28703
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 05 Mar 2023 10:31:59 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 4F9B 1 KB
643 B 7ms
5ms Document
text/html 2404:6800:4003:c03::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: 980f4f4d67287649793d18d60622bf76.safeframe.googlesyndication.com
URL: https://980f4f4d67287649793d18d60622bf76.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::9a , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://980f4f4d67287649793d18d60622bf76.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

age: 83804
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 18 Feb 2023 19:13:38 GMT
etag: 48472445140208031
expires: Sun, 19 Feb 2023 19:13:38 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230215/r20110914/client/ Frame 73CA 20 KB
8 KB 7ms
4ms Script
text/javascript 2404:6800:4003:c01::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230215/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 980f4f4d67287649793d18d60622bf76.safeframe.googlesyndication.com
URL: https://980f4f4d67287649793d18d60622bf76.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c01::84 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5e713a207017a40f54387d0e25bbb3cbbe1b3d10338cdd4a7342cc1486b19140

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://980f4f4d67287649793d18d60622bf76.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sun, 19 Feb 2023 08:31:57 GMT
content-encoding: br
x-content-type-options: nosniff
age: 35905
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8274
x-xss-protection: 0
server: cafe
etag: 9471482037410804447
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 05 Mar 2023 08:31:57 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 73CA 0
0 47ms
44ms Image
text/html 2404:6800:4003:c11::63
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTpMZy-qqW-_t5iPLlCY7O8ujIDKtXOBYm8ObSxNaKujWSZVQtyR3cf53ne-G1KH9MDVEKJXYbYw_pScagEZs8OG_8wsA
Requested by: Host: 980f4f4d67287649793d18d60622bf76.safeframe.googlesyndication.com
URL: https://980f4f4d67287649793d18d60622bf76.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2404:6800:4003:c11::63 , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://980f4f4d67287649793d18d60622bf76.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

GET
H3 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 73CA 24 KB
6 KB 7ms
5ms Script
text/javascript 2404:6800:4003:c01::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js

Requested by

Host: 980f4f4d67287649793d18d60622bf76.safeframe.googlesyndication.com
URL: https://980f4f4d67287649793d18d60622bf76.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c01::84 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://980f4f4d67287649793d18d60622bf76.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sun, 19 Feb 2023 03:47:05 GMT
content-encoding: br
x-content-type-options: nosniff
age: 52997
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6402
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Mon, 19 Feb 2024 03:47:05 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 73CA 156 KB
48 KB 11ms
9ms Script
text/javascript 2404:6800:4003:c03::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 980f4f4d67287649793d18d60622bf76.safeframe.googlesyndication.com
URL: https://980f4f4d67287649793d18d60622bf76.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::9a , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a85af52452417453ae5ced98aa54a149925de2155e823234dce588c331d11aa0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://980f4f4d67287649793d18d60622bf76.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sun, 19 Feb 2023 18:30:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48814
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1676465787912926"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 19 Feb 2023 18:30:22 GMT

GET
DATA 200
OK truncated
/ Frame 5782 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0ef9ec8bde35370d422e519ae19e2df882506ed0985e1ff3cd2574c2066bdfb0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame FEF7 0
0 8ms
8ms Fetch
image/gif 2404:6800:4003:c06::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsv-Q-SOvqDvpm9XgkkhQz15-7or3LM2Hj_ogfUC1MKDcFySH7XFib_6jdi4XOYQxqh03IOSzSBGKUpSeeHPP7apXABbdQC4OXSc2Ugfnv9LTRRfwWgs1YKAE7KNRJBkjKIyfHCtabUrPbbRkl78q2jfk8nx0BFC7ny-XAkyry5y3O2oroUyu3p57LjHsAAubYp1jQhfzwehuk_2tWwxS01Kzajh7x5_54Fw3DoHRuhPR9zEvMLptdnBmYI5pJ7z5fD3tXoa4Hj9S8-uUkm38cESDLwrQA1e3aSRGYxgT67Qqzzz7GGKbkkftrNeUkudAedI_-TOhe2KVFhyTH94le2OP_dYmYGHSyPuraQXz2uTs8msIz1e&sai=AMfl-YSczroGqlOk2q_shex0YFs2Rqa3_8yUYuIhMPKEJ6owxAW5C8ExyEZU8ex-l7l2XCSgkfGI9RKQoPVxoB5OpYtbgRrsa_0jQt4eyvISPAZSSIVnlEVeMI6mNPxefJ0&sig=Cg0ArKJSzGlxEGFiwMbbEAE&uach_m=[UACH]&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c06::9a , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sun, 19 Feb 2023 18:30:22 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sun, 19 Feb 2023 18:30:22 GMT

GET
H3 200 px.gif
fundingchoicesmessages.google.com/img/ 43 B
68 B 12ms
12ms Image
image/gif 2404:6800:4003:c03::64
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fundingchoicesmessages.google.com/img/px.gif?ch=1&rn=10.958106001020226

Requested by

Host: www.sanook.com
URL: https://www.sanook.com/horoscope/73929/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::64 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport, script-src 'report-sample' 'nonce-XXsus05QSRqQeMJRyGJprg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sun, 19 Feb 2023 18:30:22 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport, script-src 'report-sample' 'nonce-XXsus05QSRqQeMJRyGJprg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport/allowlist
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: image/gif
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 px.gif
fundingchoicesmessages.google.com/img/ 43 B
68 B 14ms
14ms Image
image/gif 2404:6800:4003:c03::64
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fundingchoicesmessages.google.com/img/px.gif?ch=2&rn=8.774775165096877

Requested by

Host: www.sanook.com
URL: https://www.sanook.com/horoscope/73929/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::64 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport, script-src 'report-sample' 'nonce-L8lC8b7dOO2ZvaSqFwx-_g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sun, 19 Feb 2023 18:30:22 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport, script-src 'report-sample' 'nonce-L8lC8b7dOO2ZvaSqFwx-_g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport/allowlist
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: image/gif
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 usync.js Show response
eus.rubiconproject.com/ Frame DCF9 33 KB
10 KB 4ms
3ms Script
text/html 184.31.5.52
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?gdpr=0&p=15414&us_privacy=1---&endpoint=
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.31.5.52 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-31-5-52.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 91ca25df885bd981eeae4ea03d889d85de8a71b58990610cf08e2ebd55b8c37a

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?gdpr=0&p=15414&us_privacy=1---&endpoint=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sun, 19 Feb 2023 18:30:22 GMT
content-encoding: gzip
last-modified: Sun, 19 Feb 2023 08:05:42 GMT
server: Apache/2.2.15 (CentOS)
x-powered-by: PHP/5.3.3
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
cache-control: max-age=48893
content-length: 10006
expires: Mon, 20 Feb 2023 08:05:15 GMT

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame D660 42 B
174 B 6ms
5ms Fetch
image/gif 2404:6800:4003:c03::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsv20nCDky9KLZzLVate4MlxGLiqL1OOQiIRNSwWab4_VaTfJMZ5PdjG3EqIqcebhuXlIyag_6p69gkJQRif-XqooDHJnZAtkS1Lz4pFb1ShvK0HcfYV&sig=Cg0ArKJSzMMLSD2Q-LgQEAE&id=lidar2&mcvt=1119&p=1078,1200,1303,1600&mtos=0,0,1119,1119,1119&tos=0,0,1119,0,0&v=20230215&bin=7&avms=nio&bs=1600,1200&mc=0.54&vu=1&app=0&itpl=19&adk=134200852&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1676831421016&rpt=350&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&vae=0&spb=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c03::9c , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 19 Feb 2023 18:30:22 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 privacy_small.svg
static.criteo.net/flash/icon/ Frame 7833 2 KB
1 KB 4ms
3ms Image
image/svg+xml 2406:2600:7:100::1
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy_small.svg

Requested by

Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y_JqvQAJhq0JnUGXAAJ98SBQFgJrsNxLmIvNjg&u=%7CVsO%2Ft9BgOqjUwQKhzQtqTR49YbkJ7rt84p0OVHezfsg%3D%7C&c1=wLMhjbQtwRerfuYQvtYvucUfx71c_57oVqw7Cvg7ORav6XsKrfZypYKuspo5MklQJGJaQ5D3HuutBNk8kyd6S3Mda_41sNkH0TkLrN0YzQ86-SZNzXUXEMg3aREKNw_z_XgGm8q5vSpAJ2NqYIydHv8KGkiX_gy3l8FyoR5fKTib0VVn4JIhf3MwTkHK_GIQjoXlnRo8nMwjGJM2lIQHUSoHQJBLMx4v2936XWo5cm_1TDswhZLVNzXvL6I0Ur5d5T2wvx9-U7n9OM4qG701J4EOn7AvApRZ3oY4l6MNZTl4z8-n851CaedUH3n1Cgt9SF-QC2YlR2hD_6IBo7hiTbWnjwhjBBm-NBwSaxpFqmLe8ubZrcRjo6zorH8ncV58Q2agTHZhmifN5clVye9pQ9ioFEDjo2Aq8O67MmfF-MSWv4Btt8_R5fb-ZTd4oEHvz-kBiom9oFlEqDK8WrYCY2tPabEgAVpkhbh1bKMvd0oJNs1uMCUwhMCFPUxwpZfxGtgWr2qg56nWgC0sxRSm5U38VxPrqnuw1inak1LTlo42J6xkEppMYMP1Q2vItC_Wc-ah3HEO8wz1vpsjbApktePgUJu6ExxSf3CbzFH5Kf9s1qM1I1G-wN-tDZkmXLP9nRT0Ahnqspo&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCnlefvWryY62NJpeD9fwP8fuJ2Aa91O6wXPCvxL59wI23ARABIABgvwWCARdjYS1wdWItNjE2NzIzODcxMjcyOTAzMsgBCeACAKgDAaoEjgJP0EesDVjZo95eoSs03ZumXOxMZNPRLl-nCVXz7_B23C-IuO136qY58OXTv85xYJ0I6T30TnlCOHDHMXWkYpjfINwb3Ciw_tqBQfwwcxYueO_tsy7IQxhQJaINDinEBc50som5M0TRmW1YudBCZrKP5AsL82M_USP983ubm6TwXf0TU0JqbgBiA2-VRDt0x-S-j6PRnu36oD8nZwZ-Nu5hA6hhYSbBqtl4ed4tIv9o-4hiryGXjr88XjUsbWdr6cO3FInOgpoUsQKtvHLOon24ZRccxAFsqHE0z3AaT2gu7txEwR5YkLS_Nh9FrpxsZreP85oXVc3ODrXfucpw8tnx1gbEXyYujJIr9HsVaKPgBAGABqrO7rWinp-JNKAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1ppPFNVKp8nDu71YfJBRSH_VwnbA%26client%3Dca-pub-6167238712729032%26adurl%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2406:2600:7:100::1 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

nginx /

Resource Hash

a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://ads.as.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sun, 19 Feb 2023 18:30:22 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:30:28 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42ba84-6aa"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 14 Feb 2024 18:30:22 GMT

GET
H2 200 adchoices_en.svg
static.criteo.net/flash/icon/ Frame 7833 2 KB
1 KB 4ms
4ms Image
image/svg+xml 2406:2600:7:100::1
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/adchoices_en.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2406:2600:7:100::1 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

nginx /

Resource Hash

60bcafbd631f6fa0805e158ca3b235e76225350db6fbb423596d4c4954b27573

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://ads.as.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sun, 19 Feb 2023 18:30:22 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:27:58 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42b9ee-759"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 14 Feb 2024 18:30:22 GMT

GET
H2 200 close_button.svg
static.criteo.net/flash/icon/ Frame 7833 308 B
636 B 4ms
3ms Image
image/svg+xml 2406:2600:7:100::1
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/close_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2406:2600:7:100::1 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

nginx /

Resource Hash

8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://ads.as.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sun, 19 Feb 2023 18:30:22 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 14 Feb 2020 13:51:32 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "5e46a5e4-134"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 308
expires: Wed, 14 Feb 2024 18:30:22 GMT

GET
H2 200 back_button2.svg
static.criteo.net/flash/icon/ Frame 7833 293 B
621 B 5ms
4ms Image
image/svg+xml 2406:2600:7:100::1
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/back_button2.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2406:2600:7:100::1 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

nginx /

Resource Hash

725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://ads.as.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sun, 19 Feb 2023 18:30:22 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 28 Apr 2022 09:09:48 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "626a59dc-125"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 293
expires: Wed, 14 Feb 2024 18:30:22 GMT

GET
H2 200 lg.php
cat.sg1.as.criteo.com/delivery/ Frame 7833 43 B
348 B 183ms
6ms Image
image/gif 182.161.73.132
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cat.sg1.as.criteo.com/delivery/lg.php?cppv=3&cpp=x9s7Txrg-Ns6x_Xv_E9Y2K7YF5o6v-7w7YIy6Jniw3gP7SO0tk-bmF4_SiWkgHwzltK2aH7j9op0IVoROkaZZ0t0Y9jsKMxn9kNobTYjrphsR-UOo7B7NvSgv4c_dLHbrffr_EieNEUWtZP1x2XMgZdsoj-H9VjI4g-6tn1QZADT0jsWiy4L_tbyAzyHJLOoEQsVr5036kWhraJRJrWK5HuQblkLjeKZB5h1n2iEyJFmP1QabhfjVPM2kBEGTTJ51HHpXZu4MEWvuR-lOcj-rk7d76UQTh0jQNUvln_QzCPFVw2zzJZGISuZojv-iv1o0lvD9LgVPIihisUcep7QI8cp67kNHqU1NYw90b2cZhuMUdFfrLSqsKncRHHy7K3XnTFBUk5fGRn-VvdCq3RdUKj76d7vnb5RDSm6b7uRVQ0kssDhw-AW03PKAvLNYxjuXBn1Tg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

182.161.73.132 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://ads.as.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 19 Feb 2023 18:30:22 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 3948189
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 2359a4efdafb4940838e0904a34866bd_image_ad_300x600.png
static.criteo.net/design/dt/100886/230213/ Frame 7833 159 KB
160 KB 6ms
6ms Image
image/png 2406:2600:7:100::1
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/design/dt/100886/230213/2359a4efdafb4940838e0904a34866bd_image_ad_300x600.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2406:2600:7:100::1 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

nginx /

Resource Hash

5ed2d184a899fbf53e2614d503c6d422ad502aea145565dea1a74dca4be0043a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://ads.as.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sun, 19 Feb 2023 18:30:22 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Mon, 13 Feb 2023 12:19:16 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "63ea2ac4-27d3a"
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 163130
expires: Wed, 14 Feb 2024 18:30:22 GMT

GET
H3 200 pubads_impl_2023021401.js Show response
securepubads.g.doubleclick.net/gpt/ Frame 019F 383 KB
129 KB 5ms
5ms Script
text/javascript 2404:6800:4003:c06::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023021401.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c06::9a , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3ae88f57f0348d9b11258f88926e791d4dc8dc66b365d8aca36cb731257b7fc0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sun, 19 Feb 2023 13:18:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 18733
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 132139
x-xss-protection: 0
last-modified: Tue, 14 Feb 2023 09:35:40 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Mon, 19 Feb 2024 13:18:09 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ Frame 019F 6 KB
948 B 11ms
10ms XHR
application/json 2404:6800:4003:c06::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.sanook.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c06::9a , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5344afc6c83831275918591131fb80d4f1f89ace1ac721018e5aa4e67d5c106b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sun, 19 Feb 2023 18:30:22 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 923
x-xss-protection: 0
expires: Sun, 19 Feb 2023 18:30:22 GMT

GET activeview
pagead2.googlesyndication.com/pcs/ Frame B6EF 0
0

GET activeview
pagead2.googlesyndication.com/pcs/ Frame 0D88 0
0

GET
H2 200 jquery-3.2.1.min.js Show response
code.jquery.com/ 85 KB
30 KB 578ms
193ms Script
application/javascript 2001:4de0:ac18::1:a:1a
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-3.2.1.min.js
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/horoscope/73929/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac18::1:a:1a , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: nginx /
Resource Hash: 87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sun, 19 Feb 2023 18:30:23 GMT
content-encoding: gzip
last-modified: Fri, 20 Aug 2021 17:47:53 GMT
server: nginx
etag: W/"611feac9-15283"
vary: Accept-Encoding
x-hw: 1676831423.dop225.la3.t,1676831423.cds244.la3.hn,1676831423.cds045.la3.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 30125

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ 219 KB
54 KB 85ms
5ms Script
application/javascript 13.227.255.65
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/horoscope/73929/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.227.255.65 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-227-255-65.sin52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: d9eb660415852a3102b64a2149b9da8904c86443292ef1022f728d3ad214481d

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sun, 19 Feb 2023 18:14:06 GMT
content-encoding: gzip
via: 1.1 2a08551383b826c5272c6d3873169312.cloudfront.net (CloudFront), 1.1 95d5bc8b4873ccfdcd27d17cb5965ff8.cloudfront.net (CloudFront)
last-modified: Wed, 15 Feb 2023 21:28:33 GMT
server: AmazonS3
x-amz-cf-pop: SIN2-P2, SIN52-C3
age: 976
x-amz-server-side-encryption: AES256
etag: W/"fa55e2d81bc43a3aa0fd6ec57e99099b"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: public, max-age=3600
x-amz-cf-id: XXGkPoClwgTjJWSV3EiH2uo7Aw1UGBGFAWE91l4L1zY7GUwtAkBiTQ==

GET
DATA 200
OK truncated
/ Frame 019F 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 891bdf4a85f1f306b3ba38cb698ee5b8945f2d1f35ed7d716173cfd1b35b0edb

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Content-Type: image/png

POST
H3 204 AGSKWxUhYfpOs54vTT-3PC_lQXR8KuqAEPaTjFCfbg0Hs1up4WD5AtHzSe6NltxtwOz8y9lL7VxvLMraOu3_WE-uDTCCN2jvuOm8AWBlU0RofnYrWjoPJavZS8inbBqVJILQP_WUfuYHzg== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 18ms
10ms XHR
text/html 2404:6800:4003:c03::64
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxUhYfpOs54vTT-3PC_lQXR8KuqAEPaTjFCfbg0Hs1up4WD5AtHzSe6NltxtwOz8y9lL7VxvLMraOu3_WE-uDTCCN2jvuOm8AWBlU0RofnYrWjoPJavZS8inbBqVJILQP_WUfuYHzg==

Requested by

Host: www.sanook.com
URL: https://www.sanook.com/horoscope/73929/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::64 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-7C889lqrDUu-Lj1V9ipaaw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.sanook.com/
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 19 Feb 2023 18:30:22 GMT
content-security-policy: script-src 'report-sample' 'nonce-7C889lqrDUu-Lj1V9ipaaw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
access-control-allow-origin: https://www.sanook.com
access-control-allow-methods: POST, GET, OPTIONS
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 4F9B
Redirect Chain

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEGAhf3QjaxIhvNRYGsYWQ9k&google_cver=1&google_push=Aa02lx8D0qq3WLlED14FUS1cX5aim9l7xO1KH6iXAifkUPsBlFSesN5iUU...
https://cm.g.doubleclick.net/pixel?gdpr=0&google_nid=B765081F39B1F7&google_push=Aa02lx8D0qq3WLlED14FUS1cX5aim9l7xO1KH6iXAifkUPsBlFSesN5iUUESh-S-Bx2lMd8g_DdPn5I8e5CKiqsAaRkdTPDzakdjA8bOFyosVdah8h-6-...

170 B
188 B

7ms
7ms

Image
image/png

74.125.24.156
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?gdpr=0&google_nid=B765081F39B1F7&google_push=Aa02lx8D0qq3WLlED14FUS1cX5aim9l7xO1KH6iXAifkUPsBlFSesN5iUUESh-S-Bx2lMd8g_DdPn5I8e5CKiqsAaRkdTPDzakdjA8bOFyosVdah8h-6-X8mCWMz6MTFHKRZZgHQV8WIDA&google_hm=Ayiq0ZPD8RMuaR_GjT-kwQ

Requested by

Host: 980f4f4d67287649793d18d60622bf76.safeframe.googlesyndication.com
URL: https://980f4f4d67287649793d18d60622bf76.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

74.125.24.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sf-in-f156.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 19 Feb 2023 18:30:22 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 19 Feb 2023 18:30:22 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location: https://cm.g.doubleclick.net/pixel?gdpr=0&google_nid=B765081F39B1F7&google_push=Aa02lx8D0qq3WLlED14FUS1cX5aim9l7xO1KH6iXAifkUPsBlFSesN5iUUESh-S-Bx2lMd8g_DdPn5I8e5CKiqsAaRkdTPDzakdjA8bOFyosVdah8h-6-X8mCWMz6MTFHKRZZgHQV8WIDA&google_hm=Ayiq0ZPD8RMuaR_GjT-kwQ
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 0
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H/1.1 404
Not Found doubleclick
app.cauly.co.kr/idsync_ssp/ Frame 4F9B 0
161 B 406ms
107ms Image
application/xml 133.186.161.89
NHN-AS-KR NHN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://app.cauly.co.kr/idsync_ssp/doubleclick?google_gid=CAESEHcCQoEHhPfFMS91I1y4bgg&google_cver=1&google_push=Aa02lx88KS6E19S4Mub9p19VPr3r4W4BcGwfGBW8zyoVZ5xvlW5Xex17gjuobj8LiFGmrE8ffH8eLPqo07S0RzsIms_72R3NT45eTYIeFQcqhJe2e2lhXITtQxmjorZZ5y1sV3zd8Zy7EQ
Requested by: Host: 980f4f4d67287649793d18d60622bf76.safeframe.googlesyndication.com
URL: https://980f4f4d67287649793d18d60622bf76.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 133.186.161.89 , Japan, ASN45974 (NHN-AS-KR NHN, KR),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date: Sun, 19 Feb 2023 18:30:23 GMT
Server: nginx
Connection: close
Content-Length: 0
Content-Type: Application/xml;charset=UTF-8

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 4F9B
Redirect Chain

https://cc.adingo.jp/adx/push/?google_gid=CAESEPf1VJVby5wu5NwPML3LEUw&google_cver=1&google_push=Aa02lx9h5K2dmK4FKR6F6FWTqf07fNBMWjzk8XjHdOApVEQX3iQcKxHi_xMLHHUSddhQbaECd4NnFL5hoC2BbJ5UK7vftaIs_c_XC...
https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=Aa02lx9h5K2dmK4FKR6F6FWTqf07fNBMWjzk8XjHdOApVEQX3iQcKxHi_xMLHHUSddhQbaECd4NnFL5hoC2BbJ5UK7vftaIs_c_XCZVAz-BTD7sXT7HK1HOEj6B9GLwUjM...

170 B
188 B

13ms
8ms

Image
image/png

74.125.24.156
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=Aa02lx9h5K2dmK4FKR6F6FWTqf07fNBMWjzk8XjHdOApVEQX3iQcKxHi_xMLHHUSddhQbaECd4NnFL5hoC2BbJ5UK7vftaIs_c_XCZVAz-BTD7sXT7HK1HOEj6B9GLwUjMVXYbYsmdWEcQ&google_hm=886fc0491b835b5d9f41c1867434a979

Requested by

Host: www.sanook.com
URL: https://www.sanook.com/horoscope/73929/

Protocol

Server

74.125.24.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sf-in-f156.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 19 Feb 2023 18:30:23 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=Aa02lx9h5K2dmK4FKR6F6FWTqf07fNBMWjzk8XjHdOApVEQX3iQcKxHi_xMLHHUSddhQbaECd4NnFL5hoC2BbJ5UK7vftaIs_c_XCZVAz-BTD7sXT7HK1HOEj6B9GLwUjMVXYbYsmdWEcQ&google_hm=886fc0491b835b5d9f41c1867434a979
date: Sun, 19 Feb 2023 18:30:22 GMT
content-type: text/html; charset=UTF-8
server: nginx
p3p: CP=NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa HISa OUR SAMa OTRa STP UNI STA

GET
H2

200

spacer.gif
an.yandex.ru/resource/ Frame 4F9B
Redirect Chain

https://an.yandex.ru/mapuid/google/CAESEHnMfCno6X5dHnqQE1vg7I0?ext-param=Aa02lx95LT1A9TSuW9GnaUaPDiN-V9loN-AO4jUayD7X6-wO1EMHxDBIUluznRfLyVm_I78_e6I_l4w1LJNeqiCknuls4GIRJP2XfyPDplSoB6WIi2ibTnPBbQzV...
https://an.yandex.ru/mapuid/google/CAESEHnMfCno6X5dHnqQE1vg7I0?redir-setuniq=1&ext-param=Aa02lx95LT1A9TSuW9GnaUaPDiN-V9loN-AO4jUayD7X6-wO1EMHxDBIUluznRfLyVm_I78_e6I_l4w1LJNeqiCknuls4GIRJP2XfyPDplSo...
https://cm.g.doubleclick.net/pixel?google_nid=yandex_ag&google_hm=CAESEHnMfCno6X5dHnqQE1vg7I0&google_redir=https%3A%2F%2Fan.yandex.ru%2Fresource%2Fspacer.gif
https://an.yandex.ru/resource/spacer.gif

43 B
144 B

213ms
213ms

Image
image/gif

2a02:6b8::90
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://an.yandex.ru/resource/spacer.gif

Requested by

Host: www.sanook.com
URL: https://www.sanook.com/horoscope/73929/

Protocol

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sun, 19 Feb 2023 18:30:23 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
last-modified: Wed, 18 Apr 2001 10:28:03 GMT
content-type: image/gif
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Sun, 04 Feb 2024 18:30:23 GMT

Redirect headers

pragma: no-cache
date: Sun, 19 Feb 2023 18:30:23 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://an.yandex.ru/resource/spacer.gif
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 237
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 4F9B
Redirect Chain

https://trace.mediago.io/cs/google?google_gid=CAESEPF4rA3Zn7ihx0RELTP36Ms&google_cver=1&google_push=Aa02lx_s4iMJax077gVc8hXinYz1u8vMftDrs0CcLMbZwrtJa7Hvgld_Nx7FOd2FwAOSMSX3-LefrAkciIoZQ9qQ1lj3YsxAH...
https://cm.g.doubleclick.net/pixel?google_nid=baidu_mediago&google_push=Aa02lx_s4iMJax077gVc8hXinYz1u8vMftDrs0CcLMbZwrtJa7Hvgld_Nx7FOd2FwAOSMSX3-LefrAkciIoZQ9qQ1lj3YsxAHihatfxcPRin_dPIZEF0P0FwtYWfY...

170 B
188 B

9ms
8ms

Image
image/png

74.125.24.156
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=baidu_mediago&google_push=Aa02lx_s4iMJax077gVc8hXinYz1u8vMftDrs0CcLMbZwrtJa7Hvgld_Nx7FOd2FwAOSMSX3-LefrAkciIoZQ9qQ1lj3YsxAHihatfxcPRin_dPIZEF0P0FwtYWfY0vQyuqHovmj__Q03Q&google_hm=23cad0a1f571502cb566d5409449a8c0

Requested by

Host: www.sanook.com
URL: https://www.sanook.com/horoscope/73929/

Protocol

Server

74.125.24.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sf-in-f156.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 19 Feb 2023 18:30:23 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=baidu_mediago&google_push=Aa02lx_s4iMJax077gVc8hXinYz1u8vMftDrs0CcLMbZwrtJa7Hvgld_Nx7FOd2FwAOSMSX3-LefrAkciIoZQ9qQ1lj3YsxAHihatfxcPRin_dPIZEF0P0FwtYWfY0vQyuqHovmj__Q03Q&google_hm=23cad0a1f571502cb566d5409449a8c0
date: Sun, 19 Feb 2023 18:30:23 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 288
content-type: text/html; charset=utf-8

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 4F9B
Redirect Chain

https://secure.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=${BASE64_UID_ENC}&google_gid=CAESEI2IDGxlJcye5OtdA4XG0Tg&google_cver=1&google_push=Aa02lx-TMyKY6elnm...
https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=NTA0MzM0NjQ4NTYyMTI3NTUwNg%3D%3D&google_gid=CAESEI2IDGxlJcye5OtdA4XG0Tg&google_cver=1&google_push=Aa02lx-TMyKY6elnmItb0ZdLEXkOrcpJnl...

170 B
188 B

7ms
6ms

Image
image/png

74.125.24.156
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=NTA0MzM0NjQ4NTYyMTI3NTUwNg%3D%3D&google_gid=CAESEI2IDGxlJcye5OtdA4XG0Tg&google_cver=1&google_push=Aa02lx-TMyKY6elnmItb0ZdLEXkOrcpJnlrlbb82ujigmST1jWbgpFSoJA8ApO2m-4B_Yb7cVv_oEsFUcN4Jj9UD9lnyVLzOEbTIz7SR4vc-HJTFIv5QS2h5SW9SJvoc5Z4z12gA-mmxJ7E

Requested by

Host: 980f4f4d67287649793d18d60622bf76.safeframe.googlesyndication.com
URL: https://980f4f4d67287649793d18d60622bf76.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

74.125.24.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sf-in-f156.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 19 Feb 2023 18:30:22 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Sun, 19 Feb 2023 18:30:22 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 103.254.153.210; 103.254.153.210; 906.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: 378dd29b-21cb-45df-ad81-8a0f170fb0b5
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Location: https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=NTA0MzM0NjQ4NTYyMTI3NTUwNg%3D%3D&google_gid=CAESEI2IDGxlJcye5OtdA4XG0Tg&google_cver=1&google_push=Aa02lx-TMyKY6elnmItb0ZdLEXkOrcpJnlrlbb82ujigmST1jWbgpFSoJA8ApO2m-4B_Yb7cVv_oEsFUcN4Jj9UD9lnyVLzOEbTIz7SR4vc-HJTFIv5QS2h5SW9SJvoc5Z4z12gA-mmxJ7E
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 4F9B
Redirect Chain

https://x.bidswitch.net/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25?google_gid=CAESEJbbjRlz6...
https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=91f5f182-b782-4407-985c-6593dbbf178e&%%GOOGLE_PUSH_PAIR%%

170 B
188 B

6ms
6ms

Image
image/png

74.125.24.156
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=91f5f182-b782-4407-985c-6593dbbf178e&%%GOOGLE_PUSH_PAIR%%

Requested by

Host: 980f4f4d67287649793d18d60622bf76.safeframe.googlesyndication.com
URL: https://980f4f4d67287649793d18d60622bf76.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

74.125.24.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sf-in-f156.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 19 Feb 2023 18:30:22 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=91f5f182-b782-4407-985c-6593dbbf178e&%%GOOGLE_PUSH_PAIR%%
Date: Sun, 19 Feb 2023 18:30:22 GMT
Cache-Control: no-cache, no-store, must-revalidate
Server: nginx
Connection: keep-alive
Content-Length: 0

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 4F9B 0
12 B 8ms
4ms Image
text/html 74.125.24.156
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KrDPPZ_JDvI3-VJHTAKFZvOnretnYWYeJ-n1J4kB7pqtRCaCyU0IXNqnm4xHZvgeUYV3rBeD8LVQ

Requested by

Host: 980f4f4d67287649793d18d60622bf76.safeframe.googlesyndication.com
URL: https://980f4f4d67287649793d18d60622bf76.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

74.125.24.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sf-in-f156.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sun, 19 Feb 2023 18:30:22 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

OPTIONS
H2 200 json
gum.criteo.com/sid/ Frame 0
0 11ms
4ms Preflight
application/json 2406:2600:7:100::9
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.sanook.com%2F&domain=www.sanook.com&cw=1&pbt=1&lsw=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2406:2600:7:100::9 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://www.sanook.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: https://www.sanook.com
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-type: application/json; charset=utf-8
date: Sun, 19 Feb 2023 18:30:21 GMT
expires: 0
pragma: no-cache
server: Kestrel
server-processing-duration-in-ticks: 240691
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2

200

sid Show response
mug.criteo.com/
Redirect Chain

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.sanook.com%2F&domain=www.sanook.com&cw=1&pbt=1&lsw=1
https://mug.criteo.com/sid?cpp=GfsDynxucE9zT1lzTk5lNFNOQ1dxUG1vY1Nsb0xpeXRXL2oxbHFSWEkrMHFSVytDZUIvcDlCcWhadm4wVWFEUFN3cVl6ck1Pa3B0YnlVS1FWK0s5NzRYL1hBWFNlRlJkSU5iYk5keFVqckJtVHNLZmlMUHBDdHhNSUU4YU...

437 B
703 B

6ms
5ms

XHR
application/json

182.161.73.136
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=GfsDynxucE9zT1lzTk5lNFNOQ1dxUG1vY1Nsb0xpeXRXL2oxbHFSWEkrMHFSVytDZUIvcDlCcWhadm4wVWFEUFN3cVl6ck1Pa3B0YnlVS1FWK0s5NzRYL1hBWFNlRlJkSU5iYk5keFVqckJtVHNLZmlMUHBDdHhNSUU4YUJxQkNsMUwrMzB1VzNiWHEwWUp6c0xZUzlaUC9BYTFtYzVia2t0UFJVckVUcUJ3U2VTaVRpMFdVeDRubC85R2F4aTlnTzZjdjFZU2xmWUJHenM0Uyt6MVZjRHU2OUc4bENGSGg4ajdOTzdleGNZWGJCZ1JIQ2d3aU9xSFlXa3ZML3Q3ay82blhVditmZnZuVlNCRzdGY2dUelA0RXErQXNkR3hITngzd3VBb1JWcWo1U2xuRT18&cppv=2

Requested by

Host: www.sanook.com
URL: https://www.sanook.com/horoscope/73929/

Protocol

Server

182.161.73.136 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

Kestrel /

Resource Hash

0470667a7ed60691fbf924df3f6ba944332937b2d23f27ac6fa7b77c2ec865ff

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 19 Feb 2023 18:30:22 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: null
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1621098
expires: 0

Redirect headers

pragma: no-cache
date: Sun, 19 Feb 2023 18:30:22 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
access-control-allow-methods: GET
location: https://mug.criteo.com/sid?cpp=GfsDynxucE9zT1lzTk5lNFNOQ1dxUG1vY1Nsb0xpeXRXL2oxbHFSWEkrMHFSVytDZUIvcDlCcWhadm4wVWFEUFN3cVl6ck1Pa3B0YnlVS1FWK0s5NzRYL1hBWFNlRlJkSU5iYk5keFVqckJtVHNLZmlMUHBDdHhNSUU4YUJxQkNsMUwrMzB1VzNiWHEwWUp6c0xZUzlaUC9BYTFtYzVia2t0UFJVckVUcUJ3U2VTaVRpMFdVeDRubC85R2F4aTlnTzZjdjFZU2xmWUJHenM0Uyt6MVZjRHU2OUc4bENGSGg4ajdOTzdleGNZWGJCZ1JIQ2d3aU9xSFlXa3ZML3Q3ay82blhVditmZnZuVlNCRzdGY2dUelA0RXErQXNkR3hITngzd3VBb1JWcWo1U2xuRT18&cppv=2
access-control-allow-origin: https://www.sanook.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 303750
content-length: 0
expires: 0

POST
H/1.1 200 prebid Show response
id5-sync.com/api/config/ 135 B
543 B 1201ms
400ms XHR
application/json 162.19.138.117
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/api/config/prebid

Requested by

Host: www.sanook.com
URL: https://www.sanook.com/horoscope/73929/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.117 , France, ASN16276 (OVH, FR),

Reverse DNS

ns31533568.ip-162-19-138.eu

Software

Resource Hash

0b55ec4e5aa91ac70224085c402a372fcdd954dd4df3229b7de7efbfa86cff3c

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://www.sanook.com/
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.sanook.com
date: Sun, 19 Feb 2023 18:30:23 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding: chunked
content-type: application/json;charset=UTF-8

GET envelope
api.rlcdn.com/api/identity/ 0
0

GET
H2 200 id Show response
id.crwdcntrl.net/ 154 B
905 B 73ms
17ms XHR
application/json 18.136.246.100
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://id.crwdcntrl.net/id
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/horoscope/73929/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.136.246.100 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-136-246-100.ap-southeast-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 8d4dd98d652d8b4973e1b457bb4cd55af1737ff072c8e3afd0c54ca5876c0c24

Request headers

Referer: https://www.sanook.com/
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 19 Feb 2023 18:30:22 GMT
server: Jetty(9.4.38.v20210224)
content-type: application/json;charset=utf-8
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: https://www.sanook.com
cache-control: no-cache
x-server: 10.42.30.37
access-control-allow-credentials: true
content-length: 154
expires: 0

GET
H2 200 rid Show response
match.adsrvr.org/track/ 108 B
741 B 5ms
4ms XHR
application/json 3.33.220.150
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://match.adsrvr.org/track/rid?ttd_pid=pubmatic&fmt=json
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/horoscope/73929/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: ed215810c487806be82e1caa33d42329d5825e5ce3df405d20717323c926a228

Request headers

Referer: https://www.sanook.com/
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 19 Feb 2023 18:30:22 GMT
x-aspnet-version: 4.0.30319
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.sanook.com
cache-control: private
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length: 108
expires: Tue, 21 Mar 2023 18:30:22 GMT

POST
H2 200 wl Show response
t.pubmatic.com/ 17 B
93 B 22ms
3ms XHR
text/plain 103.231.98.201
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://t.pubmatic.com/wl?pubid=155976
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/horoscope/73929/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 103.231.98.201 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: 0d111d61901004eafd87c672f12f6cd54b3c376513aa672bf58100506dfe76f5

Request headers

Referer: https://www.sanook.com/
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Sun, 19 Feb 2023 18:30:22 GMT
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://www.sanook.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 17
expires: 0

POST
H2 200 wl Show response
t.pubmatic.com/ 17 B
181 B 20ms
3ms XHR
text/plain 103.231.98.201
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://t.pubmatic.com/wl?pubid=155976
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/horoscope/73929/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 103.231.98.201 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: 0d111d61901004eafd87c672f12f6cd54b3c376513aa672bf58100506dfe76f5

Request headers

Referer: https://www.sanook.com/
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Sun, 19 Feb 2023 18:30:22 GMT
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://www.sanook.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 17
expires: 0

POST
H2 200 all
csm.as.criteo.net/ Frame 7833 0
128 B 12ms
3ms Ping
text/plain 2406:2600:7:100::f
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to

Full URL

https://csm.as.criteo.net/all?cppv=3&cpp=QyibnMCBfL_rThrgt_xdPTt9d7r0pcYVLR98YhOn8Q-FFDp1HOShh4Ta4_mvOdlczfHCdAWembhxfnnhLpIhEIKiDg86Ks7d7-R83DD6jWhYEx2JN31B92uTT2FCAWTaQNNh-G8PgK3NEvIj7A6TVidtDCkBrqD_GOX-1nN2WtsvTamldZRPTkOwtmTnWcRq1-MVVLdll39NTBlrjxzzayAqxB1pbkjPUOTnfKEn2jFkrsGcgJ-T1MbY7wy_4lZ8Yb2f4kzv3xlKe2T-&sds=2&rev=84699&sendBeacon=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2406:2600:7:100::f , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.as.criteo.com/
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Sun, 19 Feb 2023 18:30:21 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

GET
H2 200 privacy.svg
static.criteo.net/flash/icon/ Frame 7833 2 KB
1 KB 3ms
3ms Image
image/svg+xml 2406:2600:7:100::1
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2406:2600:7:100::1 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

nginx /

Resource Hash

095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://ads.as.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sun, 19 Feb 2023 18:30:22 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 19 Feb 2020 10:57:21 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e4d1491-646"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 14 Feb 2024 18:30:22 GMT

GET
H2 200 101956
jadserve.postrelease.com/suid/ Frame 462E 43 B
540 B 530ms
172ms Image
image/gif 54.193.114.85
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://jadserve.postrelease.com/suid/101956?ntv_r=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fnativortb-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3DNTV_USER_ID
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/horoscope/73929/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.193.114.85 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-193-114-85.us-west-1.compute.amazonaws.com
Software: nginx/1.12.2 /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 19 Feb 2023 18:30:23 GMT
server: nginx/1.12.2
content-type: image/gif
access-control-allow-origin: *
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length: 43
expires: Mon, 1 Jan 1990 12:00:00 GMT

GET
H2

200

rtb-h
sync.taboola.com/sg/supershiprtb-display-network/1/ Frame 462E
Redirect Chain

https://tg.socdm.com/aux/idsync?proto=taboola
https://sync.taboola.com/sg/supershiprtb-display-network/1/rtb-h?taboola_hm=Y-JqvsCo8YoAAHHtC.4AAAAA

0
229 B

4ms
4ms

Image
text/plain

141.226.229.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.taboola.com/sg/supershiprtb-display-network/1/rtb-h?taboola_hm=Y-JqvsCo8YoAAHHtC.4AAAAA
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/horoscope/73929/
Protocol: H2
Server: 141.226.229.48 , Singapore, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sun, 19 Feb 2023 18:30:22 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 6879

Redirect headers

X-SO-Cluster-ID: 0
Date: Sun, 19 Feb 2023 18:30:22 GMT
X-SO-LB-Data: {"ban":false,"clean_query":"\/aux\/idsync?proto=taboola","cluster_id":0,"gdpr":false,"ipv4":"103.254.153.210","key":"Y-JqvsCo8YoAAHHtC.4AAAAA","privacy_sensitive":false,"uid":"","upstream_id":"m-ad409"}
X-SO-Key: Y-JqvsCo8YoAAHHtC.4AAAAA
Server: nginx
X-SO-Upstream-ID: m-ad409
P3P: CP="See also http://www.scaleout.jp/privacy/"
Location: https://sync.taboola.com/sg/supershiprtb-display-network/1/rtb-h?taboola_hm=Y-JqvsCo8YoAAHHtC.4AAAAA
Cache-Control: private
X-SO-HostName: m-ad409.dc4p.scaleout.jp
Connection: keep-alive
X-SO-Ads-Time: 1
Content-Length: 0
X-SO-LB-Hostname: m-tgng38.dc4p.scaleout.jp
X-SO-IP: 103.254.153.210

GET
H/1.1 200
OK sync
ssbsync.smartadserver.com/api/ Frame 462E 0
0 266ms
3ms Image
text/html 23.106.127.52
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssbsync.smartadserver.com/api/sync?callerId=4
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/horoscope/73929/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.106.127.52 , Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

GET
H2

204

/
trc.taboola.com/sg/rubicon-network-display/1/rtb-h/ Frame 462E
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=16698
https://trc.taboola.com/sg/rubicon-network-display/1/rtb-h/?taboola_hm=LEBQ4TFN-V-CH0S

0
112 B

6ms
5ms

Image
text/plain

151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc.taboola.com/sg/rubicon-network-display/1/rtb-h/?taboola_hm=LEBQ4TFN-V-CH0S
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/horoscope/73929/
Protocol: H2
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

x-vcl-time-ms: 2
date: Sun, 19 Feb 2023 18:30:22 GMT
via: 1.1 varnish
x-cache-hits: 0
server: nginx
x-timer: S1676831423.863626,VS0,VE2
x-cache: MISS
accept-ranges: bytes
x-served-by: cache-qpg1249-QPG

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://trc.taboola.com/sg/rubicon-network-display/1/rtb-h/?taboola_hm=LEBQ4TFN-V-CH0S
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: d264e84c9dc1a645a3048554992c5d82
Expires: 0

GET
H2

200

/
trc.taboola.com/sg/google-network/1/rtb-h/ Frame 462E
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_cm&google_sc
https://trc.taboola.com/sg/google-network/1/rtb-h/?taboola_hm=CAESEHaL_996M34sI2mLcQ2v-Go&google_cver=1

0
54 B

5ms
5ms

Image
text/plain

151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc.taboola.com/sg/google-network/1/rtb-h/?taboola_hm=CAESEHaL_996M34sI2mLcQ2v-Go&google_cver=1
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/horoscope/73929/
Protocol: H2
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

x-vcl-time-ms: 2
date: Sun, 19 Feb 2023 18:30:22 GMT
via: 1.1 varnish
x-cache-hits: 0
server: nginx
x-timer: S1676831423.864687,VS0,VE2
x-cache: MISS
accept-ranges: bytes
content-length: 0
x-served-by: cache-qpg1249-QPG

Redirect headers

pragma: no-cache
date: Sun, 19 Feb 2023 18:30:22 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://trc.taboola.com/sg/google-network/1/rtb-h/?taboola_hm=CAESEHaL_996M34sI2mLcQ2v-Go&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 304
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 Pug
simage2.pubmatic.com/AdServer/ Frame 462E 42 B
95 B 15ms
7ms Image
image/gif 103.231.98.194
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw&piggybackCookie=e4cf3f0e-bd77-425e-bf08-fa04f2579f2e-tuctaebf03c:$UID
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/horoscope/73929/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 103.231.98.194 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

content-type: image/gif; charset=utf-8
date: Sun, 19 Feb 2023 18:30:22 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 462E
Redirect Chain

https://sync.taboola.com/sg/google-network/1/rtb?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dtaboola_dbm%26google_sc%26gdpr%3D0%26gdpr_consent%3D&orig=trc
https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_sc&gdpr=0&gdpr_consent=&google_hm=e4cf3f0e-bd77-425e-bf08-fa04f2579f2e-tuctaebf03c

170 B
188 B

8ms
8ms

Image
image/png

74.125.24.156
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_sc&gdpr=0&gdpr_consent=&google_hm=e4cf3f0e-bd77-425e-bf08-fa04f2579f2e-tuctaebf03c

Requested by

Host: www.sanook.com
URL: https://www.sanook.com/horoscope/73929/

Protocol

Server

74.125.24.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sf-in-f156.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 19 Feb 2023 18:30:22 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_sc&gdpr=0&gdpr_consent=&google_hm=e4cf3f0e-bd77-425e-bf08-fa04f2579f2e-tuctaebf03c
date: Sun, 19 Feb 2023 18:30:22 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 8174

GET
H2

200

/
trc.taboola.com/sg/thetradedesk-network/1/rtb-h/ Frame 462E
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=054f32o&ttd_tpi=1
https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=f91d4e2a-9548-4c26-a952-3061050615ad

0
210 B

5ms
4ms

Image
text/plain

151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=f91d4e2a-9548-4c26-a952-3061050615ad
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/horoscope/73929/
Protocol: H2
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

x-vcl-time-ms: 2
date: Sun, 19 Feb 2023 18:30:22 GMT
via: 1.1 varnish
x-cache-hits: 0
server: nginx
x-timer: S1676831423.863771,VS0,VE2
x-cache: MISS
accept-ranges: bytes
content-length: 0
x-served-by: cache-qpg1249-QPG

Redirect headers

pragma: no-cache
date: Sun, 19 Feb 2023 18:30:22 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=f91d4e2a-9548-4c26-a952-3061050615ad
content-type: text/html
cache-control: private,no-cache, must-revalidate
content-length: 239

GET
H/1.1

200
OK

merge
ce.lijit.com/ Frame 462E
Redirect Chain

https://ce.lijit.com/merge?pid=42&3pid=e4cf3f0e-bd77-425e-bf08-fa04f2579f2e-tuctaebf03c&us_privacy=&gdpr=0&gdpr_consent=
https://ce.lijit.com/merge?pid=42&3pid=e4cf3f0e-bd77-425e-bf08-fa04f2579f2e-tuctaebf03c&us_privacy=&gdpr=0&gdpr_consent=&dnr=1

43 B
696 B

186ms
186ms

Image
image/gif

209.191.163.210
INTERNAP-BLOCK-4

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ce.lijit.com/merge?pid=42&3pid=e4cf3f0e-bd77-425e-bf08-fa04f2579f2e-tuctaebf03c&us_privacy=&gdpr=0&gdpr_consent=&dnr=1
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/horoscope/73929/
Protocol: HTTP/1.1
Server: 209.191.163.210 , United States, ASN14744 (INTERNAP-BLOCK-4, US),
Reverse DNS
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 19 Feb 2023 18:30:23 GMT
P3P: CP="CUR ADM OUR NOR STA NID"
Content-Type: image/gif
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod: ad_ap4sfo1
Content-Length: 43
Expires: Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sun, 19 Feb 2023 18:30:23 GMT
P3P: CP="CUR ADM OUR NOR STA NID"
Location: https://ce.lijit.com/merge?pid=42&3pid=e4cf3f0e-bd77-425e-bf08-fa04f2579f2e-tuctaebf03c&us_privacy=&gdpr=0&gdpr_consent=&dnr=1
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod: ad_ap4sfo1
Content-Length: 0
Expires: Fri, 20 Mar 2009 00:00:00 GMT

GET
H2 200 rtset
bh.contextweb.com/bh/ Frame 462E 49 B
878 B 1413ms
246ms Image
image/gif 74.214.196.131
PULSEPOINT

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bh.contextweb.com/bh/rtset?do=add&pid=553204&ev=e4cf3f0e-bd77-425e-bf08-fa04f2579f2e-tuctaebf03c

Requested by

Host: www.sanook.com
URL: https://www.sanook.com/horoscope/73929/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.214.196.131 Sunnyvale, United States, ASN19189 (PULSEPOINT, US),

Reverse DNS

Software

Jetty(9.4.50.v20221201) /

Resource Hash

d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

strict-transport-security: max-age=15768000
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
server: Jetty(9.4.50.v20221201)
content-language: zh-SG
content-type: image/gif;charset=GB2312
p3p: policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control: private, max-age=0, no-cache, no-store
cw-server: bh-deployment-stage-0
expires: -1

GET
H/1.1 200
OK /
rtb-csync.smartadserver.com/redir/ Frame 462E 43 B
697 B 340ms
3ms Image
image/gif 23.106.127.52
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb-csync.smartadserver.com/redir/?partnerid=107&partneruserid=e4cf3f0e-bd77-425e-bf08-fa04f2579f2e-tuctaebf03c&gdpr=0&gdpr_consent=
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/horoscope/73929/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.106.127.52 , Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS
Software: /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Sun, 19 Feb 2023 18:30:22 GMT
cache-control: no-cache,no-store
transfer-encoding: chunked
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

GET
H2

200

/
sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/ Frame 462E
Redirect Chain

https://dis.criteo.com/dis/usersync.aspx?r=29&p=282&cp=taboolaortb&cu=1&url=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fcriteortb-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%40%40CRITEO_USERID%40%40
https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=7a472b81-c9b0-40e9-9518-260f5df784dc

0
229 B

4ms
3ms

Image
text/plain

141.226.229.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=7a472b81-c9b0-40e9-9518-260f5df784dc
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/horoscope/73929/
Protocol: H2
Server: 141.226.229.48 , Singapore, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sun, 19 Feb 2023 18:30:22 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 7492

Redirect headers

pragma: no-cache
date: Sun, 19 Feb 2023 18:30:22 GMT
x-errorlevel: 0
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location: https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=7a472b81-c9b0-40e9-9518-260f5df784dc
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 1236564
content-length: 0
expires: Sun, 19 Feb 2023 00:00:00 GMT

GET
H2

200

/
sync.taboola.com/sg/id5-network/1/rtb-h/ Frame 462E
Redirect Chain

https://id5-sync.com/s/464/9.gif?puid=e4cf3f0e-bd77-425e-bf08-fa04f2579f2e-tuctaebf03c&gdpr=0&gdpr_consent=&callback=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fid5-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D...
https://id5-sync.com/c/464/464/7/1.gif?puid=e4cf3f0e-bd77-425e-bf08-fa04f2579f2e-tuctaebf03c&gdpr=0&gdpr_consent=&us_privacy=
https://match.adsrvr.org/track/cmf/generic?ttd_pid=8h9u11h&ttd_tpi=1&gdpr=0&gdpr_consent=
https://id5-sync.com/k/264.gif?puid=f91d4e2a-9548-4c26-a952-3061050615ad&ttl=%%TTL%%
https://ib.adnxs.com/getuid?https://id5-sync.com/c/464/2/5/3.gif?puid=$UID&gdpr=0&gdpr_consent=
https://id5-sync.com/c/464/2/5/3.gif?puid=5043346485621275506&gdpr=0&gdpr_consent=
https://sync.mathtag.com/sync/img?mt_exid=10089&mt_exuid=ID5-21701bkn3iEHsZto4RA2zK8EovKNqiQdjFG3_HrYKQ&redir=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F3%2F4%2F4.gif%3Fpuid%3D%5BUUID%5D%26gdpr%3D0%26g...
https://id5-sync.com/c/464/3/4/4.gif?puid=bfff63f2-6abd-4100-a7ca-a4b3189e2292&gdpr=0&gdpr_consent=
https://inmobi-match.dotomi.com/match/bounce/current?networkId=98193&version=1&gdpr=0&gdpr_consent=
https://inmobi-match.dotomi.com/match/bounce/current?DotomiTest=5d03055a0ddd20cd&is_secure=true&networkId=98193&version=1&gdpr=0&gdpr_consent=
https://id5-sync.com/k/822.gif?puid=AAAJng4f8S-73AN8kXkCAAAAAAA&expiration=1676917828&is_secure=true&gdpr_consent=&gdpr=0
https://ps.eyeota.net/match?gdpr=0&gdpr_consent=&bid=1mpr7m0&r=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F123%2F2%2F6.gif%3Fpuid%3D%7BUUID%7D%26gdpr%3D0%26gdpr_consent%3D
https://ps.eyeota.net/match/bounce/?gdpr=0&gdpr_consent=&bid=1mpr7m0&r=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F123%2F2%2F6.gif%3Fpuid%3D%7BUUID%7D%26gdpr%3D0%26gdpr_consent%3D
https://id5-sync.com/c/464/123/2/6.gif?puid=1866af11093-ca6000001084fc7&gdpr=0&gdpr_consent=
https://uipglob.semasio.net/id5/1/get?gdpr=0&gdpr_consent=&_url=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F112%2F1%2F7.gif%3Fpuid%3D%24%7BUIPID%7D%26gdpr%3D0%26gdpr_consent%3D
https://id5-sync.com/c/464/112/1/7.gif?puid=982A830EA7560F42&gdpr=0&gdpr_consent=
https://token.rubiconproject.com/token?pid=49266&puid={ID5UID}&gdpr=0&gdpr_consent=
https://id5-sync.com/k/285.gif?puid=LEBQ4TFN-V-CH0S&gdpr=0
https://sync.taboola.com/sg/id5-network/1/rtb-h/?taboola_hm=ID5-21701bkn3iEHsZto4RA2zK8EovKNqiQdjFG3_HrYKQ

0
229 B

4ms
3ms

Image
text/plain

141.226.229.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.taboola.com/sg/id5-network/1/rtb-h/?taboola_hm=ID5-21701bkn3iEHsZto4RA2zK8EovKNqiQdjFG3_HrYKQ
Protocol: H2
Server: 141.226.229.48 , Singapore, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sun, 19 Feb 2023 18:30:29 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 9192

Redirect headers

location: https://sync.taboola.com/sg/id5-network/1/rtb-h/?taboola_hm=ID5-21701bkn3iEHsZto4RA2zK8EovKNqiQdjFG3_HrYKQ
date: Sun, 19 Feb 2023 18:30:29 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
transfer-encoding: chunked
p3p: CP="CAO PSA OUR"

GET
H2

200

rtb-h
sync-t1.taboola.com/sg/bidswitch-network/1/ Frame 462E
Redirect Chain

https://x.bidswitch.net/sync?ssp=taboola&gdpr=0&gdpr_consent=&us_privacy=
https://sync-dsp.ad-m.asia/dsp/api/sync/send?s=bidswitch&bidswitch_ssp_id=taboola
https://sync-dsp.ad-m.asia/dsp/api/sync/send?s=bidswitch&bidswitch_ssp_id=taboola&uid-set=1
https://sync-tapi.admatrix.jp/data/sync.jsp?rd=https%3A%2F%2Fsync%2Ddsp%2Ead%2Dm%2Easia%2Fdsp%2Fapi%2Fsync%2Fsend%3Fs%3Dbidswitch%26bidswitch%5Fssp%5Fid%3Dtaboola%26uid%2Dset%3D1%26auid%3D
https://sync-dsp.ad-m.asia/dsp/api/sync/send?s=bidswitch&bidswitch_ssp_id=taboola&uid-set=1&auid=e8a68940-5f68-4b4e-bc1f-44b597c5a0ba
https://x.bidswitch.net/sync?dsp_id=96&user_id=pQJn-vP8b4a-Wg&ssp=taboola
https://sync-t1.taboola.com/sg/bidswitch-network/1/rtb-h?taboola_hm=91f5f182-b782-4407-985c-6593dbbf178e

0
229 B

4ms
3ms

Image
text/plain

141.226.229.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync-t1.taboola.com/sg/bidswitch-network/1/rtb-h?taboola_hm=91f5f182-b782-4407-985c-6593dbbf178e
Protocol: H2
Server: 141.226.229.48 , Singapore, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sun, 19 Feb 2023 18:30:28 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 3991

Redirect headers

Location: //sync-t1.taboola.com/sg/bidswitch-network/1/rtb-h?taboola_hm=91f5f182-b782-4407-985c-6593dbbf178e
Date: Sun, 19 Feb 2023 18:30:28 GMT
Cache-Control: no-cache, no-store, must-revalidate
Server: nginx
Connection: keep-alive
Content-Length: 0

GET
H2

200

rtb-h
match.taboola.com/sg/mediaforcebidder-network/1/ Frame 462E
Redirect Chain

https://rtb.mfadsrvr.com/sync?ssp=taboola
https://rtb.mfadsrvr.com/ul_cb/sync?ssp=taboola
https://sync.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=4486edcc-f9c8-41c6-a12b-0b9ea78122ca
https://match.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=4486edcc-f9c8-41c6-a12b-0b9ea78122ca&tbid=e4cf3f0e-bd77-425e-bf08-fa04f2579f2e-tuctaebf03c&query=taboola_hm%3D4486edcc-f9c8-...

0
76 B

15ms
13ms

Image
text/plain

151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=4486edcc-f9c8-41c6-a12b-0b9ea78122ca&tbid=e4cf3f0e-bd77-425e-bf08-fa04f2579f2e-tuctaebf03c&query=taboola_hm%3D4486edcc-f9c8-41c6-a12b-0b9ea78122ca&isDirect=0
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/horoscope/73929/
Protocol: H2
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

x-cache-hits: 0
date: Sun, 19 Feb 2023 18:30:27 GMT
via: 1.1 varnish
server: nginx
x-timer: S1676831427.248429,VS0,VE2
x-cache: MISS
accept-ranges: bytes
content-length: 0
x-served-by: cache-qpg1249-QPG

Redirect headers

location: https://match.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=4486edcc-f9c8-41c6-a12b-0b9ea78122ca&tbid=e4cf3f0e-bd77-425e-bf08-fa04f2579f2e-tuctaebf03c&query=taboola_hm%3D4486edcc-f9c8-41c6-a12b-0b9ea78122ca&isDirect=0
date: Sun, 19 Feb 2023 18:30:27 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 5229

GET
H2 200 sd
u.openx.net/w/1.0/ Frame 462E 43 B
106 B 13ms
7ms Image
image/gif 34.98.64.218
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://u.openx.net/w/1.0/sd?id=543998486&val=e4cf3f0e-bd77-425e-bf08-fa04f2579f2e-tuctaebf03c&gdpr=0&gdpr_consent=
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/horoscope/73929/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 19 Feb 2023 18:30:22 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2

200

xuid
eb2.3lift.com/ Frame 462E
Redirect Chain

https://eb2.3lift.com/xuid?mid=7772&xuid=e4cf3f0e-bd77-425e-bf08-fa04f2579f2e-tuctaebf03c&dongle=tbla
https://eb2.3lift.com/xuid?ld=1&mid=7772&xuid=e4cf3f0e-bd77-425e-bf08-fa04f2579f2e-tuctaebf03c&dongle=tbla&gdpr=0&cmp_cs=&us_privacy=

37 B
354 B

6ms
5ms

Image
image/gif

52.223.2.229
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?ld=1&mid=7772&xuid=e4cf3f0e-bd77-425e-bf08-fa04f2579f2e-tuctaebf03c&dongle=tbla&gdpr=0&cmp_cs=&us_privacy=
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/horoscope/73929/
Protocol: H2
Server: 52.223.2.229 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ade9ecc7904667038.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

content-type: image/gif
date: Sun, 19 Feb 2023 18:30:23 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location: /xuid?ld=1&mid=7772&xuid=e4cf3f0e-bd77-425e-bf08-fa04f2579f2e-tuctaebf03c&dongle=tbla&gdpr=0&cmp_cs=&us_privacy=
date: Sun, 19 Feb 2023 18:30:23 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H2 200 sync
visitor.omnitagjs.com/visitor/ Frame 462E 49 B
386 B 897ms
226ms Image
image/gif 52.43.45.49
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://visitor.omnitagjs.com/visitor/sync?uid=54ac1f569912e3c4967bf7b5df910a44&name=TABOOLA&visitor=[BUYER_USERID]&external=true

Requested by

Host: www.sanook.com
URL: https://www.sanook.com/horoscope/73929/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.43.45.49 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-43-45-49.us-west-2.compute.amazonaws.com

Software

Resource Hash

d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 19 Feb 2023 18:30:23 GMT
via: kong/2.8.3
x-content-type-options: nosniff
x-kong-proxy-latency: 0
vary: Accept-Encoding
p3p: CP="CAO PSA OUR"
content-type: image/gif
x-kong-upstream-latency: 14
cache-control: no-cache, no-store, must-revalidate
content-length: 49
expires: 0

GET
H2

204

rtb-h
sync.taboola.com/sg/stackadaptrtb-network/1/ Frame 462E
Redirect Chain

https://sync.srv.stackadapt.com/sync?nid=140
https://sync.taboola.com/sg/stackadaptrtb-network/1/rtb-h?taboola_hm=GRlqTZV3QLxvc_FbQVJP0mf-mdI

0
220 B

4ms
4ms

Image
text/plain

141.226.229.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.taboola.com/sg/stackadaptrtb-network/1/rtb-h?taboola_hm=GRlqTZV3QLxvc_FbQVJP0mf-mdI
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/horoscope/73929/
Protocol: H2
Server: 141.226.229.48 , Singapore, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sun, 19 Feb 2023 18:30:23 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 5921

Redirect headers

Location: https://sync.taboola.com/sg/stackadaptrtb-network/1/rtb-h?taboola_hm=GRlqTZV3QLxvc_FbQVJP0mf-mdI
Date: Sun, 19 Feb 2023 18:30:23 GMT
Connection: keep-alive
Content-Length: 119
Content-Type: text/html; charset=utf-8

GET
H2

204

/
csync.loopme.me/ Frame 462E
Redirect Chain

https://x.bidswitch.net/sync?dsp_id=453&user_id=e4cf3f0e-bd77-425e-bf08-fa04f2579f2e-tuctaebf03c&gdpr=0&gdpr_consent=&us_privacy=
https://csync.loopme.me/?partner_id=1196&uid=91f5f182-b782-4407-985c-6593dbbf178e&vt=&gdpr=0&gdpr_consent=&gdpr_pd=&us_privacy=

0
156 B

563ms
188ms

Image
text/plain

35.214.223.115
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://csync.loopme.me/?partner_id=1196&uid=91f5f182-b782-4407-985c-6593dbbf178e&vt=&gdpr=0&gdpr_consent=&gdpr_pd=&us_privacy=
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/horoscope/73929/
Protocol: H2
Server: 35.214.223.115 Groningen, Netherlands, ASN15169 (GOOGLE, US),
Reverse DNS: 115.223.214.35.bc.googleusercontent.com
Software: _ /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sun, 19 Feb 2023 18:30:23 GMT
server: _

Redirect headers

Location: //csync.loopme.me/?partner_id=1196&uid=91f5f182-b782-4407-985c-6593dbbf178e&vt=&gdpr=0&gdpr_consent=&gdpr_pd=&us_privacy=
Date: Sun, 19 Feb 2023 18:30:23 GMT
Cache-Control: no-cache, no-store, must-revalidate
Server: nginx
Connection: keep-alive
Content-Length: 0

GET
H2 200 sync
t.adx.opera.com/ Frame 462E 35 B
468 B 1250ms
194ms Image
image/gif 82.145.213.8
NO-OPERA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t.adx.opera.com/sync?vendor=60151&uid=e4cf3f0e-bd77-425e-bf08-fa04f2579f2e-tuctaebf03c
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/horoscope/73929/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 82.145.213.8 , Norway, ASN39832 (NO-OPERA, NO),
Reverse DNS: n-sysadmin-jumpbox-03.feednews.opera.technology
Software: Tengine /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 19 Feb 2023 18:30:24 GMT
server: Tengine
access-control-allow-methods: POST, GET
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, accept, origin, Cache-Control, X-Requested-With
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2

200

/
sync-t1.taboola.com/sg/openxrtb-network/1/rtb-h/ Frame 462E
Redirect Chain

https://u.openx.net/w/1.0/cm?gdpr=0&gdpr_consent=&ph=295bf259-a378-4089-aae8-a2a995ba8627&id=37f45540-fa88-4005-bf73-8a7ac39467e3&r=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fopenxrtb-network%2F1%2Fr...
https://sync-t1.taboola.com/sg/openxrtb-network/1/rtb-h/?gdpr=0&us_privacy=1---&orig=video&taboola_hm=3e8f14b1-5359-0a1b-1f73-bdd4402cb637

0
229 B

4ms
4ms

Image
text/plain

141.226.229.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync-t1.taboola.com/sg/openxrtb-network/1/rtb-h/?gdpr=0&us_privacy=1---&orig=video&taboola_hm=3e8f14b1-5359-0a1b-1f73-bdd4402cb637
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/horoscope/73929/
Protocol: H2
Server: 141.226.229.48 , Singapore, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sun, 19 Feb 2023 18:30:23 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 6364

Redirect headers

date: Sun, 19 Feb 2023 18:30:23 GMT
content-encoding: gzip
via: 1.1 google
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
content-type: image/gif
location: https://sync-t1.taboola.com/sg/openxrtb-network/1/rtb-h/?gdpr=0&us_privacy=1---&orig=video&taboola_hm=3e8f14b1-5359-0a1b-1f73-bdd4402cb637
p3p: CP="CUR ADM OUR NOR STA NID"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 cds-pips.js Show response
cdn.taboola.com/scripts/ 3 KB
2 KB 7ms
3ms Script
application/javascript 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/scripts/cds-pips.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230213-19_b7-PR-53447-DEV-119237-display-to-native-feed-desktop-rollout-e3e866e8b75.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 3e7d49f24d56db02c7baca8ae3a17555c2e527571450e8c24c77b453407e267a

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

x-amz-version-id: z5FoayaLm_Bvew3pbkytkoHczFCvkPwT
content-encoding: gzip
via: 1.1 varnish
date: Sun, 19 Feb 2023 18:30:22 GMT
x-amz-request-id: QV0Q5RR87E2YR4EN
age: 3024
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 1340
x-amz-id-2: vJTQkM+jrrvxBm/aoGScw674BbRmeFX8zLsDfSQNmDNeqaI62+HgvuPwUtMMvH4R43XoOwwc4aY=
x-served-by: cache-qpg1249-QPG
last-modified: Wed, 12 Oct 2022 13:57:57 GMT
server: AmazonS3
x-timer: S1676831423.797171,VS0,VE0
etag: "383fa66d2a0a09f4a6e64a9593ad43bb"
vary: Accept-Encoding
content-type: application/javascript
abp: 90
access-control-allow-origin: *
cache-control: private, max-age=3600
accept-ranges: bytes
x-cache-hits: 8201

GET
H2 200 eid.es5.js Show response
cdn.taboola.com/scripts/ 17 KB
7 KB 7ms
4ms Script
application/javascript 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/scripts/eid.es5.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230213-19_b7-PR-53447-DEV-119237-display-to-native-feed-desktop-rollout-e3e866e8b75.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 5dafe8b74bfd8567ceb1372730a1fbf9b6c585bfb52a64032f6a37a1df7a522c

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

x-amz-version-id: s267fsNTlQZoIUop6vOPkT.WzN.oCb4n
content-encoding: gzip
via: 1.1 varnish
date: Sun, 19 Feb 2023 18:30:22 GMT
x-amz-request-id: DYNKPK3YYTVADNHA
age: 22008
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 6472
x-amz-id-2: f97sL6jH3qUcWP3vLUECivPm3n14xX8FPYKl7lAxF5FGItEh7EwRrsDR2bEiglHk4sDehb2VclN4SC1RPMv1+w==
x-served-by: cache-qpg1249-QPG
last-modified: Mon, 26 Dec 2022 14:02:08 GMT
server: AmazonS3
x-timer: S1676831423.797149,VS0,VE0
etag: "df82da09581e0f287e5655fe47ceb559"
vary: Accept-Encoding
content-type: application/javascript
abp: 90
access-control-allow-origin: *
cache-control: private,max-age=14400
accept-ranges: bytes
x-cache-hits: 162879

GET
H2 200 fraud-detect.js Show response
cdn.taboola.com/scripts/ 121 B
362 B 8ms
4ms Script
application/javascript 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/scripts/fraud-detect.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230213-19_b7-PR-53447-DEV-119237-display-to-native-feed-desktop-rollout-e3e866e8b75.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 392c32f20b9f867852a946a6ed1c5e21476df9619083548b6585d80a3b5f9bd4

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

x-amz-version-id: vOXBAr_FxKHpU348.XTQhP6DWnVyKple
content-encoding: gzip
via: 1.1 varnish
date: Sun, 19 Feb 2023 18:30:22 GMT
x-amz-request-id: 5MDXMNKFW04MKKJ0
age: 5244
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 125
x-amz-id-2: i+U6AzpyYk+QaQTs2aVvQr4xo06/ycjkaap0+v0tNzVVCAVXhRlTXjB1BICrpoGIYFj2yGJQj4k=
x-served-by: cache-qpg1249-QPG
last-modified: Thu, 15 Dec 2022 16:50:08 GMT
server: AmazonS3
x-timer: S1676831423.797288,VS0,VE0
etag: "f7a185d92ac2162dc0bc36c5d7ef7dfe"
vary: Accept-Encoding
content-type: application/javascript
abp: 90
access-control-allow-origin: *
cache-control: private,max-age=14400
accept-ranges: bytes
x-cache-hits: 12520

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 5782 0
0 11ms
9ms Fetch
image/gif 2404:6800:4003:c06::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssHibCEnXbjAQGeovn8kErqS3p9v--kLofdVb5XkrD5G2DYMLv1nSaWlWXfbs-2H4tSfCkkBpLXz7khOJGzjuEudog41vQamBsPqsoB--QqMEct8j2j9ysERe0JDBr8XsY2C9HOxOPxFmk0gaHKC_XW-IpOw9eRq8qeBupzDh5ERSpys0Qez5cDwBhNm-ZtORsbAoXKWv5B0iFWDZacB8ISjv3vbAiyXZmJqUzzsScmmzeOgThRY_V5scQxPkBxTl-QDuZ5JoKDgKrIYcc6oLV-6X9o7NmwFkd0wXRAmPWxSV1V6cdySi4Y_GoF4H2ZJja3y-XJ_H13aQmFbyBC4fnskAts-4NzngpyqsCyzkICQWv8lMS8VZQ&sai=AMfl-YTwRUIAMumDGhM4ROm14fqz1jEi8LyRyYQsWek8c2jhoM2wAy4e4SmXWJWQXWc1_elh30brHc8HjhF6P-2tAIt1jWDf1B5MTIHmuwn13Yk8ZLyXrKgdA9AdqiDcH-c&sig=Cg0ArKJSzKgODxirOn4NEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c06::9a , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sun, 19 Feb 2023 18:30:22 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sun, 19 Feb 2023 18:30:22 GMT

GET
H/1.1 200
OK analytics.js Show response
s.acexedge.com/2/tm75/ Frame DF77 6 KB
3 KB 24ms
4ms Script
text/javascript 3.0.71.181
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://s.acexedge.com/2/tm75/analytics.js?pp=94706&si=437230&di=www.sanook.com&ac=718694&pc=2537431&ai=4118259245&dm=15&ti=aa10bc0c-d5ef-4a5c-9e32-63ccd44b4d15.1&ui=&cb=-746748808518054223&sr=540353017&c2=1&r6=cc7549a53275a71efee9e4d8effbb10c&dt=2926111444050714666007&md=DISPLAY&account_id=461003&ap=

Requested by

Host: playtime.tubemogul.com
URL: https://playtime.tubemogul.com/ud/prod/ad_plugins/release/displayproxy-20201012.js?auction_id=aa10bc0c-d5ef-4a5c-9e32-63ccd44b4d15.1

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

3.0.71.181 , Singapore, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-0-71-181.ap-southeast-1.compute.amazonaws.com

Software

Resource Hash

20768f3534a18f932b42dd132cc3964b3fb5ca731579d59c9e87743f25f3fb00

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 19 Feb 2023 18:30:21 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Encoding: gzip
Accept-Ch: Viewport-Width, Viewport-Height, Width, DPR, RTT, ECT, Device-Memory, Downlink, Save-Data
Vary: *
Content-Type: text/javascript; charset=utf-8
Cache-Control: no-cache, no-store, must-revalidate, no-transform, private, max-age=0
Timing-Allow-Origin: *
Content-Length: 2924
Expires: 0

GET
H/1.1 200
OK / Show response
servedby.flashtalking.com/imp/8/177020;7173220;201;js;AdobeAdCloud;UOBPTCTCEITAllcards01Feb2023300x250jpg/ Frame 7256 2 KB
1 KB 91ms
78ms Script
text/javascript 104.69.96.220
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://servedby.flashtalking.com/imp/8/177020;7173220;201;js;AdobeAdCloud;UOBPTCTCEITAllcards01Feb2023300x250jpg/?ftx=&fty=&ftadz=&ftscw=&AdobeAMO=ef_id%3D%3A20230219133021%3Ad%26s_kwcid%3DAC!UxLyjyYnV5nvCPPmqrnW!ffrGpMNo1Yg58HHCJ0wl&ft_custom=&ftOBA=1&ft_agentEnv=0&ft_referrer=about%3Ablank&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}&ft_partnerimpid=aa10bc0c-d5ef-4a5c-9e32-63ccd44b4d15.1&cachebuster=179385.6088078454

Requested by

Host: www.sanook.com
URL: https://www.sanook.com/horoscope/73929/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

104.69.96.220 , Singapore, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-69-96-220.deploy.static.akamaitechnologies.com

Software

prod-xre-app4.tky11 /

Resource Hash

fcc569e0550fa55e6f326144001a426b4e4a24097559f04d580d4dd8d9cb8a2e

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 19 Feb 2023 18:30:22 GMT
Content-Encoding: gzip
Strict-Transport-Security: max-age=86400
Server: prod-xre-app4.tky11
Vary: Accept-Encoding
Content-Type: text/javascript;charset=ISO-8859-1
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 774
Expires: Sun, 19 Feb 2023 18:30:22 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame DF77
Redirect Chain

https://rtd-tm.everesttech.net/upi/?sid=fxdmJHx6UCmHnfYFqSiO&cs=1
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_push&google_sc&google_hm=WS1KcXZRQUdvUXpEZFFCaA

170 B
188 B

10ms
9ms

Image
image/png

74.125.24.156
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_push&google_sc&google_hm=WS1KcXZRQUdvUXpEZFFCaA

Requested by

Host: www.sanook.com
URL: https://www.sanook.com/horoscope/73929/

Protocol

Server

74.125.24.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sf-in-f156.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 19 Feb 2023 18:30:23 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

x-served-by: cache-bkk2310023-BKK
pragma: no-cache
date: Sun, 19 Feb 2023 18:30:23 GMT
via: 1.1 varnish
server: Jetty(9.4.35.v20201120)
x-timer: S1676831423.828184,VS0,VE247
x-cache: MISS
p3p: CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
access-control-allow-origin: *
location: https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_push&google_sc&google_hm=WS1KcXZRQUdvUXpEZFFCaA
cache-control: no-cache
accept-ranges: bytes
content-length: 0
x-cache-hits: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame DF77
Redirect Chain

https://rtd-tm.everesttech.net/upi/?sid=YjD1CCXtw6VH7UAXjHCH&cs=1
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_push&google_sc&google_hm=WS1KcXZRQUdvUXpEZFFCaA

170 B
188 B

8ms
7ms

Image
image/png

74.125.24.156
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_push&google_sc&google_hm=WS1KcXZRQUdvUXpEZFFCaA

Requested by

Host: www.sanook.com
URL: https://www.sanook.com/horoscope/73929/

Protocol

Server

74.125.24.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sf-in-f156.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 19 Feb 2023 18:30:23 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

x-served-by: cache-bkk2310023-BKK
pragma: no-cache
date: Sun, 19 Feb 2023 18:30:23 GMT
via: 1.1 varnish
server: Jetty(9.4.35.v20201120)
x-timer: S1676831423.828263,VS0,VE262
x-cache: MISS
p3p: CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
access-control-allow-origin: *
location: https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_push&google_sc&google_hm=WS1KcXZRQUdvUXpEZFFCaA
cache-control: no-cache
accept-ranges: bytes
content-length: 0
x-cache-hits: 0

GET
H2

200

PYUnd1ve
rtd-tm.everesttech.net/upi/extseg/pid/ Frame DF77
Redirect Chain

https://pixel.quantserve.com/seg/r;a=p-T1mksRPv1rGRh;rand=-746748808518054223;redirecturl=https%3A%2F%2Frtd-tm.everesttech.net%2Fupi%2Fextseg%2Fpid%2FPYUnd1ve%3Fsid%3D!qcsegs
https://rtd-tm.everesttech.net/upi/extseg/pid/PYUnd1ve?sid=D

0
112 B

290ms
289ms

Image
text/plain

151.101.130.49
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtd-tm.everesttech.net/upi/extseg/pid/PYUnd1ve?sid=D
Requested by: Host: 980f4f4d67287649793d18d60622bf76.safeframe.googlesyndication.com
URL: https://980f4f4d67287649793d18d60622bf76.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Server: 151.101.130.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Jetty(9.4.35.v20201120) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

x-served-by: cache-bkk2310023-BKK
pragma: no-cache
date: Sun, 19 Feb 2023 18:30:23 GMT
via: 1.1 varnish
server: Jetty(9.4.35.v20201120)
x-timer: S1676831423.892734,VS0,VE259
x-cache: MISS
p3p: CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
access-control-allow-origin: *
cache-control: no-cache
accept-ranges: bytes
content-length: 0
x-cache-hits: 0

Redirect headers

location: https://rtd-tm.everesttech.net/upi/extseg/pid/PYUnd1ve?sid=D
pragma: no-cache
date: Sun, 19 Feb 2023 18:30:22 GMT
cache-control: private, no-cache, no-store, proxy-revalidate
strict-transport-security: max-age=86400
content-length: 0
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2 200 p-T1mksRPv1rGRh.gif
pixel.quantserve.com/pixel/ Frame DF77 35 B
210 B 9ms
5ms Image
image/gif 2620:116:800e:21:36b5:1576:d999:6e52
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.quantserve.com/pixel/p-T1mksRPv1rGRh.gif

Requested by

Host: 980f4f4d67287649793d18d60622bf76.safeframe.googlesyndication.com
URL: https://980f4f4d67287649793d18d60622bf76.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800e:21:36b5:1576:d999:6e52 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Sun, 19 Feb 2023 18:30:22 GMT
cache-control: private, no-cache, no-store, proxy-revalidate
strict-transport-security: max-age=86400
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2

200

qmap
sync.crwdcntrl.net/ Frame DF77
Redirect Chain

https://sync.crwdcntrl.net/qmap?c=1811&tp=TBMG&tpid=&gdpr=0&gdpr_consent=
https://sync.crwdcntrl.net/qmap?c=1811&tp=TBMG&tpid=&gdpr=0&gdpr_consent=&ct=y

49 B
264 B

7ms
7ms

Image
image/gif

52.220.69.171
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.crwdcntrl.net/qmap?c=1811&tp=TBMG&tpid=&gdpr=0&gdpr_consent=&ct=y
Requested by: Host: 980f4f4d67287649793d18d60622bf76.safeframe.googlesyndication.com
URL: https://980f4f4d67287649793d18d60622bf76.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Server: 52.220.69.171 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-220-69-171.ap-southeast-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 19 Feb 2023 18:30:22 GMT
server: Jetty(9.4.38.v20210224)
content-type: image/gif
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: *
cache-control: no-cache
x-server: 10.42.18.12
content-length: 49
expires: 0

Redirect headers

pragma: no-cache
date: Sun, 19 Feb 2023 18:30:22 GMT
server: Jetty(9.4.38.v20210224)
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location: https://sync.crwdcntrl.net/qmap?c=1811&tp=TBMG&tpid=&gdpr=0&gdpr_consent=&ct=y
cache-control: no-cache
x-server: 10.42.12.137
content-length: 0
expires: 0

GET
H2 200 renderstart
statsf-tm.everesttech.net/stats/1/ Frame DF77 85 B
227 B 295ms
291ms Image
image/png 151.101.130.49
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://statsf-tm.everesttech.net/stats/1/renderstart?vinst=t&cpKey=ffrGpMNo1Yg58HHCJ0wl&adKey=UxLyjyYnV5nvCPPmqrnW&price=&did=&conn=unknown&rt=HTML5&s=H4sIAAAAAAAAAAHwAA__fZj7jugmJ2Uo-qWnXEb2boN3huSnfnXdhIz7mWMDBslNt-uriKpSdMAwe_5YUiTTNrhZMenEUbwyro3MCV1nvV4eSIzysznsAScd_UpVHhMS8X4PNlmQw9m1YuSD8hDcdWVjYCb2MGy9qpt3Y-RuMVG3joEmf0543zoobYM7MmQTKjbw9G6pnfrkwKZoJcINELaHP4bM2bxMh1HBqjjRHic2uIcIoEzsgfxOOf12deDIixLHvkxZQ2D2Y9ykns-dbqC51NqEaXsOpG46Q8LzhLsL-N1D4-5BxfVxgBsOqr5GvaZ-Jm552B2bBt7nF9E1DqO1FPAAAAA&date=1676831421510&auth=53b94bdb86f5102057e2534e57c9199d&mpKey=Kxj2ilefT2dP544VKFNQ&sessId=aa10bc0c-d5ef-4a5c-9e32-63ccd44b4d15.1&seller_id=540353017&psId=naoDlBlH0O8G6nt8hTUu&env=site&didtype=UNK&bi=B09NsxsXe0W_W5qLpiV796RiuWS-L-IeUzJndEcZAS501dop2yn7E0i52PVJzJi0JB0cfX-TJ-JHerzJK_s7di8J9RV5yJmtzd4Qe8m1o7xq8vELc-H__I0f3oI3wRee5AT9xMz1InD0JW8WnSLi5EJurlQ9iQoXdkE9W9qAZbLFuwyB3odmc5TMEHttw24jqULi6ox07UVn5AZWy6VBP9azhU4DO3iac2uRGL46IPznVDA1HJzl-iYtMX8sqHDO8_R&PG=F&burl=about%3Ablank&rurl=https%3A%2F%2Fwww.sanook.com&astv=20220412&apv=B20201012
Requested by: Host: 980f4f4d67287649793d18d60622bf76.safeframe.googlesyndication.com
URL: https://980f4f4d67287649793d18d60622bf76.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.130.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Jetty(9.4.35.v20201120) /
Resource Hash: acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

x-cache-hits: 0
date: Sun, 19 Feb 2023 18:30:23 GMT
via: 1.1 varnish
x-pt: P=352
x-cache: MISS
p3p: CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
x-region: Asia
content-length: 85
x-served-by: cache-bkk2310023-BKK
pragma: no-cache
server: Jetty(9.4.35.v20201120)
content-type: image/png
access-control-allow-origin: *
cache-control: no-cache
accept-ranges: bytes
expires: Sun, 19 Feb 2023 18:30:22 UTC

GET
H2 200 rendercomplete
statsf-tm.everesttech.net/stats/1/ Frame DF77 85 B
172 B 796ms
793ms Image
image/png 151.101.130.49
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://statsf-tm.everesttech.net/stats/1/rendercomplete?vinst=t&cpKey=ffrGpMNo1Yg58HHCJ0wl&adKey=UxLyjyYnV5nvCPPmqrnW&price=&did=&conn=unknown&rt=HTML5&s=H4sIAAAAAAAAAAHwAA__fZj7jugmJ2Uo-qWnXEb2boN3huSnfnXdhIz7mWMDBslNt-uriKpSdMAwe_5YUiTTNrhZMenEUbwyro3MCV1nvV4eSIzysznsAScd_UpVHhMS8X4PNlmQw9m1YuSD8hDcdWVjYCb2MGy9qpt3Y-RuMVG3joEmf0543zoobYM7MmQTKjbw9G6pnfrkwKZoJcINELaHP4bM2bxMh1HBqjjRHic2uIcIoEzsgfxOOf12deDIixLHvkxZQ2D2Y9ykns-dbqC51NqEaXsOpG46Q8LzhLsL-N1D4-5BxfVxgBsOqr5GvaZ-Jm552B2bBt7nF9E1DqO1FPAAAAA&date=1676831421510&auth=53b94bdb86f5102057e2534e57c9199d&mpKey=Kxj2ilefT2dP544VKFNQ&sessId=aa10bc0c-d5ef-4a5c-9e32-63ccd44b4d15.1&seller_id=540353017&psId=naoDlBlH0O8G6nt8hTUu&env=site&didtype=UNK&bi=B09NsxsXe0W_W5qLpiV796RiuWS-L-IeUzJndEcZAS501dop2yn7E0i52PVJzJi0JB0cfX-TJ-JHerzJK_s7di8J9RV5yJmtzd4Qe8m1o7xq8vELc-H__I0f3oI3wRee5AT9xMz1InD0JW8WnSLi5EJurlQ9iQoXdkE9W9qAZbLFuwyB3odmc5TMEHttw24jqULi6ox07UVn5AZWy6VBP9azhU4DO3iac2uRGL46IPznVDA1HJzl-iYtMX8sqHDO8_R&PG=F&burl=about%3Ablank&rurl=https%3A%2F%2Fwww.sanook.com&astv=20220412&apv=B20201012
Requested by: Host: 980f4f4d67287649793d18d60622bf76.safeframe.googlesyndication.com
URL: https://980f4f4d67287649793d18d60622bf76.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.130.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Jetty(9.4.35.v20201120) /
Resource Hash: acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

x-cache-hits: 0
date: Sun, 19 Feb 2023 18:30:23 GMT
via: 1.1 varnish
x-pt: P=402
x-cache: MISS
p3p: CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
x-region: Asia
content-length: 85
x-served-by: cache-bkk2310023-BKK
pragma: no-cache
server: Jetty(9.4.35.v20201120)
content-type: image/png
access-control-allow-origin: *
cache-control: no-cache
accept-ranges: bytes
expires: Sun, 19 Feb 2023 18:30:23 UTC

GET
H2 200 aac_viewability-ab8b7a.js Show response
playtime.tubemogul.com/ud/prod/pullins/ Frame DF77 14 KB
5 KB 44ms
41ms Script
text/javascript 117.18.232.64
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://playtime.tubemogul.com/ud/prod/pullins/aac_viewability-ab8b7a.js
Requested by: Host: playtime.tubemogul.com
URL: https://playtime.tubemogul.com/ud/prod/ad_plugins/release/displayproxy-20201012.js?auction_id=aa10bc0c-d5ef-4a5c-9e32-63ccd44b4d15.1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 117.18.232.64 , Australia, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (hkc/BD32) /
Resource Hash: 0a935bcb26d17b1f20321b7c5e101597e8288c386b3e007778b5675a3fd032ef

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sun, 19 Feb 2023 18:30:22 GMT
content-encoding: gzip
last-modified: Tue, 11 Feb 2020 01:39:46 GMT
server: ECAcc (hkc/BD32)
age: 37346
etag: "1983306799"
vary: Accept-Encoding
x-cache: HIT
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400
accept-ranges: bytes
content-length: 4789
expires: Mon, 20 Feb 2023 18:30:22 GMT

POST
H2 200 wl Show response
t.pubmatic.com/ 17 B
93 B 3ms
2ms XHR
text/plain 103.231.98.201
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://t.pubmatic.com/wl?pubid=155976
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/horoscope/73929/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 103.231.98.201 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: 0d111d61901004eafd87c672f12f6cd54b3c376513aa672bf58100506dfe76f5

Request headers

Referer: https://www.sanook.com/
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Sun, 19 Feb 2023 18:30:22 GMT
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://www.sanook.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 17
expires: 0

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame C174 1 KB
643 B 4ms
3ms Document
text/html 2404:6800:4003:c03::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: 980f4f4d67287649793d18d60622bf76.safeframe.googlesyndication.com
URL: https://980f4f4d67287649793d18d60622bf76.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::9a , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://980f4f4d67287649793d18d60622bf76.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

age: 83804
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 18 Feb 2023 19:13:38 GMT
etag: 48472445140208031
expires: Sun, 19 Feb 2023 19:13:38 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 40E8 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8841e8957a5b54d710ee54afcec3e673b02fd670026c611bfd7d98612652611d

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Content-Type: image/png

POST
H2 200 wl Show response
t.pubmatic.com/ 17 B
93 B 6ms
5ms XHR
text/plain 103.231.98.201
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://t.pubmatic.com/wl?pubid=155976
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/horoscope/73929/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 103.231.98.201 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: 0d111d61901004eafd87c672f12f6cd54b3c376513aa672bf58100506dfe76f5

Request headers

Referer: https://www.sanook.com/
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Sun, 19 Feb 2023 18:30:22 GMT
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://www.sanook.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 17
expires: 0

GET
DATA 200
OK truncated
/ Frame 73CA 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5a543f1b1066a6d481d920a1761e0ad96618e07edbfa74a323a1e2fef5969e70

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 019F 0
0 8ms
7ms Fetch
image/gif 2404:6800:4003:c06::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsulU1qgl7gXb88KFdNlu0G_mYXxVGAkQttKg4Q0M01Jm8mdpz9qTWwn_3AWR0DXDvAdsc4nGiM37R0ihuKSjTGtAo4Qy-3Wlmlk9XwlpDN_vSW_NNr7aJfzaWqr4o__0aPkKttNe4vEygC2VDzaFfZihY0olcK0wl2JvGQMBsb4E61Op01Kg5zhCWp3q6b2PyMJrTDlrA5xK8U3tMiGWpUtUP2Bm1itC8J2B9X0CxZBmsNyDXOBYdHce0kpDhb517Z-9dAFGTtsjqxL98qJuP2Zp-1U07DWOYRqeHrBQsioOnqm47bwT0ZoHW2u4weE84ymH_m0ufA9HIR39Oq_qidGaM5hSP7nsJY2oqjZ-06mmQ&sai=AMfl-YRarFEYcxtFZvqUCRlBJuH8I6SRpiUXHnrQX3XF3Xarzi-1wTmjb2dTgwz2QMcbz3U-t-ND5z-VxLB10zSPLLFenzpXKfI65CsgsjTAFJeCcmo-Nd1PTMZSkl2i22E&sig=Cg0ArKJSzKoGhqP1yI4iEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c06::9a , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sun, 19 Feb 2023 18:30:22 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sun, 19 Feb 2023 18:30:22 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame 5730 0
863 B 248ms
246ms Script
text/html 104.254.148.252
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.254.148.252 Los Angeles, United States, ASN29990 (ASN-APPNEX, US),

Reverse DNS

894.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 19 Feb 2023 18:30:23 GMT
AN-X-Request-Uuid: a559ac2d-88e6-4e2d-aff2-5ff11b3257ee
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 103.254.153.210; 103.254.153.210; 894.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

OPTIONS
H2 200 sid
mug.criteo.com/ Frame 0
0 10ms
4ms Preflight
application/json 182.161.73.136
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

182.161.73.136 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: null
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: null
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-type: application/json; charset=utf-8
date: Sun, 19 Feb 2023 18:30:22 GMT
expires: 0
pragma: no-cache
server: Kestrel
server-processing-duration-in-ticks: 261934
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H3 200 integrator.js Show response
adservice.google.com.sg/adsid/ Frame 5782 107 B
122 B 6ms
5ms Script
application/javascript 2404:6800:4003:c03::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com.sg/adsid/integrator.js?domain=www.sanook.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023021501.js?cb=31072498

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::9a , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sun, 19 Feb 2023 18:30:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ Frame 5782 107 B
122 B 9ms
8ms Script
application/javascript 2404:6800:4003:c04::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.sanook.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023021501.js?cb=31072498

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c04::9d , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sun, 19 Feb 2023 18:30:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 5782 37 KB
14 KB 45ms
43ms XHR
text/plain 2404:6800:4003:c06::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1480862139159060&correlator=2446941537192025&eid=31072498%2C31068367&output=ldjh&gdfp_req=1&vrg=2023021501&ptt=17&impl=fif&us_privacy=1---&iu_parts=21710144538%2CDisplay-Bidserv%2CGAM-DSK-sanook.com-Direct-RSwPB-STDB-728x90&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=468x90%7C728x90%7C468x60&ifi=1&adks=3971943601&sfv=1-0-40&click=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjssxYUIKzQKTBCsolEGH3bU4EjhMXjdfqlUYCu-_P90DOa5XptqIozFZrLfavgRn74lkca0gV5lXUSO5Q8wV00FpKQktp8-iRADRbTWKy8P5FyGYys0KwT6vcRviwX8VNozdFUn_vhzZKQCeDfv9BuSPv2-3etyUFmlkxXvHK5oOC0bDykuQypXTZmQkKcWFrvQkDmSJBKlEYypAYPhSocdYG6yYF4lEfHRQoA5bdkWfH-E1op80Y_33l7lnaKqrWrcZu4wA5IF6FcmVu-p-p-PhQ4YWeJBB7x-enZQCFSPHO2mLoOWvKVZFCNH-L2OwmUKvukBapKTMLLFG7elnDEcui6Fs9LJ0rs-raOZSR4pu8hQu%26sai%3DAMfl-YQrIqe1sEP4LGBEPz3AzzXXuEF6sldZhqq2YuW5q8Evi-dK-nVGOn_7yadfiURXrtnUumNKzO9MFUe5rbL5vk3ZlAZahZxoeADydIAL52X2LYcyfwvKZQ18s-xmYc8%26sig%3DCg0ArKJSzL2Jr4QHKYjfEAE%26fbs_aeid%3D%5Bgw_fbsaeid%5D%26urlfix%3D1%26adurl%3D&eri=4&sc=1&cookie=ID%3Dc2e0d5f2d7a4b4ce%3AT%3D1676831420%3AS%3DALNI_MaOWetUvtCK1BdIIekhyMzp_ZtsnA&cdm=www.sanook.com&gpic=UID%3D00000bc64d7b8629%3AT%3D1676831420%3ART%3D1676831420%3AS%3DALNI_Mbq60WvHP_6QowoJUHNzr3lNtEtbA&abxe=1&dt=1676831422981&dlt=1676831421929&idt=758&adxs=235&adys=1163&biw=1600&bih=1200&isw=728&ish=90&scr_x=0&scr_y=0&btvi=0&ucis=81kser7o1yp1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&nhd=1&url=sanook.com&loc=https%3A%2F%2Fwww.sanook.com%2Fhoroscope%2F73929%2F&top=www.sanook.com&frm=23&vis=1&psz=0x0&msz=728x0&fws=256&ohw=0&ea=0&ga_vid=435404951.1676831420&ga_sid=1676831423&ga_hid=1707012315&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023021501.js?cb=31072498

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c06::9a , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f577348b91aa1aa1d13086e3d5c0fc17bee114a26bfb68f457abda926ba4208a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sun, 19 Feb 2023 18:30:23 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14522
x-xss-protection: 0
google-lineitem-id: 6200909200
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138419617829
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.sanook.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 5782 15 KB
11 KB 13ms
11ms XHR
application/json 2404:6800:4003:c03::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2023021501&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023021501.js?cb=31072498

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::9c , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1c7b2b071ffb59246cd3b2a050b24cc459b7d01c2c83b180ad093180b1851aef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sun, 19 Feb 2023 18:30:22 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11401
x-xss-protection: 0

GET
H2 200 container.html Show response
b529ab4d658c81408dbb508f94e32303.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame E6A1 6 KB
3 KB 13ms
5ms Document
text/html 2404:6800:4003:c11::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://b529ab4d658c81408dbb508f94e32303.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023021501.js?cb=31072498

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c11::84 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.sanook.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 19 Feb 2023 18:30:22 GMT
expires: Mon, 19 Feb 2024 18:30:22 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame 0B3F 0
863 B 180ms
180ms Script
text/html 104.254.148.252
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.254.148.252 Los Angeles, United States, ASN29990 (ASN-APPNEX, US),

Reverse DNS

894.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 19 Feb 2023 18:30:23 GMT
AN-X-Request-Uuid: 7818bd38-b2ce-4829-b150-77db4ceaf26e
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 103.254.153.210; 103.254.153.210; 894.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK j-7173220-4205908.js Show response
cdn.flashtalking.com/xre/717/7173220/4205908/js/ Frame 7256 44 KB
12 KB 26ms
6ms Script
text/javascript 104.83.196.48
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.flashtalking.com/xre/717/7173220/4205908/js/j-7173220-4205908.js
Requested by: Host: servedby.flashtalking.com
URL: https://servedby.flashtalking.com/imp/8/177020;7173220;201;js;AdobeAdCloud;UOBPTCTCEITAllcards01Feb2023300x250jpg/?ftx=&fty=&ftadz=&ftscw=&AdobeAMO=ef_id%3D%3A20230219133021%3Ad%26s_kwcid%3DAC!UxLyjyYnV5nvCPPmqrnW!ffrGpMNo1Yg58HHCJ0wl&ft_custom=&ftOBA=1&ft_agentEnv=0&ft_referrer=about%3Ablank&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}&ft_partnerimpid=aa10bc0c-d5ef-4a5c-9e32-63ccd44b4d15.1&cachebuster=179385.6088078454
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.83.196.48 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-83-196-48.deploy.static.akamaitechnologies.com
Software: Flashtalking (AKA) /
Resource Hash: 4213c280f101684d7de8a367cbc72ab06b1546a1b00b463844cea155fbb922cb

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date: Sun, 19 Feb 2023 18:30:23 GMT
Content-Encoding: gzip
Last-Modified: Tue, 31 Jan 2023 12:33:40 GMT
Server: Flashtalking (AKA)
ETag: W/"2666d61aef15cff6e939f1c7fff263cf"
X-FT-Origin: us
Vary: Accept-Encoding
X-Varnish: 468432436
Content-Type: text/javascript; charset=utf-8
Cache-Control: max-age=156
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 11592
Expires: Sun, 19 Feb 2023 18:32:59 GMT

POST
H/1.1 200
OK postback Show response
s.acexedge.com/2/2.88.0/tm75/AdSEhokJDAGp5TnU/ Frame DF77 0
145 B 14ms
3ms XHR
text/plain 3.0.71.181
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.acexedge.com/2/2.88.0/tm75/AdSEhokJDAGp5TnU/postback?oz_pl=1&ci=tm75&pp=94706&si=437230&ai=4118259245&di=www.sanook.com&sr=540353017&account_id=461003&ui=&cb=-746748808518054223&r6=cc7549a53275a71efee9e4d8effbb10c&ap=&ac=718694&pc=2537431&dm=15&md=DISPLAY&ti=aa10bc0c-d5ef-4a5c-9e32-63ccd44b4d15.1&c2=1&dt=2926111444050714666007&_x=1
Requested by: Host: s.acexedge.com
URL: https://s.acexedge.com/2/tm75/analytics.js?pp=94706&si=437230&di=www.sanook.com&ac=718694&pc=2537431&ai=4118259245&dm=15&ti=aa10bc0c-d5ef-4a5c-9e32-63ccd44b4d15.1&ui=&cb=-746748808518054223&sr=540353017&c2=1&r6=cc7549a53275a71efee9e4d8effbb10c&dt=2926111444050714666007&md=DISPLAY&account_id=461003&ap=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 3.0.71.181 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-0-71-181.ap-southeast-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: *
Date: Sun, 19 Feb 2023 18:30:22 GMT
Timing-Allow-Origin: *
Content-Length: 0
Vary: Origin

GET
H/1.1 200
OK main.js Show response
s.acexedge.com/2/2.88.0/ Frame DF77 171 KB
54 KB 8ms
4ms Script
text/javascript 3.0.71.181
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://s.acexedge.com/2/2.88.0/main.js

Requested by

Host: s.acexedge.com
URL: https://s.acexedge.com/2/tm75/analytics.js?pp=94706&si=437230&di=www.sanook.com&ac=718694&pc=2537431&ai=4118259245&dm=15&ti=aa10bc0c-d5ef-4a5c-9e32-63ccd44b4d15.1&ui=&cb=-746748808518054223&sr=540353017&c2=1&r6=cc7549a53275a71efee9e4d8effbb10c&dt=2926111444050714666007&md=DISPLAY&account_id=461003&ap=

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

3.0.71.181 , Singapore, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-0-71-181.ap-southeast-1.compute.amazonaws.com

Software

Resource Hash

bf9f723c8119c017afec425fdbe058bd4404e0c5853ff4a72164449d8507a210

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date: Sun, 19 Feb 2023 18:30:22 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Encoding: br
Accept-Ch: Viewport-Width, Viewport-Height, Width, DPR, RTT, ECT, Device-Memory, Downlink, Save-Data
Vary: Origin, Accept-Encoding
Content-Type: text/javascript; charset=utf-8
Cache-Control: public, no-transform, immutable, max-age=999999999
Timing-Allow-Origin: *
Content-Length: 54959
Expires: Wed, 28 Oct 2054 05:01:40 GMT

GET
H2 200 config Show response
c.amazon-adsystem.com/cdn/prod/ 469 B
826 B 7ms
4ms XHR
application/json 13.227.255.65
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fwww.sanook.com&pubid=cd6cddc5-4dca-4d77-9a65-8b894400e772
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/horoscope/73929/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.227.255.65 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-227-255-65.sin52.r.cloudfront.net
Software: Server /
Resource Hash: c84f5c94fec8629693e4bbb5d8c6810bdeee0f88ae60703782c583d3dbcf6469

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sun, 19 Feb 2023 17:39:54 GMT
via: 1.1 95d5bc8b4873ccfdcd27d17cb5965ff8.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: SIN52-C3
age: 3028
x-cache: Hit from cloudfront
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://www.sanook.com
cache-control: max-age=21550, s-maxage=21600
access-control-allow-credentials: true
content-length: 469
x-amz-cf-id: S4W83DWGR2nTpri2591iXJrm7wLPET6CRZ9aLdgjZW-tVehqwmzLzg==

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ 6 KB
3 KB 12ms
4ms XHR
application/javascript 13.227.255.65
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/horoscope/73929/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.227.255.65 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-227-255-65.sin52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sat, 18 Feb 2023 23:29:17 GMT
x-amz-version-id: pfXD8LfbTWwWYbVa8nASYbe6_QUldhGN
content-encoding: gzip
via: 1.1 a691085135305af276cea0859fd6b128.cloudfront.net (CloudFront)
x-amz-cf-pop: SIN52-C3
age: 68467
x-cache: Hit from cloudfront
last-modified: Wed, 15 Feb 2023 23:43:01 GMT
server: AmazonS3
etag: W/"a4d296427fc806b21335359e398c025c"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
vary: Accept-Encoding,Origin
x-amz-cf-id: pJTi9YKatMg5-jatjGKAt9zISq8q6APBXpGWtwHZJMzH-p1yPRvspg==

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame C174
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEJZDS0LxC0Bt5lM5hzuBgQI&google_cver=1&google_push=Aa02lx-fv9_s1WUOmVBXbriQ6rFudl1yufxPK-9GsVjuG-gKV4P_PfvwlxRvas3LLMuv9fkAlieFOrQobOu3A05h...
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=v_9j8mq9QQCnyqSzGJ4ikg&google_push=Aa02lx-fv9_s1WUOmVBXbriQ6rFudl1yufxPK-9GsVjuG-gKV4P_PfvwlxRvas3LLMuv9fkAlieFOrQobOu3A05hlSvQnbf1...

170 B
188 B

9ms
8ms

Image
image/png

74.125.24.156
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=v_9j8mq9QQCnyqSzGJ4ikg&google_push=Aa02lx-fv9_s1WUOmVBXbriQ6rFudl1yufxPK-9GsVjuG-gKV4P_PfvwlxRvas3LLMuv9fkAlieFOrQobOu3A05hlSvQnbf1SPq90lg__1-P7nPRz2bS6Bj-C6bYxSQkdQpUVOvy6iB4LA

Requested by

Host: www.sanook.com
URL: https://www.sanook.com/horoscope/73929/

Protocol

Server

74.125.24.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sf-in-f156.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 19 Feb 2023 18:30:23 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Sun, 19 Feb 2023 18:30:23 GMT
Server: MT3 475 4bd2ccd master hkg-pixel-x2 config:1.0.0
Content-Type: image/gif
Access-Control-Allow-Origin: *
location: https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=v_9j8mq9QQCnyqSzGJ4ikg&google_push=Aa02lx-fv9_s1WUOmVBXbriQ6rFudl1yufxPK-9GsVjuG-gKV4P_PfvwlxRvas3LLMuv9fkAlieFOrQobOu3A05hlSvQnbf1SPq90lg__1-P7nPRz2bS6Bj-C6bYxSQkdQpUVOvy6iB4LA
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache
Connection: keep-alive
Keep-Alive: timeout=360
Content-Length: 0
Expires: Sun, 19 Feb 2023 18:30:22 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame C174
Redirect Chain

https://rtb.openx.net/sync/dds?google_gid=CAESEPsUX9zz3B-cjbzbPpSROVQ&google_cver=1&google_push=Aa02lx8ByK7csr2DmhShoTPMm6lcXcswomwr-vtlu3vCA7KWVLBTwYr2lMzni6SW07FNpklPqSWNMJJzua-x7Ycoy1C-IuIc_-boR...
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=Aa02lx8ByK7csr2DmhShoTPMm6lcXcswomwr-vtlu3vCA7KWVLBTwYr2lMzni6SW07FNpklPqSWNMJJzua-x7Ycoy1C-IuIc_-boR67GwgNGJTZPeoNnFflfFBFk-t0T_4vZND...

170 B
188 B

12ms
9ms

Image
image/png

74.125.24.156
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=Aa02lx8ByK7csr2DmhShoTPMm6lcXcswomwr-vtlu3vCA7KWVLBTwYr2lMzni6SW07FNpklPqSWNMJJzua-x7Ycoy1C-IuIc_-boR67GwgNGJTZPeoNnFflfFBFk-t0T_4vZNDc3unGG1w&google_hm=ZuN9rhDegmKLqfDlMkgoOQ==

Requested by

Host: www.sanook.com
URL: https://www.sanook.com/horoscope/73929/

Protocol

Server

74.125.24.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sf-in-f156.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 19 Feb 2023 18:30:23 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 19 Feb 2023 18:30:22 GMT
via: 1.1 google
server: Cowboy
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: null
location: https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=Aa02lx8ByK7csr2DmhShoTPMm6lcXcswomwr-vtlu3vCA7KWVLBTwYr2lMzni6SW07FNpklPqSWNMJJzua-x7Ycoy1C-IuIc_-boR67GwgNGJTZPeoNnFflfFBFk-t0T_4vZNDc3unGG1w&google_hm=ZuN9rhDegmKLqfDlMkgoOQ==
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-request-id: 7j9d4c87ssi5cmstfs2qisb3kjsk0odf

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame C174
Redirect Chain

https://b1sync.zemanta.com/usersync/googleadx/?google_gid=CAESEAtryB2KgbaIaWfhoRrnPEM&google_cver=1&google_push=Aa02lx-sIejY2CSBx93lNHVIUFfTRZAD9yC1-1ZDJ9AqufXsikykbyD2HDmlBMbtAN4YX5Aeu481suuSl-JFr...
https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=Aa02lx-sIejY2CSBx93lNHVIUFfTRZAD9yC1-1ZDJ9AqufXsikykbyD2HDmlBMbtAN4YX5Aeu481suuSl-JFrSkDaaJahQyoognDlV7Wr1nlT5P0Sjq6982Mm7k9InGP3Mj...

170 B
188 B

9ms
8ms

Image
image/png

74.125.24.156
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=Aa02lx-sIejY2CSBx93lNHVIUFfTRZAD9yC1-1ZDJ9AqufXsikykbyD2HDmlBMbtAN4YX5Aeu481suuSl-JFrSkDaaJahQyoognDlV7Wr1nlT5P0Sjq6982Mm7k9InGP3MjLcd43DgprKg&google_hm=SDZWT2xMaGFZSkN6YmpVU0dwSEE=

Requested by

Host: www.sanook.com
URL: https://www.sanook.com/horoscope/73929/

Protocol

Server

74.125.24.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sf-in-f156.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 19 Feb 2023 18:30:23 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sun, 19 Feb 2023 18:30:23 GMT
Content-Type: text/html; charset=utf-8
Location: https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=Aa02lx-sIejY2CSBx93lNHVIUFfTRZAD9yC1-1ZDJ9AqufXsikykbyD2HDmlBMbtAN4YX5Aeu481suuSl-JFrSkDaaJahQyoognDlV7Wr1nlT5P0Sjq6982Mm7k9InGP3MjLcd43DgprKg&google_hm=SDZWT2xMaGFZSkN6YmpVU0dwSEE=
P3p: CP="We do not support P3P header."
Cache-Control: no-cache, no-store, must-revalidate
Content-Length: 278
Expires: Thu, 01 Dec 1994 16:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame C174
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=hdGcCXCVR16VyJ8p-Zr-gg%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...

170 B
188 B

10ms
7ms

Image
image/png

74.125.24.156
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=hdGcCXCVR16VyJ8p-Zr-gg%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=Aa02lx_85JS2yTMA-Jb36xU24KXZzyDWrvXDiClHTiM0sLYv9FNiQuvSxQIxwBY1U3Iq_z-uYBElmk3iaCpB3NjhsZ9gaNyW9kMUprG33ZW5rh_FqNgOtcnPk8oN_h-cjmqo52TkvJUzqiI

Requested by

Host: www.sanook.com
URL: https://www.sanook.com/horoscope/73929/

Protocol

Server

74.125.24.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sf-in-f156.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 19 Feb 2023 18:30:23 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=hdGcCXCVR16VyJ8p-Zr-gg%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=Aa02lx_85JS2yTMA-Jb36xU24KXZzyDWrvXDiClHTiM0sLYv9FNiQuvSxQIxwBY1U3Iq_z-uYBElmk3iaCpB3NjhsZ9gaNyW9kMUprG33ZW5rh_FqNgOtcnPk8oN_h-cjmqo52TkvJUzqiI
date: Sun, 19 Feb 2023 18:29:31 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame C174
Redirect Chain

https://google.dap.fw-ad.jp/dsp/google/pixel?google_gid=CAESEMC-3bZGxIrO0v3WG5iXkgw&google_cver=1&google_push=Aa02lx_U66lxH0bUu-iFUkyKVWO33jxjDahrNgWnlBVPNTlXqSE6uELS5EKPOQEjgHp5uklq0nmNrnOC4jsVJb_...
https://cm.g.doubleclick.net/pixel?google_nid=docomo_ads_platform&google_push=Aa02lx_U66lxH0bUu-iFUkyKVWO33jxjDahrNgWnlBVPNTlXqSE6uELS5EKPOQEjgHp5uklq0nmNrnOC4jsVJb_pjtzASRGO4A-mxom_HNlsjzqy19ZzhiN...

170 B
188 B

7ms
6ms

Image
image/png

74.125.24.156
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=docomo_ads_platform&google_push=Aa02lx_U66lxH0bUu-iFUkyKVWO33jxjDahrNgWnlBVPNTlXqSE6uELS5EKPOQEjgHp5uklq0nmNrnOC4jsVJb_pjtzASRGO4A-mxom_HNlsjzqy19ZzhiNs-x67nxQt3J80ZL6ZBY9SP9LH&google_hm=NDMzMzdiMTAtMjZjMC0zYTRhLTk5MWEtOTlhMzQ2OWRkOTMy

Requested by

Host: www.sanook.com
URL: https://www.sanook.com/horoscope/73929/

Protocol

Server

74.125.24.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sf-in-f156.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 19 Feb 2023 18:30:23 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=docomo_ads_platform&google_push=Aa02lx_U66lxH0bUu-iFUkyKVWO33jxjDahrNgWnlBVPNTlXqSE6uELS5EKPOQEjgHp5uklq0nmNrnOC4jsVJb_pjtzASRGO4A-mxom_HNlsjzqy19ZzhiNs-x67nxQt3J80ZL6ZBY9SP9LH&google_hm=NDMzMzdiMTAtMjZjMC0zYTRhLTk5MWEtOTlhMzQ2OWRkOTMy
date: Sun, 19 Feb 2023 18:30:23 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: no-store
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame C174
Redirect Chain

https://b1sync.zemanta.com/usersync/googleopenbidding/?google_gid=CAESEBWlCkuhh2hLRf5huXm6xe0&google_cver=1&google_push=Aa02lx9uPoEY3ZdbComdoQnBPeuk_kNrMYPtpZIjBwS8zDYJO676C7MKJG00t2IPkMz4faI-Zzsfi...
https://cm.g.doubleclick.net/pixel?google_nid=outbrain_eb&google_push=Aa02lx9uPoEY3ZdbComdoQnBPeuk_kNrMYPtpZIjBwS8zDYJO676C7MKJG00t2IPkMz4faI-ZzsfixNNo_nOs-KYEzEwUW2IW63tgxsVx5hJhyxGDnGWUHtxiZVx1Up...

170 B
188 B

9ms
8ms

Image
image/png

74.125.24.156
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=outbrain_eb&google_push=Aa02lx9uPoEY3ZdbComdoQnBPeuk_kNrMYPtpZIjBwS8zDYJO676C7MKJG00t2IPkMz4faI-ZzsfixNNo_nOs-KYEzEwUW2IW63tgxsVx5hJhyxGDnGWUHtxiZVx1UpTU9wZ-l9B_8FQwtJ-&google_hm=SDZWT2xMaGFZSkN6YmpVU0dwSEE=

Requested by

Host: www.sanook.com
URL: https://www.sanook.com/horoscope/73929/

Protocol

Server

74.125.24.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sf-in-f156.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 19 Feb 2023 18:30:23 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sun, 19 Feb 2023 18:30:23 GMT
Content-Type: text/html; charset=utf-8
Location: https://cm.g.doubleclick.net/pixel?google_nid=outbrain_eb&google_push=Aa02lx9uPoEY3ZdbComdoQnBPeuk_kNrMYPtpZIjBwS8zDYJO676C7MKJG00t2IPkMz4faI-ZzsfixNNo_nOs-KYEzEwUW2IW63tgxsVx5hJhyxGDnGWUHtxiZVx1UpTU9wZ-l9B_8FQwtJ-&google_hm=SDZWT2xMaGFZSkN6YmpVU0dwSEE=
P3p: CP="We do not support P3P header."
Cache-Control: no-cache, no-store, must-revalidate
Content-Length: 284
Expires: Thu, 01 Dec 1994 16:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame C174
Redirect Chain

https://trace.mediago.io/cs/google?google_gid=CAESEPF4rA3Zn7ihx0RELTP36Ms&google_cver=1&google_push=Aa02lx8F3pINYOABp-eFbsWT96kEE6h13TOlp1xaURkV91UIi3_esFBSmq5952IRKRORzTiX9wGM_gkpkFlfhp4YXj1rmwWF3...
https://cm.g.doubleclick.net/pixel?google_nid=baidu_mediago&google_push=Aa02lx8F3pINYOABp-eFbsWT96kEE6h13TOlp1xaURkV91UIi3_esFBSmq5952IRKRORzTiX9wGM_gkpkFlfhp4YXj1rmwWF3W_cjn52Kq45ojXpVylqBnyjR5I6s...

170 B
188 B

9ms
8ms

Image
image/png

74.125.24.156
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=baidu_mediago&google_push=Aa02lx8F3pINYOABp-eFbsWT96kEE6h13TOlp1xaURkV91UIi3_esFBSmq5952IRKRORzTiX9wGM_gkpkFlfhp4YXj1rmwWF3W_cjn52Kq45ojXpVylqBnyjR5I6s0WQHa9lzX-m_EKyAIgN&google_hm=23cad0a1f571502cb566d5409449a8c0

Requested by

Host: www.sanook.com
URL: https://www.sanook.com/horoscope/73929/

Protocol

Server

74.125.24.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sf-in-f156.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 19 Feb 2023 18:30:23 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=baidu_mediago&google_push=Aa02lx8F3pINYOABp-eFbsWT96kEE6h13TOlp1xaURkV91UIi3_esFBSmq5952IRKRORzTiX9wGM_gkpkFlfhp4YXj1rmwWF3W_cjn52Kq45ojXpVylqBnyjR5I6s0WQHa9lzX-m_EKyAIgN&google_hm=23cad0a1f571502cb566d5409449a8c0
date: Sun, 19 Feb 2023 18:30:23 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 290
content-type: text/html; charset=utf-8

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame C174 0
12 B 11ms
6ms Image
text/html 74.125.24.156
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LJQoE_aDe-06Knet7tWp0uNb_S5mYz-2ybGLlxb4xVsOrt-VflwJjgy0EkVNMnSXeT7bj0jgVt

Requested by

Host: 980f4f4d67287649793d18d60622bf76.safeframe.googlesyndication.com
URL: https://980f4f4d67287649793d18d60622bf76.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

74.125.24.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sf-in-f156.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sun, 19 Feb 2023 18:30:23 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2 200 / Show response
pips.taboola.com/ 4 B
121 B 9ms
2ms XHR
text/plain 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://pips.taboola.com/
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/horoscope/73929/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Varnish /
Resource Hash: fb329000228cc5a24c264c57139de8bf854fc86fc18bf1c04ab61a2b5cb4b921

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

x-served-by: cache-qpg1267-QPG
date: Sun, 19 Feb 2023 18:30:23 GMT
via: 1.1 varnish
server: Varnish
access-control-allow-methods: GET
x-cache: HIT
access-control-allow-origin: https://www.sanook.com
cache-control: no-store
accept-ranges: bytes
content-length: 4
retry-after: 0
x-cache-hits: 0

GET
H3 200 integrator.js Show response
adservice.google.com.sg/adsid/ Frame 019F 107 B
122 B 7ms
6ms Script
application/javascript 2404:6800:4003:c03::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com.sg/adsid/integrator.js?domain=www.sanook.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023021401.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::9a , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sun, 19 Feb 2023 18:30:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ Frame 019F 107 B
122 B 10ms
8ms Script
application/javascript 2404:6800:4003:c04::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.sanook.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023021401.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c04::9d , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sun, 19 Feb 2023 18:30:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 019F 31 KB
13 KB 42ms
41ms XHR
text/plain 2404:6800:4003:c06::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=242270831383780&correlator=3101956510897532&eid=31072019%2C31072517&output=ldjh&gdfp_req=1&vrg=2023021401&ptt=17&impl=fif&us_privacy=1---&iu_parts=21710144538%2CDisplay-Bidserv%2CGAM-AD-sanook.com-Direct-RSwPB-STDB-300x250&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=250x50%7C300x250&ifi=1&adks=2206268032&sfv=1-0-40&click=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjsvLdiNOBusinqDKxuOncgZb0oletd6I70AGuxk86QiwXj9HaOw6iGooTMtpIaTn7yIaM3imDrv1zZHtzcjS09jDoYejkfElGXyW0eWekmm24XTTLAogfZozXZcswK_sxJ-OGVeNQXipj7UuhxQFTq8ritA3-rhy1M1em38IxWeD-Ssgs0IMutb0SEWDF3CdU2Pa2RD64batAG4d-Z3NZQVq4HMqhkN-YmP8nyT0oEyj46BnDyYhnWpcDiKuQwvhkgoQtvU8mTP7m7buBjp4WWuMWhHOwI_s1ZFn2MDtCJI6Kd7Usxb2SI_4uJH-93i9Chql2PnD7lFCmyF5MN4DhvQmT-I5fsUI37wBW3Q%26sai%3DAMfl-YSFDPzzKsR842ukX58K0S27gQu99KwwdkH_q78qoSOvhhdQE4NZV1RlWsrwxk9J7jFTZHKVpd3Lj-1_aVC0tnRGhqAf4KGRugGxX3vtOqmo38mSD-ne_uCxlrmW3AA%26sig%3DCg0ArKJSzAvMaeOag311EAE%26fbs_aeid%3D%5Bgw_fbsaeid%5D%26urlfix%3D1%26adurl%3D&eri=4&sc=1&cookie=ID%3Dc2e0d5f2d7a4b4ce%3AT%3D1676831420%3AS%3DALNI_MaOWetUvtCK1BdIIekhyMzp_ZtsnA&cdm=www.sanook.com&gpic=UID%3D00000bc64d7b8629%3AT%3D1676831420%3ART%3D1676831420%3AS%3DALNI_Mbq60WvHP_6QowoJUHNzr3lNtEtbA&abxe=1&dt=1676831423042&dlt=1676831422190&idt=678&adxs=1065&adys=649&biw=1600&bih=1200&isw=300&ish=250&scr_x=0&scr_y=0&btvi=0&ucis=qi6ng53kq02c&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&nhd=1&url=sanook.com&loc=https%3A%2F%2Fwww.sanook.com%2Fhoroscope%2F73929%2F&top=www.sanook.com&frm=23&vis=1&psz=0x0&msz=300x0&fws=256&ohw=0&ea=0&ga_vid=435404951.1676831420&ga_sid=1676831423&ga_hid=1747758132&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023021401.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c06::9a , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

db37826540f4a43e07558220928f1bcd1ba1529b2f11fc31e4e07438330c61ed

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sun, 19 Feb 2023 18:30:23 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12802
x-xss-protection: 0
google-lineitem-id: 6199449033
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138420278344
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.sanook.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 019F 15 KB
11 KB 11ms
10ms XHR
application/json 2404:6800:4003:c03::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2023021401&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023021401.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::9c , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e72f630f425f32c68a81e0f45c8b53b09ed86032c5541552c04c13b26ac72452

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sun, 19 Feb 2023 18:30:23 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11290
x-xss-protection: 0

GET
H2 200 container.html Show response
e5c89f2232552ea4822b61e4e2449130.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame FB37 6 KB
3 KB 16ms
6ms Document
text/html 2404:6800:4003:c11::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://e5c89f2232552ea4822b61e4e2449130.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023021401.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c11::84 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.sanook.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 19 Feb 2023 18:30:23 GMT
expires: Mon, 19 Feb 2024 18:30:23 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 id5-api.js Show response
cdn.id5-sync.com/api/1.0/ 58 KB
17 KB 28ms
11ms Script
text/javascript 2606:4700:10::6816:3456
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.id5-sync.com/api/1.0/id5-api.js

Requested by

Host: www.sanook.com
URL: https://www.sanook.com/horoscope/73929/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:3456 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

05e77dab19940dd457e00282837faecc886434cc8cc5f631575a5e6c386de774

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sun, 19 Feb 2023 18:30:23 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: gzip
cf-cache-status: HIT
last-modified: Mon, 13 Feb 2023 11:21:55 GMT
server: cloudflare
x-amz-request-id: SRQN9S1008B914Y4
age: 2055
etag: W/"7586740695219e27c1483ac351f18884"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: text/javascript;charset=utf-8
cache-control: public, max-age=3600
cf-ray: 79c112cc6fa89fb5-SIN
x-amz-id-2: 1X1ayrfCPzwivbHShnpzJ1HZ3/biw9PEkB4aHMbRrnHtdTB8G6qgElc8NQnFTdyLXgHfOg4PLv4=

POST
H2 200 recordVendorsLoaded Show response
prod.us-east-1.cxm-bcn.publisher-services.amazon.dev/v1/ 0
452 B 250ms
250ms XHR
text/plain 107.21.165.221
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://prod.us-east-1.cxm-bcn.publisher-services.amazon.dev/v1/recordVendorsLoaded
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/horoscope/73929/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 107.21.165.221 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-107-21-165-221.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.sanook.com/
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: *
date: Sun, 19 Feb 2023 18:30:24 GMT
content-length: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers

OPTIONS
H2 200 recordVendorsLoaded
prod.us-east-1.cxm-bcn.publisher-services.amazon.dev/v1/ Frame 0
0 840ms
245ms Preflight 107.21.165.221
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://prod.us-east-1.cxm-bcn.publisher-services.amazon.dev/v1/recordVendorsLoaded
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 107.21.165.221 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-107-21-165-221.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.sanook.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

access-control-allow-headers: content-type
access-control-allow-methods: POST
access-control-allow-origin: *
access-control-max-age: 1800
allow: GET, HEAD, POST, PUT, DELETE, OPTIONS, PATCH
content-length: 0
date: Sun, 19 Feb 2023 18:30:23 GMT
vary: Origin Access-Control-Request-Method Access-Control-Request-Headers

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame AE8B 0
0 12ms
11ms Fetch
image/gif 2404:6800:4003:c06::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstk7ZfnrAu09peFMX-pSZbFrvF9fWYBQsn7zbn-J2I2lwh5wEzAFjpaK_jM1hR0CDVXlq42VKFQvXt5geKik9YnaayXq_hfRZ6sZVeGcH7pIx4p-c3Uw6rLW_KTo2YOmTkpGotMaceUVw6fFgSBRrf9Bi56eeDjKUyGceDJcyOsOJZXMFrwO1XU4jhcqKtBqWpArEOqT01EhbEg5UWCDKSM_u3g32bj4YZvBuzm9TUB7tzEwwuZOEgYOXCWiu2pRwHRKij4HOLE1gBDYpao3RwE3XPcsIsGBKBywnrnheigHbnLhxRfo6kX5YY1aIiI0WJuOsne4Uw7VygCES-A_VAqTb5qbgfUMXhmYe6-wthzxLSBzIIP4Jjl68HAyN-h&sai=AMfl-YQ8zaykWbjZBMmlZRKI_b0xbE5nHi-qDU1C6mPYlWlSpqJIkCiOKL2xp83cW9DHiRviP4zM1JOOsRpI-KooDYEXQcOd1Paotkh8DfCVs5tMj_OdZb4ZlQvLPIcnFLw&sig=Cg0ArKJSzHySqKAUDeMNEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: www.sanook.com
URL: https://www.sanook.com/horoscope/73929/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c06::9a , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sun, 19 Feb 2023 18:30:23 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame AE8B 156 KB
48 KB 5ms
5ms Script
text/javascript 2404:6800:4003:c03::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023021501.js?cb=31072498

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::9a , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a85af52452417453ae5ced98aa54a149925de2155e823234dce588c331d11aa0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sun, 19 Feb 2023 18:30:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48814
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1676465787912926"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 19 Feb 2023 18:30:23 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 5782 17 KB
6 KB 5ms
5ms Script
text/javascript 2404:6800:4003:c01::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023021501.js?cb=31072498

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c01::84 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sun, 19 Feb 2023 18:30:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 19 Feb 2023 18:30:23 GMT

GET
H2 204 / Show response
cds.taboola.com/ 0
82 B 596ms
185ms XHR
text/plain 141.226.230.50
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cds.taboola.com/?uid=e4cf3f0e-bd77-425e-bf08-fa04f2579f2e-tuctaebf03c&mbl=ZmFsc2U=
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/horoscope/73929/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.230.50 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

access-control-allow-origin: *
date: Sun, 19 Feb 2023 18:30:23 GMT
cache-control: no-store
server: nginx

GET
H/1.1 200
OK 4205908.gif
cdn.flashtalking.com/xre/717/7173220/4205908/image/ Frame 7256 94 KB
95 KB 5ms
4ms Image
image/gif 104.83.196.48
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.flashtalking.com/xre/717/7173220/4205908/image/4205908.gif?862758270
Requested by: Host: blank
URL: about:blank
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.83.196.48 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-83-196-48.deploy.static.akamaitechnologies.com
Software: Flashtalking (AKA) /
Resource Hash: 24d2592b0e3121f5f676ac23fe31ad6e87f6d83fb626b3bfdc38a8ed090c5519

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date: Sun, 19 Feb 2023 18:30:23 GMT
Last-Modified: Tue, 31 Jan 2023 12:33:41 GMT
Server: Flashtalking (AKA)
ETag: W/"a085214278b738980c4927f154f428f9"
X-FT-Origin: us
X-Varnish: 550209198
Content-Type: image/gif
Cache-Control: max-age=105
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 96428
Expires: Sun, 19 Feb 2023 18:32:08 GMT

GET
H3 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ Frame EDFE 76 KB
26 KB 6ms
5ms Script
text/javascript 2404:6800:4003:c06::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: www.sanook.com
URL: https://www.sanook.com/horoscope/73929/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c06::9a , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7c87f89709d7e67e66fea5de8c363a18c4a0825d5bf7fcb015cf462016295d0a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sun, 19 Feb 2023 18:30:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 26543
x-xss-protection: 0
server: sffe
etag: "1487 / 677 of 1000 / last-modified: 1676675148"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sun, 19 Feb 2023 18:30:23 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame F4C9 0
0 10ms
9ms Fetch
image/gif 2404:6800:4003:c06::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstjTiPwg2OQ9uWArEO5c5yWHvxRR36djpi5hurrj37a-VvP1qfEjMYz01p97YpbLnnMWn92iBmPoRybOIOaHuu3wH2iJPVtIDYg3YjxqrchT1fB6uATm5hc2kPsCG6a7qwB2Lu3f6N1587ccU0Ada0DsxWblJvndcT0VT_QnphBUvJYKc--i4Arc9hJjRT-GM9xEvtEB6bWOgJShmAWYbbgrA7tvjx9nhn9h8yVp996lkBnGIgXjccXISmWXd4k8v8blEiUWB0J1cHv3xHi2kgHLoSHmBRSO9ZNKjQSkH4z8-Y-GoLPZlSru6M2eERHnWjNHnIDZazy1ZV78HrLZ1LPIeos_4Sx2gr3rWpAWXE3ZYugbJGfQuBrfRMADb2K&sai=AMfl-YSW9xn050PfB5afX-_oIu4A0Vb427ajA0xz22NFBYeHn4pCSV937VKweTQIICLlNXvGTkPeUSlO941uTVqcM6-wp-dhRteXceghPXaF5kSlRsf7UpF5-jQAgP4csto&sig=Cg0ArKJSzIX3eW5bO1z9EAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: www.sanook.com
URL: https://www.sanook.com/horoscope/73929/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c06::9a , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sun, 19 Feb 2023 18:30:23 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame F4C9 156 KB
48 KB 5ms
5ms Script
text/javascript 2404:6800:4003:c03::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023021401.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::9a , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a85af52452417453ae5ced98aa54a149925de2155e823234dce588c331d11aa0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sun, 19 Feb 2023 18:30:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48814
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1676465787912926"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 19 Feb 2023 18:30:23 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 019F 17 KB
6 KB 7ms
5ms Script
text/javascript 2404:6800:4003:c01::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023021401.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c01::84 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sun, 19 Feb 2023 18:30:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 19 Feb 2023 18:30:23 GMT

GET
DATA 200
OK truncated
/ Frame AE8B 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3ba37953a5ee287f10daa482b87c572f10c660aeaea838751f0e7f243a09c32b

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 24634.js Show response
ads.rubiconproject.com/ad/ Frame 46B0 30 KB
9 KB 136ms
4ms Script
text/javascript 184.31.5.52
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.rubiconproject.com/ad/24634.js
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/horoscope/73929/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.31.5.52 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-31-5-52.deploy.static.akamaitechnologies.com
Software: Apache / PHP/5.3.3
Resource Hash: 1e7adc9a24a57746863ef54f2de5f8905c242ebc6d416713133ff989fb050222

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sun, 19 Feb 2023 18:30:23 GMT
content-encoding: gzip
server: Apache
x-powered-by: PHP/5.3.3
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=4728
access-control-allow-credentials: true
content-length: 8916
expires: Sun, 19 Feb 2023 19:49:11 GMT

POST
H/1.1 200
OK postback Show response
s.acexedge.com/2/2.88.0/tm75/AdSEhokJDAGp5TnU/ Frame DF77 0
145 B 3ms
3ms XHR
text/plain 3.0.71.181
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.acexedge.com/2/2.88.0/tm75/AdSEhokJDAGp5TnU/postback?oz_pl=1&ci=tm75&pp=94706&si=437230&ai=4118259245&di=www.sanook.com&sr=540353017&account_id=461003&ui=&cb=-746748808518054223&r6=cc7549a53275a71efee9e4d8effbb10c&ap=&ac=718694&pc=2537431&dm=15&md=DISPLAY&ti=aa10bc0c-d5ef-4a5c-9e32-63ccd44b4d15.1&c2=1&dt=2926111444050714666007&_x=1
Requested by: Host: s.acexedge.com
URL: https://s.acexedge.com/2/tm75/analytics.js?pp=94706&si=437230&di=www.sanook.com&ac=718694&pc=2537431&ai=4118259245&dm=15&ti=aa10bc0c-d5ef-4a5c-9e32-63ccd44b4d15.1&ui=&cb=-746748808518054223&sr=540353017&c2=1&r6=cc7549a53275a71efee9e4d8effbb10c&dt=2926111444050714666007&md=DISPLAY&account_id=461003&ap=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 3.0.71.181 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-0-71-181.ap-southeast-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: *
Date: Sun, 19 Feb 2023 18:30:22 GMT
Timing-Allow-Origin: *
Content-Length: 0
Vary: Origin

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame AEED 13 KB
5 KB 6ms
4ms Document
text/html 2404:6800:4003:c01::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c01::84 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.sanook.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

accept-ranges: bytes
age: 19461
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 19 Feb 2023 13:06:02 GMT
expires: Mon, 19 Feb 2024 13:06:02 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 6F89 783 B
535 B 13ms
12ms Document
text/html 2404:6800:4003:c11::63
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c11::63 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

a127a62eefdb268967d2c4eedcd09e818c488a17a21ebcf7f738acfe0e791a4d

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-xlu5E9yHCQjxh-a1lzDRpg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.sanook.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 513
content-security-policy: script-src 'report-sample' 'nonce-xlu5E9yHCQjxh-a1lzDRpg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sun, 19 Feb 2023 18:30:23 GMT
expires: Sun, 19 Feb 2023 18:30:23 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 query Show response
global.cloud.netacuity.com/webservice/ 569 B
710 B 1040ms
174ms XHR
application/json 52.18.67.241
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://global.cloud.netacuity.com/webservice/query?u=04842bc1-ecc8-4db1-aeec-6a7708559ff2&json=true
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/horoscope/73929/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.18.67.241 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-18-67-241.eu-west-1.compute.amazonaws.com
Software: Apache/2.4.51 () OpenSSL/1.0.2k-fips /
Resource Hash: 0a0b5dff4b141c129dd3e791144653a3d8b4142a038567a1374e828b3a115b55

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

access-control-allow-origin: *
date: Sun, 19 Feb 2023 18:30:24 GMT
server: Apache/2.4.51 () OpenSSL/1.0.2k-fips
content-length: 569
content-type: application/json;charset=UTF-8

GET
DATA 200
OK truncated
/ Frame F4C9 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: dbf0aeab458556ffd3de12cc855e0f49c208e191163e827a778143811b5416f9

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 pubads_impl_2023021401.js Show response
securepubads.g.doubleclick.net/gpt/ Frame EDFE 383 KB
129 KB 5ms
5ms Script
text/javascript 2404:6800:4003:c06::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023021401.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c06::9a , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3ae88f57f0348d9b11258f88926e791d4dc8dc66b365d8aca36cb731257b7fc0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sun, 19 Feb 2023 13:18:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 18734
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 132139
x-xss-protection: 0
last-modified: Tue, 14 Feb 2023 09:35:40 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Mon, 19 Feb 2024 13:18:09 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ Frame EDFE 6 KB
948 B 11ms
11ms XHR
application/json 2404:6800:4003:c06::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.sanook.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c06::9a , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5344afc6c83831275918591131fb80d4f1f89ace1ac721018e5aa4e67d5c106b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sun, 19 Feb 2023 18:30:23 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 923
x-xss-protection: 0
expires: Sun, 19 Feb 2023 18:30:23 GMT

POST
H/1.1 200
OK postback Show response
s.acexedge.com/2/2.88.0/tm75/AdSEhokJDAGp5TnU/ Frame DF77 0
145 B 8ms
8ms XHR
text/plain 3.0.71.181
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.acexedge.com/2/2.88.0/tm75/AdSEhokJDAGp5TnU/postback?ci=tm75&pp=94706&si=437230&ai=4118259245&di=www.sanook.com&sr=540353017&account_id=461003&ui=&cb=-746748808518054223&r6=cc7549a53275a71efee9e4d8effbb10c&ap=&ac=718694&pc=2537431&dm=15&md=DISPLAY&ti=aa10bc0c-d5ef-4a5c-9e32-63ccd44b4d15.1&c2=1&dt=2926111444050714666007&sid=AdSEhokJDAGp5TnU&oz_sc=c4acd86dfa716b6e3d44a574&oz_df=1676831423210&oz_l=225&cv=3
Requested by: Host: s.acexedge.com
URL: https://s.acexedge.com/2/2.88.0/main.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 3.0.71.181 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-0-71-181.ap-southeast-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: *
Date: Sun, 19 Feb 2023 18:30:22 GMT
Timing-Allow-Origin: *
Content-Length: 0
Vary: Origin

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame E6E5 13 KB
5 KB 6ms
4ms Document
text/html 2404:6800:4003:c01::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c01::84 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.sanook.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

accept-ranges: bytes
age: 19461
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 19 Feb 2023 13:06:02 GMT
expires: Mon, 19 Feb 2024 13:06:02 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 46BC 783 B
535 B 9ms
8ms Document
text/html 2404:6800:4003:c11::63
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c11::63 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

cd7f5e8d44bed6cdf232412a427df5bd575bee2303af0ea1d428be11c186c6a1

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-0C4Cahjxno4WMJ9eNU3s2A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.sanook.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 513
content-security-policy: script-src 'report-sample' 'nonce-0C4Cahjxno4WMJ9eNU3s2A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sun, 19 Feb 2023 18:30:23 GMT
expires: Sun, 19 Feb 2023 18:30:23 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 6F89 0
0 5ms
5ms Image
text/html 2404:6800:4003:c03::9a
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2023021501&jk=1480862139159060&rc=
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/horoscope/73929/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2404:6800:4003:c03::9a , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

GET
H2 200 2724194-15.js Show response
smarttag.rubiconproject.com/a/24634/448204/ Frame 46B0 2 KB
1 KB 245ms
237ms Script
text/javascript 2602:803:c006:158::65
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://smarttag.rubiconproject.com/a/24634/448204/2724194-15.js?&gdpr=0&us_privacy=1---&rp_schain=1.0,1!streamlyn.com,bsrvptr10010,1,publisher,sanook.com&cb=0.20116063385029626&tk_st=1&rf=sanook.com&rp_s=c&p_pos=atf&p_screen_res=1600x1200&ad_slot=448204_15&rp_secure=1
Requested by: Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/ad/24634.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c006:158::65 , Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 5605d45c980cba99b86e2bd10a3f9e3d91d8a440fa9d2c9be2c40b9d45671ed2

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 19 Feb 2023 18:30:23 GMT
content-encoding: gzip
server: nginx/1.21.4
vary: Accept-Encoding
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type: text/javascript
cache-control: no-cache, no-store, max-age=0, must-revalidate
expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
BLOB 200
OK d8cb04c5-382a-43b9-8e8d-c415bc431b37
https://980f4f4d67287649793d18d60622bf76.safeframe.googlesyndication.com/ Frame A604 185 B
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://980f4f4d67287649793d18d60622bf76.safeframe.googlesyndication.com/d8cb04c5-382a-43b9-8e8d-c415bc431b37
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/horoscope/73929/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 848fe19ed492948709b881f504ce2eb6274baa694606ca88eb9b2990a2460caf

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Content-Length: 185
Content-Type: application/javascript

GET
H2 200 SPug Show response
simage4.pubmatic.com/AdServer/ Frame 77E7 0
128 B 6ms
4ms Script
text/plain 67.199.150.85
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage4.pubmatic.com/AdServer/SPug?partnerID=155976&gdpr=0&gdpr_consent=&us_privacy=1---
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=155976
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 67.199.150.85 , Singapore, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sun, 19 Feb 2023 18:30:23 GMT
cache-control: no-store, no-cache, private
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame AE8B 0
0 9ms
8ms Fetch
image/gif 2404:6800:4003:c06::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvNZnflaGHIhUJASn8o4hSbfxJNJ9CWQzXZXeUSJVk6Q82849lEfQZjVXzARRJH9P6h104u9znFCf3lvergFm8imLofUx91y4Jyjcvnqthx69yx76E_VQSAO0SJeAjZck4wAwpZm0EiNy1bghO3I3clpZ8D5INBlesIlIFpkBGpYJdQ6AW6xy_QNSz3AI6bIy-HSxLJs5CXVCTILSG9j0KsLT5U8uK1_5-0uRrUMiTkz1kXML4EtykcId8s9nbNsKzd48OuEghvBUJPsnHMGEMUcmwmW9z31bHvCpBBr7AH1WYavpgp2QEUQW0SPpj6NKgzEYQK3uVwdj4W10HZNbga3n4vc1_FC6oukwPkYor90GAbRD1gHO4v17P0fv2WYjQ&sai=AMfl-YQGKQDqAgmWO4-fDaNZW2YmwAnPD9ln4Wj0cZsc-5Sz8AXbEA2dt26GT2IyXvxQcfXYvD_45Xj3pHOJpEJZUb9IRufHV-5XfGhbFVNSsMD6-S2pKNS42u7z73_23Bo&sig=Cg0ArKJSzIHnYkuJk5g8EAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c06::9a , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sun, 19 Feb 2023 18:30:23 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sun, 19 Feb 2023 18:30:23 GMT

GET
H3 200 7Lg35lthZ5bMa2_BIKuudMRVkX-RcQ_BXpABKM-oZgA.js Show response
pagead2.googlesyndication.com/bg/ Frame AEED 36 KB
14 KB 5ms
4ms Script
text/javascript 2404:6800:4003:c03::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/7Lg35lthZ5bMa2_BIKuudMRVkX-RcQ_BXpABKM-oZgA.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::9a , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ecb837e65b616796cc6b6fc120abae74c455917f91710fc15e900128cfa86600

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Fri, 17 Feb 2023 11:24:00 GMT
content-encoding: br
x-content-type-options: nosniff
age: 198383
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14233
x-xss-protection: 0
last-modified: Mon, 13 Feb 2023 15:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 17 Feb 2024 11:24:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 46BC 0
0 4ms
4ms Image
text/html 2404:6800:4003:c03::9a
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2023021401&jk=242270831383780&rc=
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/horoscope/73929/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2404:6800:4003:c03::9a , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

POST
H/1.1 200
OK postback Show response
s.acexedge.com/2/2.88.0/tm75/AdSEhokJDAGp5TnU/ Frame DF77 0
145 B 4ms
4ms XHR
text/plain 3.0.71.181
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.acexedge.com/2/2.88.0/tm75/AdSEhokJDAGp5TnU/postback?ci=tm75&pp=94706&si=437230&ai=4118259245&di=www.sanook.com&sr=540353017&account_id=461003&ui=&cb=-746748808518054223&r6=cc7549a53275a71efee9e4d8effbb10c&ap=&ac=718694&pc=2537431&dm=15&md=DISPLAY&ti=aa10bc0c-d5ef-4a5c-9e32-63ccd44b4d15.1&c2=1&dt=2926111444050714666007&sid=AdSEhokJDAGp5TnU&oz_sc=c4acd86dfa716b6e3d44a574&oz_df=1676831423374&oz_l=4453&cv=3
Requested by: Host: s.acexedge.com
URL: https://s.acexedge.com/2/2.88.0/main.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 3.0.71.181 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-0-71-181.ap-southeast-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: *
Date: Sun, 19 Feb 2023 18:30:22 GMT
Timing-Allow-Origin: *
Content-Length: 0
Vary: Origin

GET
H3 200 7Lg35lthZ5bMa2_BIKuudMRVkX-RcQ_BXpABKM-oZgA.js Show response
pagead2.googlesyndication.com/bg/ Frame E6E5 36 KB
14 KB 4ms
4ms Script
text/javascript 2404:6800:4003:c03::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/7Lg35lthZ5bMa2_BIKuudMRVkX-RcQ_BXpABKM-oZgA.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::9a , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ecb837e65b616796cc6b6fc120abae74c455917f91710fc15e900128cfa86600

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Fri, 17 Feb 2023 11:24:00 GMT
content-encoding: br
x-content-type-options: nosniff
age: 198383
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14233
x-xss-protection: 0
last-modified: Mon, 13 Feb 2023 15:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 17 Feb 2024 11:24:00 GMT

GET
H3 200 integrator.js Show response
adservice.google.com.sg/adsid/ Frame EDFE 107 B
122 B 6ms
5ms Script
application/javascript 2404:6800:4003:c03::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com.sg/adsid/integrator.js?domain=www.sanook.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023021401.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::9a , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sun, 19 Feb 2023 18:30:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ Frame EDFE 107 B
122 B 9ms
6ms Script
application/javascript 2404:6800:4003:c04::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.sanook.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023021401.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c04::9d , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sun, 19 Feb 2023 18:30:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame EDFE 21 KB
9 KB 179ms
178ms XHR
text/plain 2404:6800:4003:c06::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3004544973668878&correlator=1387038896384397&eid=31072543%2C44761478%2C31071663%2C31072499&output=ldjh&gdfp_req=1&vrg=2023021401&ptt=17&impl=fif&us_privacy=1---&iu_parts=21727820151%3A4899711%2CStreamlyn_Dispaly-New%2CDSK-HBR-MCM-sanook.com-NA-Direct-RSwPB-STDB-728x90-0.20&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=468x60%7C468x90%7C728x90&ifi=1&adks=3121149193&sfv=1-0-40&click=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjssc36eWN6_ELIPkHM_rHJ4dCU386mfCSCfmrOILCPOm-JebuYztGLFXAF0W44kWcE9aBR25cknMlR2U28xOlFmGiJ11QK3hTk3hcXoDr8fMd_BLqgAdVVQSiXDm4LFBYUuCMwY7UNqygGRaBh1IP0_mntq6CBUPXntBMlVX_xapOnWKnYpx0Caaz61IbtOHrUcRUl3BQRPahY4WM1fdgiR7lKKbH36lmhwzn0NgI6CcjHFpzd2qtjkpIplMXeSitoZWINVxGcmSr2xPec56KEOXzCWiEpqKs_hWOsKCuZbCfu0nZ4tykMUw9nqy1XR6Vpi6qpdBELXXYE0mewzfSgyQ1LMvdoL8_Bb4zBSjT2tt64TEp3Q4pL1g%26sai%3DAMfl-YSzvwpxm2gj15te3uRTCEGQT2JkReD-19lC6dDvxkdwuFvLmlCgbXwMS-Y_rsTHt3iYMWevrO-8_zBcwwERWkb-4FpgGqhUYmE3sP2kP1553E_VkgHpAWkeT5Jol2Q%26sig%3DCg0ArKJSzGAE_qPTDpTaEAE%26fbs_aeid%3D%5Bgw_fbsaeid%5D%26urlfix%3D1%26adurl%3Dhttps%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%253Fxai%253DAKAOjssxYUIKzQKTBCsolEGH3bU4EjhMXjdfqlUYCu-_P90DOa5XptqIozFZrLfavgRn74lkca0gV5lXUSO5Q8wV00FpKQktp8-iRADRbTWKy8P5FyGYys0KwT6vcRviwX8VNozdFUn_vhzZKQCeDfv9BuSPv2-3etyUFmlkxXvHK5oOC0bDykuQypXTZmQkKcWFrvQkDmSJBKlEYypAYPhSocdYG6yYF4lEfHRQoA5bdkWfH-E1op80Y_33l7lnaKqrWrcZu4wA5IF6FcmVu-p-p-PhQ4YWeJBB7x-enZQCFSPHO2mLoOWvKVZFCNH-L2OwmUKvukBapKTMLLFG7elnDEcui6Fs9LJ0rs-raOZSR4pu8hQu%2526sai%253DAMfl-YQrIqe1sEP4LGBEPz3AzzXXuEF6sldZhqq2YuW5q8Evi-dK-nVGOn_7yadfiURXrtnUumNKzO9MFUe5rbL5vk3ZlAZahZxoeADydIAL52X2LYcyfwvKZQ18s-xmYc8%2526sig%253DCg0ArKJSzL2Jr4QHKYjfEAE%2526fbs_aeid%253D%255Bgw_fbsaeid%255D%2526urlfix%253D1%2526adurl%253D&eri=4&sc=1&cookie=ID%3Dc2e0d5f2d7a4b4ce%3AT%3D1676831420%3AS%3DALNI_MaOWetUvtCK1BdIIekhyMzp_ZtsnA&cdm=www.sanook.com&gpic=UID%3D00000bc64d7b8629%3AT%3D1676831420%3ART%3D1676831420%3AS%3DALNI_Mbq60WvHP_6QowoJUHNzr3lNtEtbA&abxe=1&dt=1676831423410&dlt=1676831423098&idt=247&adxs=235&adys=1163&biw=1600&bih=1200&isw=728&ish=90&scr_x=0&scr_y=0&btvi=0&ucis=17c51dqnnb8c&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&nhd=3&url=sanook.com&loc=https%3A%2F%2Fwww.sanook.com%2Fhoroscope%2F73929%2F&top=www.sanook.com&frm=23&vis=1&psz=728x0&msz=728x0&fws=256&ohw=0&ea=0&ga_vid=435404951.1676831420&ga_sid=1676831423&ga_hid=61684439&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023021401.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c06::9a , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

652f7cf10ec34733417a2406ef4fbf7745d2b153cfa990f68a2a2cc61a4ed795

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sun, 19 Feb 2023 18:30:23 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9615
x-xss-protection: 0
google-lineitem-id: 6200039644
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138420109420
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.sanook.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame EDFE 15 KB
11 KB 10ms
9ms XHR
application/json 2404:6800:4003:c03::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2023021401&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023021401.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::9c , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c94bd531f06b9658113e281599f11f8a9f86b5d57e9ee63c31194eab589fae0e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sun, 19 Feb 2023 18:30:23 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11336
x-xss-protection: 0

GET
H2 200 container.html Show response
2fe8f18f6d8c0438d666e4c74eb2c13f.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame B9B1 6 KB
3 KB 13ms
4ms Document
text/html 2404:6800:4003:c11::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://2fe8f18f6d8c0438d666e4c74eb2c13f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=3

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023021401.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c11::84 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.sanook.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 19 Feb 2023 18:30:23 GMT
expires: Mon, 19 Feb 2024 18:30:23 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame EDFE 17 KB
6 KB 6ms
6ms Script
text/javascript 2404:6800:4003:c01::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023021401.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c01::84 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sun, 19 Feb 2023 18:30:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 19 Feb 2023 18:30:23 GMT

GET
H3 200 / Show response
fundingchoicesmessages.google.com/f/AGSKWxVJ0zgcgFiL-FlyrsBg31nlLhAlIzbfY7R1NtmXHCAx-hIbbbkPrRbKlicSJueJ66i29YrPSNv6jRUjiGu3acoI0eTgkRTL1TXZ_aj-uduWk-LFE7uwiV_vfdMmflwhYiG5LKGC801b_--2sZ9z5_LYQzIvF... 54 B
109 B 16ms
15ms Script
application/javascript 2404:6800:4003:c03::64
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxVJ0zgcgFiL-FlyrsBg31nlLhAlIzbfY7R1NtmXHCAx-hIbbbkPrRbKlicSJueJ66i29YrPSNv6jRUjiGu3acoI0eTgkRTL1TXZ_aj-uduWk-LFE7uwiV_vfdMmflwhYiG5LKGC801b_--2sZ9z5_LYQzIvFtOIqeGjdITMz2gG59cwyEBF_NdlzVbS/_/sponsored_by./adrotate..openx.-729x91-.il/ads/

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.zh_CN.M3A7L5kmMks.es5.O/d=1/exm=kernel_loader,loader_js_executable,web_iab_ccpa_signal_executable/ed=1/rs=AJlcJMz9JuwXaSpWqDCd0bVjh9U5TCu6Cw/m=ad_blocking_detection_executable

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::64 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

10fa4ef7714aa7fa40714aece4fbbe24cfcc4eddad02a56e1bcb0e6fe5434cb2

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-KxFghb72afEheImxvwVFUw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sun, 19 Feb 2023 18:30:23 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-KxFghb72afEheImxvwVFUw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 145 KB
49 KB 16ms
16ms Script
text/javascript 2404:6800:4003:c03::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?fcd=true

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.zh_CN.M3A7L5kmMks.es5.O/d=1/exm=kernel_loader,loader_js_executable,web_iab_ccpa_signal_executable/ed=1/rs=AJlcJMz9JuwXaSpWqDCd0bVjh9U5TCu6Cw/m=ad_blocking_detection_executable

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::9a , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d1332394cd1921221d78e4e89e272736a07403b36e3358d01f4754ca28737469

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sun, 19 Feb 2023 18:30:23 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49669
x-xss-protection: 0
server: cafe
etag: 5279910581363354055
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sun, 19 Feb 2023 18:30:23 GMT

POST
H3 204 AGSKWxUhYfpOs54vTT-3PC_lQXR8KuqAEPaTjFCfbg0Hs1up4WD5AtHzSe6NltxtwOz8y9lL7VxvLMraOu3_WE-uDTCCN2jvuOm8AWBlU0RofnYrWjoPJavZS8inbBqVJILQP_WUfuYHzg== Show response
fundingchoicesmessages.google.com/el/ 0
29 B 12ms
12ms XHR
text/html 2404:6800:4003:c03::64
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxUhYfpOs54vTT-3PC_lQXR8KuqAEPaTjFCfbg0Hs1up4WD5AtHzSe6NltxtwOz8y9lL7VxvLMraOu3_WE-uDTCCN2jvuOm8AWBlU0RofnYrWjoPJavZS8inbBqVJILQP_WUfuYHzg==

Requested by

Host: www.sanook.com
URL: https://www.sanook.com/horoscope/73929/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::64 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-Vop2ahWFAQ1gliTyHGzOeA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.sanook.com/
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 19 Feb 2023 18:30:23 GMT
content-security-policy: script-src 'report-sample' 'nonce-Vop2ahWFAQ1gliTyHGzOeA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin; report-to="ContributorLoggingHttp"
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://www.sanook.com
report-to: {"group":"ContributorLoggingHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ContributorLoggingHttp/external"}]}
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame FEF7 42 B
64 B 6ms
6ms Fetch
image/gif 2404:6800:4003:c03::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssh-pG_enBWqQjjHCTyGSHTjV_I57Jtcc3s1odYsBKcO4AhM8HMdOd2fnyn46lt1PDqkdmx4V089BVmAgx9SUmezerB8Yl1qwbuYeSK130Paur2H3LP&sig=Cg0ArKJSzPzsD00zPS6xEAE&id=lidar2&mcvt=1012&p=0,225,90,1375&mtos=1012,1012,1012,1012,1012&tos=1012,0,0,0,0&v=20230215&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=3&adk=2467760231&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1676831421423&rpt=978&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&vae=0&spb=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::9c , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 19 Feb 2023 18:30:23 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200 v1 Show response
lb.eu-1-id5-sync.com/lb/ 33 B
401 B 1145ms
378ms XHR
application/json 162.19.138.120
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://lb.eu-1-id5-sync.com/lb/v1

Requested by

Host: www.sanook.com
URL: https://www.sanook.com/horoscope/73929/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.120 , France, ASN16276 (OVH, FR),

Reverse DNS

ns31533571.ip-162-19-138.eu

Software

Resource Hash

9ddfef8ddd8531058cfb4837f59d9c8d0321a730e0c87d9cd28a4c6871d5f125

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://www.sanook.com/
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.sanook.com
date: Sun, 19 Feb 2023 18:30:24 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding: chunked
content-type: application/json;charset=UTF-8

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 49BF 13 KB
5 KB 5ms
4ms Document
text/html 2404:6800:4003:c01::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c01::84 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.sanook.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

accept-ranges: bytes
age: 19461
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 19 Feb 2023 13:06:02 GMT
expires: Mon, 19 Feb 2024 13:06:02 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame FD8F 783 B
534 B 11ms
10ms Document
text/html 2404:6800:4003:c11::63
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c11::63 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

8900d04b4f84822ca38d92f44fa002f2785552a4309eb3c5f5e9016cd2589de8

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-2N7A8oeEiI4TROgvSDYxhg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.sanook.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 512
content-security-policy: script-src 'report-sample' 'nonce-2N7A8oeEiI4TROgvSDYxhg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sun, 19 Feb 2023 18:30:23 GMT
expires: Sun, 19 Feb 2023 18:30:23 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

POST
H2 200 wl Show response
t.pubmatic.com/ 17 B
93 B 3ms
2ms XHR
text/plain 103.231.98.201
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://t.pubmatic.com/wl?pubid=155976
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/horoscope/73929/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 103.231.98.201 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: 0d111d61901004eafd87c672f12f6cd54b3c376513aa672bf58100506dfe76f5

Request headers

Referer: https://www.sanook.com/
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Sun, 19 Feb 2023 18:30:23 GMT
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://www.sanook.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 17
expires: 0

POST
H2 200 wl Show response
t.pubmatic.com/ 17 B
93 B 4ms
3ms XHR
text/plain 103.231.98.201
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://t.pubmatic.com/wl?pubid=155976
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/horoscope/73929/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 103.231.98.201 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: 0d111d61901004eafd87c672f12f6cd54b3c376513aa672bf58100506dfe76f5

Request headers

Referer: https://www.sanook.com/
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Sun, 19 Feb 2023 18:30:23 GMT
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://www.sanook.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 17
expires: 0

POST
H3 204 AGSKWxUhYfpOs54vTT-3PC_lQXR8KuqAEPaTjFCfbg0Hs1up4WD5AtHzSe6NltxtwOz8y9lL7VxvLMraOu3_WE-uDTCCN2jvuOm8AWBlU0RofnYrWjoPJavZS8inbBqVJILQP_WUfuYHzg== Show response
fundingchoicesmessages.google.com/el/ 0
29 B 10ms
10ms XHR
text/html 2404:6800:4003:c03::64
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxUhYfpOs54vTT-3PC_lQXR8KuqAEPaTjFCfbg0Hs1up4WD5AtHzSe6NltxtwOz8y9lL7VxvLMraOu3_WE-uDTCCN2jvuOm8AWBlU0RofnYrWjoPJavZS8inbBqVJILQP_WUfuYHzg==

Requested by

Host: www.sanook.com
URL: https://www.sanook.com/horoscope/73929/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::64 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-6TlxTzmxh0cmdA48ptzOvQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.sanook.com/
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 19 Feb 2023 18:30:23 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-6TlxTzmxh0cmdA48ptzOvQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin; report-to="ContributorLoggingHttp"
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://www.sanook.com
report-to: {"group":"ContributorLoggingHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ContributorLoggingHttp/external"}]}
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H2 200 wl Show response
t.pubmatic.com/ 17 B
93 B 3ms
2ms XHR
text/plain 103.231.98.201
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://t.pubmatic.com/wl?pubid=155976
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/horoscope/73929/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 103.231.98.201 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: 0d111d61901004eafd87c672f12f6cd54b3c376513aa672bf58100506dfe76f5

Request headers

Referer: https://www.sanook.com/
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Sun, 19 Feb 2023 18:30:23 GMT
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://www.sanook.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 17
expires: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230215/r20190131/ Frame FD80 10 KB
4 KB 6ms
4ms Document
text/html 2404:6800:4003:c03::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230215/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?fcd=true

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::9a , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.sanook.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

age: 540
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4242
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 19 Feb 2023 18:21:23 GMT
etag: 10353107486223812946
expires: Sun, 05 Mar 2023 18:21:23 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H3 204 AGSKWxUhYfpOs54vTT-3PC_lQXR8KuqAEPaTjFCfbg0Hs1up4WD5AtHzSe6NltxtwOz8y9lL7VxvLMraOu3_WE-uDTCCN2jvuOm8AWBlU0RofnYrWjoPJavZS8inbBqVJILQP_WUfuYHzg== Show response
fundingchoicesmessages.google.com/el/ 0
29 B 16ms
12ms XHR
text/html 2404:6800:4003:c03::64
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxUhYfpOs54vTT-3PC_lQXR8KuqAEPaTjFCfbg0Hs1up4WD5AtHzSe6NltxtwOz8y9lL7VxvLMraOu3_WE-uDTCCN2jvuOm8AWBlU0RofnYrWjoPJavZS8inbBqVJILQP_WUfuYHzg==

Requested by

Host: www.sanook.com
URL: https://www.sanook.com/horoscope/73929/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::64 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-hTf24UyPMWY8FktN_Mgi4g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.sanook.com/
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 19 Feb 2023 18:30:23 GMT
content-security-policy: script-src 'report-sample' 'nonce-hTf24UyPMWY8FktN_Mgi4g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin; report-to="ContributorLoggingHttp"
server: ESF
access-control-max-age: 86400
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
access-control-allow-origin: https://www.sanook.com
access-control-allow-methods: POST, GET, OPTIONS
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
report-to: {"group":"ContributorLoggingHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ContributorLoggingHttp/external"}]}
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxUhYfpOs54vTT-3PC_lQXR8KuqAEPaTjFCfbg0Hs1up4WD5AtHzSe6NltxtwOz8y9lL7VxvLMraOu3_WE-uDTCCN2jvuOm8AWBlU0RofnYrWjoPJavZS8inbBqVJILQP_WUfuYHzg== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 11ms
10ms XHR
text/html 2404:6800:4003:c03::64
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxUhYfpOs54vTT-3PC_lQXR8KuqAEPaTjFCfbg0Hs1up4WD5AtHzSe6NltxtwOz8y9lL7VxvLMraOu3_WE-uDTCCN2jvuOm8AWBlU0RofnYrWjoPJavZS8inbBqVJILQP_WUfuYHzg==

Requested by

Host: www.sanook.com
URL: https://www.sanook.com/horoscope/73929/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::64 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-HHk-plZgD377JxUED8PrOw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.sanook.com/
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 19 Feb 2023 18:30:23 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-HHk-plZgD377JxUED8PrOw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://www.sanook.com
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 AGSKWxXPpUTFqfWgRrrNsXs77_JgZQrUpjhzZnuRBWy6sLa4-jYm7IjRPQa7B8FSHoKAiCpcKN6VePfqnQdgs0Mf6iNTtBI1fxu5GvJUDs7YFGU0aYvUjnmCuSYBArM4iXT4vY7n0Sx-yg== Show response
fundingchoicesmessages.google.com/f/ 3 KB
2 KB 32ms
30ms Script
application/javascript 2404:6800:4003:c03::64
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxXPpUTFqfWgRrrNsXs77_JgZQrUpjhzZnuRBWy6sLa4-jYm7IjRPQa7B8FSHoKAiCpcKN6VePfqnQdgs0Mf6iNTtBI1fxu5GvJUDs7YFGU0aYvUjnmCuSYBArM4iXT4vY7n0Sx-yg==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNjc2ODMxNDIzLDY0MTAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsMTAsNl0sbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLDEsMSxudWxsLG51bGwsMV0sImh0dHBzOi8vd3d3LnNhbm9vay5jb20vaG9yb3Njb3BlLzczOTI5LyIsbnVsbCxbWzgsIk0zQTdMNWttTWtzIl0sWzksInpoLUNOIl0sWzE2LCJbdHJ1ZSx0cnVlLHRydWVdIl1dXQ

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::64 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

b31ca5de71479e01dac3f5ba462189317f03734a82d5ac5068e2f78caa33a15f

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-_LlQbUAEVqzMJeB1pe1fyA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sun, 19 Feb 2023 18:30:23 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-_LlQbUAEVqzMJeB1pe1fyA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin; report-to="ContributorGlobalRouterHttp"
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
report-to: {"group":"ContributorGlobalRouterHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ContributorGlobalRouterHttp/external"}]}
content-type: application/javascript; charset=utf-8
x-frame-options: SAMEORIGIN
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 6FD4 0
0 10ms
10ms Fetch
image/gif 2404:6800:4003:c06::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssOLjs0h8M51mXNSj5hyeqzz8lhwarbZScvs3SulckT1ll4oDODPqS_SrYAFFrTslgJEaTzhCOJ5BhQ63oAJUSeI0ywFQL1WNRqxTaAhZS5TtTPZ-QMzaUCWvu0x0p3irNbT1yMtMRoSU8hUwcSdnkrX3hXLhUvWl_fnd324af6x3IPM25KX9bzwNar2jw0WGPJ1aheSYYQDru1qnb5xRTzMyto7YqNvsIBFxg65CD83FAG49ZcGb9E5sdC64ryxzkZ3dGDPrS0QwLPUv266OrwdcvRpFofE3wb7Kvd1tfK2eY49mTlX1IKRIHwVHZ1_bm9BODBOD5vG8Wi0IbGwjywuwG3o8PlQSNUzC89sUnrVmzWdHwoQ_2G0fT57NHSl49WnBXdnHP4zge-pYhVpD-C&sai=AMfl-YTrBx4i_pWzDY69r1FnZcF3mlQjC3BM616SV43n5Srh2IvGUSvXU7E7JTqNNjTbUvfBHUvzDSMccymwEKbW8B5W11IF5v-DPtxEkIl0QFt9PRgXWxUm0sT2XJXJwOE&sig=Cg0ArKJSzKanJCTzKGcsEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: www.sanook.com
URL: https://www.sanook.com/horoscope/73929/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c06::9a , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sun, 19 Feb 2023 18:30:23 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 showad.js Show response
ads.pubmatic.com/AdServer/js/ Frame 6FD4 38 KB
14 KB 5ms
4ms Script
text/html 104.65.228.208
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/showad.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023021401.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.65.228.208 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-65-228-208.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 9fd8c589bbcde7671ad14542ed1081c4904102d62f401289eb190e9f0aa258f1

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sun, 19 Feb 2023 18:30:23 GMT
content-encoding: gzip
last-modified: Fri, 16 Dec 2022 06:36:35 GMT
server: Apache
vary: Accept-Encoding
content-type: text/html
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: max-age=144192
accept-ranges: bytes
content-length: 13968
expires: Tue, 21 Feb 2023 10:33:35 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 6FD4 156 KB
48 KB 7ms
6ms Script
text/javascript 2404:6800:4003:c03::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023021401.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::9a , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a85af52452417453ae5ced98aa54a149925de2155e823234dce588c331d11aa0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sun, 19 Feb 2023 18:30:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48814
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1676465787912926"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 19 Feb 2023 18:30:23 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame AEED 0
10 B 5ms
3ms Image
text/plain 2404:6800:4003:c01::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?3s6eHQ
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/horoscope/73929/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2404:6800:4003:c01::84 , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sun, 19 Feb 2023 18:30:23 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame FD8F 0
0 5ms
5ms Image
text/html 2404:6800:4003:c03::9a
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2023021401&jk=3004544973668878&rc=
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/horoscope/73929/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2404:6800:4003:c03::9a , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

GET
H2 200 showad.js Show response
ads.pubmatic.com/AdServer/js/ Frame 46B0 38 KB
14 KB 5ms
4ms Script
text/html 104.65.228.208
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/showad.js
Requested by: Host: smarttag.rubiconproject.com
URL: https://smarttag.rubiconproject.com/a/24634/448204/2724194-15.js?&gdpr=0&us_privacy=1---&rp_schain=1.0,1!streamlyn.com,bsrvptr10010,1,publisher,sanook.com&cb=0.20116063385029626&tk_st=1&rf=sanook.com&rp_s=c&p_pos=atf&p_screen_res=1600x1200&ad_slot=448204_15&rp_secure=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.65.228.208 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-65-228-208.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 9fd8c589bbcde7671ad14542ed1081c4904102d62f401289eb190e9f0aa258f1

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sun, 19 Feb 2023 18:30:23 GMT
content-encoding: gzip
last-modified: Fri, 16 Dec 2022 06:36:35 GMT
server: Apache
vary: Accept-Encoding
content-type: text/html
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: max-age=144192
accept-ranges: bytes
content-length: 13968
expires: Tue, 21 Feb 2023 10:33:35 GMT

GET
H/1.1 200 107b0b48-3713-457d-a963-13069fbdc926
beacon-sin1.rubiconproject.com/beacon/d/ Frame 46B0 43 B
378 B 829ms
183ms Image
image/avif 2602:803:c006:158::67
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://beacon-sin1.rubiconproject.com/beacon/d/107b0b48-3713-457d-a963-13069fbdc926?oo=0&accountId=24634&siteId=448204&zoneId=2724194&sizeId=15&e=6A1E40E384DA563B606B6C661CC12C69142393953F389842926A097EA74EF7B9BAEFB932BC97C09DAB4449D4FE9BEB44E89953EE89FBF3C11C3850CA2D6AB149EC3B3DE7ECEF6BF395E61C906FCD9D2663AF685AF18256F37B4EB1006F99FB6E00821998F96B065C8F9131A5EB863CA70E51A375A42C18A395BCEA9A1A431B34

Requested by

Host: www.sanook.com
URL: https://www.sanook.com/horoscope/73929/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_CBC

Server

2602:803:c006:158::67 , Singapore, ASN26667 (RUBICONPROJECT, US),

Reverse DNS

Software

Resource Hash

b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 19 Feb 2023 18:30:23 GMT
X-Content-Type-Options: nosniff
X-Frame-Options: DENY
Content-Type: image/avif
Cache-Control: private, max-age=0, no-cache
Connection: keep-alive
Keep-Alive: timeout=60
Content-Length: 43
X-XSS-Protection: 1; mode=block
Expires: 01 Jan 1970 10:00:00 GMT

POST
H/1.1 200
OK postback Show response
s.acexedge.com/2/2.88.0/tm75/AdSEhokJDAGp5TnU/ Frame DF77 0
145 B 8ms
8ms XHR
text/plain 3.0.71.181
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.acexedge.com/2/2.88.0/tm75/AdSEhokJDAGp5TnU/postback?ci=tm75&pp=94706&si=437230&ai=4118259245&di=www.sanook.com&sr=540353017&account_id=461003&ui=&cb=-746748808518054223&r6=cc7549a53275a71efee9e4d8effbb10c&ap=&ac=718694&pc=2537431&dm=15&md=DISPLAY&ti=aa10bc0c-d5ef-4a5c-9e32-63ccd44b4d15.1&c2=1&dt=2926111444050714666007&sid=AdSEhokJDAGp5TnU&oz_sc=c4acd86dfa716b6e3d44a574&oz_df=1676831423677&oz_l=737&cv=3
Requested by: Host: s.acexedge.com
URL: https://s.acexedge.com/2/2.88.0/main.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 3.0.71.181 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-0-71-181.ap-southeast-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: *
Date: Sun, 19 Feb 2023 18:30:22 GMT
Timing-Allow-Origin: *
Content-Length: 0
Vary: Origin

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame E6E5 0
10 B 5ms
3ms Image
text/plain 2404:6800:4003:c01::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?3wxQnQ
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/horoscope/73929/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2404:6800:4003:c01::84 , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sun, 19 Feb 2023 18:30:23 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 UCookieSetPug Show response
image6.pubmatic.com/AdServer/ Frame 6FD4 24 B
107 B 6ms
3ms Script
text/html 67.199.150.81
GTT-BACKBONE GTT

General

Check archive.org

Show headers Download Go to

Full URL: https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=2&cb=PubMatic._uidCB
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 67.199.150.81 , Singapore, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software: /
Resource Hash: 1b6dfbc0392b3e04e6f10a39a7c097635148b6bc998c13ffbda40d5b3df488c8

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

content-type: text/html; charset=UTF-8
date: Sun, 19 Feb 2023 18:30:23 GMT
cache-control: private
expires: Wed, 1 Mar 2023 10:07:00 GMT
content-length: 24
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H2 200 showad.js Show response
ads.pubmatic.com/AdServer/js/ Frame 6FD4 38 KB
14 KB 5ms
4ms Script
text/html 104.65.228.208
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/showad.js
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.65.228.208 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-65-228-208.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 9fd8c589bbcde7671ad14542ed1081c4904102d62f401289eb190e9f0aa258f1

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sun, 19 Feb 2023 18:30:23 GMT
content-encoding: gzip
last-modified: Fri, 16 Dec 2022 06:36:35 GMT
server: Apache
vary: Accept-Encoding
content-type: text/html
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: max-age=144192
accept-ranges: bytes
content-length: 13968
expires: Tue, 21 Feb 2023 10:33:35 GMT

GET
H3 200 7Lg35lthZ5bMa2_BIKuudMRVkX-RcQ_BXpABKM-oZgA.js Show response
pagead2.googlesyndication.com/bg/ Frame 49BF 36 KB
14 KB 4ms
4ms Script
text/javascript 2404:6800:4003:c03::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/7Lg35lthZ5bMa2_BIKuudMRVkX-RcQ_BXpABKM-oZgA.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::9a , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ecb837e65b616796cc6b6fc120abae74c455917f91710fc15e900128cfa86600

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Fri, 17 Feb 2023 11:24:00 GMT
content-encoding: br
x-content-type-options: nosniff
age: 198383
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14233
x-xss-protection: 0
last-modified: Mon, 13 Feb 2023 15:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 17 Feb 2024 11:24:00 GMT

POST
H3 204 AGSKWxWn331pU1NHi4me0ZbBwirXZWfByq_rwy9xX3loxDTtOsHZd2S_B0ZwwFrj1M-KJhmqrubCrnT9gq_duZb05-yB1_CKPngF15trVPh3Fw3GYGL9S3TbOCrMyRV3pmFwpbtynHKbuA== Show response
fundingchoicesmessages.google.com/el/ 0
29 B 10ms
10ms XHR
text/html 2404:6800:4003:c03::64
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxWn331pU1NHi4me0ZbBwirXZWfByq_rwy9xX3loxDTtOsHZd2S_B0ZwwFrj1M-KJhmqrubCrnT9gq_duZb05-yB1_CKPngF15trVPh3Fw3GYGL9S3TbOCrMyRV3pmFwpbtynHKbuA==

Requested by

Host: www.sanook.com
URL: https://www.sanook.com/horoscope/73929/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::64 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-zvv-n3Oay7v1xUkp49jzig' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.sanook.com/
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 19 Feb 2023 18:30:23 GMT
content-security-policy: script-src 'report-sample' 'nonce-zvv-n3Oay7v1xUkp49jzig' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin; report-to="ContributorLoggingHttp"
server: ESF
access-control-max-age: 86400
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
access-control-allow-origin: https://www.sanook.com
access-control-allow-methods: POST, GET, OPTIONS
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
report-to: {"group":"ContributorLoggingHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ContributorLoggingHttp/external"}]}
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 UCookieSetPug Show response
image6.pubmatic.com/AdServer/ Frame 46B0 24 B
101 B 4ms
3ms Script
text/html 67.199.150.81
GTT-BACKBONE GTT

General

Check archive.org

Show headers Download Go to

Full URL: https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=2&cb=PubMatic._uidCB
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 67.199.150.81 , Singapore, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software: /
Resource Hash: 1b6dfbc0392b3e04e6f10a39a7c097635148b6bc998c13ffbda40d5b3df488c8

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

content-type: text/html; charset=UTF-8
date: Sun, 19 Feb 2023 18:29:32 GMT
cache-control: private
expires: Wed, 1 Mar 2023 10:27:42 GMT
content-length: 24
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H2 200 showad.js Show response
ads.pubmatic.com/AdServer/js/ Frame 46B0 38 KB
14 KB 4ms
3ms Script
text/html 104.65.228.208
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/showad.js
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.65.228.208 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-65-228-208.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 9fd8c589bbcde7671ad14542ed1081c4904102d62f401289eb190e9f0aa258f1

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sun, 19 Feb 2023 18:30:23 GMT
content-encoding: gzip
last-modified: Fri, 16 Dec 2022 06:36:35 GMT
server: Apache
vary: Accept-Encoding
content-type: text/html
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: max-age=144192
accept-ranges: bytes
content-length: 13968
expires: Tue, 21 Feb 2023 10:33:35 GMT

POST
H/1.1 200
OK postback Show response
s.acexedge.com/2/2.88.0/tm75/AdSEhokJDAGp5TnU/ Frame DF77 0
145 B 4ms
3ms XHR
text/plain 3.0.71.181
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.acexedge.com/2/2.88.0/tm75/AdSEhokJDAGp5TnU/postback?ci=tm75&pp=94706&si=437230&ai=4118259245&di=www.sanook.com&sr=540353017&account_id=461003&ui=&cb=-746748808518054223&r6=cc7549a53275a71efee9e4d8effbb10c&ap=&ac=718694&pc=2537431&dm=15&md=DISPLAY&ti=aa10bc0c-d5ef-4a5c-9e32-63ccd44b4d15.1&c2=1&dt=2926111444050714666007&sid=AdSEhokJDAGp5TnU&oz_sc=c4acd86dfa716b6e3d44a574&oz_df=1676831423856&oz_l=952&cv=3
Requested by: Host: s.acexedge.com
URL: https://s.acexedge.com/2/2.88.0/main.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 3.0.71.181 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-0-71-181.ap-southeast-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: *
Date: Sun, 19 Feb 2023 18:30:22 GMT
Timing-Allow-Origin: *
Content-Length: 0
Vary: Origin

GET
H/1.1 200 v1 Show response
lb.eu-1-id5-sync.com/lb/ 33 B
401 B 879ms
355ms XHR
application/json 162.19.138.120
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://lb.eu-1-id5-sync.com/lb/v1

Requested by

Host: www.sanook.com
URL: https://www.sanook.com/horoscope/73929/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.120 , France, ASN16276 (OVH, FR),

Reverse DNS

ns31533571.ip-162-19-138.eu

Software

Resource Hash

9ddfef8ddd8531058cfb4837f59d9c8d0321a730e0c87d9cd28a4c6871d5f125

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://www.sanook.com/
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.sanook.com
date: Sun, 19 Feb 2023 18:30:24 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding: chunked
content-type: application/json;charset=UTF-8

GET
H2 200 showad.js Show response
ads.pubmatic.com/AdServer/js/ Frame 9550 38 KB
14 KB 7ms
5ms Document
text/html 104.65.228.208
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/showad.js
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.65.228.208 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-65-228-208.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 9fd8c589bbcde7671ad14542ed1081c4904102d62f401289eb190e9f0aa258f1

Request headers

Referer: https://www.sanook.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=144192
content-encoding: gzip
content-length: 13968
content-type: text/html
date: Sun, 19 Feb 2023 18:30:23 GMT
expires: Tue, 21 Feb 2023 10:33:35 GMT
last-modified: Fri, 16 Dec 2022 06:36:35 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: Apache
vary: Accept-Encoding

GET
H2 200 showad.js Show response
ads.pubmatic.com/AdServer/js/ Frame 16EE 38 KB
14 KB 7ms
6ms Document
text/html 104.65.228.208
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/showad.js
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.65.228.208 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-65-228-208.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 9fd8c589bbcde7671ad14542ed1081c4904102d62f401289eb190e9f0aa258f1

Request headers

Referer: https://www.sanook.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=144192
content-encoding: gzip
content-length: 13968
content-type: text/html
date: Sun, 19 Feb 2023 18:30:23 GMT
expires: Tue, 21 Feb 2023 10:33:35 GMT
last-modified: Fri, 16 Dec 2022 06:36:35 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: Apache
vary: Accept-Encoding

GET
H2 200 AdServerServlet Show response
sshowads.pubmatic.com/AdServer/ Frame 6FD4 3 KB
2 KB 93ms
56ms Script
text/html 103.231.98.191
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://sshowads.pubmatic.com/AdServer/AdServerServlet?pubId=161944&siteId=1035980&adId=4883487&kadwidth=728&kadheight=90&SAVersion=2&js=1&kdntuid=1&pageURL=https%3A%2F%2Fwww.sanook.com%2Fhoroscope%2F73929%2F&inIframe=1&kadpageurl=sanook.com&multisize=468x60%2C468x90&schain=1.0%2C1!streamlyn.com%2Cbsrvptr10010%2C1%2Cpublisher%2Csanook.com&operId=3&sec=1&kltstamp=2023-2-19%2018%3A30%3A23&timezone=0&screenResolution=1600x1200&ranreq=0.5080850017706195&pmUniAdId=0&adVisibility=3&adPosition=1162x235&gdpr=0&dspids=%7B%7D
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 103.231.98.191 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 18dcc0e1504fe97b177554e5080ea86df69774d405f5c7994f142f1a74a8f953

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

content-type: text/html; charset=utf-8
date: Sun, 19 Feb 2023 18:30:24 GMT
cache-control: no-store, no-cache, private
content-encoding: gzip
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H2 200 showad.js Show response
ads.pubmatic.com/AdServer/js/ Frame 07CC 38 KB
14 KB 11ms
4ms Document
text/html 104.65.228.208
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/showad.js
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.65.228.208 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-65-228-208.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 9fd8c589bbcde7671ad14542ed1081c4904102d62f401289eb190e9f0aa258f1

Request headers

Referer: https://www.sanook.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=144191
content-encoding: gzip
content-length: 13968
content-type: text/html
date: Sun, 19 Feb 2023 18:30:24 GMT
expires: Tue, 21 Feb 2023 10:33:35 GMT
last-modified: Fri, 16 Dec 2022 06:36:35 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: Apache
vary: Accept-Encoding

GET
H2 200 showad.js Show response
ads.pubmatic.com/AdServer/js/ Frame E39F 38 KB
14 KB 11ms
4ms Document
text/html 104.65.228.208
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/showad.js
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.65.228.208 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-65-228-208.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 9fd8c589bbcde7671ad14542ed1081c4904102d62f401289eb190e9f0aa258f1

Request headers

Referer: https://www.sanook.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=144191
content-encoding: gzip
content-length: 13968
content-type: text/html
date: Sun, 19 Feb 2023 18:30:24 GMT
expires: Tue, 21 Feb 2023 10:33:35 GMT
last-modified: Fri, 16 Dec 2022 06:36:35 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: Apache
vary: Accept-Encoding

GET
H2 200 AdServerServlet Show response
sshowads.pubmatic.com/AdServer/ Frame 46B0 3 KB
2 KB 89ms
58ms Script
text/html 103.231.98.191
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://sshowads.pubmatic.com/AdServer/AdServerServlet?pubId=161944&siteId=1035978&adId=4883621&kadwidth=300&kadheight=250&SAVersion=2&js=1&kdntuid=1&pageURL=https%3A%2F%2Fwww.sanook.com%2Fhoroscope%2F73929%2F&inIframe=1&kadpageurl=sanook.com&multisize=250x250&schain=1.0%2C1!streamlyn.com%2Cbsrvptr10010%2C1%2Cpublisher%2Csanook.com&operId=3&sec=1&kltstamp=2023-2-19%2018%3A30%3A23&timezone=0&screenResolution=1600x1200&ranreq=0.15783607696239232&pmUniAdId=0&adVisibility=1&adPosition=649x1065&gdpr=0&dspids=%7B%7D
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 103.231.98.191 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 08452ae3ac895cb24703e1afb7884b00fc7b4fb56e64b76e5167354db9ca1c7e

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

content-type: text/html; charset=utf-8
date: Sun, 19 Feb 2023 18:30:24 GMT
cache-control: no-store, no-cache, private
content-encoding: gzip
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 019F 42 B
64 B 8ms
6ms Fetch
image/gif 2404:6800:4003:c03::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstxk2KRyfvRcSlW2SsX97IyjM2GdoOkzkmtO6_xmUiQMw182lEjRLKS9b-Haa9x95fH36f9xeuYEpf9SHAftM0HUGkCRpvrfDhkeg5OvWQbDZwwuTey&sig=Cg0ArKJSzHT64mbz7v9lEAE&id=lidar2&mcvt=1008&p=649,1065,899,1365&mtos=1008,1008,1008,1008,1008&tos=1008,0,0,0,0&v=20230215&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=19&adk=1277783336&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1676831422190&rpt=757&isd=0&lsd=0&met=ce&wmsd=0&pbe=0&vae=0&spb=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::9c , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 19 Feb 2023 18:30:24 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 PugMaster Show response
image6.pubmatic.com/AdServer/ Frame 9550 2 KB
2 KB 4ms
3ms Script
text/html 67.199.150.81
GTT-BACKBONE GTT

General

Check archive.org

Show headers Download Go to

Full URL: https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=13107880&p=161944&s=1035980&a=4883487&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=1---
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 67.199.150.81 , Singapore, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software: /
Resource Hash: 3f1efffc326249e312dabbdb8b31eb20d8a06f0dacb5fe3d7283eaf873543acc

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date: Sun, 19 Feb 2023 18:30:24 GMT
content-length: 1786
content-type: text/html; charset=UTF-8

GET
H/1.1 200
OK smart.js Show response
ced.sascdn.com/tag/4038/ Frame 6FD4 97 KB
33 KB 419ms
5ms Script
application/javascript 72.247.81.120
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://ced.sascdn.com/tag/4038/smart.js
Requested by: Host: sshowads.pubmatic.com
URL: https://sshowads.pubmatic.com/AdServer/AdServerServlet?pubId=161944&siteId=1035980&adId=4883487&kadwidth=728&kadheight=90&SAVersion=2&js=1&kdntuid=1&pageURL=https%3A%2F%2Fwww.sanook.com%2Fhoroscope%2F73929%2F&inIframe=1&kadpageurl=sanook.com&multisize=468x60%2C468x90&schain=1.0%2C1!streamlyn.com%2Cbsrvptr10010%2C1%2Cpublisher%2Csanook.com&operId=3&sec=1&kltstamp=2023-2-19%2018%3A30%3A23&timezone=0&screenResolution=1600x1200&ranreq=0.5080850017706195&pmUniAdId=0&adVisibility=3&adPosition=1162x235&gdpr=0&dspids=%7B%7D
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 72.247.81.120 , Singapore, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a72-247-81-120.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 820d36f381dc2449960e751ac386f096ea9bd4dd3215f6675d4220a810e9eb25

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date: Sun, 19 Feb 2023 18:30:24 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Type: application/javascript; charset=UTF-8
Cache-Control: public, max-age=7200
Connection: keep-alive
Content-Length: 33279
Expires: Sun, 19 Feb 2023 20:30:24 GMT

GET
H2 200 AdDisplayTrackerServlet Show response
st.pubmatic.com/AdServer/ Frame 06F3 0
91 B 24ms
3ms Document
text/plain 103.231.98.211
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://st.pubmatic.com/AdServer/AdDisplayTrackerServlet?operId=1&pubId=161944&siteId=1035980&adId=4883487&imprId=8B52384C-A9F8-42AA-BF00-162A44162FF0&cksum=3758F99FCD9D4C36&adType=3&adServerId=165&kefact=0.200000&kaxefact=0.200000&kadNetFrequecy=0&kadwidth=728&kadheight=90&kadsizeid=0&kltstamp=1676831424&indirectAdId=2812952&adServerOptimizerId=1&ranreq=0.5080850017706195&kpbmtpfact=0.000000&dcId=4&tldId=0&passback=3&svr=ADS55007U&adsver=_2509817075&adsabzcid=0&cls=ADS&i0=0x2100000000000000&ekefact=wGryYxRHAQDJRhywhlSV7UYxINB3zNvqSzAP0CJJZmuiuq4f&ekaxefact=wGryYy5HAQAbaGDpRPahiqASOZLKCsjEg8G6z9wG3OYr-eIQ&ekpbmtpfact=wGryY0VHAQCTndhQjT2txaBDPOpj2KAegohlXTefNgYJykrI&enpp=wGryY1tHAQA2Rhxpyf9nNLbC50RMXqzBNCltEd-eXW3Zv-Z9&pfi=1&domId=17501659103364714379&dc=sg3&crID=0&campaignId=0&isRTB=0&ver=7&dateHr=2023021918&oid=8B52384C-A9F8-42AA-BF00-162A44162FF0&cntryId=199&domain=sanook.com&sec=1&pAuSt=2&wops=0&sURL=sanook.com&BrID=5
Requested by: Host: sshowads.pubmatic.com
URL: https://sshowads.pubmatic.com/AdServer/AdServerServlet?pubId=161944&siteId=1035980&adId=4883487&kadwidth=728&kadheight=90&SAVersion=2&js=1&kdntuid=1&pageURL=https%3A%2F%2Fwww.sanook.com%2Fhoroscope%2F73929%2F&inIframe=1&kadpageurl=sanook.com&multisize=468x60%2C468x90&schain=1.0%2C1!streamlyn.com%2Cbsrvptr10010%2C1%2Cpublisher%2Csanook.com&operId=3&sec=1&kltstamp=2023-2-19%2018%3A30%3A23&timezone=0&screenResolution=1600x1200&ranreq=0.5080850017706195&pmUniAdId=0&adVisibility=3&adPosition=1162x235&gdpr=0&dspids=%7B%7D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 103.231.98.211 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.sanook.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
content-length: 0
date: Sun, 19 Feb 2023 18:30:24 GMT
expires: 0
pragma: no-cache

GET
H2 200 showad.js Show response
ads.pubmatic.com/AdServer/js/ Frame B823 38 KB
14 KB 5ms
4ms Document
text/html 104.65.228.208
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/showad.js
Requested by: Host: sshowads.pubmatic.com
URL: https://sshowads.pubmatic.com/AdServer/AdServerServlet?pubId=161944&siteId=1035980&adId=4883487&kadwidth=728&kadheight=90&SAVersion=2&js=1&kdntuid=1&pageURL=https%3A%2F%2Fwww.sanook.com%2Fhoroscope%2F73929%2F&inIframe=1&kadpageurl=sanook.com&multisize=468x60%2C468x90&schain=1.0%2C1!streamlyn.com%2Cbsrvptr10010%2C1%2Cpublisher%2Csanook.com&operId=3&sec=1&kltstamp=2023-2-19%2018%3A30%3A23&timezone=0&screenResolution=1600x1200&ranreq=0.5080850017706195&pmUniAdId=0&adVisibility=3&adPosition=1162x235&gdpr=0&dspids=%7B%7D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.65.228.208 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-65-228-208.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 9fd8c589bbcde7671ad14542ed1081c4904102d62f401289eb190e9f0aa258f1

Request headers

Referer: https://www.sanook.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=144191
content-encoding: gzip
content-length: 13968
content-type: text/html
date: Sun, 19 Feb 2023 18:30:24 GMT
expires: Tue, 21 Feb 2023 10:33:35 GMT
last-modified: Fri, 16 Dec 2022 06:36:35 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: Apache
vary: Accept-Encoding

GET
DATA 200
OK truncated
/ Frame 6FD4 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 72dd06632b88b96b49f46bd011c7285f3b6fca05042a0d168f3d9ecdc78a1d77

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1 200
OK smart.js Show response
ced.sascdn.com/tag/4038/ Frame 46B0 97 KB
33 KB 408ms
13ms Script
application/javascript 72.247.81.120
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://ced.sascdn.com/tag/4038/smart.js
Requested by: Host: sshowads.pubmatic.com
URL: https://sshowads.pubmatic.com/AdServer/AdServerServlet?pubId=161944&siteId=1035978&adId=4883621&kadwidth=300&kadheight=250&SAVersion=2&js=1&kdntuid=1&pageURL=https%3A%2F%2Fwww.sanook.com%2Fhoroscope%2F73929%2F&inIframe=1&kadpageurl=sanook.com&multisize=250x250&schain=1.0%2C1!streamlyn.com%2Cbsrvptr10010%2C1%2Cpublisher%2Csanook.com&operId=3&sec=1&kltstamp=2023-2-19%2018%3A30%3A23&timezone=0&screenResolution=1600x1200&ranreq=0.15783607696239232&pmUniAdId=0&adVisibility=1&adPosition=649x1065&gdpr=0&dspids=%7B%7D
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 72.247.81.120 , Singapore, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a72-247-81-120.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 820d36f381dc2449960e751ac386f096ea9bd4dd3215f6675d4220a810e9eb25

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date: Sun, 19 Feb 2023 18:30:24 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Type: application/javascript; charset=UTF-8
Cache-Control: public, max-age=7200
Connection: keep-alive
Content-Length: 33279
Expires: Sun, 19 Feb 2023 20:30:24 GMT

GET
H2 200 AdDisplayTrackerServlet Show response
st.pubmatic.com/AdServer/ Frame 3F42 0
49 B 3ms
3ms Document
text/plain 103.231.98.211
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://st.pubmatic.com/AdServer/AdDisplayTrackerServlet?operId=1&pubId=161944&siteId=1035978&adId=4883621&imprId=1554816C-2BA5-475A-A24B-2CFD2C2A7BB5&cksum=14016EAF20FCE419&adType=3&adServerId=1219&kefact=0.050000&kaxefact=0.050000&kadNetFrequecy=0&kadwidth=300&kadheight=250&kadsizeid=0&kltstamp=1676831424&indirectAdId=2812963&adServerOptimizerId=1&ranreq=0.15783607696239232&kpbmtpfact=0.000000&dcId=4&tldId=0&passback=3&svr=ADS55006U&adsver=_2509817075&adsabzcid=0&cls=ADS&i0=0x2100000000000000&ekefact=wGryY0hOAQAPpdfbhcCQUaWsGxONdS_GolrPTDQ_aflcPcoo&ekaxefact=wGryY2NOAQAmmZPgEe7mfgf3-QVZr3wSbrFg4q2VCLONQt1k&ekpbmtpfact=wGryY3pOAQDdVKFFDoT8cmGechT6m4g2yTNEeI1URWVJ8DVx&enpp=wGryY5BOAQCEuthmG7htZr9COndLBzbgK0EAbLy6KiFdYRrU&pfi=1&domId=17501659103364714379&dc=sg3&crID=0&campaignId=0&isRTB=0&ver=7&dateHr=2023021918&oid=1554816C-2BA5-475A-A24B-2CFD2C2A7BB5&cntryId=199&domain=sanook.com&sec=1&pAuSt=2&wops=0&sURL=sanook.com&BrID=5
Requested by: Host: sshowads.pubmatic.com
URL: https://sshowads.pubmatic.com/AdServer/AdServerServlet?pubId=161944&siteId=1035978&adId=4883621&kadwidth=300&kadheight=250&SAVersion=2&js=1&kdntuid=1&pageURL=https%3A%2F%2Fwww.sanook.com%2Fhoroscope%2F73929%2F&inIframe=1&kadpageurl=sanook.com&multisize=250x250&schain=1.0%2C1!streamlyn.com%2Cbsrvptr10010%2C1%2Cpublisher%2Csanook.com&operId=3&sec=1&kltstamp=2023-2-19%2018%3A30%3A23&timezone=0&screenResolution=1600x1200&ranreq=0.15783607696239232&pmUniAdId=0&adVisibility=1&adPosition=649x1065&gdpr=0&dspids=%7B%7D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 103.231.98.211 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.sanook.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
content-length: 0
date: Sun, 19 Feb 2023 18:30:24 GMT
expires: 0
pragma: no-cache

GET
H2 200 showad.js Show response
ads.pubmatic.com/AdServer/js/ Frame 4811 38 KB
14 KB 5ms
4ms Document
text/html 104.65.228.208
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/showad.js
Requested by: Host: sshowads.pubmatic.com
URL: https://sshowads.pubmatic.com/AdServer/AdServerServlet?pubId=161944&siteId=1035978&adId=4883621&kadwidth=300&kadheight=250&SAVersion=2&js=1&kdntuid=1&pageURL=https%3A%2F%2Fwww.sanook.com%2Fhoroscope%2F73929%2F&inIframe=1&kadpageurl=sanook.com&multisize=250x250&schain=1.0%2C1!streamlyn.com%2Cbsrvptr10010%2C1%2Cpublisher%2Csanook.com&operId=3&sec=1&kltstamp=2023-2-19%2018%3A30%3A23&timezone=0&screenResolution=1600x1200&ranreq=0.15783607696239232&pmUniAdId=0&adVisibility=1&adPosition=649x1065&gdpr=0&dspids=%7B%7D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.65.228.208 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-65-228-208.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 9fd8c589bbcde7671ad14542ed1081c4904102d62f401289eb190e9f0aa258f1

Request headers

Referer: https://www.sanook.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=144191
content-encoding: gzip
content-length: 13968
content-type: text/html
date: Sun, 19 Feb 2023 18:30:24 GMT
expires: Tue, 21 Feb 2023 10:33:35 GMT
last-modified: Fri, 16 Dec 2022 06:36:35 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: Apache
vary: Accept-Encoding

GET
H2 200 usync.html Show response
eus.rubiconproject.com/ Frame 5ADD 281 B
410 B 8ms
4ms Document
text/html 184.31.5.52
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?&gdpr=0&us_privacy=1---&geo=au&co=sg
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/horoscope/73929/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.31.5.52 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-31-5-52.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://www.sanook.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

accept-ranges: bytes
content-encoding: gzip
content-length: 233
content-type: text/html; charset=UTF-8
date: Sun, 19 Feb 2023 18:30:24 GMT
etag: "403b9-119-5ec73a0a33d00"
last-modified: Wed, 02 Nov 2022 02:30:44 GMT
server: Apache/2.2.15 (CentOS)
vary: Accept-Encoding

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 49BF 0
10 B 5ms
4ms Image
text/plain 2404:6800:4003:c01::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?oVK1tQ
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/horoscope/73929/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2404:6800:4003:c01::84 , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sun, 19 Feb 2023 18:30:24 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 PugMaster Show response
image6.pubmatic.com/AdServer/ Frame 2665 489 B
858 B 4ms
3ms Script
text/html 67.199.150.81
GTT-BACKBONE GTT

General

Check archive.org

Show headers Download Go to

Full URL: https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=78832746&p=155976&s=0&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=1---
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=155976
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 67.199.150.81 , Singapore, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software: /
Resource Hash: 0db4633895b56c7c361718436ac80e9b38e2ff0da967b7a6a8f2c74751f149de

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date: Sun, 19 Feb 2023 18:30:24 GMT
content-length: 489
content-type: text/html; charset=UTF-8

GET
H2 200 PugMaster Show response
image6.pubmatic.com/AdServer/ Frame 6093 489 B
734 B 4ms
3ms Script
text/html 67.199.150.81
GTT-BACKBONE GTT

General

Check archive.org

Show headers Download Go to

Full URL: https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=21394807&p=155976&s=0&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=1---
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=155976
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 67.199.150.81 , Singapore, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software: /
Resource Hash: 0db4633895b56c7c361718436ac80e9b38e2ff0da967b7a6a8f2c74751f149de

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date: Sun, 19 Feb 2023 18:29:32 GMT
content-length: 489
content-type: text/html; charset=UTF-8

GET
H2 200 usync.js Show response
eus.rubiconproject.com/ Frame 5ADD 33 KB
10 KB 4ms
4ms Script
text/html 184.31.5.52
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?&gdpr=0&us_privacy=1---&geo=au&co=sg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.31.5.52 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-31-5-52.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 91ca25df885bd981eeae4ea03d889d85de8a71b58990610cf08e2ebd55b8c37a

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?&gdpr=0&us_privacy=1---&geo=au&co=sg
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sun, 19 Feb 2023 18:30:24 GMT
content-encoding: gzip
last-modified: Sun, 19 Feb 2023 08:05:42 GMT
server: Apache/2.2.15 (CentOS)
x-powered-by: PHP/5.3.3
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
cache-control: max-age=48891
content-length: 10006
expires: Mon, 20 Feb 2023 08:05:15 GMT

POST
H/1.1 200
OK postback Show response
s.acexedge.com/2/2.88.0/tm75/AdSEhokJDAGp5TnU/ Frame DF77 0
145 B 4ms
3ms XHR
text/plain 3.0.71.181
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.acexedge.com/2/2.88.0/tm75/AdSEhokJDAGp5TnU/postback?ci=tm75&pp=94706&si=437230&ai=4118259245&di=www.sanook.com&sr=540353017&account_id=461003&ui=&cb=-746748808518054223&r6=cc7549a53275a71efee9e4d8effbb10c&ap=&ac=718694&pc=2537431&dm=15&md=DISPLAY&ti=aa10bc0c-d5ef-4a5c-9e32-63ccd44b4d15.1&c2=1&dt=2926111444050714666007&sid=AdSEhokJDAGp5TnU&oz_sc=c4acd86dfa716b6e3d44a574&oz_df=1676831424147&oz_l=212&cv=3
Requested by: Host: s.acexedge.com
URL: https://s.acexedge.com/2/2.88.0/main.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 3.0.71.181 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-0-71-181.ap-southeast-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: *
Date: Sun, 19 Feb 2023 18:30:23 GMT
Timing-Allow-Origin: *
Content-Length: 0
Vary: Origin

GET
H/1.1 200
OK pxd Show response
dps.jp.cinarra.com/ Frame 00CB 95 B
220 B 85ms
85ms Document
image/png 13.115.197.76
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dps.jp.cinarra.com/pxd?PLATFORM_ID=D&USER_ID=85D19C09-7095-475E-95C8-9F29F99AFE82
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.115.197.76 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-115-197-76.ap-northeast-1.compute.amazonaws.com
Software: /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

Connection: keep-alive
Content-Length: 95
Content-Type: image/png
Date: Sun, 19 Feb 2023 18:30:24 GMT

GET
H2 200 cm Show response
ipac.ctnsnet.com/int/ Frame 36F5 43 B
213 B 70ms
53ms Document
image/gif 35.186.193.173
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ipac.ctnsnet.com/int/cm?exc=14&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=[user_id]
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.193.173 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 173.193.186.35.bc.googleusercontent.com
Software: Apache-Coyote/1.1 /
Resource Hash: 98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-length: 43
content-type: image/gif
date: Sun, 19 Feb 2023 18:30:21 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: CP="NOI DSP COR NID CUR OUR NOR"
pragma: no-cache
server: Apache-Coyote/1.1
via: 1.1 google

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame A60B
Redirect Chain

https://ipac.ctnsnet.com/int/cm?exc=14&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA%3D%26piggybackCookie%3D%5Buser_id%5D
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=43281262af9e4dacbcc0d6cd1dfc3741

42 B
319 B

4ms
4ms

Document
image/gif

103.231.98.194
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=43281262af9e4dacbcc0d6cd1dfc3741
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 103.231.98.194 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Sun, 19 Feb 2023 18:30:24 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html;charset=UTF-8
date: Sun, 19 Feb 2023 18:30:24 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=43281262af9e4dacbcc0d6cd1dfc3741
p3p: CP="NOI DSP COR NID CUR OUR NOR"
pragma: no-cache
server: Apache-Coyote/1.1
status: 302
via: 1.1 google
x-xss-protection: 1; mode=block

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame F68B
Redirect Chain

https://pm.w55c.net/ping_match.gif?ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:BkkwXAyr1PtOs55&gdpr=0&gdpr_consent=

42 B
325 B

5ms
3ms

Document
image/gif

103.231.98.194
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:BkkwXAyr1PtOs55&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 103.231.98.194 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Sun, 19 Feb 2023 18:30:24 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Date: Sun, 19 Feb 2023 18:30:24 GMT
Expires: Fri, 01 Jan 1990 00:00:00 GMT
Location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:BkkwXAyr1PtOs55&gdpr=0&gdpr_consent=
Pragma: no-cache
Server: PingMatch/d601d38#rel-ec2-master i-03b21858210cde1c8@ap-southeast-1a@dxedge-app-ap-southeast-1-prod-asg
Strict-Transport-Security: max-age=2592000; includeSubDomains

GET
H2

200

Pug Show response
image2.pubmatic.com/AdServer/ Frame 4073
Redirect Chain

https://cm-supply-web.gammaplatform.com/adx/usersyncsupply?pid=7&t=pixel
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTkmdGw9NDMyMDA=&piggybackCookie=1dc34205bjy0

42 B
338 B

4ms
4ms

Document
image/gif

103.231.98.194
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTkmdGw9NDMyMDA=&piggybackCookie=1dc34205bjy0
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 103.231.98.194 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Sun, 19 Feb 2023 18:30:24 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

accept-encoding: utf-8
cache-control: no-cache, no-store
content-length: 0
date: Sun, 19 Feb 2023 18:30:24 GMT
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTkmdGw9NDMyMDA=&piggybackCookie=1dc34205bjy0
lws: 90
strict-transport-security: max-age=31536000; includeSubDomains
time-ms: 0

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame DD31
Redirect Chain

https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent=
https://sync.1rx.io/usersync2/pubmatic?zcc=1&cb=1676831424236
https://ad.turn.com/r/cs?pid=45&rndcb=2153387325
https://sync.1rx.io/usersync/turn/7626325209235729978?dspret=1&gdpr=0&gdpr_consent=&us_privacy=
https://sync.targeting.unrulymedia.com/csync/RX-0da3ebde-8a55-4432-a15e-90d171b0f3cf-004?redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA%...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-0da3ebde-8a55-4432-a15e-90d171b0f3cf-004

42 B
254 B

4ms
4ms

Document
image/gif

103.231.98.194
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-0da3ebde-8a55-4432-a15e-90d171b0f3cf-004
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 103.231.98.194 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Sun, 19 Feb 2023 18:30:24 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

content-type: text/html
date: Sun, 19 Feb 2023 18:30:24 GMT
etag: RX0da3ebde8a554432a15e90d171b0f3cf004
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-0da3ebde-8a55-4432-a15e-90d171b0f3cf-004
p3p: CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"

GET
H2 200 bridge Show response
cm.adgrx.com/ Frame 9DCE 0
230 B 155ms
4ms Document
text/plain 3.1.14.27
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.1.14.27 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-1-14-27.ap-southeast-1.compute.amazonaws.com
Software: Cowboy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, proxy-revalidate
content-length: 0
date: Sun, 19 Feb 2023 18:30:24 GMT
expires: Thu, 23 Sep 2004 17:42:04 GMT
p3p: CP="NOI OTC OTP OUR NOR"
pragma: no-cache
server: Cowboy
x-realserver-nx: aws-apsoutheast1c-delivery-3

GET
H2 200 141 Show response
match.deepintent.com/usersync/ Frame 5D14 0
44 B 748ms
247ms Document
text/plain 8.18.47.7
DEEPINTENT

General

Check archive.org

Show headers Download Go to

Full URL: https://match.deepintent.com/usersync/141?gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 8.18.47.7 , United States, ASN398989 (DEEPINTENT, US),
Reverse DNS
Software: b /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

content-length: 0
date: Sun, 19 Feb 2023 18:30:24 GMT
server: b

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame 3C26
Redirect Chain

https://csync.loopme.me/?pubid=11331&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={viewer_token}
https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}

0
74 B

4ms
4ms

Document
text/html

103.231.98.194
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 103.231.98.194 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Sun, 19 Feb 2023 18:30:24 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

content-length: 0
date: Sun, 19 Feb 2023 18:30:24 GMT
location: https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
server: _

GET
H/1.1 200
OK cookiesync Show response
core.iprom.net/ Frame D632 43 B
277 B 710ms
188ms Document
image/gif 195.5.165.20
IPROM-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://core.iprom.net/cookiesync?gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 195.5.165.20 , Slovenia, ASN44968 (IPROM-AS, SI),
Reverse DNS
Software: /
Resource Hash: 98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

Connection: close
Content-Length: 43
Content-Type: image/gif
Date: Sun, 19 Feb 2023 18:30:24 GMT
Vary: Accept-Encoding
X-adserver-worker: avatar-17b8f6052daf@version_1.535
X-core-time: 0ms
X-server-arch: v2

GET
H2 200 qmap
sync.crwdcntrl.net/ Frame 9550 49 B
264 B 31ms
28ms Image
image/gif 52.220.69.171
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=85D19C09-7095-475E-95C8-9F29F99AFE82&gdpr=0&gdpr_consent=
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/horoscope/73929/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.220.69.171 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-220-69-171.ap-southeast-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 19 Feb 2023 18:30:24 GMT
server: Jetty(9.4.38.v20210224)
content-type: image/gif
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: *
cache-control: no-cache
x-server: 10.42.3.58
content-length: 49
expires: 0

GET
H3

200

receive
pixel.tapad.com/idsync/ex/ Frame 9550
Redirect Chain

https://pixel.tapad.com/idsync/ex/receive?partner_id=3371&partner_device_id=85D19C09-7095-475E-95C8-9F29F99AFE82
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3371&partner_device_id=85D19C09-7095-475E-95C8-9F29F99AFE82
https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=fc27f817-c102-45be-a4a9-946d92ae0cbe%252C%252C&gdpr=0&gdpr_consent=
https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=f91d4e2a-9548-4c26-a952-3061050615ad&ttd_puid=fc27f817-c102-45be-a4a9-946d92ae0cbe%2C%2C

95 B
123 B

47ms
46ms

Image
image/png

34.111.113.62
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=f91d4e2a-9548-4c26-a952-3061050615ad&ttd_puid=fc27f817-c102-45be-a4a9-946d92ae0cbe%2C%2C

Requested by

Host: www.sanook.com
URL: https://www.sanook.com/horoscope/73929/

Protocol

Server

34.111.113.62 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

62.113.111.34.bc.googleusercontent.com

Software

Resource Hash

3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sun, 19 Feb 2023 18:30:27 GMT
strict-transport-security: max-age=31536000
via: 1.1 google
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
content-type: image/png
access-control-allow-origin: *
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 95

Redirect headers

pragma: no-cache
date: Sun, 19 Feb 2023 18:30:27 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=f91d4e2a-9548-4c26-a952-3061050615ad&ttd_puid=fc27f817-c102-45be-a4a9-946d92ae0cbe%2C%2C
content-type: text/html
cache-control: private,no-cache, must-revalidate
content-length: 359

GET
H2

200

i.match Show response
s.tribalfusion.com/z/ Frame A404
Redirect Chain

https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATI...
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMA...

43 B
393 B

191ms
189ms

Document
image/gif

2606:4700::6812:19ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=155976
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:19ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-cache private
cf-cache-status: DYNAMIC
cf-ray: 79c112d33a0b6bb8-SIN
content-length: 43
content-type: image/gif; charset=utf-8
date: Sun, 19 Feb 2023 18:30:24 GMT
expires: Thu, 01 Jan 1970 00:00:00 GMT
p3p: CP="NOI DEVo TAIa OUR BUS"
pragma: no-cache
server: cloudflare
x-function: 302

Redirect headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-cache private
cf-cache-status: DYNAMIC
cf-ray: 79c112d19f686bb8-SIN
content-type: text/html
date: Sun, 19 Feb 2023 18:30:24 GMT
expires: Thu, 01 Jan 1970 00:00:00 GMT
location: https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
p3p: CP="NOI DEVo TAIa OUR BUS"
pragma: no-cache
server: cloudflare
x-function: 206
x-reuse-index: 56

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame D127
Redirect Chain

https://um.simpli.fi/pm_match?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:A04CF4C630214E7CB0E94D2E6C11D176&gdpr=0&gdpr_consent=

1 B
72 B

4ms
3ms

Document
text/html

103.231.98.194
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:A04CF4C630214E7CB0E94D2E6C11D176&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=155976
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 103.231.98.194 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 1
content-type: text/html; charset=utf-8
date: Sun, 19 Feb 2023 18:30:24 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
cache-control: no-cache
content-length: 142
content-type: text/html
date: Sun, 19 Feb 2023 18:30:24 GMT
expires: Sat, 18 Feb 2023 18:30:24 GMT
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:A04CF4C630214E7CB0E94D2E6C11D176&gdpr=0&gdpr_consent=
server: openresty
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff

GET
H2

200

i.match Show response
s.tribalfusion.com/z/ Frame F1BD
Redirect Chain

https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATI...
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMA...

43 B
422 B

186ms
185ms

Document
image/gif

2606:4700::6812:19ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=155976
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:19ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-cache private
cf-cache-status: DYNAMIC
cf-ray: 79c112d33a086bb8-SIN
content-length: 43
content-type: image/gif; charset=utf-8
date: Sun, 19 Feb 2023 18:30:24 GMT
expires: Thu, 01 Jan 1970 00:00:00 GMT
p3p: CP="NOI DEVo TAIa OUR BUS"
pragma: no-cache
server: cloudflare
x-function: 302

Redirect headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-cache private
cf-cache-status: DYNAMIC
cf-ray: 79c112d19f6b6bb8-SIN
content-type: text/html
date: Sun, 19 Feb 2023 18:30:24 GMT
expires: Thu, 01 Jan 1970 00:00:00 GMT
location: https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
p3p: CP="NOI DEVo TAIa OUR BUS"
pragma: no-cache
server: cloudflare
x-function: 206
x-reuse-index: 290

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame CB82
Redirect Chain

https://um.simpli.fi/pm_match?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:A04CF4C630214E7CB0E94D2E6C11D176&gdpr=0&gdpr_consent=

1 B
53 B

4ms
4ms

Document
text/html

103.231.98.194
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:A04CF4C630214E7CB0E94D2E6C11D176&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=155976
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 103.231.98.194 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 1
content-type: text/html; charset=utf-8
date: Sun, 19 Feb 2023 18:30:24 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
cache-control: no-cache
content-length: 142
content-type: text/html
date: Sun, 19 Feb 2023 18:30:24 GMT
expires: Sat, 18 Feb 2023 18:30:24 GMT
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:A04CF4C630214E7CB0E94D2E6C11D176&gdpr=0&gdpr_consent=
server: openresty
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff

GET
H2 200 a.js Show response
p.adlooxtracking.com/gpt/ 8 KB
4 KB 21ms
4ms Script
text/javascript 34.107.231.31
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://p.adlooxtracking.com/gpt/a.js

Requested by

Host: www.sanook.com
URL: https://www.sanook.com/horoscope/73929/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.107.231.31 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

31.231.107.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

7ca7a1e30027e42d510cd253b29f1b9f505c04b9af48c9ed20804d9d8006faff

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sun, 19 Feb 2023 17:45:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 google
server: nginx
age: 2716
etag: W/"81c857a6c52da1ca7444f198bd33b2ea"
last-modified: Tue, 22 Nov 2022 17:41:01 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public,max-age=3600
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3703

POST
H/1.1 200 984.json Show response
id5-sync.com/g/v2/ 456 B
1 KB 361ms
360ms XHR
application/json 162.19.138.117
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/g/v2/984.json

Requested by

Host: www.sanook.com
URL: https://www.sanook.com/horoscope/73929/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.117 , France, ASN16276 (OVH, FR),

Reverse DNS

ns31533568.ip-162-19-138.eu

Software

Resource Hash

c63afc220153fc502af3f1edcb3c29d7c36b6ac56abe0da8c45ddbdc9cbb4066

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://www.sanook.com/
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 19 Feb 2023 18:30:27 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding: chunked
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://www.sanook.com
p3p: CP="CAO PSA OUR"
access-control-allow-credentials: true

POST
H/1.1 200 617.json Show response
id5-sync.com/g/v2/ 456 B
1 KB 407ms
406ms XHR
application/json 162.19.138.117
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/g/v2/617.json

Requested by

Host: www.sanook.com
URL: https://www.sanook.com/horoscope/73929/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.117 , France, ASN16276 (OVH, FR),

Reverse DNS

ns31533568.ip-162-19-138.eu

Software

Resource Hash

76ba7acc9e7363a9d83129acc1746cda8a71b0ae341666986ab3215fac413d1e

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://www.sanook.com/
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 19 Feb 2023 18:30:27 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding: chunked
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://www.sanook.com
p3p: CP="CAO PSA OUR"
access-control-allow-credentials: true

POST
H2 200 VideoBidRequestHandlerServlet Show response
sg-wf.taboola.com/ 9 KB
6 KB 283ms
282ms XHR
application/json 141.226.229.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://sg-wf.taboola.com/VideoBidRequestHandlerServlet?oid=15&width=357&height=200&pubid=169497&tagid=953497&crid=-1&noaop=3&sortOrderType=0&cb=1676831427166&mimes=5,10,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=2&pv=1504&pt=709711385&tz=0&viewable=true&ddast=V7yg4CFgMtJZNQBpbcQwQtJZNQBpbcQwUAAAAGBuIHJGEbjDbL0W4t2mxca9HEN3MrnJvNWmaxLCaTjW-2WKyMQBK2wWizHO3Wos3GtRZNfDO3wrnZrGUWy2Iy2fhmi8XKCh_GcpkMaoGEZfb7DgrK6ekxuwyiouttsTucZs8bTtB0Onyue73u97trHna_32vX-N1-od_y93z8hpdft1lOlns5AAAAADz8____QwAAAABEAAAAAEgAAAAAUARU_FsIXAAAAABg_P___2sAAHMkzNPucxj-lpc_AAAAAEAAAAAASAAIOtZKACywqk7-_________2MG6DNvZP7___9vGHoAHnwAHoQAAAAehlbJ10QW8P6CiAo6ihgBAAAAnPlnSh9N6oTKour__7_fCuAKACDAUA3-PSpLd1DiLQwAAEBgbIEeFr_f7LBr_G6X_f________-b_Z_9o_2MXiukCT3Pzqj9AgIArP0CAgCwqRsAwFsAXNARtGIwWN1ArlazAwAAALj7____1wMRw2qxmyx3q9HGNDNsnMvZzLew2BbLzWplGDmW28OsxEkRcPtQ7AsRltnvOygop6fH7DKIiq63xe5wmj0H8UHDsJwMovlN2GK0mkw2y-FsuZgMhqPhaLS_gVgMBjgRg-VyMllMdqvRarQZ7kazwQIFYjBBihYNJqvRaLKYDFejyWq2XOx2G6Ro1Wo22gyGq9lkttuthoPhcjTCCVuMVpPJZjmcLReTwXA0HI2GCFOmjc0zM6zcEpNvtxZNViu3xGYYrmUOw2hmWe2WM8vKLXp9TA-XxWbYbLwoGDCyF8nTIp3IXKOFb-VxDFem4XLhmKwWM4vDuDAthruNYbKYWcQSzckincgu-4phtdhNlrvVaGOaGTbO5WzmW1hsi-VmtTKMHMt9y7SxeWaGlVti8u3Woslq5ZbYDMO1zGEYzSyr3XJmWblFr4_p4bLYDJuNvzHbzYabxWgy2Ddmu9lwsxhNBvsOneG7-pyNnsvB3HGpL99z5nZzGBQug8X7PVik0WlnZ_S5DBeLamzaOSZWod_v9_v9fr_f7_duzAaPwWD4Wc7Hvtiv_RZOnu_GezAqYongIp1oHna_32sRS5Smi3SiF_otf8_Hb3j5dZvlZDkRSwSni3QiehlPF_UfH2KwmUtWo7litZlLFoNVAgAAAAAAAABYwpR5EwAAAIDTQGbL2W61zoMYzUajwWq5AA9wAbo_vGaYs682tbsOxL7bG3lxCMWNHxvMw-73e60MACGYzbz5M0Gs1WpZAwAACGADAAAEcOvmLQCLif____-PAwAAkJGjBwAAEN8HMvLCjVov_OAfaNVg!&proto=2,3,5,6&encoded=1&pstn=vforce2&callback=&wfv=1&amp=0&qsz=6&ft=0&pb=0&pagg=1&sd=undefined&ctsldr=0&dtagid=1464405&dpubid=269675&abtst=ufm_vA&mPre=0.033&cirf=https%3A%2F%2Fwww.sanook.com&en=1&panid=0a1454e7183926fa8576f4dc4b0616d539388b205627b0d7ac4b6f8e4518b1b0
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/horoscope/73929/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.229.48 , Singapore, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: ebe2cf4886432bd56fbe032b59134af581181a41a31b99363370d0a966ea911e

Request headers

Referer: https://www.sanook.com/
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Content-type: text/plain

Response headers

pragma: no-cache
date: Sun, 19 Feb 2023 18:30:27 GMT
content-encoding: gzip
server: nginx
machineid: 1310
vary: Accept-Encoding
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.sanook.com
cache-control: no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
access-control-allow-credentials: true
link: <http://taboola-d.openx.net>; rel=preconnect,<http://taboola-d.openx.net>; rel=preconnect
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2 200 SPug Show response
simage4.pubmatic.com/AdServer/ Frame 9550 0
128 B 5ms
4ms Script
text/plain 67.199.150.85
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage4.pubmatic.com/AdServer/SPug?partnerID=161944&gdpr=0&gdpr_consent=&us_privacy=1---
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 67.199.150.85 , Singapore, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sun, 19 Feb 2023 18:30:27 GMT
cache-control: no-store, no-cache, private
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H2 200 SPug Show response
simage4.pubmatic.com/AdServer/ Frame 2665 0
48 B 6ms
5ms Script
text/plain 67.199.150.85
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage4.pubmatic.com/AdServer/SPug?partnerID=155976&gdpr=0&gdpr_consent=&us_privacy=1---
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=155976
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 67.199.150.85 , Singapore, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sun, 19 Feb 2023 18:30:27 GMT
cache-control: no-store, no-cache, private
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H2 200 SPug Show response
simage4.pubmatic.com/AdServer/ Frame 6093 0
48 B 4ms
4ms Script
text/plain 67.199.150.85
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage4.pubmatic.com/AdServer/SPug?partnerID=155976&gdpr=0&gdpr_consent=&us_privacy=1---
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=155976
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 67.199.150.85 , Singapore, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sun, 19 Feb 2023 18:30:27 GMT
cache-control: no-store, no-cache, private
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H2 200 PugMaster Show response
image6.pubmatic.com/AdServer/ Frame 07CC 47 B
226 B 4ms
3ms Script
text/html 67.199.150.81
GTT-BACKBONE GTT

General

Check archive.org

Show headers Download Go to

Full URL: https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=10688028&p=161944&s=1035978&a=4883621&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=1---
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 67.199.150.81 , Singapore, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software: /
Resource Hash: 09343d3b3473e1c994b2d603c99feb8a0f63fbd3ff20be7432ff18b973dbe651

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date: Sun, 19 Feb 2023 18:30:27 GMT
content-length: 47
content-type: text/html; charset=UTF-8

POST
H/1.1 200
OK postback Show response
s.acexedge.com/2/2.88.0/tm75/AdSEhokJDAGp5TnU/ Frame DF77 0
145 B 4ms
3ms XHR
text/plain 3.0.71.181
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.acexedge.com/2/2.88.0/tm75/AdSEhokJDAGp5TnU/postback?ci=tm75&pp=94706&si=437230&ai=4118259245&di=www.sanook.com&sr=540353017&account_id=461003&ui=&cb=-746748808518054223&r6=cc7549a53275a71efee9e4d8effbb10c&ap=&ac=718694&pc=2537431&dm=15&md=DISPLAY&ti=aa10bc0c-d5ef-4a5c-9e32-63ccd44b4d15.1&c2=1&dt=2926111444050714666007&sid=AdSEhokJDAGp5TnU&oz_sc=c4acd86dfa716b6e3d44a574&oz_df=1676831427155&oz_l=43&cv=3
Requested by: Host: s.acexedge.com
URL: https://s.acexedge.com/2/2.88.0/main.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 3.0.71.181 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-0-71-181.ap-southeast-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: *
Date: Sun, 19 Feb 2023 18:30:26 GMT
Timing-Allow-Origin: *
Content-Length: 0
Vary: Origin

GET
H/1.1 200
OK ac Show response
prg8.smartadserver.com/ Frame 6FD4 13 B
317 B 30ms
7ms Script
application/javascript 23.106.127.48
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL: https://prg8.smartadserver.com/ac?nwid=4038&siteid=549192&pgid=1731271&fmtid=102367&async=1&visit=m&tmstp=8510886442&tag={{SAS-1731271}}&sh=1200&sw=1600&pgDomain=https%3A%2F%2Fwww.sanook.com%2Fhoroscope%2F73929%2F&noadcbk=sas.noad&schain=1.0,1!streamlyn.com,bsrvptr10010,publisher,sanook.com&isLazy=0&isAdRefresh=0
Requested by: Host: ced.sascdn.com
URL: https://ced.sascdn.com/tag/4038/smart.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.106.127.48 , Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS
Software: /
Resource Hash: e1b9d7e445120ef67099c55479c84bc85be612b8d5344fec9f15a1e3c97da38a

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 19 Feb 2023 18:30:26 GMT
content-encoding: br
transfer-encoding: chunked
vary: Accept-Encoding
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
content-type: application/javascript; charset=UTF-8
cache-control: no-cache,no-store

GET
H/1.1 200
OK ac Show response
prg8.smartadserver.com/ Frame 46B0 13 B
322 B 27ms
6ms Script
application/javascript 23.106.127.48
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL: https://prg8.smartadserver.com/ac?nwid=4038&siteid=549192&pgid=1731190&fmtid=102366&async=1&visit=m&tmstp=1355938841&tag={{SAS-1731190}}&sh=1200&sw=1600&pgDomain=https%3A%2F%2Fwww.sanook.com%2Fhoroscope%2F73929%2F&noadcbk=sas.noad&schain=1.0,1!streamlyn.com,bsrvptr10010,1,publisher,%20sanook.com&isLazy=0&isAdRefresh=0
Requested by: Host: ced.sascdn.com
URL: https://ced.sascdn.com/tag/4038/smart.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.106.127.48 , Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS
Software: /
Resource Hash: e1b9d7e445120ef67099c55479c84bc85be612b8d5344fec9f15a1e3c97da38a

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 19 Feb 2023 18:30:26 GMT
content-encoding: br
transfer-encoding: chunked
vary: Accept-Encoding
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
content-type: application/javascript; charset=UTF-8
cache-control: no-cache,no-store

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 5782 0
0 8ms
7ms Image
text/html 2404:6800:4003:c03::9a
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2023021501&jk=1480862139159060&bg=!NTalNmLNAAZYlHKzeJQ7ADkAdvg8WgZAu0FB3H-T8BB11pZIxvGyONGb8pO3z1f2lvGNiHSZivfHdhn5rPmpidelWxHJ18OBMbwCAAABdVIAAAADaAEHCgCW2paRb1I5OhF9uruqIPV79DJ-xYk5REtw_M9sRz-HsJe2OqG1VHU41rORrIQgrgaO-alIX94HvdoTvU_5fLS6AuDADNUeD3MQ2ZEUDPwyROyb8oqQnuPZUlSa52rkjSNSrooyt8mEqmYyijYUCXbQrfltEh3HvjJ_URgz-k14S61VtTfBwmeTO3ttsPLJ8xzBX_F_OirkmQK7qyTOYrrXUH3jfbenX72EXwjx7GeEgkzd-gc3QUUhmY1URW6XJvBGoSVKAwwOeSZpHLxXfjLBtJxHZg3vyYtjEnd_UE-d4uDdKQrXy9XFUuGkcNSh9EL8DSuEZh32NOXdOtCNNOHG6jiwk2qph_jobpOxo5-y9DryLwzcZrrsOQrF896YJ0acpc7gYw9xPe5-TkVt0dDtgB1FTViGhaUwigSJDuzRWUDWjyxFumCtYDEmEfyfv_pulBDFY2jyziy96j-Dfz7PPWiqlBGOl4ZJnZSg_fNIRhAl8DsfDkYlUTGWvkx1ReIPetROWXqqSfQeBzp3uBySQBcnMZdjpMspMfirZV5-H5AULRt418Q5dFmyFPUeIMMXoVVaQ-U5zvlCc8i3wclOCKQ3aI5buq4v4ABBogFbH30gAa13vOqAaMp9MxOrGazkogyrUpCPk89vxEkkNPRoSoxhL_mNKg9Io_ETG-TtWLiRQZgalvWA56vD6q6ZZNkFXNmjK9qXRXlhvrhv9Wu-DRZJznQtMBDt4-OvfoNpngpGJ6VoN_cEXKtWwPdxjSipt488elnAkl61jODB9Ci4d6vaj-hfQM1HF3KEneH45K9FuUVn2wRHWJDZTbGrvi73yJQLCt1mwmCkgN1U8SofE8UmOCPywmAYU6P7j88AcTYweqy_I-9tHDMgifgMG74i89bpFYJ9jA8CvZp0BjGz_vU08CZV-7KB3GS3UHZv2MyJSx5OI_wCI522HANVVL4uMKuDX9JrBojCjAk_KBBatvlNHMC_i19Cs7KjPaqmWuAKIkn4eR4IC1yNNdAZUx7CnqFHwzEfgmQiPd614-PwYNJ2nrXgW0hgaaHM6AYSqX3RAoRiI1IQhPTHNk0CjRUqSiSv9hlfKpfDwDtyXi5V37Wm55HamuzWYiG7dH4VzGMk2ENR
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/horoscope/73929/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2404:6800:4003:c03::9a , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 019F 0
0 7ms
6ms Image
text/html 2404:6800:4003:c03::9a
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2023021401&jk=242270831383780&bg=!6uml6b3NAAZYlHKzeJQ7ADkAdvg8WrAlImHdMSzbGiwuhxgo_7V4TcXx_1oixmtpF5EuzOtYyXmHhmqqKQOg2u_zvm0xr9xs7wMCAAABY1IAAAACaAEHCgAynGH4JbVFpvbCLJ7qxB8XuKIePgreGrl2YXpWaoPczqBaEITeLQicMPWxUutyP7H8pWiZArqDWvnMh3bam6PlHODqaknYi0pX9GJ7bR9FLu-4OoahylleCasbrDJmXnHVpgAntwrJpRMelmOz0MJDQvZaB8Bk8QKKkJcNgW4iQk6BK9CGn0cWnkT3K46Ek6rmArE9Myli06UI5SYFyCmCrQCc2xnkc3iogo8QqQDHEmYOz52ucSqD6o0sGP8X8wCbkLfUeLwOdVji4nX3qSjORSh6rpeC1pM3SGDElVjO0meDQ-pqed8Hk1BTqUG3UXjActGjNa68-E2-qY-Aey2aHiX0d_4_ecgFaMqee8SdoOvwfJsPE7iAKhCGZAqFPyTWUQ_aWwjQweP5VKhJvFrhP8D8XzBH4dRvNOiK5pCAt3K7ugyAGCRI_xk7VSN7obbLI_u6-IdCeMmhj7CU-bgVx-MeQjUMmTPAxLzUskM8qVmrcnhptM7QAUFIPyQSE16IDNPiU2xwGUiWk_iGeTwQNluRkHZbyAepkJtaWO6EZd_IV5Hm-656JMV9sIw09WhEyN4SoXYNVnV5yh_bgprvCDUxD9RS7oxN1N7ycfIqqzQVB4aI4StFgHuBVIQsxu7Lu9mqGb--rkOAd6tmq9ASZtQSi6BXa95TY755DGhgSlb9HgFanFelujSVWrPqoxfHPNHFqkd2-9vIcmmyIlQMYuXs5CKnPPOcTXClylBcPqeYqf24IPAnDHj4zPOkM9JYFHQa5Loqu9LyQO4sRuSdbEfXzwlwHIvrsgkiq-4D79YNP0EKQefoMqWPc7AmsSjKkkfzaQF0IHiCXmJHkhJmgQJ2JCk5qm-ZKbFqLT2XQqTxyXDlzMRt4GbzCN07sBkExcVQpVZu7-QHqR2R8V6edWnGu05M5xswEMqgC-ntjCbFRAuALQ6kcpO-pwjF1Fu-RN_b8gK8V7SI2UmOIo3aNrFi3VTyCOlRD2VlG8CWgg
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/horoscope/73929/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2404:6800:4003:c03::9a , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame EDFE 0
0 7ms
6ms Image
text/html 2404:6800:4003:c03::9a
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2023021401&jk=3004544973668878&bg=!i4iliNzNAAZYlHKzeJQ7ADkAdvg8WvFF7AwjtXFnc-QUBIwL_oOwdHYRUlQdtSsh4VqCLU-3t3DO39rCWTB1WDXzPpgcx36kVH0CAAABFlIAAAACaAEHmQLqUgO38Gcb4cudMWSnbuYl5F8qWTfvWLuKveWBjDPP9TLIF2N32fF7ppyLv7h_sLuoDUyiDUKLnyF5LL-p5YCsVOzQcMfNa8fuZV8XPeVC1Bqkxxxwm-04xlHeAsPdEW8uhIl89u5TI7Dr8yvFhPqqHsdtCx1aq5ZtogHP3YyRgmIBWOBT4jGxSGSaGQPiHlO4jUDOm4BVaC0lT9z14_AV-ptr5bNKxEipknvmnpEbc2WuFpoZxlqfCK-vPLu0DzOBIU4GbrGuTpQmrJ_XzORSQRb9f_3fWxBgdO3i2F70oso2bXjWHoPkWiXpC5tR43z7Xj3LkJ5rtR2ZDJw3hGpGYPl_F88Vxl4bizlagNDFLQQCOiTgkCgsTJUTaFVP52RXvtZ19tp6LT05_T2vDYQG7lqYaTrexuwM-HOaH3nGsfW6t_Y-dASOXqnggGjcSgvQOjFExUdeOlqsJ_t-mb-Lg2TAZUm6g0kOxTgB9aKUuAFerLHRY87JVJnB2-tFon6n1dIt1PkoDnlaezfSd3Sik1vWCwhJF70Y4TcSWjtmfV4tV9BBmIsmkZsuFHYJyB3z7Bd8u8Hxy7utw71FZ1X51nh0gwnN4TPlDNCAo7H4sYUwcqWFAF9ERngBV0_u2a5Yh6jNKN6DgNbBDwTrB2IvHoXp_VuuNliUXRkI0H_Zc2sYW_MYx48izb0xa4JMp1OHjRkuqnT-PubBZpzD9Pf64JNkuoooLnlg8xcRX_rU-tiqHAhqRjJm0jb4GxJtO5BdF5puJujFLaK0hBSpSWMCmZCv9j4i9Z5Gdb28rx0PurVhm2E9IQ9iLXtr-08Mg6ScoeMM4MmPgD90PBuRa2JRXd0M4o_UaJSZIhTgZlxB60qIfqq9zXAB3tYX7rbzq9kfNnxVZZqS039n0n42r26bSJYaqtpqr9gyyusFv6bx_1JU5felEf1CVngp5f6zcfApn3OxvM-sf5HdGhVi2zgHk2x21D2ZxUrWu2M
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/horoscope/73929/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2404:6800:4003:c03::9a , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame F4C9 0
0 8ms
8ms Fetch
image/gif 2404:6800:4003:c06::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvMcWFJ7x5-tKMEIWq5Xqi-JdKF4pdvagMa-Z3wuywKuuqjqJl5Z8npj87a-ZusKu5xrpgH1i9aH_0-3jw-eNzRzMXu9lVJ_wt_OjTV0QNKloYFR1X5jgN5CE1nDjmAugkVhnwT75Bz0wOkPW8lJ-7f7-LRrIcmvqnBK4rW-9neYMkOxqHvLSRyNBKWD1Vwpg4u0lTPDFM1zi4zZO1M_7A9it8Ao53dM8NyvKypvYTutA7RocRyl6C3IgWIusEDkTo1HZ-CHf7XtoVJd-AX3Xb3VTgjyPhVccuxdhTtOvgfSG72Vbo-QGiwJ3B3eSWNkw066BXaZHs8RhWCSRJCJivZhIAzIuz1yxUJyyYX6oR4uBdHYOZiG9Xau5fMqknFCJs&sai=AMfl-YRvUzfD7xveRMW9mxETh32z6hEyKTKa-bc9rjOV-XYg0TLjXja_QiXC-2PvQevZa7R32DGV8jXJGgLlj1e8zbW7OWvhyLbMBb4gO7KRVakaZnW_Wm7pUcSWsKx4G6w&sig=Cg0ArKJSzC8A6oSCIgoeEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c06::9a , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sun, 19 Feb 2023 18:30:27 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sun, 19 Feb 2023 18:30:27 GMT

GET
H2 200 nr-1071.min.js Show response
js-agent.newrelic.com/ 23 KB
9 KB 14ms
2ms Script
application/javascript 151.101.2.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://js-agent.newrelic.com/nr-1071.min.js
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/horoscope/73929/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.2.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 56097e8b7ceb27db42a5e102af6d11dfdcaee13d8716477a8e242b4957d7a280

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
via: 1.1 varnish
date: Sun, 19 Feb 2023 18:30:27 GMT
x-amz-request-id: 2VYJ2ZZQDW67SXRW
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 9086
x-amz-id-2: 2bClx9J7A8JehkT/9vrsYSuEHA8oXbCMvHWhERG7ExHR2PfJY4iaajLEd735wWE1Jty7YLTF3Z0=
x-served-by: cache-qpg1268-QPG
last-modified: Wed, 28 Feb 2018 23:33:31 GMT
server: AmazonS3
x-timer: S1676831427.259638,VS0,VE0
etag: "a1a545c95f313a230157b47dca555c25"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 168

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 15 KB
11 KB 10ms
10ms XHR
application/json 2404:6800:4003:c03::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2023021501&st=env

Requested by

Host: www.sanook.com
URL: https://www.sanook.com/horoscope/73929/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::9c , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

78991fc1ee9f793ef30130e2bd28b7cfae7bd511c50b0703cb76955a608d693b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sun, 19 Feb 2023 18:30:27 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11260
x-xss-protection: 0

POST
H3 200 collect
www.google-analytics.com/ 35 B
55 B 5ms
5ms Ping
image/gif 2404:6800:4003:c11::71
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/collect

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c11::71 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.sanook.com/
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Sun, 19 Feb 2023 18:30:27 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: https://www.sanook.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 6ms
5ms Script
text/javascript 2404:6800:4003:c01::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023021501.js?cb=31072498

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c01::84 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sun, 19 Feb 2023 18:30:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 19 Feb 2023 18:30:27 GMT

GET
H2 204 social
sg-trc-events.taboola.com/sanook/log/3/ 0
362 B 6ms
3ms Image
text/plain 141.226.229.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sg-trc-events.taboola.com/sanook/log/3/social?route=HK:SG:V&lti=display-desktop1_var&ri=f54a7ec18e489a1251fba8a4187c021f&sd=v2_b051729754c4f0c996f7ab61935e0d19_e4cf3f0e-bd77-425e-bf08-fa04f2579f2e-tuctaebf03c_1676831420_1676831420_CNawjgYQgeA9GKzew9fmMCABKAEwwAE4t4gNQOKaEEjXiNcDUP___________wFYAGAAaOey1_X_v7aIgwFwAQ&ui=e4cf3f0e-bd77-425e-bf08-fa04f2579f2e-tuctaebf03c&pi=/horoscope/73929&wi=1064185260234338568&pt=text&vi=1676831420204&st=social-available&d=%7B%22data%22%3A%5B%7B%22i%22%3A%22w%22%2C%22tp%22%3A%22like%22%2C%22nm%22%3A%22facebook%22%2C%22c%22%3A1%2C%22m%22%3A%22stp%22%7D%2C%7B%22i%22%3A%22ctx%22%2C%22ism%22%3Afalse%2C%22srx%22%3A1600%2C%22sry%22%3A1200%2C%22pd%22%3Anull%2C%22tpl%22%3A%22%22%2C%22url%22%3A%22https%3A%2F%2Fwww.sanook.com%2Fhoroscope%2F73929%22%2C%22rref%22%3A%22%22%2C%22sref%22%3A%22%22%2C%22hdl%22%3A%22%E0%B8%94%E0%B8%AD%E0%B8%81%E0%B9%84%E0%B8%A1%E0%B9%89%E0%B8%9B%E0%B8%A3%E0%B8%B0%E0%B8%88%E0%B8%B3%2012%20%E0%B8%A3%E0%B8%B2%E0%B8%A8%E0%B8%B5%20%E0%B8%84%E0%B8%A7%E0%B8%B2%E0%B8%A1%E0%B8%AB%E0%B8%A1%E0%B8%B2%E0%B8%A2%E0%B8%82%E0%B8%AD%E0%B8%87%E0%B8%94%E0%B8%AD%E0%B8%81%E0%B9%84%E0%B8%A1%E0%B9%89%E0%B8%A1%E0%B8%87%E0%B8%84%E0%B8%A5%E0%B9%83%E0%B8%99%E0%B8%9B%E0%B8%A3%E0%B8%B0%E0%B9%80%E0%B8%97%E0%B8%A8%E0%B9%84%E0%B8%97%E0%B8%A2%22%2C%22sec%22%3A%22undefined%22%2C%22aut%22%3A%5B%22S!%20Horoscope%22%5D%2C%22img%22%3A%22https%3A%2F%2Fs.isanook.com%2Fho%2F0%2Fud%2F14%2F73929%2Fm.jpg%22%2C%22v%22%3A15%2C%22pw%22%3Afalse%7D%5D%7D&tim=18%3A30%3A27.280&id=5383&llvl=2&cv=20230213-19_b7-PR-53447-DEV-119237-display-to-native-feed-desktop-rollout-e3e866e8b75&
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.229.48 , Singapore, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Sun, 19 Feb 2023 18:30:27 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 6FD4 0
0 7ms
7ms Fetch
image/gif 2404:6800:4003:c06::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsubC8A0FwdPmWj-qB3dulV1Gbf5nPn5VarguBlzGdU5_Rk-1AQ-IaUX29hXGJEUNUAprdH9F9Y9bZlfSNLyQ0qZZY0YZHFGdtaZUtYm3U3qphcX3WTJxLLmIxz3qp4rzGZfYUSOXkfIWl-YDpMRuISs7Guw544qamAUF85xktj5LovBIZZ6HAhr1ghOtzbZ1gRVtKKYtAj6OCKpOzzXgd4b6wphhqe5g4wpfRR-8Q4_IJ9d7WkYzSOQFChda1LfAecrvy9j5-HvKqVnNH3SihTEH_MsmEV2hRnZQH1TJsQZ2HOZKvGcjgyuSSvJOYFSetqPSGIPHTaf5xbB935-j5PxZCA0rpQ8tKEjdbKAm4qmxS3HRSXMBfAmB9z8q6Y10gtclDPlwhPWSgZ8lPNezeVoEBY&sai=AMfl-YRwmXPAcL61Gpbv1LsLsY0hlYi7kRsMUvcesxg1wBslcabWNnMl4HxeEs87lReszLtGK7QGnOMSiiaYDSFm2V5jwEa5HpgQ-lLbYxhjtKnS00czhCqhyt_s-uHKMvA&sig=Cg0ArKJSzHafPCW5NGqbEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c06::9a , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sun, 19 Feb 2023 18:30:27 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sun, 19 Feb 2023 18:30:27 GMT

GET
H/1.1 200
OK 8f062114d3 Show response
bam.nr-data.net/1/ 57 B
555 B 286ms
226ms Script
text/javascript 162.247.241.14
NEWRELIC-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://bam.nr-data.net/1/8f062114d3?a=50891400&sa=1&v=1071.385e752&t=Unnamed%20Transaction&rst=12090&ref=https://www.sanook.com/horoscope/73929/&be=3290&fe=12041&dc=4477&af=err,xhr,stn,ins&perf=%7B%22timing%22:%7B%22of%22:1676831415203,%22n%22:0,%22f%22:598,%22dn%22:599,%22dne%22:726,%22c%22:726,%22s%22:754,%22ce%22:811,%22rq%22:812,%22rp%22:3262,%22rpe%22:3816,%22dl%22:3265,%22di%22:4153,%22ds%22:4477,%22de%22:4481,%22dc%22:12041,%22l%22:12041,%22le%22:12046%7D,%22navigation%22:%7B%7D%7D&jsonp=NREUM.setToken
Requested by: Host: js-agent.newrelic.com
URL: https://js-agent.newrelic.com/nr-1071.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.247.241.14 Apex, United States, ASN23467 (NEWRELIC-AS-1, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5e864c2e3f674c60970513411eaeeeafd2d615d842e65ec01d09ccfcb4a7b38d

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date: Sun, 19 Feb 2023 18:30:27 GMT
Content-Encoding: gzip
CF-Cache-Status: DYNAMIC
Server: cloudflare
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/javascript;charset=iso-8859-1
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
CF-Ray: 79c112e4feea9e38-SIN
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 5295 13 KB
5 KB 7ms
5ms Document
text/html 2404:6800:4003:c01::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c01::84 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.sanook.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

accept-ranges: bytes
age: 19465
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 19 Feb 2023 13:06:02 GMT
expires: Mon, 19 Feb 2024 13:06:02 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 6A06 783 B
535 B 8ms
8ms Document
text/html 2404:6800:4003:c11::63
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c11::63 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

4d2f73f006923b6bed7fe6a9a3255c9ad1f90e6eeb982c5c4e8d7e2d573e6ea9

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-U1UEan91lCymQL4307vc8Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.sanook.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 513
content-security-policy: script-src 'report-sample' 'nonce-U1UEan91lCymQL4307vc8Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sun, 19 Feb 2023 18:30:27 GMT
expires: Sun, 19 Feb 2023 18:30:27 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 6A06 0
0 6ms
6ms Image
text/html 2404:6800:4003:c03::9a
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2023021501&jk=1470658175133945&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2404:6800:4003:c03::9a , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

GET
H3 200 7Lg35lthZ5bMa2_BIKuudMRVkX-RcQ_BXpABKM-oZgA.js Show response
pagead2.googlesyndication.com/bg/ Frame 5295 36 KB
14 KB 4ms
4ms Script
text/javascript 2404:6800:4003:c03::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/7Lg35lthZ5bMa2_BIKuudMRVkX-RcQ_BXpABKM-oZgA.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::9a , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ecb837e65b616796cc6b6fc120abae74c455917f91710fc15e900128cfa86600

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Fri, 17 Feb 2023 11:24:00 GMT
content-encoding: br
x-content-type-options: nosniff
age: 198387
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14233
x-xss-protection: 0
last-modified: Mon, 13 Feb 2023 15:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 17 Feb 2024 11:24:00 GMT

POST
H/1.1 200
OK postback Show response
s.acexedge.com/2/2.88.0/tm75/AdSEhokJDAGp5TnU/ Frame DF77 0
145 B 3ms
3ms XHR
text/plain 3.0.71.181
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.acexedge.com/2/2.88.0/tm75/AdSEhokJDAGp5TnU/postback?ci=tm75&pp=94706&si=437230&ai=4118259245&di=www.sanook.com&sr=540353017&account_id=461003&ui=&cb=-746748808518054223&r6=cc7549a53275a71efee9e4d8effbb10c&ap=&ac=718694&pc=2537431&dm=15&md=DISPLAY&ti=aa10bc0c-d5ef-4a5c-9e32-63ccd44b4d15.1&c2=1&dt=2926111444050714666007&sid=AdSEhokJDAGp5TnU&oz_sc=c4acd86dfa716b6e3d44a574&oz_df=1676831427325&oz_l=447&cv=3
Requested by: Host: s.acexedge.com
URL: https://s.acexedge.com/2/2.88.0/main.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 3.0.71.181 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-0-71-181.ap-southeast-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: *
Date: Sun, 19 Feb 2023 18:30:26 GMT
Timing-Allow-Origin: *
Content-Length: 0
Vary: Origin

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 5295 0
10 B 4ms
4ms Image
text/plain 2404:6800:4003:c01::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?w_guSw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2404:6800:4003:c01::84 , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sun, 19 Feb 2023 18:30:27 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 av Show response
taboola-d.openx.net/v/1.0/ 48 B
270 B 139ms
87ms XHR
text/xml 34.98.64.218
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://taboola-d.openx.net/v/1.0/av?auid=540790696&gdpr=0&us_privacy=1---
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/horoscope/73929/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: a355f2718a8d0b7444670aca6fd1dfdc126f9b8e9931a34a52cac9c343a68e3f

Request headers

Referer: https://www.sanook.com/
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Content-type: text/plain

Response headers

pragma: no-cache
date: Sun, 19 Feb 2023 18:30:27 GMT
content-encoding: gzip
via: 1.1 google
server: OXGW/0.0.0
vary: Accept-Encoding
content-type: text/xml
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://www.sanook.com
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 av Show response
taboola-d.openx.net/v/1.0/ 48 B
248 B 145ms
96ms XHR
text/xml 34.98.64.218
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://taboola-d.openx.net/v/1.0/av?auid=540790697&gdpr=0&us_privacy=1---
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/horoscope/73929/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: a355f2718a8d0b7444670aca6fd1dfdc126f9b8e9931a34a52cac9c343a68e3f

Request headers

Referer: https://www.sanook.com/
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Content-type: text/plain

Response headers

pragma: no-cache
date: Sun, 19 Feb 2023 18:30:27 GMT
content-encoding: gzip
via: 1.1 google
server: OXGW/0.0.0
vary: Accept-Encoding
content-type: text/xml
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://www.sanook.com
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56
expires: Mon, 26 Jul 1997 05:00:00 GMT

POST
H/1.1 200
OK postback Show response
s.acexedge.com/2/2.88.0/tm75/AdSEhokJDAGp5TnU/ Frame DF77 0
145 B 4ms
3ms XHR
text/plain 3.0.71.181
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.acexedge.com/2/2.88.0/tm75/AdSEhokJDAGp5TnU/postback?ci=tm75&pp=94706&si=437230&ai=4118259245&di=www.sanook.com&sr=540353017&account_id=461003&ui=&cb=-746748808518054223&r6=cc7549a53275a71efee9e4d8effbb10c&ap=&ac=718694&pc=2537431&dm=15&md=DISPLAY&ti=aa10bc0c-d5ef-4a5c-9e32-63ccd44b4d15.1&c2=1&dt=2926111444050714666007&sid=AdSEhokJDAGp5TnU&oz_sc=c4acd86dfa716b6e3d44a574&oz_df=1676831427501&oz_l=66&cv=3
Requested by: Host: s.acexedge.com
URL: https://s.acexedge.com/2/2.88.0/main.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 3.0.71.181 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-0-71-181.ap-southeast-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: *
Date: Sun, 19 Feb 2023 18:30:26 GMT
Timing-Allow-Origin: *
Content-Length: 0
Vary: Origin

GET
BLOB 200
OK 37445a19-2c32-4756-a5ac-734d5fdb3561
https://980f4f4d67287649793d18d60622bf76.safeframe.googlesyndication.com/ Frame DF77 802 B
0 Other
text/plain

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://980f4f4d67287649793d18d60622bf76.safeframe.googlesyndication.com/37445a19-2c32-4756-a5ac-734d5fdb3561
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: facd25d708d9c13ecbbee553e7eb9e729075f1e929bb528cad034217135f0692

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Content-Length: 802
Content-Type

POST
H/1.1 200
OK postback Show response
s.acexedge.com/2/2.88.0/tm75/AdSEhokJDAGp5TnU/ Frame DF77 0
145 B 4ms
3ms XHR
text/plain 3.0.71.181
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.acexedge.com/2/2.88.0/tm75/AdSEhokJDAGp5TnU/postback?ci=tm75&pp=94706&si=437230&ai=4118259245&di=www.sanook.com&sr=540353017&account_id=461003&ui=&cb=-746748808518054223&r6=cc7549a53275a71efee9e4d8effbb10c&ap=&ac=718694&pc=2537431&dm=15&md=DISPLAY&ti=aa10bc0c-d5ef-4a5c-9e32-63ccd44b4d15.1&c2=1&dt=2926111444050714666007&sid=AdSEhokJDAGp5TnU&oz_sc=c4acd86dfa716b6e3d44a574&oz_df=1676831427667&oz_l=755&cv=3
Requested by: Host: s.acexedge.com
URL: https://s.acexedge.com/2/2.88.0/main.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 3.0.71.181 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-0-71-181.ap-southeast-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: *
Date: Sun, 19 Feb 2023 18:30:26 GMT
Timing-Allow-Origin: *
Content-Length: 0
Vary: Origin

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 7ms
7ms Image
text/html 2404:6800:4003:c03::9a
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2023021501&jk=1470658175133945&bg=!1Nel14PNAAZYlHKzeJQ7ADkAdvg8Wp-A6eaSJxQuX7FAzcb3YLKFh0LlgvamD2NrX-RIiz7NwMch1p5zbz2LA4UtUBkuluL9FhYCAAAAW1IAAAACaAEHCgCmwt5XuNVlsIaGqnrmfTO2q8GWOoQVT9sU8rrW9x_GmxxePNaj7e7TdXivwgo5GIW8wveUSr7FwfYcFBSD34Oy8mdyKGCQfK6COzk_J_vTVcUbaLhgAZEBph0-I8S9wdXC4iiIh4SLpkJuEQ0pgqYZ2WOJYSM_Iqk7WU9N6aa926vK4_nO5ouW52SfAUMC8IJp0r-y_qM9Rn7c8RSCiWDZP06TAeUpR5kCpAqP-CP4jcRQ19beAVXveKsQaE-Hv_IuXplFA-FhMg9RzCujUjj2Q3ycKdb06HiO_Gzi-Xu3CEWFZa88Y2twYpL1-N78uyG2pi9gpZY96J9JQcY2sD_V7UfQNe_vwm8sczfXZJJmwB5ecIjMR-nViZWuZuuXXePz5DDHvx-z0ZkOKzu6exlckVFlQoT15SUbdmae596bvn-SsyczeKYnezCkxUHyetij4aleIG3bcUGBOstqmblXq-4gJJVMQamU4nkuXb1Ck19sJ52n4d4nUST0wP61HhxcfONbThJxDL_AM3nCDfOWxl0lAFLl5dUHTjAONPIUAZwL8m9oLcQu0JaSZ1J1o3eRxTyGc6Y92d3MXF-PPBkIO5sqL2LkrCj3TpH3U7Lx6ah3qrcT6pniXA6SjDNJZ9lwvAyURlbrLOKaeNfXV8vDafJlFjP_LucS5yiA9Bhmkzxzsa_jDBa3xchRRxH2MKJmkeMsXjWhIf5FgzvOj4wUXGXHShIeGB18n9FAfLU6gRZM9Xd6Bn_SZHcvR6plLiU9qjH7ch3tvN2jyi1pHiMEA4R8WZgT6OKVg4aldf-GjyXGC4h40VuuckC1HzkRP4LNbNUeJQ18tT3tGBIpzTfrgicLDyMZQjH8wYAr723HKhIOA6evy0mPuaLxOKbdOkcMEGs7-0GS8DeFI5jAKgHIiVP2frjjY-1PRstMK81yroht0swgLS2s-6R-U3j5thYWRA8IMFWaTPQZ5nxCNKxM95H7F_d3oQSZYdtO4QcQwbsnAvBz5ovZ1K4xE2sEqQzVQTzaXBmfyI0jQ1Z8bJIkL-nlkNnm_6obduDbcMUuW_oz96qliC-aEuRzwevzxFSHg0nddAryl34GTx7zhqZ_uSDCBmH4hapRP1oR86Q
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2404:6800:4003:c03::9a , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

POST
H/1.1 200
OK postback Show response
s.acexedge.com/2/2.88.0/tm75/AdSEhokJDAGp5TnU/ Frame DF77 0
145 B 4ms
4ms XHR
text/plain 3.0.71.181
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.acexedge.com/2/2.88.0/tm75/AdSEhokJDAGp5TnU/postback?ci=tm75&pp=94706&si=437230&ai=4118259245&di=www.sanook.com&sr=540353017&account_id=461003&ui=&cb=-746748808518054223&r6=cc7549a53275a71efee9e4d8effbb10c&ap=&ac=718694&pc=2537431&dm=15&md=DISPLAY&ti=aa10bc0c-d5ef-4a5c-9e32-63ccd44b4d15.1&c2=1&dt=2926111444050714666007&sid=AdSEhokJDAGp5TnU&oz_sc=c4acd86dfa716b6e3d44a574&oz_df=1676831427960&oz_l=5565&cv=3
Requested by: Host: s.acexedge.com
URL: https://s.acexedge.com/2/2.88.0/main.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 3.0.71.181 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-0-71-181.ap-southeast-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: *
Date: Sun, 19 Feb 2023 18:30:27 GMT
Timing-Allow-Origin: *
Content-Length: 0
Vary: Origin

POST
H/1.1 200
OK postback Show response
s.acexedge.com/2/2.88.0/tm75/AdSEhokJDAGp5TnU/ Frame DF77 0
145 B 4ms
3ms XHR
text/plain 3.0.71.181
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.acexedge.com/2/2.88.0/tm75/AdSEhokJDAGp5TnU/postback?ci=tm75&pp=94706&si=437230&ai=4118259245&di=www.sanook.com&sr=540353017&account_id=461003&ui=&cb=-746748808518054223&r6=cc7549a53275a71efee9e4d8effbb10c&ap=&ac=718694&pc=2537431&dm=15&md=DISPLAY&ti=aa10bc0c-d5ef-4a5c-9e32-63ccd44b4d15.1&c2=1&dt=2926111444050714666007&sid=AdSEhokJDAGp5TnU&oz_sc=c4acd86dfa716b6e3d44a574&oz_df=1676831428976&oz_l=616&cv=3
Requested by: Host: s.acexedge.com
URL: https://s.acexedge.com/2/2.88.0/main.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 3.0.71.181 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-0-71-181.ap-southeast-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: *
Date: Sun, 19 Feb 2023 18:30:28 GMT
Timing-Allow-Origin: *
Content-Length: 0
Vary: Origin

POST
H/1.1 200
OK postback Show response
s.acexedge.com/2/2.88.0/tm75/AdSEhokJDAGp5TnU/ Frame DF77 0
145 B 4ms
4ms XHR
text/plain 3.0.71.181
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.acexedge.com/2/2.88.0/tm75/AdSEhokJDAGp5TnU/postback?ci=tm75&pp=94706&si=437230&ai=4118259245&di=www.sanook.com&sr=540353017&account_id=461003&ui=&cb=-746748808518054223&r6=cc7549a53275a71efee9e4d8effbb10c&ap=&ac=718694&pc=2537431&dm=15&md=DISPLAY&ti=aa10bc0c-d5ef-4a5c-9e32-63ccd44b4d15.1&c2=1&dt=2926111444050714666007&sid=AdSEhokJDAGp5TnU&oz_sc=c4acd86dfa716b6e3d44a574&oz_df=1676831429008&oz_l=228&cv=3
Requested by: Host: s.acexedge.com
URL: https://s.acexedge.com/2/2.88.0/main.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 3.0.71.181 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-0-71-181.ap-southeast-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: *
Date: Sun, 19 Feb 2023 18:30:28 GMT
Timing-Allow-Origin: *
Content-Length: 0
Vary: Origin

POST
H2 200 all
csm.as.criteo.net/ Frame 7833 0
127 B 4ms
4ms Ping
text/plain 2406:2600:7:100::f
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2406:2600:7:100::f , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.as.criteo.com/
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Sun, 19 Feb 2023 18:30:29 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

POST
H/1.1 200
OK postback Show response
s.acexedge.com/2/2.88.0/tm75/AdSEhokJDAGp5TnU/ Frame DF77 0
145 B 9ms
8ms XHR
text/plain 3.0.71.181
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.acexedge.com/2/2.88.0/tm75/AdSEhokJDAGp5TnU/postback?ci=tm75&pp=94706&si=437230&ai=4118259245&di=www.sanook.com&sr=540353017&account_id=461003&ui=&cb=-746748808518054223&r6=cc7549a53275a71efee9e4d8effbb10c&ap=&ac=718694&pc=2537431&dm=15&md=DISPLAY&ti=aa10bc0c-d5ef-4a5c-9e32-63ccd44b4d15.1&c2=1&dt=2926111444050714666007&sid=AdSEhokJDAGp5TnU&oz_sc=c4acd86dfa716b6e3d44a574&oz_df=1676831430524&oz_l=46&cv=3
Requested by: Host: s.acexedge.com
URL: https://s.acexedge.com/2/2.88.0/main.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 3.0.71.181 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-0-71-181.ap-southeast-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: *
Date: Sun, 19 Feb 2023 18:30:29 GMT
Timing-Allow-Origin: *
Content-Length: 0
Vary: Origin

POST
H2 200 OpportunityServlet
sg-vid-events.taboola.com/ 1 B
119 B 17ms
9ms Ping
text/plain 141.226.229.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://sg-vid-events.taboola.com/OpportunityServlet
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/32_5_5/infra/cmTagWIDGET_ITEM.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.229.48 , Singapore, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: 5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9

Request headers

Referer: https://www.sanook.com/
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://www.sanook.com
date: Sun, 19 Feb 2023 18:30:32 GMT
access-control-allow-credentials: true
server: nginx
content-length: 1

POST
H2 200 VideoBidRequestHandlerServlet Show response
sg-wf.taboola.com/ 2 KB
1 KB 189ms
189ms XHR
application/json 141.226.229.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://sg-wf.taboola.com/VideoBidRequestHandlerServlet?oid=15&width=357&height=200&pubid=169497&tagid=953497&crid=-1&noaop=3&sortOrderType=0&cb=1676831432206&mimes=5,10,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=3&pv=1504&pt=709711385&tz=0&viewable=true&ddast=V7yg4CFgMtJZNQBpbcQwQtJZNQBpbcQwUAAAAGBuIHJGEbjDbL0W4t2mxca9HEN3MrnJvNWmaxLCaTjW-2WKyMQBK2wWizHO3Wos3GtRZNfDO3wrnZrGUWy2Iy2fhmi8XKCh_GcpkMaoGEZfb7DgrK6ekxuwyiouttsTucZs8bTtB0Onyue73u97trHna_32vX-N1-od_y93z8hpdft1lOlns5AAAAADz8____QwAAAABEAAAAAEgAAAAAUARU_FsIXAAAAABg_P___2sAAHMkzNPucxj-lpc_AAAAAEAAAAAASAAIOtZKACywqk7-_________2MG6DNvZP7___9vGHoAHnwAHoQAAAAehlbJ10QW8P6CiAo6ihgBAAAAnPlnSh9N6oTKour__7_fCuAKACDAUA3-PSpLd1DiLQwAAEBgbIEeFr_f7LBr_G6X_f________-b_Z_9o_2MXiukCT3Pzqj9AgIArP0CAgCwqRsAwFsAXNARtGIwWN1ArlazAwAAALj7____1wMRw2qxmyx3q9HGNDNsnMvZzLew2BbLzWplGDmW28OsxEkRcPtQ7AsRltnvOygop6fH7DKIiq63xe5wmj0H8UHDsJwMovlN2GK0mkw2y-FsuZgMhqPhaLS_gVgMBjgRg-VyMllMdqvRarQZ7kazwQIFYjBBihYNJqvRaLKYDFejyWq2XOx2G6Ro1Wo22gyGq9lkttuthoPhcjTCCVuMVpPJZjmcLReTwXA0HI2GCFOmjc0zM6zcEpNvtxZNViu3xGYYrmUOw2hmWe2WM8vKLXp9TA-XxWbYbLwoGDCyF8nTIp3IXKOFb-VxDFem4XLhmKwWM4vDuDAthruNYbKYWcQSzckincgu-4phtdhNlrvVaGOaGTbO5WzmW1hsi-VmtTKMHMt9y7SxeWaGlVti8u3Woslq5ZbYDMO1zGEYzSyr3XJmWblFr4_p4bLYDJuNvzHbzYabxWgy2Ddmu9lwsxhNBvsOneG7-pyNnsvB3HGpL99z5nZzGBQug8X7PVik0WlnZ_S5DBeLamzaOSZWod_v9_v9fr_f7_duzAaPwWD4Wc7Hvtiv_RZOnu_GezAqYongIp1oHna_32sRS5Smi3SiF_otf8_Hb3j5dZvlZDkRSwSni3QiehlPF_UfH2KwmUtWo7litZlLFoNVAgAAAAAAAABYwpR5EwAAAIDTQGbL2W61zoMYzUajwWq5AA9wAbo_vGaYs682tbsOxL7bG3lxCMWNHxvMw-73e60MACGYzbz5M0Gs1WpZAwAACGADAAAEcOvmLQCLif____-PAwAAkJGjBwAAEN8HMvLCjVov_OAfaNVg!&proto=2,3,5,6&encoded=1&pstn=vforce2&callback=&wfv=1&amp=0&qsz=6&ft=0&pb=0&pagg=1&sd=undefined&ctsldr=0&dtagid=1464405&dpubid=269675&abtst=ufm_vA&mPre=0.033&cirf=https%3A%2F%2Fwww.sanook.com&en=1&panid=0a1454e7183926fa8576f4dc4b0616d539388b205627b0d7ac4b6f8e4518b1b0
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/horoscope/73929/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.229.48 , Singapore, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: 189d9dc549211186136046f98718fb75051caf74b32c5e62dc67980c9d89b4f6

Request headers

Referer: https://www.sanook.com/
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Content-type: text/plain

Response headers

pragma: no-cache
date: Sun, 19 Feb 2023 18:30:32 GMT
content-encoding: gzip
server: nginx
machineid: 1312
vary: Accept-Encoding
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.sanook.com
cache-control: no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
access-control-allow-credentials: true
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2

200

cookiesync Show response
cdn.aralego.net/ucfad/sdk/apac-sg/
Redirect Chain

https://ads.aralego.com/cookiesync
https://cdn.aralego.net/ucfad/sdk/apac-sg/cookiesync

5 KB
6 KB

27ms
10ms

Script
application/octet-stream

2606:4700:20::681a:567

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.aralego.net/ucfad/sdk/apac-sg/cookiesync
Protocol: H2
Server: 2606:4700:20::681a:567 -, , ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash: 9fcf8d1528612fbe887733a7d401ca84425e0f0b524fa07d543b277d1e66d9f7

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sun, 19 Feb 2023 18:30:32 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 13911
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 5234
last-modified: Wed, 21 Dec 2022 06:35:01 GMT
server: cloudflare
etag: "63a2a915-1472"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZOWjsv6zI04HxA1MwnrRzjoaXrn8OptwQviiU5gpNGj8wVBi7p1xl0gZjgywJS0soV9I5dep8NCswR7sVnFbEe%2BdUuhSVpzCfhiRmcx8YKdcywQXgrfOexLzxOB2oU17lxHJ4OMVNJDf%2BSMtsw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream
cache-control: max-age=14400
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 79c11306bf668932-SIN

Redirect headers

Location: https://cdn.aralego.net/ucfad/sdk/apac-sg/cookiesync
Connection: close
Content-length: 0

GET
H/1.1 200
OK idRequest Show response
sync.aralego.com/ 46 B
492 B 89ms
6ms XHR
text/html 209.58.168.56

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.aralego.com/idRequest?lang=en-US,en&deviceInfo=8416001200&pixRatio=1&font=14px%20/%2021px%20%22Helvetica%20Neue%22,%20Helvetica,%20Arial,%20sans-serif&
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/horoscope/73929/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 209.58.168.56 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2b131ed7e246611a50c48183544cc5a19cc0195509705deafb1f050ee2c511b0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date: Sun, 19 Feb 2023 18:30:32 GMT
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET,POST,OPTIONS
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: https://www.sanook.com
Access-Control-Allow-Credentials: true
Connection: close
Content-Length: 46

GET
H2 200 cookieSyncIframe.html Show response
cdn.aralego.net/ucfad/cookie/ Frame E800 714 B
612 B 8ms
8ms Document
text/html 2606:4700:20::681a:567

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Requested by: Host: ads.aralego.com
URL: https://ads.aralego.com/cookiesync
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:567 -, , ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash: 36a7d95f2760a813f3e782dfc125ea786174d581d6f6f896021d6994e9514bd6

Request headers

Referer: https://www.sanook.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

access-control-allow-credentials: true
age: 13936
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: max-age=14400
cf-cache-status: HIT
cf-ray: 79c1130768678932-SIN
content-encoding: br
content-type: text/html
date: Sun, 19 Feb 2023 18:30:32 GMT
last-modified: Wed, 09 Feb 2022 05:59:13 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cDWSv5rqj%2FuaVtkFrg7lZhiTxaGx1kRLA8BOKsCJQ9iIPWbVwCM9BTZAkLKSyBhNjbdXTueYu4uthIVtQfnBZACO4Vs3qWdKScG9Vp4GBWh2Zeh0Ic0OV7aMw23VxrYd8Fy%2FTlKyFgrnYHmiew%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H3

200

1x1.png
cdn.aralego.net/img/
Redirect Chain

https://sync.aralego.com/idsync?usprivacy=1---&
https://pr-bh.ybp.yahoo.com/sync/ucfunnel/8d500d4b-2bae-3e4a-9c52-d5b9e4fc53a0?gdpr=0&euconsent=
https://sync.aralego.com/idsync?ucf_nid=dsp-AE38A6E4BB372DE1838A748E89487D9&ucf_user_id=y-IUITlCxE2oWGM4zUcaERRAmBcDHT3lAmfmQHPhk-~A&redirect=
https://match.adsrvr.org/track/cmf/generic?ttd_pid=nwuslum&ttd_tpi=1&gdpr=0&gdpr_consent=
https://sync.aralego.com/idsync?ucf_nid=dsp-9A2296D7D389BBA3144262983D2B9AEB&ucf_user_id=f91d4e2a-9548-4c26-a952-3061050615ad
https://x.bidswitch.net/sync?ssp=ucfunnel&user_id=8d500d4b-2bae-3e4a-9c52-d5b9e4fc53a0&gdpr=0&gdpr_consent=
https://dis.criteo.com/dis/usersync.aspx?r=25&p=52&dis=0&gdpr=0&gdpr_consent=&url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D462%26ssp%3Ducfunnel%26user_id%3D%40%40CRITEO_USERID%40%40
https://x.bidswitch.net/sync?dsp_id=462&ssp=ucfunnel&user_id=k-TuTcRrOCY_fOXrHhclGofaSg9tao7h2gsbr5sg&gdpr=0&gdpr_consent=
https://sync.aralego.com/idSync?redirect=&ucf_nid=dsp-6AABDA2D3AA6EAD1E94E9442DE6444A&ucf_user_id=91f5f182-b782-4407-985c-6593dbbf178e
https://cm.g.doubleclick.net/pixel?google_nid=ucfunnel&google_hm=OGQ1MDBkNGItMmJhZS0zZTRhLTljNTItZDViOWU0ZmM1M2Ew&google_redir=https%3A%2F%2Fcdn.aralego.net%2Fimg%2F1x1.png
https://cdn.aralego.net/img/1x1.png

68 B
637 B

14ms
14ms

Image
image/png

2606:4700:20::681a:567

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.aralego.net/img/1x1.png
Protocol: H3
Server: 2606:4700:20::681a:567 -, , ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash: 63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sun, 19 Feb 2023 18:30:33 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3047
cf-polished: status=not_needed
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 68
cf-bgj: imgq:85,h2pri
last-modified: Wed, 12 Jun 2019 06:09:43 GMT
server: cloudflare
etag: "5d009727-44"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RBHyFBDTpyuSnAqlLfcxN%2BdOBzpyh2WQ3HtfpA%2B59AEo0QjZTanCSjA%2FMK96tf9gRXC6FdTHKNKIAwee2AM3Rg9s%2BrExjMnCfPJdXuKFIfvgGQ0SdTDjNgyja99SIJv1Tgt9BYNwi%2B0CM8uEjg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 79c113093e97464f-SIN

Redirect headers

pragma: no-cache
date: Sun, 19 Feb 2023 18:30:33 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://cdn.aralego.net/img/1x1.png
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 232
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ Frame E800 76 KB
26 KB 6ms
5ms Script
text/javascript 2404:6800:4003:c06::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: cdn.aralego.net
URL: https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c06::9a , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7c87f89709d7e67e66fea5de8c363a18c4a0825d5bf7fcb015cf462016295d0a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sun, 19 Feb 2023 18:30:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 26543
x-xss-protection: 0
server: sffe
etag: "1487 / 983 of 1000 / last-modified: 1676675148"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sun, 19 Feb 2023 18:30:32 GMT

GET
H3 200 pubads_impl_2023021401.js Show response
securepubads.g.doubleclick.net/gpt/ Frame E800 383 KB
129 KB 4ms
4ms Script
text/javascript 2404:6800:4003:c06::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023021401.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c06::9a , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3ae88f57f0348d9b11258f88926e791d4dc8dc66b365d8aca36cb731257b7fc0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sun, 19 Feb 2023 13:18:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 18743
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 132139
x-xss-protection: 0
last-modified: Tue, 14 Feb 2023 09:35:40 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Mon, 19 Feb 2024 13:18:09 GMT

GET
H3 200 integrator.js Show response
adservice.google.com.sg/adsid/ Frame E800 107 B
122 B 6ms
6ms Script
application/javascript 2404:6800:4003:c03::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com.sg/adsid/integrator.js?domain=cdn.aralego.net

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023021401.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::9a , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sun, 19 Feb 2023 18:30:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ Frame E800 107 B
122 B 7ms
6ms Script
application/javascript 2404:6800:4003:c04::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=cdn.aralego.net

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023021401.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c04::9d , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sun, 19 Feb 2023 18:30:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame E800 492 B
269 B 31ms
31ms XHR
text/plain 2404:6800:4003:c06::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4294903571366268&correlator=1222337274404396&eid=31072020%2C31072028%2C31071433&output=ldjh&gdfp_req=1&vrg=2023021401&ptt=17&impl=fifs&us_privacy=1---&iu_parts=18087395%2Ccookie&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=1&adks=64515409&sfv=1-0-40&sc=1&cdm=cdn.aralego.net&abxe=1&dt=1676831432965&lmt=1644386353&dlt=1676831432881&idt=61&adxs=-12245933&adys=-12245933&biw=-12245933&bih=-12245933&scr_x=-12245933&scr_y=-12245933&ucis=wz5p695smfy9&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&nhd=1&url=https%3A%2F%2Fcdn.aralego.net%2Fucfad%2Fcookie%2FcookieSyncIframe.html&ref=https%3A%2F%2Fwww.sanook.com%2F&top=https%3A%2F%2Fwww.sanook.com%2F&etu=AGlan6ETtaQrWaHelgV1p1-E_W3eC-cbz76Hd37Au3KHOaxroMIHkyjvnGuxSbU7-oUVP3J4KJ1ADIu_gNf1n_Whb3jEsNCVGQIv4A&frm=24&vis=1&psz=0x0&msz=0x-1&fws=256&ohw=0&ea=0&ga_vid=111646101.1676831433&ga_sid=1676831433&ga_hid=466292434&ga_fc=false

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023021401.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c06::9a , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5f8b975add7259aaa3bbe52d844e1997b11d5038e09fe91dff7b3b8954091919

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sun, 19 Feb 2023 18:30:32 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 235
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://cdn.aralego.net
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame E800 14 KB
11 KB 9ms
9ms XHR
application/json 2404:6800:4003:c03::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2023021401&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023021401.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::9c , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9b5987d87fd43167885943b63a5707d7b51698e618cc1189be6475ea8ba745f6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sun, 19 Feb 2023 18:30:32 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10992
x-xss-protection: 0

GET
H2 200 container.html Show response
91bfa6d7aec15f88fefe77f96395c2d3.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame F8B7 6 KB
3 KB 13ms
5ms Document
text/html 2404:6800:4003:c11::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://91bfa6d7aec15f88fefe77f96395c2d3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023021401.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c11::84 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cdn.aralego.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 19 Feb 2023 18:30:32 GMT
expires: Mon, 19 Feb 2024 18:30:32 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame E800 17 KB
6 KB 7ms
7ms Script
text/javascript 2404:6800:4003:c01::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023021401.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c01::84 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sun, 19 Feb 2023 18:30:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 19 Feb 2023 18:30:32 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 93DF 13 KB
5 KB 6ms
4ms Document
text/html 2404:6800:4003:c01::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c01::84 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cdn.aralego.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

accept-ranges: bytes
age: 19471
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 19 Feb 2023 13:06:02 GMT
expires: Mon, 19 Feb 2024 13:06:02 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 378F 783 B
534 B 9ms
8ms Document
text/html 2404:6800:4003:c11::63
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c11::63 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

2e8f7ce6b4e1bbb0e625922f6330a20a30903b2686ad82ddf1249d4d3fa7c5e3

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-I7tLPLTLJSWjnjycUpzbbw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://cdn.aralego.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 512
content-security-policy: script-src 'report-sample' 'nonce-I7tLPLTLJSWjnjycUpzbbw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sun, 19 Feb 2023 18:30:33 GMT
expires: Sun, 19 Feb 2023 18:30:33 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 378F 0
0 6ms
6ms Image
text/html 2404:6800:4003:c03::9a
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2023021401&jk=4294903571366268&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2404:6800:4003:c03::9a , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

GET
H3 200 7Lg35lthZ5bMa2_BIKuudMRVkX-RcQ_BXpABKM-oZgA.js Show response
pagead2.googlesyndication.com/bg/ Frame 93DF 36 KB
14 KB 4ms
4ms Script
text/javascript 2404:6800:4003:c03::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/7Lg35lthZ5bMa2_BIKuudMRVkX-RcQ_BXpABKM-oZgA.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::9a , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ecb837e65b616796cc6b6fc120abae74c455917f91710fc15e900128cfa86600

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Fri, 17 Feb 2023 11:24:00 GMT
content-encoding: br
x-content-type-options: nosniff
age: 198393
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14233
x-xss-protection: 0
last-modified: Mon, 13 Feb 2023 15:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 17 Feb 2024 11:24:00 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 93DF 0
10 B 4ms
3ms Image
text/plain 2404:6800:4003:c01::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?z-xXww
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2404:6800:4003:c01::84 , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sun, 19 Feb 2023 18:30:33 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame E800 0
0 8ms
8ms Image
text/html 2404:6800:4003:c03::9a
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2023021401&jk=4294903571366268&bg=!ODulO2_NAAZYlHKzeJQ7ADkAdvg8Wlrx1O5D5XG8of8FHdlsmAgLuLn9EwD4wIDASyCWgh4bR5K5zHMRo_8uZff7cPpG67Z5GX8CAAAAWlIAAAACaAEHCgCmkBodT_NRRGIn8pT9BXt1lggcghSkTHSOYjto1F2EDsHQxtmZHBWsmcLmpjJUSvIrgMh8hWBzcdzraAlNFdQAeV4AoKYk3qi-i4lDS4sPrh9Gs_rGLN68Yw6RKr5LK_FKTR14AqzoQB--KHsWwo6i9L-qiCahO0P-PMevb1USdGPqD2OgX8UGswSVmSOWMl0yknLdBY8G9UN0Vu6KwmO55R9z8uh1LpkCv6Di-Ep0LsWOVObnyOOSBdOD9tyJFmoyzJ5XjJ7ZKWHNibPxSvREBnpqNMrz_qWY9CvQ1y9h5VNRFTW8Sy0BID10bmCYllMLKBQsS0AjRI3UyQjFcLKfd4x3Eq56BeTIoKq-t08dXIBfUhS84nZUS6NK_xq7jCgwi6Y1JXwiirCRaWhUsIh98ZS_Y4sBnt55oLQDQlL2FM9Nn0DE8AYl7g9jvUVHegKDsnGibYk6zJ0xA6fwnet7893Qh3XVYuU-wYBaOR3qkgRfhu0mlq2UMsJFIYhoTUxkLhEKPDKnl2DMXwpqg_LtOt0olQLt3zZ1ri6hZoC9NPkDl8S1zEUU00xRbSBUTMdlAZhg-bu2WkpCQNlCwJjpCLzhC27AEyxvnq6F-5BWRYIuzVCsrz2X0eyztBcL1qCDPb7X1e2oxyUZ0gQ2lrC58PjZLr_SUJ_lqZzbYKagsF3miOb_haSslgJCt6m0FiAF4A3LZ6Rhquv87ZbFuUVv4fcbsSZv7Vm7QwfdRHzcER0k8AchoYrtRX1-qRmDD1T02FqWWQ8X_pxaixW4fOuVX5B0P_tKL0H5o2MEB14b8at1nrQ1dSFfQfTuocmFDzSx_eGHraM1-dkr7Nq9fU2uBgp_unOMOO-2G4uZowNTZROc2WL10Qt7zGR-x2ElalGi2iZ9nqau7ii3aGeegfg-bYHEPLbGy3vFIVLkOC-qMBkFl4bhVneyh9fBI3iw6LcA9-Em00tInQOpyb9zSZZ4jBHavS6VD2Jf6BLhK_cyS-2Tf3Ak-kbOJVsBKcIhJdLOg0lhZwuCENFJlOXgJUKya1lKd3nsSGt7IhdcNEwRWow2GvCTJNlrc3Djpk1qk7gn9O1-hhlR3X2S46gqVdpIaLKJKH70H2B9xrDk_cJEI06omuVSYWrbFAs0aSHjmdg-EzA4RUNIgUk
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2404:6800:4003:c03::9a , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

POST
H/1.1 200
OK postback Show response
s.acexedge.com/2/2.88.0/tm75/AdSEhokJDAGp5TnU/ Frame DF77 0
145 B 4ms
3ms XHR
text/plain 3.0.71.181
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.acexedge.com/2/2.88.0/tm75/AdSEhokJDAGp5TnU/postback?ci=tm75&pp=94706&si=437230&ai=4118259245&di=www.sanook.com&sr=540353017&account_id=461003&ui=&cb=-746748808518054223&r6=cc7549a53275a71efee9e4d8effbb10c&ap=&ac=718694&pc=2537431&dm=15&md=DISPLAY&ti=aa10bc0c-d5ef-4a5c-9e32-63ccd44b4d15.1&c2=1&dt=2926111444050714666007&sid=AdSEhokJDAGp5TnU&oz_sc=c4acd86dfa716b6e3d44a574&oz_df=1676831434140&oz_l=91&cv=3
Requested by: Host: s.acexedge.com
URL: https://s.acexedge.com/2/2.88.0/main.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 3.0.71.181 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-0-71-181.ap-southeast-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: *
Date: Sun, 19 Feb 2023 18:30:33 GMT
Timing-Allow-Origin: *
Content-Length: 0
Vary: Origin

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: cs.nex8.net
URL: https://cs.nex8.net/cs/openx

Domain: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjss4IDDee6qF3bPVkL3yYBtB_R_HqCOWrEsEY44xqGnI5mdTgv74jYEDoGp6JxqxOtK6diHrREfx2lF8Pp9_5dfATxAVYaVb-E7epIJyMsCpx9dMdyXI&sig=Cg0ArKJSzGBZ89X6iakMEAE&id=lidartos&mcvt=0&p=0,0,0,0&mtos=0,0,0,0,0&tos=0,0,0,0,0&v=20230215&bin=7&avms=nio&bs=1600,1200&mc=0&vu=1&app=0&itpl=19&adk=3364664086&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=3&r=b&rst=1676831421057&rpt=302&isd=0&lsd=0&ec=1&met=ce&wmsd=0&pbe=0&vae=0&spb=0

Domain: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstKlrWelS-VT131IbB-Lp8T0QrrXzNjmFY2BEXQNNzHhgVfvVM7GFetXTDXJxGJhAoPzwYiL4ojAYZVULX8QvUFZ8F0dvjikAwjeHVdBeeJWjE3qyrH&sig=Cg0ArKJSzKjyEm19TBn_EAE&id=lidartos&mcvt=0&p=0,0,0,0&mtos=0,0,0,0,0&tos=0,0,0,0,0&v=20230215&bin=7&avms=nio&bs=1600,1200&mc=0&vu=1&app=0&itpl=19&adk=178697795&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=3&r=b&rst=1676831421753&rpt=491&isd=0&lsd=0&ec=1&met=ce&wmsd=0&pbe=0&vae=0&spb=0

Domain: api.rlcdn.com
URL: https://api.rlcdn.com/api/identity/envelope?pid=1258

Verdicts & Comments Add Verdict or Comment

702 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

198 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.sanook.com/horoscope/73929	1969-12-31 23:59:59	Name: verify Value: test
.taboola.com/sanook/	1969-12-31 23:59:59	Name: taboola_session_id Value: v2_b051729754c4f0c996f7ab61935e0d19_e4cf3f0e-bd77-425e-bf08-fa04f2579f2e-tuctaebf03c_1676831420_1676831420_CNawjgYQgeA9GKzew9fmMCABKAEwwAE4t4gNQOKaEEjXiNcDUP___________wFYAGAAaOey1_X_v7aIgwFwAQ
.gg.gg/	1970-01-20 18:32:47	Name: __ddg1_ Value: unnM8704kHFJS8EUWvA9
gg.gg/	1970-01-20 09:47:18	Name: ci_session Value: a%3A5%3A%7Bs%3A10%3A%22session_id%22%3Bs%3A32%3A%22a6e15aafe97d180d6e1adbf1ce230227%22%3Bs%3A10%3A%22ip_address%22%3Bs%3A11%3A%22186.2.160.6%22%3Bs%3A10%3A%22user_agent%22%3Bs%3A116%3A%22Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F110.0.5481.100+Safari%2F537.36%22%3Bs%3A13%3A%22last_activity%22%3Bi%3A1676831415%3Bs%3A9%3A%22user_data%22%3Bs%3A0%3A%22%22%3B%7D58b6cd43f458e44d59948cbb0d7fa1f1
.gg.gg/	1970-01-20 11:56:47	Name: gg_token Value: 9eb9f2164cd07758fcb2ac990105acf863f26ab7a546d2.84660247
.sanook.com/	1970-01-20 18:32:47	Name: sa_optout Value: 2
.sanook.com/	1970-01-20 18:32:47	Name: dc_optout Value: 2
.sanook.com/	1970-01-20 18:32:47	Name: ads_optout Value: 2
cdn.taboola.com/	1970-01-20 09:47:22	Name: abLdr Value: 10
.criteo.com/	1970-01-20 19:08:47	Name: uid Value: 7a472b81-c9b0-40e9-9518-260f5df784dc
.sanook.com/	1970-01-20 11:56:47	Name: _fbp Value: fb.1.1676831419723.305594148
.sanook.com/	1969-12-31 23:59:59	Name: _cbclose Value: 1
.sanook.com/	1969-12-31 23:59:59	Name: _cbclose45879 Value: 1
.sanook.com/	1970-01-20 18:32:47	Name: _uid45879 Value: 83E8F0A8.1
.sanook.com/	1970-01-20 09:47:12	Name: _ctout45879 Value: 1
.sanook.com/	1970-01-20 19:23:11	Name: _sa Value: SA1.2.988410274.1676831420
.sanook.com/	1970-01-20 11:56:47	Name: _gcl_au Value: 1.1.2123472593.1676831420
.doubleclick.net/	1970-01-20 19:23:11	Name: IDE Value: AHWqTUnzkv6ZIcfrfxmYPlA4stjPbSMdUrEiXAwfYnRG37DwLbvyvUfvJpraYo4x
www.sanook.com/	1970-01-20 10:30:23	Name: _pbjs_userid_consent_data Value: 3524755945110770
.izooto.com/	1970-01-20 19:23:11	Name: IZCID Value: 8753f5f2-5592-41a5-aac1-236fdaefd7f0
.scorecardresearch.com/	1970-01-20 19:23:11	Name: UID Value: 17965468a11e172de8b4f371676831420
.sanook.com/	1970-01-20 09:48:37	Name: _gid Value: GA1.2.484108671.1676831420
.sanook.com/	1970-01-20 09:47:11	Name: _gat_UA-8147095-6 Value: 1
.sanook.com/	1970-01-20 19:23:11	Name: _ga_M0RYDTKBFK Value: GS1.1.1676831420.1.0.1676831420.60.0.0
.sanook.com/	1970-01-20 19:23:11	Name: _ga Value: GA1.1.435404951.1676831420
.www.sanook.com/	1970-01-20 09:48:37	Name: freq.5f73e63e47e7040e00000000 Value: 1
.innity.com/	1970-01-20 19:23:11	Name: iUUID Value: 9c59882b5e15c350eb02fed7fe10c69c
.sanook.com/	1970-01-20 19:23:11	Name: iUUID Value: 9c59882b5e15c350eb02fed7fe10c69c
.sanook.com/	1970-01-20 09:47:13	Name: innity.dmp.225.sess Value: 1.1676831420534.1676831420534.1676831420534
.sanook.com/	1970-01-20 09:47:13	Name: innity.dmp.225.sess.id Value: 52678624.225.1676831420534
.sanook.com/	1970-01-20 09:48:37	Name: innity.dmp.cks.innity Value: 1
avd.innity.com/	1970-01-20 09:48:37	Name: geo Value: AS%3BSingapore%3BSG%3BCentral%20Singapore%20Community%20Development%20Council%3B01%3BSingapore
.innity.com/	1970-01-20 09:48:37	Name: iGEO Value: SG%7E00
.innity.com/	1970-01-20 09:48:37	Name: iSync Value: 1
.taboola.com/	1970-01-20 18:32:47	Name: t_gid Value: e4cf3f0e-bd77-425e-bf08-fa04f2579f2e-tuctaebf03c
.openx.net/	1970-01-20 18:32:47	Name: i Value: 6a19c8cb-10df-04bb-370b-74ba8576217e\|1676831420
www.sanook.com/	1970-01-20 18:32:47	Name: trc_cookie_storage Value: taboola%2520global%253Auser-id%3De4cf3f0e-bd77-425e-bf08-fa04f2579f2e-tuctaebf03c
.yahoo.com/	1970-01-20 18:33:09	Name: A3 Value: d=AQABBLxq8mMCEGdTrTrYmEvyBTD1OnNh1_0FEgEBAQG882P8YwAAAAAA_eMAAA&S=AQAAAk3n3cu_V-XtoCX0_5ULQJQ
.teads.tv/	1970-01-20 18:31:21	Name: tt_viewer Value: 2bb0ea46-0b70-46f6-91fd-583c75cd8a79
.sanook.com/	1970-01-20 19:15:59	Name: _cb Value: Cn5MfxfS3_9dn7Km
.sanook.com/	1970-01-20 19:15:59	Name: _chartbeat2 Value: .1676831420805.1676831420805.1.BUbEwqD5-G-0CkbA1CCF8i7oDGNP-B.1
.sanook.com/	1970-01-20 09:47:13	Name: _cb_svref Value: null
.adsrvr.org/	1970-01-20 18:32:47	Name: TDID Value: f91d4e2a-9548-4c26-a952-3061050615ad
.openx.net/	1970-01-20 10:08:47	Name: univ_id Value: 537072971\|f91d4e2a-9548-4c26-a952-3061050615ad\|1676831421111141
.ladsp.com/	1970-01-20 09:47:15	Name: cr Value: 1
.ladsp.com/	1970-01-20 19:23:11	Name: smn_uid Value: MIjWG3TMg5PvZ37PspO7EQ9Z7TyzKE4
.ladsp.com/	1970-01-20 19:23:11	Name: lum Value: CJ7mw9fmMBIFCAMQ0AU
.casalemedia.com/	1970-01-20 18:32:47	Name: CMID Value: Y-JqvVmfHdKvpbEbBRMNQAAA
.casalemedia.com/	1970-01-20 11:56:47	Name: CMPS Value: 5311
.casalemedia.com/	1970-01-20 11:56:47	Name: CMPRO Value: 5311
.pubmatic.com/	1970-01-20 18:32:47	Name: KADUSERCOOKIE Value: 85D19C09-7095-475E-95C8-9F29F99AFE82
.turn.com/	1970-01-20 14:06:23	Name: uid Value: 7626325209235729978
.socdm.com/	1970-01-20 19:23:11	Name: SOSYNC Value: anNvbjp7Im9wZW54IjoxNjc2ODMxNDIxfQ
.ambientdsp.com/	1970-01-20 09:48:37	Name: _aGeoIp Value: SG-Singapore
.ambientdsp.com/	1970-01-20 19:23:11	Name: _aUID Value: z0mrtbvuj81
ads.playground.xyz/	1970-01-20 09:56:11	Name: connect.sid Value: s%3AOooqwhtPvvpexJgqW6gMPiqg7vmdIyJs.TVFCYpVY3eZlIGOGzXfWTxPMob3f%2Bdk%2BTy35eepU7CQ
.pubmatic.com/	1970-01-20 10:30:23	Name: KRTBCOOKIE_1290 Value: 23368-z0mrtbvuj81
.pubmatic.com/	1970-01-20 10:30:23	Name: KRTBCOOKIE_377 Value: 6810-f91d4e2a-9548-4c26-a952-3061050615ad&KRTB&22918-f91d4e2a-9548-4c26-a952-3061050615ad&KRTB&23031-f91d4e2a-9548-4c26-a952-3061050615ad
.sanook.com/	1970-01-20 19:08:47	Name: __gads Value: ID=c2e0d5f2d7a4b4ce:T=1676831420:S=ALNI_MaOWetUvtCK1BdIIekhyMzp_ZtsnA
.sanook.com/	1970-01-20 19:08:47	Name: __gpi Value: UID=00000bc64d7b8629:T=1676831420:RT=1676831420:S=ALNI_Mbq60WvHP_6QowoJUHNzr3lNtEtbA
.pubmatic.com/	1970-01-20 10:30:23	Name: KRTBCOOKIE_80 Value: 16514-CAESEBaZKZxjRcyEC2ipp2ndnUg&KRTB&22987-CAESEBaZKZxjRcyEC2ipp2ndnUg&KRTB&23025-CAESEBaZKZxjRcyEC2ipp2ndnUg&KRTB&23386-CAESEBaZKZxjRcyEC2ipp2ndnUg
.quantserve.com/	1970-01-20 19:17:25	Name: mc Value: 63f26abd-6d47d-696b7-e93bc
.adform.net/	1970-01-20 10:27:30	Name: C Value: 1
.pubmatic.com/	1970-01-20 10:30:23	Name: KRTBCOOKIE_153 Value: 1923-LsVbly6XX8E1wFmRL5IQkyHAX5I1kwSWepVi1zeF&KRTB&19420-LsVbly6XX8E1wFmRL5IQkyHAX5I1kwSWepVi1zeF&KRTB&22979-LsVbly6XX8E1wFmRL5IQkyHAX5I1kwSWepVi1zeF&KRTB&23403-LsVbly6XX8E1wFmRL5IQkyHAX5I1kwSWepVi1zeF
.pubmatic.com/	1970-01-20 10:30:23	Name: KRTBCOOKIE_22 Value: 14911-7626325209235729978&KRTB&23150-7626325209235729978
.w55c.net/	1970-01-20 19:14:33	Name: wfivefivec Value: BkkwXAyr1PtOs55
.adform.net/	1970-01-20 11:13:35	Name: uid Value: 6146079985838723153
.rubiconproject.com/	1970-01-20 18:32:47	Name: khaos Value: LEBQ4TFN-V-CH0S
.pubmatic.com/	1970-01-20 10:30:23	Name: KRTBCOOKIE_27 Value: 16735-uid:028d63f2-6abd-4300-8a87-36805cc62154&KRTB&16736-uid:028d63f2-6abd-4300-8a87-36805cc62154&KRTB&23019-uid:028d63f2-6abd-4300-8a87-36805cc62154&KRTB&23114-uid:028d63f2-6abd-4300-8a87-36805cc62154
.demdex.net/	1970-01-20 14:06:23	Name: demdex Value: 17283816147005802293407770577786903286
.w55c.net/	1970-01-20 10:30:23	Name: matchcasale Value: 5
.mathtag.com/	1970-01-20 19:13:06	Name: uuid Value: bfff63f2-6abd-4100-a7ca-a4b3189e2292
.dpm.demdex.net/	1970-01-20 14:06:23	Name: dpm Value: 17283816147005802293407770577786903286
.pubmatic.com/	1970-01-20 10:30:23	Name: KRTBCOOKIE_391 Value: 22924-6146079985838723153&KRTB&23263-6146079985838723153
.everesttech.net/	1970-01-20 18:32:47	Name: everest_g_v2 Value: g_surferid~Y-JqvQAGoQzDdQBh
.c.appier.net/	1970-01-20 18:32:47	Name: _auid Value: KmfVv85WA2yHneP0vWryYw
.pubmatic.com/	1970-01-20 10:30:23	Name: KRTBCOOKIE_904 Value: 16787-KmfVv85WA2yHneP0vWryYw
.pubmatic.com/	1970-01-20 10:30:23	Name: KRTBCOOKIE_57 Value: 22776-5043346485621275506&KRTB&23339-5043346485621275506
.pubmatic.com/	1970-01-20 10:30:23	Name: KRTBCOOKIE_32 Value: 11175-AAALmhfd_BEgeAMVz09HAAAAAAA&KRTB&22713-AAALmhfd_BEgeAMVz09HAAAAAAA&KRTB&22715-AAALmhfd_BEgeAMVz09HAAAAAAA
.simpli.fi/	1970-01-20 18:34:13	Name: suid Value: A04CF4C630214E7CB0E94D2E6C11D176
.bidswitch.net/	1970-01-20 18:32:47	Name: c Value: 1676831421
.bidswitch.net/	1970-01-20 18:32:47	Name: tuuid Value: 91f5f182-b782-4407-985c-6593dbbf178e
.rlcdn.com/	1970-01-20 11:13:35	Name: pxrc Value: CL3VyZ8GEgUI6AcQABIFCOhHEAA=
.openx.net/	1970-01-20 10:08:47	Name: pd Value: v2\|1676831420.1\|lYvOiajEiuhI.vysnuIjIvGlQkqkalUvH
.pubmatic.com/	1970-01-20 10:30:23	Name: KRTBCOOKIE_148 Value: 19421-uid:A04CF4C630214E7CB0E94D2E6C11D176
.w55c.net/	1970-01-20 10:30:23	Name: matchopenx Value: 5
.bidswitch.net/	1970-01-20 18:32:47	Name: tuuid_lu Value: 1676831422
.adnxs.com/	1970-01-20 11:56:47	Name: uuid2 Value: 5043346485621275506
.blismedia.com/	1970-01-20 18:32:51	Name: b Value: 63F26ABE01D31B9170F4D43BBLIS
.admixer.net/	1970-01-20 11:56:47	Name: am-uid Value: 9543b93a204846a298066eac39268a26
.semasio.net/	1970-01-20 18:32:47	Name: SEUNCY Value: 982A830EA7560F42
.analytics.yahoo.com/	1970-01-20 18:32:47	Name: IDSYNC Value: "18z8~2a36:195y~2a36"
.zemanta.com/	1970-01-20 18:32:47	Name: zuid Value: H6VOlLhaYJCzbjUSGpHA
.pippio.com/	1970-01-20 18:32:47	Name: did Value: WpevAXgWYkujBf4g
.pippio.com/	1970-01-20 18:32:47	Name: didts Value: 1676831422
.pippio.com/	1970-01-20 11:13:35	Name: nnls Value:
.tremorhub.com/	1970-01-20 19:23:11	Name: tv_UISTB Value: <taboolaUserId>
.tremorhub.com/	1970-01-20 18:33:08	Name: tvid Value: 5bf7b829b02942ae9d716a9703c85849
.tremorhub.com/	1970-01-20 09:54:23	Name: tvssa Value: 1676831422348
.linkedin.com/	1970-01-20 18:32:47	Name: bcookie Value: "v=2&bcfc9fb9-42b8-46a8-8c95-7b4a9f95385d"
.linkedin.com/	1970-01-20 09:48:37	Name: lidc Value: "b=VGST09:s=V:r=V:a=V:p=V:g=2497:u=1:x=1:i=1676831422:t=1676917822:v=2:sig=AQEwfN-tESoKk2JhZHWaHOtNr-MN7TkT"
sync.srv.stackadapt.com/	1970-01-20 18:32:47	Name: sa-user-id Value: s%3A0-19196a4d-9577-40bc-6f73-f15b41524fd2.hCzmBByxioBUEERS771ss8Rh9YIk5FvAfKsNnqXB2dg
.srv.stackadapt.com/	1970-01-20 18:32:47	Name: sa-user-id-v2 Value: s%3AGRlqTZV3QLxvc_FbQVJP0mf-mdI.hASaNM3yDwPDtoD%2FAriXgq8FZtnkLrMjfOrn22Jre%2Bc
.pubmatic.com/	1970-01-20 10:30:23	Name: KRTBCOOKIE_860 Value: 16335-GRlqTZV3QLxvc_FbQVJP0mf-mdI&KRTB&23334-GRlqTZV3QLxvc_FbQVJP0mf-mdI&KRTB&23417-GRlqTZV3QLxvc_FbQVJP0mf-mdI&KRTB&23426-GRlqTZV3QLxvc_FbQVJP0mf-mdI
.r-ad.ne.jp/	1970-01-20 14:06:23	Name: r_ad_token Value: 531IUM00aBDAY008jXiz
.amazon-adsystem.com/	1970-01-20 19:23:11	Name: ad-privacy Value: 0
.quantserve.com/	1970-01-20 11:56:47	Name: d Value: ENoBDgGqKIEO-TA
www.sanook.com/	1970-01-20 09:47:15	Name: _lr_retry_request Value: true
www.sanook.com/	1970-01-20 10:30:23	Name: _lr_env_src_ats Value: false
.pippio.com/	1970-01-20 11:13:35	Name: pxrc Value: CL7VyZ8GEgQIAhAAEgYI7OsBEAA=
.bluekai.com/	1970-01-20 14:07:49	Name: bku Value: ikG99n83XZBwCyXi
.bluekai.com/	1970-01-20 14:07:49	Name: bkpa Value: KJyWy1rm3M9R9mY7bPk3d1Fkq1hWvUdnoEHmQP8tQYx0GZ1Wadg6XttUSHtlxc4hdbdoFO5H3Iq06gAXI4xdMKRwz4Mlc1dEzl2jNX5Yb/W9WLOI+fpFyIRplggftZtslhLO4YlMzl74OynRpbdhtA6WzmMZrKIsvyWAa1IWLrG//Q+RnEvg/X23NHGB9DDonKKrgYDSU+9u8U5MAgJZPVC68vCVgSAMHbL0N//cuP0CjiOpZlo+ET8ZWiNUwQXg+eppoDr2+3KxGzG+EtQu32Sq/+OhCj3OwogYYIB3kAZDEUmi/w1ViySWm3joXMz93PBPy9==
.crwdcntrl.net/	1970-01-20 16:15:58	Name: _cc_dc Value: 2
.crwdcntrl.net/	1970-01-20 16:15:58	Name: _cc_id Value: 4b8df289b71a0f63c34498572794a339
.crwdcntrl.net/	1970-01-20 16:15:59	Name: _cc_cc Value: "ACZ4XmNQMEmySEkzsrBMMjdMNEgzM042NjGxtDA1NzK3NEk0NrZkAILkT1n7QDQUAABOXAq0"
.crwdcntrl.net/	1970-01-20 16:15:59	Name: _cc_aud Value: "ABR4XmNgYGBI%2FpS1D0hBAQAe6AJ%2B"
.linksynergy.com/	1970-01-20 18:32:47	Name: rmuid Value: bf9a9717-121f-4aaf-8527-d436dcf95caf
.linksynergy.com/	1970-01-20 18:32:47	Name: icts Value: 2023-02-19T18:30:22Z
.socdm.com/	1970-01-20 19:23:11	Name: SOC Value: Y-JqvsCo8YoAAHHtC.4AAAAA
.flashtalking.com/	1970-01-20 19:23:11	Name: flashtalkingad1 Value: "GUID=5528C910683BC7"
.sanook.com/	1969-12-31 23:59:59	Name: panoramaId_expiry Value: 1677436222810
.sanook.com/	1970-01-20 16:15:59	Name: _cc_id Value: 4b8df289b71a0f63c34498572794a339
.sanook.com/	1969-12-31 23:59:59	Name: panoramaId Value: 0a1454e7183926fa8576f4dc4b0616d539388b205627b0d7ac4b6f8e4518b1b0
www.sanook.com/	1970-01-20 11:13:35	Name: pubmatic-unifiedid Value: %7B%22TDID%22%3A%22f91d4e2a-9548-4c26-a952-3061050615ad%22%2C%22TDID_LOOKUP%22%3A%22TRUE%22%2C%22TDID_CREATED_AT%22%3A%222023-01-19T18%3A30%3A22%22%7D
.adingo.jp/	1970-01-20 10:30:23	Name: ID Value: 886fc0491b835b5d9f41c1867434a979
.sanook.com/	1970-01-20 19:08:47	Name: cto_bundle Value: yP1-aV9MclhPaVQxeWpGbVNRY05UOGhzVGZxNUxUJTJCeCUyQkhYeXVrRU5CWFNWJTJCakk1UUwlMkZJVjVPYmFPSjNTVnlpMSUyQk9zckslMkYlMkI1ZjFHWHZ5Q3RpNGdIM3RSalRqQ0ZCZEt4M0xhUUslMkJiMnh3SFUzZEdLOW9uc0FOciUyRllYN1VTUFhianNLZEVkZ28lMkZUbVp4Z3oyR3ZCR0dmczJDUSUzRCUzRA
.sanook.com/	1970-01-20 19:08:47	Name: cto_bidid Value: drnWbl9sZWNUNm5QVzdESTlDMnZMYU96YU1ZQTVjazNoNmxRcE1PaTdqJTJGNTFnMmMlMkZ5YU5aUWhLZUFFbHRyWEVuS2tHOHR3RFVKOEhSWkxiSmZ6VUk4R0xrZERCQUZwVzZSeDFuUUs4TDZ6YmV5R1klM0Q
.3lift.com/	1970-01-20 11:56:47	Name: tluid Value: 3825567947613718052542
.mathtag.com/	1970-01-20 10:30:23	Name: mt_mop Value: 4:1676831423
.everesttech.net/	1970-01-20 18:32:47	Name: ev_sync_enc Value: MjAyMzAyMTk_Mzo6MzA
.smartadserver.com/	1970-01-20 19:14:33	Name: pid Value: 6566384046814590551
.smartadserver.com/	1970-01-20 19:14:33	Name: TestIfCookieP Value: ok
.smartadserver.com/	1970-01-20 18:32:47	Name: csync Value: 107:e4cf3f0e-bd77-425e-bf08-fa04f2579f2e-tuctaebf03c
.rlcdn.com/	1970-01-20 18:32:47	Name: rlas3 Value: z0sP6Rr4BY263Y/aFq6HSsGRY41pikFH/MUPo33AE0U=
.ad-m.asia/	1970-01-20 19:23:11	Name: uid Value: zJHrMGELuU
.postrelease.com/	1970-01-20 18:32:47	Name: visitor Value: 85683fdd-0910-4971-8e97-b861e09d4b18
.postrelease.com/	1970-01-20 18:32:47	Name: status Value: 0
.lijit.com/	1970-01-20 18:32:47	Name: ljt_reader Value: GLx2EQZHFKM95ttoRleuXDUb
.amazon-adsystem.com/	1970-01-20 15:09:45	Name: ad-id Value: AyLgChhgh09khaYKaznheNI
.yandex.ru/	1970-01-20 19:23:11	Name: yuidss Value: 7033557871676831423
.yandex.ru/	1970-01-20 19:23:11	Name: yandexuid Value: 7033557871676831423
pool.admedo.com/	1970-01-20 18:32:47	Name: tuuid Value: 04967bed-3a89-420a-be7e-ffbb132ccadf
pool.admedo.com/	1970-01-20 18:32:47	Name: c Value: 1676831423
pool.admedo.com/	1970-01-20 18:32:47	Name: tuuid_lu Value: 1676831423
.mediago.io/	1970-01-20 18:32:47	Name: __mguid_ Value: 23cad0a1f571502cb566d5409449a8c0
.dap.fw-ad.jp/	1970-01-20 19:23:11	Name: user Value: 43337b10-26c0-3a4a-991a-99a3469dd932
.dap.fw-ad.jp/	1970-01-20 10:07:21	Name: gcm_usec Value: 1676831423484000
.lijit.com/	1970-01-20 18:32:47	Name: _ljtrtb_42 Value: e4cf3f0e-bd77-425e-bf08-fa04f2579f2e-tuctaebf03c
.pubmatic.com/	1970-01-20 10:30:23	Name: KRTBCOOKIE_466 Value: 16530-91f5f182-b782-4407-985c-6593dbbf178e
.sanook.com/	1970-01-20 18:32:47	Name: FCNEC Value: %5B%5B%22AKsRol9yZ-JdSAL5yKmKJLa6cJ24bMRWKSk04TkUujjKBHmuBEfl3nYEnX3ikR5lUJnIPtNf0wp6_wnMVPFWxrCTAudfLODIKcNkLc3NdOUp524zAe-Jm3QwAA8jeCqFepMQtD20H6gjUrYjUey289IECnaFDi4iMA%3D%3D%22%5D%2Cnull%2C%5B%5D%5D
.omnitagjs.com/	1970-01-20 10:30:23	Name: ayl_visitor Value: f869a6660b62181a56b1c5bc7891316d
.pubmatic.com/	1970-01-20 11:56:47	Name: PUBMDCID Value: 4
.pubmatic.com/	1970-01-20 11:56:47	Name: pp Value: 161944
.pubmatic.com/	1970-01-20 11:56:47	Name: DPSync3 Value: 1677974400%3A197_226_201_245%7C1677369600%3A248_164
.pubmatic.com/	1970-01-20 11:56:47	Name: SyncRTB3 Value: 1677974400%3A233_8_247_71_231_3_238_7_165_13_220_254_179_214_99_54_56_234_21_22_176_204_107_96_5_209%7C1677369600%3A223_15_2%7C1678060800%3A35%7C1677628800%3A63%7C1681948800%3A69
.contextweb.com/	1970-01-20 18:25:35	Name: V Value: zCJpd3vmjxH7
.contextweb.com/	1970-01-20 18:32:47	Name: pb_rtb_ev Value: 3-1j11\|5Ql.0.e4cf3f0e-bd77-425e-bf08-fa04f2579f2e-tuctaebf03c
bh.contextweb.com/	1969-12-31 23:59:59	Name: INGRESSCOOKIE Value: 43c420373d2e56aa
.w55c.net/	1970-01-20 10:30:23	Name: matchpubmatic Value: 5
.pubmatic.com/	1970-01-20 10:30:23	Name: KRTBCOOKIE_107 Value: 1471-uid:BkkwXAyr1PtOs55&KRTB&23421-uid:BkkwXAyr1PtOs55&KRTB&23457-uid:BkkwXAyr1PtOs55
.pubmatic.com/	1970-01-20 10:30:23	Name: PugT Value: 1676831424
.gammaplatform.com/	1970-01-20 09:48:37	Name: _aGeoIp Value: AU\|Perth
.gammaplatform.com/	1970-01-20 19:23:11	Name: _aUID Value: 1dc34205bjy0
.pubmatic.com/	1970-01-20 10:30:23	Name: KRTBCOOKIE_1310 Value: 23431-1dc34205bjy0&KRTB&23446-1dc34205bjy0
.mfadsrvr.com/	1970-01-20 19:23:11	Name: tuuid Value: 4486edcc-f9c8-41c6-a12b-0b9ea78122ca
.mfadsrvr.com/	1970-01-20 19:23:11	Name: c Value: 1676831424
.ctnsnet.com/	1970-01-20 18:32:47	Name: cid_43281262af9e4dacbcc0d6cd1dfc3741 Value: 1
.ctnsnet.com/	1970-01-20 18:32:47	Name: cid_5a9ac126acb440769e42e8f6e3012707 Value: 1
.1rx.io/	1970-01-20 18:32:47	Name: _rxuuid Value: %7B%22rx_uuid%22%3A%22RX-0da3ebde-8a55-4432-a15e-90d171b0f3cf-004%22%2C%22nxtrdr%22%3Afalse%7D
.pubmatic.com/	1970-01-20 10:30:23	Name: KRTBCOOKIE_1159 Value: 23138-43281262af9e4dacbcc0d6cd1dfc3741&KRTB&23328-43281262af9e4dacbcc0d6cd1dfc3741&KRTB&23427-43281262af9e4dacbcc0d6cd1dfc3741&KRTB&23445-43281262af9e4dacbcc0d6cd1dfc3741
.tapad.com/	1970-01-20 11:13:35	Name: TapAd_TS Value: 1676831424326
.tapad.com/	1970-01-20 11:13:35	Name: TapAd_DID Value: fc27f817-c102-45be-a4a9-946d92ae0cbe
.targeting.unrulymedia.com/	1970-01-20 18:32:47	Name: _rxuuid Value: %7B%22rx_uuid%22%3A%22RX-0da3ebde-8a55-4432-a15e-90d171b0f3cf-004%22%7D
.csync.loopme.me/	1970-01-20 11:55:21	Name: viewer_token Value: 8bfcbc5c-8467-4ff8-8b45-a876240d997d
.pubmatic.com/	1970-01-20 10:30:23	Name: KRTBCOOKIE_594 Value: 17105-RX-0da3ebde-8a55-4432-a15e-90d171b0f3cf-004&KRTB&17107-RX-0da3ebde-8a55-4432-a15e-90d171b0f3cf-004
.adx.opera.com/	1970-01-20 18:32:47	Name: UID Value: OPUb67fcf7a77674f89829e4e17d4673891
.tribalfusion.com/	1970-01-20 11:56:47	Name: ANON_ID Value: annseFoZdUQdR2Hp9vcgcnfhj6jAZdtiLlwCxbAx8DGujGZaL0tZbcGVVqpZb5tlZcYstnwNuSQd0KdJN9nA1kjYZd8
.admatrix.jp/	1970-01-20 19:23:11	Name: uid Value: e8a68940-5f68-4b4e-bc1f-44b597c5a0ba
.pubmatic.com/	1970-01-20 10:30:23	Name: SPugT Value: 1676831427
.pubmatic.com/	1970-01-20 11:56:47	Name: chkChromeAb67Sec Value: 4
.adsrvr.org/	1970-01-20 18:32:47	Name: TDCPM Value: CAESFQoGY2FzYWxlEgsI0rOFw6ysyTsQBRIXCghwdWJtYXRpYxILCMjx6MKsrMk7EAUSFgoHcnViaWNvbhILCKaRjMusrMk7EAUSFAoFdGFwYWQSCwiE-s_6rKzJOxAFGAEgASgCMgsIhPLSp8OsyTsQBTgBWgV0YXBhZGAC
.ads.pubmatic.com/	1970-01-20 09:48:37	Name: pubsyncexp Value: 1676853027227
.mfadsrvr.com/	1970-01-20 19:23:11	Name: tuuid_lu Value: 1676831427
.mfadsrvr.com/	1970-01-20 19:23:11	Name: ssh Value: !taboola,1676831427
.tapad.com/	1970-01-20 11:13:35	Name: TapAd_3WAY_SYNCS Value: 1!1218
.id5-sync.com/	1970-01-20 11:56:47	Name: id5 Value: 125e4022-22f1-79c9-b607-682835db6660#1676831423684#3
.nr-data.net/	1969-12-31 23:59:59	Name: JSESSIONID Value: d1ec3328f1e1059b
.dotomi.com/	1970-01-20 09:47:11	Name: DotomiTest Value: 5d03055a0ddd20cd
.eyeota.net/	1970-01-20 18:32:47	Name: mako_uid Value: 1866af11093-ca6000001084fc7
.eyeota.net/	1970-01-20 09:47:12	Name: SERVERID Value: 20423~DM
.rubiconproject.com/	1970-01-20 18:32:47	Name: audit Value: 1\|WD0cx+9RTMLb/7LjCfaAlmHpDPrT40mPuNe9KgcK9NSN3jUK3kV1vqyaTpRMSBzH6pBQp/ydBsRc48YnZs8G7uBxGCOXoSK1Q5k2CwSgUtNfW8pPU411Fg==
.id5-sync.com/	1970-01-20 11:56:47	Name: 3pi Value: 464#1676831424044#-219795392#e4cf3f0e-bd77-425e-bf08-fa04f2579f2e-tuctaebf03c\|112#1676831429340#-975805495#982A830EA7560F42\|2#1676831427662#-1747562646#5043346485621275506\|3#1676831428066#201816633#bfff63f2-6abd-4100-a7ca-a4b3189e2292\|822#1676831428541#2133433931\|264#1676831424453#821056782#f91d4e2a-9548-4c26-a952-3061050615ad\|123#1676831428940#2005022872\|285#1676831429706#-191221284#LEBQ4TFN-V-CH0S
.id5-sync.com/	1970-01-20 09:47:11	Name: cf Value:
.id5-sync.com/	1970-01-20 09:47:11	Name: cip Value:
.id5-sync.com/	1970-01-20 09:47:11	Name: cnac Value:
.id5-sync.com/	1970-01-20 09:47:11	Name: car Value:
.id5-sync.com/	1970-01-20 09:47:11	Name: gdpr Value:
.id5-sync.com/	1970-01-20 09:47:11	Name: callback Value:

10 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://graph.facebook.com/?id=https%3A%2F%2Fwww.sanook.com%2Fhoroscope%2F73929%2F Message: Failed to load resource: the server responded with a status of 400 ()
network	error	URL: https://ping.chartbeat.net/ping?h=sanook.com&p=%2Fhoroscope%2F73929%2F&u=Cn5MfxfS3_9dn7Km&d=sanook.com&g=59732&g0=horoscope&g1=kanittha&n=1&f=00001&c=0&x=0&m=0&y=25854&o=1600&w=1200&j=45&R=1&W=0&I=0&E=0&e=0&r=&PA=https%3A%2F%2Fwww.sanook.com%2Fhoroscope%2F73929%2F&b=5611&t=DVWHerBnfX4ACTBWqjD1a6ImCWHn3d&V=139&i=%E0%B8%94%E0%B8%AD%E0%B8%81%E0%B9%84%E0%B8%A1%E0%B9%89%E0%B8%9B%E0%B8%A3%E0%B8%B0%E0%B8%88%E0%B8%B3%2012%20%E0%B8%A3%E0%B8%B2%E0%B8%A8%E0%B8%B5%20%E0%B8%84%E0%B8%A7%E0%B8%B2%E0%B8%A1%E0%B8%AB%E0%B8%A1%E0%B8%B2%E0%B8%A2%E0%B8%82%E0%B8%AD%E0%B8%87%E0%B8%94%E0%B8%AD%E0%B8%81%E0%B9%84%E0%B8%A1%E0%B9%89%E0%B8%A1%E0%B8%87%E0%B8%84%E0%B8%A5%E0%B9%83%E0%B8%99%E0%B8%9B%E0%B8%A3%E0%B8%B0%E0%B9%80%E0%B8%97%E0%B8%A8%E0%B9%84%E0%B8%97%E0%B8%A2&tz=0&sn=1&sv=BUbEwqD5-G-0CkbA1CCF8i7oDGNP-B&sd=1&im=067b2fff&_ Message: Failed to load resource: the server responded with a status of 503 ()
network	error	URL: https://cs.nex8.net/cs/openx Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
other	warning	URL: https://980f4f4d67287649793d18d60622bf76.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html(Line 15) Message: Origin trial controlled feature not enabled: 'attribution-reporting'.
security	error	URL: https://980f4f4d67287649793d18d60622bf76.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Message: Refused to execute script from 'https://ipds.adrta.com/i?__x=GEHFIJKFGKHCJHEBHAIGMLKILILNMLMMLKHJM@FNNKOKGJGGHMEBQGKLLLHFMKFFEHJPNHCGLLKPJFKJHFKECHIMJIMHJJKNJNKFFEPH@HNMLMHIKGIHLF@ECG@G&clid=opx&paid=sc&avid=537148859&caid=537350102&publisherId=540353017&plid=543894115&siteId=540353046&kv1=300x250&kv2=https%3A%2F%2Fwww.sanook.com%2Fhoroscope%2F73929&kv4=&kv5=1676831421&kv11=aa10bc0c-d5ef-4a5c-9e32-63ccd44b4d15&lineItemId=543894114&kv15=sg&kv55=1.0,1!google.com,pub-6167238712729032,1,,,!openx.com,540353017,1,aa10bc0c-d5ef-4a5c-9e32-63ccd44b4d15,,&kv10=&kv25=&kv26=Windows&kv28=desktop&kv62=&kv63=&kv9=&kv13=&kv3=&kv27=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F110.0.5481.100+Safari%2F537.36&kv7=41369f8c-6fd8-4c86-b8bb-fad81774416e&kv14=&kv16=1.28795&kv17=103.85178&kv12=540353047&kv18=&kv19=&kv23=&kv24=Desktop_Display&cb=558018#opx' because its MIME type ('image/gif') is not executable.
javascript	error	URL: https://www.sanook.com/horoscope/73929/ Message: Access to XMLHttpRequest at 'https://api.rlcdn.com/api/identity/envelope?pid=1258' from origin 'https://www.sanook.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://api.rlcdn.com/api/identity/envelope?pid=1258 Message: Failed to load resource: net::ERR_FAILED
network	error	URL: https://app.cauly.co.kr/idsync_ssp/doubleclick?google_gid=CAESEHcCQoEHhPfFMS91I1y4bgg&google_cver=1&google_push=Aa02lx88KS6E19S4Mub9p19VPr3r4W4BcGwfGBW8zyoVZ5xvlW5Xex17gjuobj8LiFGmrE8ffH8eLPqo07S0RzsIms_72R3NT45eTYIeFQcqhJe2e2lhXITtQxmjorZZ5y1sV3zd8Zy7EQ Message: Failed to load resource: the server responded with a status of 404 (Not Found)
worker	error	URL: blob:https://980f4f4d67287649793d18d60622bf76.safeframe.googlesyndication.com/d8cb04c5-382a-43b9-8e8d-c415bc431b37 Message: Mixed Content: The page at 'blob:https://980f4f4d67287649793d18d60622bf76.safeframe.googlesyndication.com/d8cb04c5-382a-43b9-8e8d-c415bc431b37' was loaded over HTTPS, but requested an insecure XMLHttpRequest endpoint 'chrome-extension://eppiocemhmnlbhjplcgkofciiegomcon/content/safecheck-notification/notification-iframe/index.html'. This request has been blocked; the content must be served over HTTPS.
worker	error	URL: blob:https://980f4f4d67287649793d18d60622bf76.safeframe.googlesyndication.com/d8cb04c5-382a-43b9-8e8d-c415bc431b37 Message: Mixed Content: The page at 'blob:https://980f4f4d67287649793d18d60622bf76.safeframe.googlesyndication.com/d8cb04c5-382a-43b9-8e8d-c415bc431b37' was loaded over HTTPS, but requested an insecure XMLHttpRequest endpoint 'chrome-extension://cplklnmnlbnpmjogncfgfijoopmnlemp/skin/logo24.png'. This request has been blocked; the content must be served over HTTPS.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains;

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

088c9d8089bfb08149a26301c057cbad.safeframe.googlesyndication.com
2fe8f18f6d8c0438d666e4c74eb2c13f.safeframe.googlesyndication.com
91bfa6d7aec15f88fefe77f96395c2d3.safeframe.googlesyndication.com
980f4f4d67287649793d18d60622bf76.safeframe.googlesyndication.com
a.teads.tv
a.tribalfusion.com
aax-eu.amazon-adsystem.com
acdn.adnxs.com
ad.turn.com
adrta.com
ads.aralego.com
ads.as.criteo.com
ads.playground.xyz
ads.pubmatic.com
ads.rubiconproject.com
adservice.google.com
adservice.google.com.sg
ajax.googleapis.com
an.yandex.ru
analytics.google.com
api.rlcdn.com
app.cauly.co.kr
appx.sanook.com
as.innity.com
avd.innity.com
avd.innity.net
b1sync.zemanta.com
b529ab4d658c81408dbb508f94e32303.safeframe.googlesyndication.com
bam.nr-data.net
beacon-sin1.rubiconproject.com
bh.contextweb.com
bidder.criteo.com
bk.r-ad.ne.jp
c.amazon-adsystem.com
c1.adform.net
c2shb.ssp.yahoo.com
cat.sg1.as.criteo.com
cc.adingo.jp
cdn.aralego.net
cdn.flashtalking.com
cdn.id5-sync.com
cdn.indexww.com
cdn.izooto.com
cdn.taboola.com
cds.taboola.com
ce.lijit.com
ced.sascdn.com
cm-supply-web.gammaplatform.com
cm.adgrx.com
cm.ambientdsp.com
cm.g.doubleclick.net
cms.quantserve.com
code.jquery.com
connect.facebook.net
core.iprom.net
cr-p3.ladsp.com
cs.nex8.net
csm.as.criteo.net
csync.loopme.me
d.adroll.com
dis.criteo.com
displayf-tm.everesttech.net
dpm.demdex.net
dps.jp.cinarra.com
dsum-sec.casalemedia.com
e5c89f2232552ea4822b61e4e2449130.safeframe.googlesyndication.com
eb2.3lift.com
eus.rubiconproject.com
fastlane.rubiconproject.com
fundingchoicesmessages.google.com
gg.gg
global.cloud.netacuity.com
gocm.c.appier.net
google.dap.fw-ad.jp
googleads.g.doubleclick.net
graph.facebook.com
graph.sanook.com
gum.criteo.com
hbopenbid.pubmatic.com
htlb.casalemedia.com
i.w55c.net
ib.adnxs.com
id.crwdcntrl.net
id5-sync.com
idsync.rlcdn.com
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
imasdk.googleapis.com
img-as.fsanook.com
imprsgmp.taboola.com
inmobi-match.dotomi.com
inv-nets.admixer.net
ipac.ctnsnet.com
ipds.adrta.com
jadserve.postrelease.com
jp-u.openx.net
js-agent.newrelic.com
js-sec.indexww.com
lb.eu-1-id5-sync.com
lvs2.truehits.in.th
mab.chartbeat.com
match.adsrvr.org
match.deepintent.com
match.taboola.com
mug.criteo.com
p.adlooxtracking.com
p3.isanook.com
pagead2.googlesyndication.com
ping.chartbeat.net
pippio.com
pips.taboola.com
pixel.quantserve.com
pixel.rubiconproject.com
pixel.tapad.com
playtime.tubemogul.com
pm.w55c.net
pool.admedo.com
pr-bh.ybp.yahoo.com
prg8.smartadserver.com
prod.us-east-1.cxm-bcn.publisher-services.amazon.dev
ps.eyeota.net
pubmatic-match.dotomi.com
px.ads.linkedin.com
rtb-csync.smartadserver.com
rtb-eu.andbeyond.media
rtb-lb-event-adcloud-prod-ap-southeast-1-tm.everesttech.net
rtb.jp2.as.criteo.com
rtb.mfadsrvr.com
rtb.openx.net
rtd-tm.everesttech.net
s.acexedge.com
s.amazon-adsystem.com
s.isanook.com
s.tribalfusion.com
s0.2mdn.net
sal.isanook.com
sb.scorecardresearch.com
secure-assets.rubiconproject.com
secure.adnxs.com
securepubads.g.doubleclick.net
servedby.flashtalking.com
sg-match.taboola.com
sg-trc-events.taboola.com
sg-vid-events.taboola.com
sg-wf.taboola.com
simage2.pubmatic.com
simage4.pubmatic.com
sloth-api.sanook.com
smarttag.rubiconproject.com
ssbsync.smartadserver.com
sshowads.pubmatic.com
ssum-sec.casalemedia.com
st.pubmatic.com
stags.bluekai.com
static.chartbeat.com
static.criteo.net
static.xx.fbcdn.net
stats.g.doubleclick.net
statsf-tm.everesttech.net
sync-dsp.ad-m.asia
sync-t1.taboola.com
sync-tapi.admatrix.jp
sync-tm.everesttech.net
sync.1rx.io
sync.aralego.com
sync.crwdcntrl.net
sync.mathtag.com
sync.srv.stackadapt.com
sync.taboola.com
sync.targeting.unrulymedia.com
t.adx.opera.com
t.pubmatic.com
taboola-d.openx.net
taboola-supply-partners.tremorhub.com
tags.rd.linksynergy.com
tencentth-d.openx.net
tg.socdm.com
token.rubiconproject.com
tpc.googlesyndication.com
tr.blismedia.com
trace.mediago.io
trc-events.taboola.com
trc.taboola.com
u.openx.net
uipglob.semasio.net
um.simpli.fi
ups.analytics.yahoo.com
us-u.openx.net
vidstat.taboola.com
vidstatb.taboola.com
visitor.omnitagjs.com
widget.perfectmarket.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.com.sg
www.googleadservices.com
www.googleoptimize.com
www.googletagmanager.com
www.googletagservices.com
www.sanook.com
x.bidswitch.net
api.rlcdn.com
cs.nex8.net
pagead2.googlesyndication.com
103.229.206.240
103.231.98.191
103.231.98.193
103.231.98.194
103.231.98.201
103.231.98.211
104.18.10.47
104.18.24.185
104.18.25.185
104.254.148.252
104.254.150.241
104.65.228.195
104.65.228.208
104.69.96.220
104.70.97.166
104.83.196.48
104.83.197.63
107.178.254.65
107.21.165.221
117.18.232.64
119.81.192.134
119.81.192.141
119.9.108.191
122.248.197.40
124.146.215.49
13.114.251.65
13.115.197.76
13.215.77.187
13.227.255.65
13.250.173.68
13.250.189.113
13.33.88.20
13.33.88.81
133.186.161.89
139.162.58.205
139.5.84.243
141.226.229.48
141.226.230.50
145.40.73.5
151.101.1.44
151.101.130.49
151.101.2.137
151.101.65.44
162.19.138.117
162.19.138.120
162.247.241.14
18.136.246.100
18.138.18.111
18.139.23.58
18.141.80.142
18.177.11.95
18.192.149.135
182.161.73.132
182.161.73.136
182.161.73.146
184.31.5.52
185.84.60.21
195.5.165.20
2001:4860:4802:34::181
2001:4de0:ac18::1:a:1a
2001:df2:a300:bbbb::135
203.151.130.24
203.151.130.72
203.154.58.214
209.191.163.210
209.58.168.56
209.58.171.197
220.150.223.50
220.150.223.52
23.106.127.48
23.106.127.52
23.108.103.8
23.73.13.201
2404:6800:4003:c00::66
2404:6800:4003:c01::84
2404:6800:4003:c03::64
2404:6800:4003:c03::9a
2404:6800:4003:c03::9c
2404:6800:4003:c04::5e
2404:6800:4003:c04::5f
2404:6800:4003:c04::9d
2404:6800:4003:c05::95
2404:6800:4003:c06::9a
2404:6800:4003:c0f::61
2404:6800:4003:c11::63
2404:6800:4003:c11::71
2404:6800:4003:c11::84
2404:6800:4003:c11::9c
2406:2600:4::13
2406:2600:7:100::1
2406:2600:7:100::12
2406:2600:7:100::15
2406:2600:7:100::9
2406:2600:7:100::f
2406:da18:22e:4f04:558a:3fb0:baff:a5ce
2406:da18:929:5a00:7360:21f2:1e24:ce6
2600:1f18:612b:4216:59f0:7d1c:f2a3:a394
2600:9000:20c7:2a00:18:1fcd:351:7bc1
2602:803:c006:158::65
2602:803:c006:158::67
2606:4700:10::6816:3456
2606:4700:20::681a:567
2606:4700::6812:19ad
2606:4700::6812:d841
2620:116:800e:21:36b5:1576:d999:6e52
2620:1ec:21::14
2a02:6b8::90
2a02:fa8:c411:13::1400
2a03:2880:f00c:20d:face:b00c:0:2
2a03:2880:f00c:300:face:b00c:0:3
2a03:2880:f10c:381:face:b00c:0:25de
2a04:4e42:600::714
3.0.71.181
3.1.14.27
3.33.220.150
34.102.253.54
34.107.231.31
34.111.113.62
34.198.29.55
34.83.125.63
34.96.105.8
34.98.64.218
34.98.67.3
35.160.42.230
35.186.193.173
35.190.60.146
35.208.249.213
35.213.12.39
35.214.223.115
35.227.252.103
43.132.80.28
43.132.80.30
43.132.81.184
52.18.67.241
52.220.229.2
52.220.69.171
52.223.2.229
52.43.45.49
52.46.143.56
52.74.162.2
54.152.101.92
54.178.154.165
54.193.114.85
54.239.38.253
54.250.155.12
61.91.93.41
61.91.94.165
64.74.236.127
67.199.150.81
67.199.150.85
69.173.158.64
72.247.81.120
74.125.200.155
74.125.24.156
74.214.196.131
77.245.57.78
8.18.47.7
82.145.213.8
91.215.42.31
0014ffccade01ae1ab385b85433decef0f11f26cbe25721faa0d13bb5c0badda
01ce8cbb4eda125c7cc74d699954a6b3d5e43dd0b227029e5295bc0d96629284
02d87655ea57925a407344fb207920270b0f67db739fee52288dcf19c5cd23f6
0358db7a8fa7db919507565f0e808ab572d7b59c66296acb07f82c97c7d93692
03f954ef72361bc3428332f072bc02300b970823ece1209773c51e9519bfcd90
0407dafc112212a135d1aa4dd9b40ba0208c6bb6b1959f5535af093254189d66
0470667a7ed60691fbf924df3f6ba944332937b2d23f27ac6fa7b77c2ec865ff
04739cdd0a9f88f3ceac9851166b8376d4d10cc38cff7f92edc30d5e298d11b1
05e77dab19940dd457e00282837faecc886434cc8cc5f631575a5e6c386de774
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
076d24cbdcf9e0597833fef55d3dca79e6b5fd281e45d85957bea5925473bc6c
07e976be75f87daa3b959f50111e9394e8dd1e1f68e141ea53d13adfabd130dc
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
08452ae3ac895cb24703e1afb7884b00fc7b4fb56e64b76e5167354db9ca1c7e
08a8463bf15cca775e8cc01995f1d42758cbda90dee2b7019fee15daa62822c9
09343d3b3473e1c994b2d603c99feb8a0f63fbd3ff20be7432ff18b973dbe651
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
0a0b5dff4b141c129dd3e791144653a3d8b4142a038567a1374e828b3a115b55
0a44693ae6bd63fbc4ba3c4deeae171040ddb8cca0ef655892d5c11d24a675d7
0a55a803103fd73c135ad66d1a8b9aa2a7a7bb0054618b70a9c0d46c87a59371
0a935bcb26d17b1f20321b7c5e101597e8288c386b3e007778b5675a3fd032ef
0b2e019fbe37d9642ad85f3194ef708e5510f4e580544587d3036d2c6a22809e
0b55ec4e5aa91ac70224085c402a372fcdd954dd4df3229b7de7efbfa86cff3c
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
0ceb563d6ce39ba6ab2e90a1d7e6a39d737a2fa59db1914b115f784bbf97fa5f
0d111d61901004eafd87c672f12f6cd54b3c376513aa672bf58100506dfe76f5
0db4633895b56c7c361718436ac80e9b38e2ff0da967b7a6a8f2c74751f149de
0ef9ec8bde35370d422e519ae19e2df882506ed0985e1ff3cd2574c2066bdfb0
0efc2b3150feea54abc6285d834aaea36661ffd5acb56047656748c731d12330
10b7f660bbe70fc660e99f219bfd972dafc4837c50260a04c0ec63f7a7c2cead
10fa4ef7714aa7fa40714aece4fbbe24cfcc4eddad02a56e1bcb0e6fe5434cb2
10fb9113c1829bedb5df310a91cf3ccc9f275ef13392b1bd8dd197b7f624e5b6
11c0f659526b852a7eb6155d27afaef8dfabb60764e158953c8f917ceed19d96
13c6f1aeadd5d8c5f426b3658373db80484f412addc0070139bb11ec99f7435a
13e6896962e02b5d34f51768df79aca99d7ec1d5b2eb207c062d134e48aeb5c0
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
1612a879ca34514e60d3dd2907b0582e6b139018aa6cad45482c9e1beb2135ab
17bd1c297a7fd1221272d080053f887bb97c03bfc16d6f96bdd7f08bf87dbbd5
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
1891fac9ad0b1a9d538bfed0acc4fb8b483635e8247d0744032cf28d6a9aa0a1
189d9dc549211186136046f98718fb75051caf74b32c5e62dc67980c9d89b4f6
18dcc0e1504fe97b177554e5080ea86df69774d405f5c7994f142f1a74a8f953
1a337b2b047957359483acea9143354db8c1f5957908e136b5001164d6e64745
1b6dfbc0392b3e04e6f10a39a7c097635148b6bc998c13ffbda40d5b3df488c8
1c4ab2f8971959b6a8e4375092eacd41007a97c2078e14af4dd43fdfea43bb6a
1c7b2b071ffb59246cd3b2a050b24cc459b7d01c2c83b180ad093180b1851aef
1d4741173727b0a0c3f7c0f8c1bdcf41c9a464fd8df56efaddcbcdfdc1888c3b
1e7adc9a24a57746863ef54f2de5f8905c242ebc6d416713133ff989fb050222
1facc3d40357e818e67129066b712dae6c2c47b765a9fa3f67d16c1cc92d087f
2026892d7720bb0312201ce3674e3f0ae8db34ffadbb9ba7fb79f2e80b224a60
2063660c3bdeb370acfcd6445e0b0b07d6d2fbb4b60059ff967d30584a1ab416
20768f3534a18f932b42dd132cc3964b3fb5ca731579d59c9e87743f25f3fb00
211ce11050c57b74d7f793232305a8ee5cea7f061366efaa6df4bff5cb7a2495
21383a108fc0f4840b90610def8622f8af1fde2c2833693d61a1f91c075d25d1
21cf0fc941f56960daa4ba1abe3ad6c449649093bf623eeeaed24a070a6be0a3
21e827dad3ba1d40f6c62e3248591156da5e2348b3ac2b76d4265bd170ae9b06
22564e0fa1b0fc2778a05d1e934e9cbcfd8473f02d3c4fc0f8cac7e23efa2689
2267c122ec0dda33597b1c2b0507c64b8bdba8400ed9e3f47de4d1f436d83f9a
2295fbd4eed6fa5b0d775a17048a0f73e85c3a347bb384be7b427418cd453d23
233152a1e30eba48f0ac0db543a04fdb61987557b8823d1f9ba17964ddfd2f55
24d2592b0e3121f5f676ac23fe31ad6e87f6d83fb626b3bfdc38a8ed090c5519
24e07eeda9fce57902ce4ba87e103e6848fba1b986413a82d871638a9dc105ca
24e309353fec1a233b60b0811836643bf3c0b01a28b34fdeed6971d6002dc45d
276e615f4ab2d52f232682d35351ab5f646ba23248a607f60a36c4e524e3e758
27bc7c9ca5cd564a5ff5b6099e48c8b40b872003f6ca8cb96384e33cf4d52f57
2b131ed7e246611a50c48183544cc5a19cc0195509705deafb1f050ee2c511b0
2c3282f6361e85f669bc3d248b8693c53dd22f8f06488c99beb57258e6e00f87
2cff8f6c3aa789bda0791bbfe369f5e33f8749a9c9c5e9e4ff8983b1f0c75e0d
2d2d82139509245ce71581a4109da21a8e531ec4744b6a0d53f5fbef9e5a8506
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2e8f7ce6b4e1bbb0e625922f6330a20a30903b2686ad82ddf1249d4d3fa7c5e3
2e90a3c458995342dc35ed1c4261d0f9e306bd04892bbc82193dc19df84c73f3
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
30d4e55873fe47cf364cdf7a03c2f92387058ff27ec64db046985867e0ff6bae
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
33e528cf2cce84cc35039304d9f7f696b4e0fee36d1af02cd6c807ad374bd6e6
347a1a93f15f2e4e49ec4956179590048c292cab68669b230759e5652eaefd65
35184363334ac44aff466024f0ea5d7a06a28b4566361405d8ee03fb78413297
3597c884e88c2de6efbaec90b28f7ccdf00681ddbc783a29dc2185f1ec69a45f
35c2e86080f34acbea6b6ffe32cca41ee24ef346572aa55eabffbb765f7310b0
3609f7ec58d2e4536a4287ccacfd71b0f1785da88eaa76a1606ff921c9a9067f
36a7d95f2760a813f3e782dfc125ea786174d581d6f6f896021d6994e9514bd6
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068
3742d5b28f7d0667a9e788a9a6867410194c116b62d93bcd6d256dad386189ad
381822fef2cfae9151c7834c38cc710ae813fa64e4f3b43b43452a43faa47bf7
38d54b888c609e6c52478eea7f1d19d9040939c76663c321122181c6d24e1334
392c32f20b9f867852a946a6ed1c5e21476df9619083548b6585d80a3b5f9bd4
39a863d8abfa9a15aec20c32ff0b13dac70f1692ccd2e85ef42870f1b9caa6ad
39a9767a33fe8b9d31f24bb9f29f98152c9f738a1bf59539cfd87285d30be231
39b076e4bb4fab9b8a142499cf6155f8c128464974691a04de7e764f71b72618
39c47a0e7a392df4b06d956a78178d60c9ab7759caf41871ed7cf52b29408954
3ae88f57f0348d9b11258f88926e791d4dc8dc66b365d8aca36cb731257b7fc0
3ba37953a5ee287f10daa482b87c572f10c660aeaea838751f0e7f243a09c32b
3bf480e30420852b67b66a7d9e1aa2946aa059aec0829d559f7d32e5a2dda091
3c38adfddb21bad700dff798723485e0dd97531f915e6b48a978843faf5e5955
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3dac891cba198eab73846f185555ac2c4901f19b416979787f811094fcc094ad
3de142295f7b674b9278f666a680137b174912558131cdabe389d362eb3cfdef
3df5ee1c45f692977823e588212e402244c7afdc6dd4771a3403266d5f77065a
3e7d49f24d56db02c7baca8ae3a17555c2e527571450e8c24c77b453407e267a
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3f1efffc326249e312dabbdb8b31eb20d8a06f0dacb5fe3d7283eaf873543acc
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
408c77663aa3d164b65daff568bf452e2bdabdb3a4e6061287a34e6da75d3038
408d7c817bb914e45a637946c84034557c79acba44f7b0bb3d95d23a992859a2
40ede4e5232259d8060c3f57afbd7acc197f85ec15ed86e4cb0a9176b2351a7c
412e44de7c09f2b8d76b1ad4ca25cc6915bcca5d737aaa7c5a6b44e5965d1d6d
4213c280f101684d7de8a367cbc72ab06b1546a1b00b463844cea155fbb922cb
442a86c02c0a7801b86a0a994f4ff4240865e3c188d251a5d26ae48af4f73a07
44a8550a5891e70e072fe307ff01f77c94c89a120117c7aaa82e5e9ac2860436
44ca2146f5e4ac14cbb7e71aefc11dc07792aa5302627fee0209b3ecdab18b25
458f47c8d4e71d58a27ff10bd155f9f77a2f630cba8d0479f5810cb74bd8596b
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
47a72d958dc8510fa1df1510e7ab7c50420887875fc7b28a6662715df9330274
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
4ae41d760def3cc2d97d5b4840df6d8b6864b9ec8d9a51f9724b417ba273e476
4b73ba1653aaddc0c19e9729053ed92d6273c68705d70d145bf83080feee8deb
4d2f73f006923b6bed7fe6a9a3255c9ad1f90e6eeb982c5c4e8d7e2d573e6ea9
4d59a5633f0c0824633eb8631d3219b6893ab33de44b2f7989f7828bc599e9e9
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e902c64b724e110bbb3a8840f46d79f8569949376c73edf7955dbf388159cc5
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0
50a78b64b7c35b574a343eb7b94f6d1d810cea7c22641814c53c4d852ffee2fa
5344afc6c83831275918591131fb80d4f1f89ace1ac721018e5aa4e67d5c106b
53783b3be1e8040a7c811a89f55330efcbd14e111a1b1c22ab519aa9015cba2d
53eb07d44eaf1490412e7850b7cb92822bd630e222e28c1990a7dc2c97ba4e2c
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5605d45c980cba99b86e2bd10a3f9e3d91d8a440fa9d2c9be2c40b9d45671ed2
56097e8b7ceb27db42a5e102af6d11dfdcaee13d8716477a8e242b4957d7a280
565acb0885aa05dba6505163a73d58c323496179a853d8d0f214879064e661c6
5750b096f6f5c1df1a3cd39efa01565d3740490a1cdea19f957989e5a604633d
57b375711eee7dc32c1eca072c8749ba0b352e7126c5ffe89b6deacb721451a1
57fb8ac588ddebf72e7d5326689b595098dae1a888b013ab37f8e193072963fd
586584fce91860659c552a878172d7154a8870fa373ee11544963d2a43a87157
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
5a543f1b1066a6d481d920a1761e0ad96618e07edbfa74a323a1e2fef5969e70
5c360f4a08727f0dbb9b0452830cb058ff02f8bd09d8e775bfc267655374e186
5c9e8e8d6d41e257703acdc0691c1590eec4bc7311ff08bfddd367ecd9a1a5df
5da042d5812f163384470df8b5fbca46e8364922c47407a8dbdcf114066fc6ab
5dafe8b74bfd8567ceb1372730a1fbf9b6c585bfb52a64032f6a37a1df7a522c
5e5ed6e83c7b2b84cbe3ddc65f0fe13d3e786b452df2f0ee9cf9b0c2ffd71814
5e6978ffa2a85fbd655b559ddf78df5f0795f4a3d57563a875f5543e480e9485
5e713a207017a40f54387d0e25bbb3cbbe1b3d10338cdd4a7342cc1486b19140
5e864c2e3f674c60970513411eaeeeafd2d615d842e65ec01d09ccfcb4a7b38d
5ed2d184a899fbf53e2614d503c6d422ad502aea145565dea1a74dca4be0043a
5f8b975add7259aaa3bbe52d844e1997b11d5038e09fe91dff7b3b8954091919
5fa4098b1bb9d1bb396d20e9b47bc2cc36577c777179698e6ceba8a88f21afb3
5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9
60bcafbd631f6fa0805e158ca3b235e76225350db6fbb423596d4c4954b27573
60c490cfa74d9ddec319406ec6575e666c410602935ebd9c5a6e628c8d8c40c9
60f0feb431d731ae0693a259de2ac562efb753085476ab9cf052e4f21fdf5069
6110bd3d72d24a65ab45401d0318208e362f323aca3c84d57a36523d34a60f0b
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
63a535305d3b0ca376dd8225cc817b1e6709f346016a99a5aa85c48ca2f77482
63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058
652f7cf10ec34733417a2406ef4fbf7745d2b153cfa990f68a2a2cc61a4ed795
65a2c51a124c9c70ba2658a101e28c00535c64651897577b2ed90693e9aeabd4
65d92e36ac9a058f660398ed713dda9b407854b01e659fe29508f8548f9eb479
68551662722fe4ed510f4d33fd3aee3dea77c47dff7584e8c50d1dc9241f22df
695e3e04c7d78887cbe74d3449f5c0a5e2ef92d173e6cbf8f692d3e028f4554d
6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c
6b4ee410e7cc276b85b2549c35335ba435602bb6ed2854104cc3c1d576d0cff8
6c8ee7ca84b95afc26e66a6933136308ab2f52ff63cdcb91c98c4deb95256321
6d4c31288a6a3fcadc4680b9190df6745afb5635a43b8e1f25333676651e3d28
6f2750a2150694ab469f2851d0bf0176f7145e321473894093fe67f8e79b20ec
6f5b4aa00d2f8d6aed9935b471806bf7acef464d0c1d390260e5fe27f800c67e
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48
72b957c8e33b77cbf556151dc0c974c59408561b4bf97828c5b400bb60663138
72dd06632b88b96b49f46bd011c7285f3b6fca05042a0d168f3d9ecdc78a1d77
734b814220ae9a3d44b59d48528f68672c9e17be6857b1dfacb6f18a37fd172b
7533289d707ced7a9e63e2c4affb70de2faf9ac1dfd33e3e473148245192d8b3
754ce5f8019cf9b80ca86fb03803eb46d228e15255cd4543ee5d8505bf4d7be5
76ba7acc9e7363a9d83129acc1746cda8a71b0ae341666986ab3215fac413d1e
76e616ecb42e88feda75451083a89fb7ebd1db8e73296f1bb74f695f312cfb2e
77fdc4263cacab2dc7c349d8fe0724672f4f5a95d9384f2f717887ea60b9d4f7
7874f5de129953916f7fff8debfc15f90f17e8b8138e209c93368106cfb24a95
7884ea512c3977a6c9bfa2835b3fd5200d2760b691d0ed3adf02adf271808359
78991fc1ee9f793ef30130e2bd28b7cfae7bd511c50b0703cb76955a608d693b
7954a0d6f2c6dd81496228d5665194d0c0aa4c33e1516c79ba8db0b37b116f5b
79e294a7071dc71eebe41f088919fd137441a80f5ba5bd2765b978726ec5ee9d
7a16f06ec002e931a8e686c66c114a24332fe9602818d2a43981e3ec8bbb7d8b
7a95d6f6c1968d6c76eaff43c82dfc93acc89a9989fdc0eb2d215e3e1be4ebae
7b307f2ce73aec07bfa1ab1d6462f491de0497c8819b1d6fed66eda9638a3530
7b692e56ac3161e2b290577aedba1f422f24b0e04fbddff61dd17beeb0dac694
7b9d9b6969f32648bc154740b6ab658af1963f7a1172cb3345c67026d981fb19
7c87f89709d7e67e66fea5de8c363a18c4a0825d5bf7fcb015cf462016295d0a
7c8a500abe4bd274463515765a2872a6fa10c74ebf4ab30ed8816b39d8c3c180
7ca7a1e30027e42d510cd253b29f1b9f505c04b9af48c9ed20804d9d8006faff
7cc9e4d7bf690d4abb6b728cd6367276378814fe2bc44482d4aeb044f4deacc4
7cea76adea490a4845fe50f4896a60e5d1c64f37a9fd09a2211f5ce4315d245a
7dd6ac2e88b857754a645dc3e7c10a7959bfe8b68dc5ea79faf918837c0b59da
820d36f381dc2449960e751ac386f096ea9bd4dd3215f6675d4220a810e9eb25
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
83f7e0e06a0d668dcdd507d0518cefb1774af7f67830c0d031c315733f9e6448
8401217f2ac37f85a2c5980f84dfe1ce2476a5ce0f3f8b83ae89aeb01d86603e
844138b7258929cc38154cb3a3e3797405bb74fe75ee6c60efcd525f8b87c144
848c2b11a39d6af4a9cb08e516faaa87f05227446e5af4e2a1b7634e929806d4
848fe19ed492948709b881f504ce2eb6274baa694606ca88eb9b2990a2460caf
852b86933d326a3c493f7f57ea4f3933167223b7bdfd37f3ee82523be4cd731e
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de
87457a044837af6b1f22d2a2f9b699132ff59b05a0a772a374e65d1d04108d70
8756f19020bac3a40d2a403c5f5bcf3ac5034bc0da074d6a383bbe6c32561de5
8841e8957a5b54d710ee54afcec3e673b02fd670026c611bfd7d98612652611d
88e3e3bfcf232e93c3de77cb2f644801a7e812b8b933ae6bdece0a5b031dba7d
8900d04b4f84822ca38d92f44fa002f2785552a4309eb3c5f5e9016cd2589de8
891bdf4a85f1f306b3ba38cb698ee5b8945f2d1f35ed7d716173cfd1b35b0edb
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8a730a3f145493f8a7e4d9f5647f52b90d10ae4c6cee8ff08de67e1ffa9201b3
8bb95a8801494a5ea278fd9da6f87ac41a0a049f6e041a52fd28a8f9db53aed7
8d4dd98d652d8b4973e1b457bb4cd55af1737ff072c8e3afd0c54ca5876c0c24
8d9ca9a070463bcbe29e90af7f3b2aff78adce09eb1481d5b261af72ef998f28
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
8f0f1c3b38b88e945a4bf8e671e62b7d058973c512aa3165223517ce54401b75
8f393acdbcd4082abb4597e279f54f83103d7da847dea56c62334a46a51f56a0
8f8559a1d533e1b9f28b7904b9328abf7defe554bb3cf4328d84e21ddf5764f2
8f927e1ab0c9f188532419562d5eb719ff968f6a8652afa7e3d8d3010c3df193
9022e99c009d556ab38c906996b36d4b0d0a1b61991e64e42d0643334bb17603
91ca25df885bd981eeae4ea03d889d85de8a71b58990610cf08e2ebd55b8c37a
920ae7f1ce70a2c0e6ea23b2a5a30f8051b62e22289a533b236be9c5383fd3ab
9324db5995b84b209ba882073357d90fe5032e3916197a5a43197dcca55e8af1
964b656289b3bc187440e3556d72226c8f364bdc257acb0b3a99956ad013b60a
96d18284e30220164e7ac592992880445021f902ef94a38b0bff74a5f0c76596
98a9c92c79c585f9aa0971143eca9630f409e7c115f4014ea1bb1c1bc1660d12
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
9910d82cb4f5d596bd45b6e19bee79bf3768c95042ec2c99bb3a4ed98a928d9a
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9a3343a334df6894a041aa15b28b84f4ec6cb819b1bdefc4df0e196438d3bc7d
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9b5987d87fd43167885943b63a5707d7b51698e618cc1189be6475ea8ba745f6
9cd0cf9358f6d9ef9aecc29466faba4f8f2f5b9a79f03be60e6b220558fd4340
9cfba3f1b505c1cabb7f3b733bb18fb63db5d336f314f627d4d957e369096f7a
9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc
9da7ecafa40670fd96045ab42990e63dbb8a84ea7aa1ed63f8a09f295d2bade5
9ddfef8ddd8531058cfb4837f59d9c8d0321a730e0c87d9cd28a4c6871d5f125
9e06da0bcecb5c3543ff295850c81e14dc9e0b6e28cccf39dae72e88c2ae1a2d
9fcf8d1528612fbe887733a7d401ca84425e0f0b524fa07d543b277d1e66d9f7
9fd8c589bbcde7671ad14542ed1081c4904102d62f401289eb190e9f0aa258f1
a016eb6f574b9e648bf030da474ee0649ef6f217024c35f39a30def748f4a2b3
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a127a62eefdb268967d2c4eedcd09e818c488a17a21ebcf7f738acfe0e791a4d
a2927d4b587bf91bf2a958f9273e01f9447b14a161dda71f961be4be21c77df8
a355f2718a8d0b7444670aca6fd1dfdc126f9b8e9931a34a52cac9c343a68e3f
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a4ff991688902b49d07031d108f1285257b726a571b3fd69df52422a8d49374a
a6cf4e0ef9fa396d78b13f35a328dfe602d8d93b92d61c13edff00f837afd7cb
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
a7bc64bf10ff708e306570a1cb92f8c3eaa4a0458e9a140c9a0f7dd769d3809d
a85af52452417453ae5ced98aa54a149925de2155e823234dce588c331d11aa0
a95bc2614b01815f87f5f5e2683541415ca8c3bfda6c253c1faf83644e3580fa
a97b6c5e2fd5099738663d419af993ac433978a67d0b3ffddf59bff437517285
ab511f40d84d900b95239c8f9a48f32326bca3ab1ab47394a5ce76c24c708dff
aba5389a7446e54e1cbef6eee9b589562f26982a445f97ba69a65efa50480aa8
ac0d14d8b4a66299b3a84068fc5447d86121c033e665a51bbd3fb23938e00d3f
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a
aded8b65cd6f96b3662daa697247b4c164cb043c99fbedc7d69874a99a50b42c
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b09a581bc29f4bdbe66bef5c69b90cc1a003e849e2f7706f47a9f0c5f5a6860e
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b26da83bfae94faf5326072ab9373afdee8a2afb2fe35f5ee645b4b2d9619c9b
b2c5b474a45aef937dac7768beacc1c6898c4135f22ba567132d8562ccb96e64
b31ca5de71479e01dac3f5ba462189317f03734a82d5ac5068e2f78caa33a15f
b6f5c53039a60be477dd6410d551398bcb7337a2c2e06f47aa96bdbfa32166bf
b838ce70a090231be8c745e32e5b6544bb0aa5c4e83ea15cf992feab33989be2
b8c669f1ff934a66471261b83c9c06111116973db894abc363854c56e0e88e27
b8fff16dd7907623fcd1ed926716f74c1594888a2bcc052913d573b2fd2c77dc
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
be3846ed86d18e557227eae2356cafef6fc485bd7968067467787afce5f146c7
bf9f723c8119c017afec425fdbe058bd4404e0c5853ff4a72164449d8507a210
c009b0e1fdc32543350a1c9dd28be68968440dbf001469114b2b304cb66f72c7
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c2e8731a1418a0de46f0bdaaada73c7cc4ed300d9fb46b95397da9d33c1a15ae
c3b834527b9134e55b0ba420a6ab86e59e1272beda3c6c8560ebada1dec244f3
c4882d1aafea35209fa2183b618706925e7d79cb6eac7348b1b5acf167f56123
c63afc220153fc502af3f1edcb3c29d7c36b6ac56abe0da8c45ddbdc9cbb4066
c7e91ec737c4456ae82d47d50d3099d60105d58ddfe04c0001b9b13887d41d21
c84f5c94fec8629693e4bbb5d8c6810bdeee0f88ae60703782c583d3dbcf6469
c874f708f5b975cd971bc4b89f3a432a46121a549273f79c0e1363ef54001157
c930e982e1df867181400882fafaaacfa88923b1bb20349936216ba9294f2140
c94a6469b701781fcb34e796fb1cb12aca51d7d40e22b5bfb55ad6bb273722a0
c94bd531f06b9658113e281599f11f8a9f86b5d57e9ee63c31194eab589fae0e
ca80897c964cd5080f0aaae172241ddc5b2cb9cf3a1438bc521065c34c4e821b
cbbea5ddef89ab10c3ba4c56b378f820b7426c4da981721ad97f6d7638e0c2b1
cd7f5e8d44bed6cdf232412a427df5bd575bee2303af0ea1d428be11c186c6a1
ce4c2d124173f37e90066917f1bacbc6e11fab1f0ef759dd1503cf476fae7f55
d021a42429c9121303b4aa9316b84d89377992c1ba5c680eadb5b3e38989fe61
d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
d1332394cd1921221d78e4e89e272736a07403b36e3358d01f4754ca28737469
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
d1baf1e3c12564049e49e6a2f91ab528957fa12cb80c3dc0b113329a44d4216c
d2aa0d6ce76a1480cff99e6e5a7e9409fd809d016f86146aea4bbc5be1c8dc63
d346801abbf9bb4e9e9a055239053d4ab5596514304f601a6c70604187acb744
d38961bd0b1ca21df559b911d10e02450f663398373f3e6ac76eb31809b5b75e
d4319009811bfe48dfb54dcee2a2da5e4973c0e131200eb3436e86525c0f562f
d57aeaf80265f0b85de1bf9798c3eb60e8b8a71869a16cea4873e21667c9f657
d65f4b2e8eee94ddc7f762d098de19558d879a3b597c8913b4d075532e3ed4b4
d68c3ead837103c502de483abfdb0167fa83abe2a3ba452df2d5f216289f6c9f
d867519ecff5bbdddff6680a475048d847ab38dc56ee334a5a94c1b492a9cb52
d8964649ea3ad14e6f1f15e1d05673ded9445c705a6b554cea25afaa91fb7558
d936d44b74732d426f6be47e3b79ee566ca73355e43fd030d8f565bfccad7a54
d9eb660415852a3102b64a2149b9da8904c86443292ef1022f728d3ad214481d
da3e41a40c61371c6c94accdf44aa7448a60acb11f15a2a8068a5b635863018c
db37826540f4a43e07558220928f1bcd1ba1529b2f11fc31e4e07438330c61ed
dbf0aeab458556ffd3de12cc855e0f49c208e191163e827a778143811b5416f9
dca9b6afcb6c37d6a32456973fe5f2986a348a70d11774e102de6fc420992a19
ddbeb45f8afd9708a16744ef103d5d486617986fea04b210d2e0da5cff968eb1
e05706d9bacaf36035c95c8f8159ef0a891a01f9f89765bb0244c62e0f4dc3f7
e0cbadc6c3e259c9431960653f992baaaf4ddfd9ce21c4d35679c983004e7e06
e16941500a7e562826092aa4e31a907a0c6e9354e4c843391cd3fdec33602bb1
e1b9d7e445120ef67099c55479c84bc85be612b8d5344fec9f15a1e3c97da38a
e204e1f437a4ed189d1d242d5a38f101aa086b88d2fd69b364ce63d5ab000dd1
e21bf7eb11457e1ec155cf0c13932b3459a916bc5e8356ebcf445eafd5a0f616
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e529b5d3ecaed65e938197f63b5173a1cac42559288d7999ded904947471f059
e554821ee82e6532021e972565b4485d95f356e725904a1c670919d29b3cb619
e72f630f425f32c68a81e0f45c8b53b09ed86032c5541552c04c13b26ac72452
e7ee4f41b39dfed3411ad9f0b8055fc197bc1256584ccb79590393a29de97793
e9008fe282850688d5c8544707e9d97ff6d737ee6791afc1d60448750a451b0a
e9320e8ccc04d221c1abd5476522618fc823a04c15029917e5c08b4ca4a01b1a
e95e27fe43272620b86647bc34a5e99608eac3cda2a6c8bf95221b11ee0a8b0c
eae494c4b634dceb18708c896df1ebfc4f00db5a436eca332fc032e73bb0d261
eb9ccd12e0acef3f2796d75171e2445b09c70f2ffcd88299d4c40cf7b6f3f02e
ebd38b46ba2abe46875d905e72aaf187c1c19e7f023de5b17c49c9962a597025
ebe2cf4886432bd56fbe032b59134af581181a41a31b99363370d0a966ea911e
ecb837e65b616796cc6b6fc120abae74c455917f91710fc15e900128cfa86600
ecc867644f6abdf7fecdfe9acbeb274d6608cce808b81b32fd5abd60404918eb
ed215810c487806be82e1caa33d42329d5825e5ce3df405d20717323c926a228
ee54b51af15f1f68f707da981f3c135c249a25e9293871e1e0cbd2c24c7b6117
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef62cc8e311db6e036fae6091ba981508de03f1cfa5def4230d5911f66a58966
efa139fef841237c2a9ba7ca16a996fc34d43c9a67b498fe2b61de2c78f79055
f0bb9c9c72b6f31a523adc1edc904fc5a8f2868bc10c4819de335d73501ce4ac
f577348b91aa1aa1d13086e3d5c0fc17bee114a26bfb68f457abda926ba4208a
f5c2cea9fb4541a86979fdf18bb69f11555678d14a9d0b9be1758b65d180553b
f85ba02677ae937a3b83735d7f14892723dc418d03337420f8a5cc94b3965358
f8a17c9ad722dde77941555c441240f2a6ede72dd6a1ee1c4e5ad17d2a34564f
faa6f6be85c2e5f2c68cb7dfef6679100a8b0aab8a5c60aff938392ce267121c
facd25d708d9c13ecbbee553e7eb9e729075f1e929bb528cad034217135f0692
fb329000228cc5a24c264c57139de8bf854fc86fc18bf1c04ab61a2b5cb4b921
fbc3abe3f0c2328414e3178e1283231bf5b3ff40f99cea5ce3a9453cdd599e5d
fcc569e0550fa55e6f326144001a426b4e4a24097559f04d580d4dd8d9cb8a2e
fde613ee6ab59ba33b03ae2ba4223575771ff42241244da7134a5873c924f22d
fe8db9fa3feadd6e53dc094626a209c8ac4f3c389ae1ce278454fac2f12195e5

www.sanook.com Open in urlscan Pro 61.91.93.41 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

699 Requests

86 %HTTPS

26 %IPv6

113 Domains

203 Subdomains

126 IPs

16 Countries

9037 kBTransfer

24313 kBSize

198 Cookies

59 Outgoing links

Page URL History

Redirected requests

699 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 7 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.sanook.com Open in urlscan Pro
61.91.93.41 Public Scan

Screenshot
Live screenshot

Full Image

699
Requests

86 %
HTTPS

26 %
IPv6

113
Domains

203
Subdomains

126
IPs

16
Countries

9037 kB
Transfer

24313 kB
Size

198
Cookies

699 HTTP transactions
7 data transactions